Axis Communications M3007P user manual Certificates, Go to System Options Security Ieee

Page 43

AXIS M3007–P

System Options

3.Optionally, click Ciphers and select the encryption algorithms to use for SSL.

4.Set the HTTPS Connection Policy for the different user groups.

5.Click Save to enable the settings.

To access the Axis product via the desired protocol, in the address field in a browser, enter https:// for the HTTPS protocol and http:// for the HTTP protocol.

The HTTPS port can be changed on the System Options > Network > TCP/IP > Advanced page.

IEEE 802.1X

IEEE 802.1X is a standard for port-based Network Admission Control providing secure authentication of wired and wireless network devices. IEEE 802.1X is based on EAP (Extensible Authentication Protocol).

To access a network protected by IEEE 802.1X, devices must be authenticated. The authentication is performed by an authentication server, typically a RADIUS server, examples of which are FreeRADIUS and Microsoft Internet Authentication Service.

In Axis implementation, the Axis product and the authentication server identify themselves with digital certificates using EAP-TLS (Extensible Authentication Protocol - Transport Layer Security). The certificates are provided by a Certification Authority (CA). You need:

a CA certificate to authenticate the authentication server.

a CA-signed client certificate to authenticate the Axis product.

To create and install certificates, go to System Options > Security > Certificates . See Certificates on page 43. Many CA certificates are preinstalled.

To allow the product to access a network protected by IEEE 802.1X:

1.Go to System Options > Security > IEEE 802.1X.

2.Select a CA Certificate and a Client Certificate from the lists of installed certificates.

3.Under Settings, select the EAPOL version and provide the EAP identity associated with the client certificate.

4.Check the box to enable IEEE 802.1X and click Save.

Note

For authentication to work properly, the date and time settings in the Axis product should be synchronized with an NTP server. See Date & Time on page 44.

Certificates

Certificates are used to authenticate devices on a network. Typical applications include encrypted web browsing (HTTPS), network protection via IEEE 802.1X and secure upload of images and notification messages for example via email. Two types of certificates can be used with the Axis product:

Server/Client certificates - To authenticate the Axis product.

CA certificates - To authenticate peer certificates, for example the certificate of an authentication server in case the Axis product is connected to an IEEE 802.1X protected network.

Note

Installed certificates, except preinstalled CA certificates, will be deleted if the product is reset to factory default. Preinstalled CA certificates that have been deleted will be reinstalled.

A Server/Client certificate can be self-signed or issued by a Certificate Authority (CA). A self-signed certificate offers limited protection and can be used before a CA-issued certificate has been obtained.

43

Page 42 Page 44
Image 43
Page 42 Page 44
Contents Axis M3007-P Intellectual Property Rights About this DocumentLegal Considerations LiabilityLearn More SupportAxis M3007-P Table of ContentsPerformance Considerations RJ45 Ethernet connector with Power over Ethernet PoE Connectors and ButtonsNetwork Connector For technical specifications, seeStatus LED Indication LED IndicatorsSD Card Slot Control ButtonSet the Root Password Access the ProductAccess from a Browser Access from the InternetClick Use Https Set Power Line FrequencyCamera Orientation Live ViewManual Trigger Go to Setup EventsControls on the Live View Axis Media Control viewer toolbarPTZ Controls Media Streams How to Stream H.264Axis Media Control AMC QuickTimeTM. The following paths can be used Alternative Methods of Accessing the Video StreamAxis M3007-P Basic Setup Set Up the ProductView modes Set Up Video StreamsVideo Pixel CounterPanorama OverviewDouble Panorama Quad View ImageDirection Click Save to apply the new settings264 Stream Profiles Camera SettingsImage Appearance Shutter & Gain Exposure SettingsWhite Balance Wide Dynamic RangeGo to Video Video Stream and select the Image tab Date/Time Formats in the online help To enable overlaysView areas OverlayUse Overlay Text in an Action Rule Overlay ImageGo to Video Overlay Image Go to Events Action Rules Privacy MaskBrowser Viewer Description Configure the Live ViewDefault Viewer for Browsers Viewer SettingsUser Defined Links PTZ Pan Tilt Zoom Preset PositionsGuard Tour Go to PTZ Guard Tour and click Add AdvancedControls To add a guard tourGo to Detectors Camera Tampering DetectorsCamera Tampering Motion DetectionMotion Detection Parameters Set Up Motion Detection WindowsAxis M3007-P Application Licenses Install ApplicationGo to Setup Applications ApplicationsAxis M3007-P Go to Events Action Rules and click Add Set Up Action RulesEvents Convert Event Types to Action RulesTriggers Actions Add RecipientsRecipient Types Create Schedules Set Up Email RecipientsGo to Events Schedules and click Add Go to Events Recurrences and click Add Set Up RecurrencesGo to Recordings List RecordingsRecording List Continuous RecordingClick Save to save and start the recording Languages IP Address Filter System OptionsSecurity UsersCertificates IeeeGo to System Options Security Ieee Network Basic TCP/IP SettingsGo to Setup System Options Security Certificates Date & TimeARP/Ping IPv4 Address ConfigurationIPv6 Address Configuration Assign IP Address Using ARP/PingDNS Configuration Advanced TCP/IP SettingsAxis Internet Dynamic DNS Service Axis Internet Dynamic DNS Service requires IPv4NAT traversal port mapping for IPv4 NTP ConfigurationHost Name Configuration Link-Local IPv4 AddressFTP QoS Quality of ServiceBonjour StorageUPnPTM RTP/H.264Format SD Card Mount and Unmount SD CardGo to System Options Storage Click Network Share MaintenanceNetwork Share To add a network shareLogs & Reports SupportSupport Overview System OverviewPlain Config Reset to Factory Default SettingsFile Upload Check the Firmware TroubleshootingUpgrade the Firmware Emergency Recovery ProcedureProduct is accessible locally but not externally Symptoms, Possible Causes and Remedial ActionsProblems setting the IP address Product cannot be accessed from a browserKey frames Problems with streaming H.264Video and image problems, general Video Camera SettingsReformat the SD card and then click Mount Storage and disk management problemsStorage disruption Re-mount the storage deviceTechnical Specifications Power Function/group Specifications System ApplicationMaintenance Built-in Installation aids Data StreamingPerformance Considerations ConnectorsM6.3
Top Page Image Contents