EasyManua.ls Logo

Axis M1114 - Network Security and Authentication; IEEE 802.1 X Network Access; Certificate Management

Axis M1114
55 pages
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
AXISM1114
SystemOptions
2.SelectanHTTPScerticatefromthelistofinstalledcerticates.
3.Optionally,clickCiphersandselecttheencryptionalgorithmstouseforSSL.
4.SettheHTTPSConnectionPolicyforthedifferentusergroups.
5.ClickSavetoenablethesettings.
ToaccesstheAxisproductviathedesiredprotocol,enterhttps://orhttp://intheaddresseldinabrowser.
TheHTTPSportcanbechangedontheSystemOptions>Network>TCP/IP>Advancedpage.
IEEE802.1X
IEEE802.1Xisastandardforport-basedNetworkAdmissionControlprovidingsecureauthenticationofwiredandwirelessnetwork
devices.IEEE802.1XisbasedonEAP(ExtensibleAuthenticationProtocol).
ToaccessanetworkprotectedbyIEEE802.1X,devicesmustbeauthenticated.Theauthenticationisperformedbyanauthentication
server,typicallyaRADIUSserver,examplesofwhichareFreeRADIUSandMicrosoftInternetAuthenticationService.
InAxisimplementation,theAxisproductandtheauthenticationserveridentifythemselveswithdigitalcerticatesusingEAP-TLS
(ExtensibleAuthenticationProtocol-TransportLayerSecurity).ThecerticatesareprovidedbyaCerticationAuthority(CA).
Youneed:
aCAcerticatetoauthenticatetheauthenticationserver.
aCA-signedclientcerticatetoauthenticatetheAxisproduct.
Tocreateandinstallcerticates,gotoSystemOptions>Security>Certicates.SeeCerticatesonpage39.ManyCAcerticates
arepreinstalled.
ToallowtheproducttoaccessanetworkprotectedbyIEEE802.1X:
1.GotoSystemOptions>Security>IEEE802.1X.
2.SelectaCACerticateandaClientCerticatefromthelistsofinstalledcerticates.
3.UnderSettings,selecttheEAPOLversionandprovidetheEAPidentityassociatedwiththeclientcerticate.
4.ChecktheboxtoenableIEEE802.1XandclickSave.
Note
Forauthenticationtoworkproperly,thedateandtimesettingsintheAxisproductshouldbesynchronizedwithanNTP
server.SeeDate&Timeonpage40.
Certicates
Certicatesareusedtoauthenticatedevicesonanetwork.Typicalapplicationsincludeencryptedwebbrowsing(HTTPS),network
protectionviaIEEE802.1Xandsecureuploadofimagesandnoticationmessagesforexampleviaemail.Twotypesofcerticates
canbeusedwiththeAxisproduct:
Server/Clientcerticates-ToauthenticatetheAxisproduct.
CAcerticates-Toauthenticatepeercerticates,forexamplethecerticateofanauthenticationserverincasetheAxisproductis
connectedtoanIEEE802.1Xprotectednetwork.
Note
Installedcerticates,exceptpreinstalledCAcerticates,willbedeletediftheproductisresettofactorydefault.Preinstalled
CAcerticatesthathavebeendeletedwillbereinstalled.
AServer/Clientcerticatecanbeself-signedorissuedbyaCerticateAuthority(CA).Aself-signedcerticateofferslimited
protectionandcanbeusedbeforeaCA-issuedcerticatehasbeenobtained.
39

Table of Contents

Other manuals for Axis M1114

Preview: Datasheet
Datasheet2 pages

Related product manuals