EasyManua.ls Logo

Axis P7304 - IEEE 802.1 x Network Access; Preventing Brute-Force Attacks; IP Address Filtering; Custom Firmware Certificate Installation

Axis P7304
48 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
AXISP7304VideoEncoder
Thedeviceinterface
IEEE802.1xisanIEEEstandardforport-basednetworkadmissioncontrolprovidingsecureauthenticationofwiredandwireless
networkdevices.IEEE802.1xisbasedonEAP(ExtensibleAuthenticationProtocol).
ToaccessanetworkprotectedbyIEEE802.1x,networkdevicesmustauthenticatethemselves.Theauthenticationisperformedby
anauthenticationserver,typicallyaRADIUSserver(forexampleFreeRADIUSandMicrosoftInternetAuthenticationServer).
Certicates
WhenconguredwithoutaCAcerticate,servercerticatevalidationisdisabledandthedevicetriestoauthenticateitself
regardlessofwhatnetworkitisconnectedto.
Whenusingacerticate,inAxis'implementation,thedeviceandtheauthenticationserverauthenticatethemselveswithdigital
certicatesusingEAP-TLS(ExtensibleAuthenticationProtocol-TransportLayerSecurity).
Toallowthedevicetoaccessanetworkprotectedthroughcerticates,asignedclientcerticatemustbeinstalledonthedevice.
Clientcerticate:SelectaclientcerticatetouseIEEE802.1x.Theauthenticationserverusesthecerticatetovalidatethe
client’sidentity.
CAcerticate:SelectaCAcerticatetovalidatetheauthenticationserver’sidentity.Whennocerticateisselected,thedevice
triestoauthenticateitselfregardlessofwhatnetworkitisconnectedto.
EAPidentity:Entertheuseridentityassociatedwiththeclientcerticate.
EAPOLversion:SelecttheEAPOLversionthatisusedinthenetworkswitch.
UseIEEE802.1x:SelecttousetheIEEE802.1xprotocol.
Preventbrute-forceattacks
Blocking:Turnontoblockbrute-forceattacks.Abrute-forceattackusestrial-and-errortoguesslogininfoorencryptionkeys.
Blockingperiod:Enterthenumberofsecondstoblockabrute-forceattack.
Blockingconditions:Enterthenumberofauthenticationfailuresallowedpersecondbeforetheblockstarts.Youcansetthe
numberoffailuresallowedbothonpagelevelanddevicelevel.
IPaddresslter
Uselter:SelecttolterwhichIPaddressesthatareallowedtoaccessthedevice.
Policy:ChoosewhethertoAllowaccessorDenyaccessforcertainIPaddresses.
Addresses:EntertheIPnumbersthatareeitherallowedordeniedaccesstothedevice.YoucanalsousetheCIDRformat.
Custom-signedrmwarecerticate
ToinstalltestrmwareorothercustomrmwarefromAxisonthedevice,youneedacustom-signedrmwarecerticate.The
certicateveriesthatthermwareisapprovedbyboththedeviceownerandAxis.Thermwarecanonlyrunonaspecic
devicewhichisidentiedbyitsuniqueserialnumberandchipID.Custom-signedrmwarecerticatescanonlybecreated
byAxis,sinceAxisholdsthekeytosignthem.
ClickInstalltoinstallthecerticate.Youneedtoinstallthecerticatebeforeyouinstallthermware.
25

Table of Contents

Other manuals for Axis P7304

Preview: Installation Guide
Installation Guide20 pages

Related product manuals