EasyManua.ls Logo

Axis P1365 Mk II - Security Protocols and Certificates; IEEE 802.1 X Network Authentication; Certificate Management

Axis P1365 Mk II
77 pages
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
AXISP1365MkIINetworkCamera
SystemOptions
TheAxisproductcanbeconguredtorequireHTTPSwhenusersfromdifferentusergroups(administrator,operator,viewer)login.
TouseHTTPS,anHTTPScerticatemustrstbeinstalled.GotoSystemOptions>Security>Certicatestoinstallandmanage
certicates.SeeAboutcerticatesonpage55.
ToenableHTTPSontheAxisproduct:
1.GotoSystemOptions>Security>HTTPS
2.SelectanHTTPScerticatefromthelistofinstalledcerticates.
3.Optionally,clickCiphersandselecttheencryptionalgorithmstouseforSSL.
4.SettheHTTPSConnectionPolicyforthedifferentusergroups.
5.ClickSavetoenablethesettings.
ToaccesstheAxisproductviathedesiredprotocol,intheaddresseldinabrowser,enterhttps://fortheHTTPSprotocol
andhttp://fortheHTTPprotocol.
TheHTTPSportcanbechangedontheSystemOptions>Network>TCP/IP>Advancedpage.
IEEE802.1X
IEEE802.1Xisastandardforport-basedNetworkAdmissionControlprovidingsecureauthenticationofwiredandwirelessnetwork
devices.IEEE802.1XisbasedonEAP(ExtensibleAuthenticationProtocol).
ToaccessanetworkprotectedbyIEEE802.1X,devicesmustbeauthenticated.Theauthenticationisperformedbyanauthentication
server,typicallyaRADIUSserver,examplesofwhichareFreeRADIUSandMicrosoftInternetAuthenticationService.
InAxisimplementation,theAxisproductandtheauthenticationserveridentifythemselveswithdigitalcerticatesusingEAP-TLS
(ExtensibleAuthenticationProtocol-TransportLayerSecurity).ThecerticatesareprovidedbyaCerticationAuthority(CA).
Youneed:
aCAcerticatetoauthenticatetheauthenticationserver.
aCA-signedclientcerticatetoauthenticatetheAxisproduct.
Tocreateandinstallcerticates,gotoSystemOptions>Security>Certicates.SeeAboutcerticatesonpage55.
ToallowtheproducttoaccessanetworkprotectedbyIEEE802.1X:
1.GotoSystemOptions>Security>IEEE802.1X.
2.SelectaCACerticateandaClientCerticatefromthelistsofinstalledcerticates.
3.UnderSettings,selecttheEAPOLversionandprovidetheEAPidentityassociatedwiththeclientcerticate.
4.ChecktheboxtoenableIEEE802.1XandclickSave.
Note
Forauthenticationtoworkproperly,thedateandtimesettingsintheAxisproductshouldbesynchronizedwithanNTP
server.SeeDate&Timeonpage56.
Aboutcerticates
Certicatesareusedtoauthenticatedevicesonanetwork.Typicalapplicationsincludeencryptedwebbrowsing(HTTPS),network
protectionviaIEEE802.1Xandsecureuploadofimagesandnoticationmessagesforexampleviaemail.Twotypesofcerticates
canbeusedwiththeAxisproduct:
Server/Clientcerticates-ToauthenticatetheAxisproduct.AServer/Clientcerticatecanbeself-signedorissuedbyaCerticate
Authority(CA).Aself-signedcerticateofferslimitedprotectionandcanbeusedbeforeaCA-issuedcerticatehasbeenobtained.
55

Table of Contents

Related product manuals