Axis Communications 215 PTZ-E user manual 802.1X Network Admission Control

Page 28

AXIS 215 PTZ/AXIS 215 PTZ-E - System Options

1.Click either Create self-signed certificate or Create Certificate Request and enter the required information in the provided fields.

2.Click OK.

3.Create self-signed certificate generates and installs a certificate which will be displayed under Installed Certificate.

Create Certificate Request generates a PEM formatted request which you copy and send to a CA for signing. When the signed certificate is returned, click Install signed certificate... to install the certificate in the AXIS 215 PTZ/AXIS 215 PTZ-E.

4.Set the HTTPS Connection Policy for the administrator, Operator and Viewer to enable HTTPS connection (set to HTTP by default)

Please refer to the home page of your preferred CA for information on where to send the request etc. For more information, please refer to the online help files

802.1X - Network Admission Control

IEEE 802.1X is an IEEE standard for port-based Network Admission Control. It provides authentication to devices attached to a network port (wired or wireless), establishing a point-to-point connection, or, if authentication fails, preventing access on that port. 802.1X is based on EAP (Extensible Authentication Protocol).

In an 802.1X enabled network switch, clients equipped with the correct software can be authenticated and allowed or denied network access at the Ethernet level.

Clients and servers in an 802.1X network may need to authenticate each other by some means. In the Axis implementation this is done with the help of digital certificates provided by a Certification Authority. These are then validated by a third-party entity, such as a RADIUS server, examples of which are Free Radius and Microsoft Internet Authentication Service.

To perform the authentication, the RADIUS server uses various EAP methods/protocols, of which there are many. The one used in the Axis implementation is EAP-TLS (EAP-Transport Layer Security).

The AXIS network video device presents its certificate to the network switch, which in turn forwards this to the RADIUS server. The RADIUS server validates or rejects the certificate and responds to the switch, and sends its own certificate to the client for validation. The switch then allows or denies network access accordingly, on a pre-configured port.

The authentication process

1.A CA server provides the required signed certificates.

2.The Axis video device requests access to the protected network at the network switch. The switch forwards the video device’s CA certificate to the RADIUS server, which then replies to the switch.

3.The switch forwards the RADIUS server’s CA certificate to the video device, which also replies to the switch.

4.The switch keeps track of all responses to the validation requests. If all certificates are validated, the Axis video device is allowed access to the protected network via a pre-configured port.

RADIUS (Remote Authentication Dial In User Service) - AAA (Authentication, Authorization and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.

CA servers - In cryptography, a Certification Authority (CA) is an entity that provides signed digital certificates for use by other parties, thus acting a trusted third party. There are many commercial CA’s that charge for their services. Institutions and governments may have their own CA, and there are free CA’s available.

28

Page 27 Page 29
Image 28
Page 27 Page 29
Contents Axis 215 PTZ/ Axis 215 PTZ-E About This Document Legal ConsiderationsAxis 215 PTZ/AXIS 215 PTZ-E Table of Contents Accessing the camera Accessing from a browserSetting the Password Accessing the camera from the InternetArea Zoom Live ViewPan/Tilt/Zoom controls Control panel Viewer controlsServer push not available for Microsoft Internet Explorer QuickTimeJava applet Still ImageVideo Stream Types Video and Audio StreamsMotion Jpeg MPEG-4 protocols and communication methods How to stream MPEG-4Axis Media Control Other methods of accessing the video stream Accessing the Audio Streams Axis 215 PTZ onlyOther MPEG-4 clients Audio transmission methods Axis 215 PTZ onlySetup Accessing the setup tools from a browserOverlay Settings Video & Image settingsVideo Stream Advanced settings Overlay Image SettingsOverlay image requirements Bit Rate Control MPEG-4 SettingsProfile@Level Properties Audio Settings Axis 215 PTZ only Enable AudioAudio Channels Audio InputIf Microphone is selected set the Input sensitivity to Audio OutputAdvanced Audio Settings Axis 215 PTZ only Custom Settings Upload Own Web Files Live View Config Live View LayoutModify the Axis Look Show Setup link Default ViewerOwn Home User Defined LinksHtml Examples Viewer settingsExternal Video PTZ Configuration Preset Positions Sequence ModeOsdi Zones Advanced LimitsAdvanced Calibration Advanced Ctrl PanelControl Queue Event Configuration Event ServersHow to set up a triggered event Event TypesTriggered Event Click Add triggered on the Event types How to set up a scheduled event Motion Detection Pre-trigger and Post-trigger buffers Scheduled EventHow to configure Motion Detection Port Status Axis 215 PTZ onlyParameter History SensitivitySystem Options Security802.1X Network Admission Control Basic TCP/IP Settings ServicesDate & Time NetworkAdvanced TCP/IP Settings Link-Local IPv4 AddressNetwork QoS Quality of Service Network SocksNetwork Smtp email Network TrafficNetwork Snmp Network UPnPNetwork RTP/MPEG-4 Network BonjourMaintenance Upgrade Server See Updating the Firmware, onResetting to Factory Default Settings ConfigurationSupport AdvancedUnit Connectors Terminal connector for Axis 215 PTZ onlySpecifications Axis 215 PTZ Network CameraPower connection Connection diagramColor Indication Checking the Firmware TroubleshootingUpdating the Firmware Customer Services Symptoms, Possible Causes and Remedial Actions Problems setting the IP addressDisconnect power from the Axis 215 PTZ/AXIS 215 PTZ-E Problems with the MPEG-4 formatMechanical problems Video Image ProblemsSnapshot images Technical Specifications LensAudio Axis 215 PTZ only Installation, managementProcessors and memory Software not incl Accessories General performance considerations File sizesOptimizing your system Frame rates MPEG-4 Frame rates Motion JpegBandwidth Axis 215 PTZ/AXIS 215 PTZ-E Technical Specifications Glossary of Terms Etrax Ethernet Token Ring Axis Axis own microprocessorSee also IP Internet Protocol VOP See VOP SSL/TSL Secure Socket Layer/Transport Layer Security URL Uniform Resource Locator An address on the networkAxis 215 PTZ/ Axis 215 PTZ-E Glossary of Terms Index Axis Vapix APIAxis 215 PTZ/AXIS 215 PTZ-E Index
Related manuals
Manual 84 pages 24.98 Kb
Top Page Image Contents