Axis Communications 243Q Blade user manual Https, Ieee

Page 39

AXIS 243Q Blade - System options 39

HTTPS

For greater security, the AXIS 243Q Blade can be configured to use HTTPS (Hypertext Transfer Protocol over SSL (Secure Socket Layer)). That is, all communication that would otherwise go via HTTP will instead go via an encrypted HTTPS connection.

Certificate - to use HTTPS for communication with the AXIS 243Q Blade, a Certificate must be created using one of these methods:

A self-signed certificate can be created in the video server, but this does not guar- antee the same level of security as an official certificate.

An official certificate issued by a CA (Certificate Authority). A CA issues and manages security credentials and public keys for message encryption.

To create a certificate:

1.Click either Create self-signed certificate or Create Certificate Request and enter the required information in the provided fields

2.Click OK.

3.The Create self-signed certificate option generates and installs a certificate that is displayed under Installed Certificate.

The Create Certificate Request option generates a PEM (Privacy Enhanced Mail) formatted request which you copy and send to a CA for signing. When the signed certificate is returned, click Install signed certificate... to install the certificate in the AXIS 243Q Blade.

4.Set the HTTPS Connection Policy for the administrator, Operator and Viewer to enable HTTPS connection (set to HTTP by default)

Note: Privacy Enhanced Mail (PEM), is an early IETF proposal for securing email using public key cryptography.

Please refer to the home page of your preferred CA for information on where to send the request. For more information, please see the online help .

IEEE 802.1x

IEEE 802.1x is an IEEE standard for port-based Network Admission Control. It provides authentication to devices attached to a network port (wired or wireless), establishing a point-to-point connection, or, if authentication fails, preventing access on that port.

802.1x is based on EAP (Extensible Authentication Protocol). There are many EAP methods available to access a network protected by 802.1x/EAPOL (Extensible Authentication Protocol Over Lan). The one used here is EAP-TLS (EAP-Transport Layer Security).

In a 802.1x enabled network switch, clients equipped with the correct software can be authenticated and allowed or denied network access at the Ethernet level.

Clients and servers in an 802.1x network may need to authenticate each other. In the Axis implementation this is done with the help of digital certificates provided by a Certification Authority. These are then validated by a third-party entity, such as a RADIUS server, examples of which are Free Radius and Microsoft Internet Authentication Service.

Page 38 Page 40
Image 39
Page 38 Page 40
Contents Axis 243Q Blade Video Server User’s Manual About This Document Page Contents Axis 243Q Blade Overview Product descriptionSwitches & connectors LED indicatorsAxis 243Q Blade Product description Access from a browser Accessing the video serverSetting the root password Live ViewLayout Axis 243Q Blade Accessing the video server Video streams Video stream typesMotion Jpeg MPEG-4 protocols and communication methods How to stream MPEG-4Other methods of accessing the video stream Axis Media Control AMCRTP/RTSP/HTTP or RTP/RTSP/HTTPS Other MPEG-4 clients Accessing the Setup link Configuring the video serverImage settings Video & ImageImage appearance Text overlay settings Video streamTest Advanced MPEG-4 settings Video source settingsBit Rate control Advanced Mjpeg settings Overlay/Mask SettingsOverlay/Mask Overlay image requirements Overlay image limitationsImage Formats Image Size Viewer Settings Live View ConfigDefault Video Format Default ViewerOutput Buttons Action ButtonsUser-defined Links Check Show custom linkInstalling PTZ devices Authentication keyPan Tilt Zoom Preset positions PTZ configurationPTZ controls Using CGI links to control PTZ devices PTZ control modesControl panel Advanced Guard tourPTZ control queue Using PTZ on video inputs Event configuration Event serversEvent types Enter the minimum time interval between triggers How to set up a triggered eventTriggered Event Click Add triggered... on the Event TypesHow to set up a scheduled event Scheduled eventClick Add scheduled... on the Event Types Camera tampering How to configure Motion Detection Click Motion Detection in the Event Config menuMotion detection Object Size Port statusIP Address Filter System optionsSecurity UsersIeee HttpsRadius Authentication processAxis 243Q Blade System options CA servers Date & timeNetwork Basic TCP/IP settingsIPv4 and IPv6 Address Configuration ServicesHost Name Configuration DNS configurationLink-Local IPv4 address NAT traversal port mapping for IPv4Network traffic QoS Quality of service QoS SettingsSmtp email UPnP BonjourPorts & devices System Overview MaintenanceSupport Support OverviewAbout Access Log The Access Log may be used for various purposesResetting to the factory default settings Non-inverting Terminal connectorPin Function Description RS-485-A11o Schematic diagram I/O terminal connectorAxis 243Q Blade 10oRS-485 COM port Troubleshooting Checking the firmwareUpgrading the firmware Emergency recovery procedure Video Image Problems Axis 243Q Blade cannot be accessed from a web browserAlarms, to a destination outside the local network Server is inaccessibleOnly I frames Snapshot imagesNTSC/PAL Technical specificationsMaintenance Weight Optimizing your system General performance considerationsBandwidth Axis 243Q Blade Glossary GlossaryDe-interlacing See Interlacing Compression See Image compressionFixed iris See Autoiris Encoder See Video encoderAn IP address consists of four groups or quads Megapixel See Pixel Axis 243Q Blade Glossary SSL/TSL An I-VOP is a complete image frame Generic Http Generic TCP/IP Factory default settings 49 firmwareLive view config IndexLive View Video source Video streams 12, 14, 18 Viewer settings
Top Page Image Contents