Axis Communications Q1931E PT user manual Certificates, Go to System Options Security Ieee

Page 38

AXIS Q1931–E PT Mount Thermal Network Camera

System Options

IEEE 802.1X

IEEE 802.1X is a standard for port-based Network Admission Control providing secure authentication of wired and wireless network devices. IEEE 802.1X is based on EAP (Extensible Authentication Protocol).

To access a network protected by IEEE 802.1X, devices must be authenticated. The authentication is performed by an authentication server, typically a RADIUS server, examples of which are FreeRADIUS and Microsoft Internet Authentication Service.

In Axis implementation, the Axis product and the authentication server identify themselves with digital certificates using EAP-TLS (Extensible Authentication Protocol - Transport Layer Security). The certificates are provided by a Certification Authority (CA). You need:

a CA certificate to authenticate the authentication server.

a CA-signed client certificate to authenticate the Axis product.

To create and install certificates, go to System Options > Security > Certificates . See Certificates on page 38. Many CA certificates are preinstalled.

To allow the product to access a network protected by IEEE 802.1X:

1.Go to System Options > Security > IEEE 802.1X.

2.Select a CA Certificate and a Client Certificate from the lists of installed certificates.

3.Under Settings, select the EAPOL version and provide the EAP identity associated with the client certificate.

4.Check the box to enable IEEE 802.1X and click Save.

Note

For authentication to work properly, the date and time settings in the Axis product should be synchronized with an NTP server. See Date & Time on page 39.

Certificates

Certificates are used to authenticate devices on a network. Typical applications include encrypted web browsing (HTTPS), network protection via IEEE 802.1X and secure upload of images and notification messages for example via email. Two types of certificates can be used with the Axis product:

Server/Client certificates - To authenticate the Axis product.

CA certificates - To authenticate peer certificates, for example the certificate of an authentication server in case the Axis product is connected to an IEEE 802.1X protected network.

Note

Installed certificates, except preinstalled CA certificates, will be deleted if the product is reset to factory default. Preinstalled CA certificates that have been deleted will be reinstalled.

A Server/Client certificate can be self-signed or issued by a Certificate Authority (CA). A self-signed certificate offers limited protection and can be used before a CA-issued certificate has been obtained.

To install a self-signed certificate:

1.Go to Setup > System Options > Security > Certificates .

2.Click Create self-signed certificate and provide the requested information. To create and install a CA-signed certificate:

1.Create a self-signed certificate as described above.

2.Go to Setup > System Options > Security > Certificates .

38

Image 38
Contents Axis Q1931-E PT Mount Thermal Network Camera Liability About this documentLegal Considerations Intellectual Property RightsSupport Learn MoreTable of Contents Axis Q1931-E PT Mount Thermal Network CameraConnectors Performance Considerations For technical specifications, see Connectors and ButtonsNetwork Connector RJ45 Ethernet connector with Power over Ethernet PoERS485/RS422 Connector LED IndicatorsPower Connector SD Card SlotAccess from the Internet Access the ProductAccess from a Browser Set the Root PasswordControls on the Live View Go to Setup EventsLive View Click Use HttpsAxis Media Control viewer toolbar PTZ ControlsAxis Media Control AMC How to Stream H.264Media Streams Alternative Methods of Accessing the Video Stream QuickTimeTM. The following paths can be usedAxis Q1931-E PT Mount Thermal Network Camera Set Up the Product Basic SetupPixel Counter VideoVideo Stream ImageStream Profiles 264Overlay Camera SettingsExposure Settings Image AppearanceGo to Video Overlay Image Overlay ImageUse Overlay Text in an Action Rule Go to Events Action Rules Under Overlay Settings, select Include textPrivacy Mask Viewer Settings Configure the Live ViewDefault Viewer for Browsers Browser Viewer DescriptionUser Defined Links PTZ Pan Tilt Zoom Preset PositionsGo to PTZ Preset Positions Guard TourAdvanced Install PTZ DriverDevice Settings Control QueueAxis Q1931-E PT Mount Thermal Network Camera Shock Detection Set Up Motion Detection WindowsDetectors Motion DetectionLow level 0% Default valuesParameter Object Size History Sensitivity High level 100% DetectionApplications Install ApplicationGo to Setup Applications Application LicensesAxis Cross Line Detection Install Axis ApplicationConfigure Axis Cross Line Detection Configure Axis Video Motion Detection Axis Video Motion DetectionAxis Q1931-E PT Mount Thermal Network Camera Triggers Setting Up an Action RuleEvents Go to Events Action Rules and click AddActions PTZ Control Setting Up an Email RecipientAdd Recipients Go to Events Recipients and click AddTo create a new schedule SchedulesRecurrences Go to Events Schedules and click AddContinuous Recording RecordingsRecording List Go to Recordings ListLanguages Security To log in again and be configured to use this functionalitySystem Options UsersCertificates Go to Setup System Options Security CertificatesIeee Go to System Options Security IeeeIPv4 Address Configuration Basic TCP/IP SettingsClick Install certificate and upload the certificate Date & TimeARP/Ping IPv6 Address ConfigurationAssign IP Address Using ARP/Ping Linux/Unix syntaxAdvanced TCP/IP Settings NAT traversal port mapping for IPv4 Select Use the host name to set the host name manuallyLink-Local IPv4 Address QoS Quality of Service Smtp emailRTP/H.264 StorageUPnPTM BonjourFormat SD Card Network ShareMount and Unmount SD Card To add a network shareCOM Port MaintenancePorts & Devices See the online helpSystem Overview SupportSupport Overview Logs & ReportsFile Upload Reset to Factory Default SettingsPlain Config Emergency Recovery Procedure TroubleshootingUpgrade the Firmware Check the FirmwareProduct cannot be accessed from a browser Symptoms, Possible Causes and Remedial ActionsProblems setting the IP address Product is accessible locally but not externallyVideo Camera Settings Problems with streaming H.264Video and image problems, general Storage and disk management problemsVideo cannot be recorded Technical Specifications Image settings Function/group Specifications VideoResolutions InstallationConnectors Function/group Specifications General CasingPower WeightConnectors RS485/422 ConnectorPerformance Considerations M1.10