Axis M20 Series

To Next Page

To Previous Page

AXISM20BulletCameraSeries

Thedeviceinterface

Important

Ifyouresetthedevicetofactorydefault,allcerticatesaredeleted.Anypre-installedCAcerticatesarereinstalled.

Filterthecerticatesinthelist.

Addcerticate:Clicktoaddacerticate.

Thecontextmenucontains:

•Certicateinformation:Viewaninstalledcerticate’sproperties.

•Deletecerticate:Deletethecerticate.

•Createcerticatesigningrequest:Createacerticatesigningrequesttosendtoaregistrationauthoritytoapply

foradigitalidentitycerticate.

IEEE802.1x

IEEE802.1xisanIEEEstandardforport-basednetworkadmissioncontrolprovidingsecureauthenticationofwiredandwireless

networkdevices.IEEE802.1xisbasedonEAP(ExtensibleAuthenticationProtocol).

ToaccessanetworkprotectedbyIEEE802.1x,networkdevicesmustauthenticatethemselves.Theauthenticationisperformedby

anauthenticationserver,typicallyaRADIUSserver(forexampleFreeRADIUSandMicrosoftInternetAuthenticationServer).

Certicates

WhenconguredwithoutaCAcerticate,servercerticatevalidationisdisabledandthedevicetriestoauthenticateitself

regardlessofwhatnetworkitisconnectedto.

Whenusingacerticate,inAxis'implementation,thedeviceandtheauthenticationserverauthenticatethemselveswithdigital

certicatesusingEAP-TLS(ExtensibleAuthenticationProtocol-TransportLayerSecurity).

Toallowthedevicetoaccessanetworkprotectedthroughcerticates,asignedclientcerticatemustbeinstalledonthedevice.

Clientcerticate:SelectaclientcerticatetouseIEEE802.1x.Theauthenticationserverusesthecerticatetovalidatethe

client’sidentity.

CAcerticate:SelectaCAcerticatetovalidatetheauthenticationserver’sidentity.Whennocerticateisselected,thedevice

triestoauthenticateitselfregardlessofwhatnetworkitisconnectedto.

EAPidentity:Entertheuseridentityassociatedwiththeclientcerticate.

EAPOLversion:SelecttheEAPOLversionthatisusedinthenetworkswitch.

UseIEEE802.1x:SelecttousetheIEEE802.1xprotocol.

Preventbrute-forceattacks

Blocking:Turnontoblockbrute-forceattacks.Abrute-forceattackusestrial-and-errortoguesslogininfoorencryptionkeys.

Blockingperiod:Enterthenumberofsecondstoblockabrute-forceattack.

Blockingconditions:Enterthenumberofauthenticationfailuresallowedpersecondbeforetheblockstarts.Youcansetthe

numberoffailuresallowedbothonpagelevelanddevicelevel.

IPaddresslter

Axis M20 Series - Page 27