Axis Communications M3007-P user manual Ieee, Certificates

Page 42

AXIS M3007–P

System Options

3.Optionally, click Ciphers and select the encryption algorithms to use for SSL.

4.Set the HTTPS Connection Policy for the different user groups.

5.Click Save to enable the settings.

To access the Axis product via the desired protocol, enter https:// or http:// in the address field in a browser.

The HTTPS port can be changed on the System Options > Network > TCP/IP > Advanced page.

IEEE 802.1X

IEEE 802.1X is a standard for port-based Network Admission Control providing secure authentication of wired and wireless network devices. IEEE 802.1X is based on EAP (Extensible Authentication Protocol).

To access a network protected by IEEE 802.1X, devices must authenticate themselves. The authentication is performed by a third-party entity called an authentication server, typically a RADIUS server, examples of which are FreeRADIUS and Microsoft Internet Authentication Service.

In Axis' implementation, the network device and the authentication server authenticate themselves with the help of digital certificates using EAP-TLS (Extensible Authentication Protocol - Transport Layer Security). The certificates are provided by an Certification Authority (CA). You need:

a CA certificate to validate the identity of the authentication server

a CA-signed client certificate and a private key to authenticate the network device. To allow the network device to access a network protected by IEEE 802.1X:

1.Obtain a CA certificate, a client certificate and a client private key (contact your network administrator).

2.Go to Setup > System Options > Security > IEEE 802.1X and upload the CA certificate, the client certificate and the client private key.

3.Under Settings, select the EAPOL version, provide your EAP identity and private key password.

4.Check the box to enable IEEE 802.1X and click Save.

Certificates

CA Certificate

Client certificate Client private key

Settings

EAPOL version

EAP identity

Private key password

Enable IEEE 802.1X

The CA certificate is used to validate the identity of the authentication server. Enter the path to the certificate directly, or locate the file using the Browse button. Then click Upload. To remove a certificate, click Remove.

The client certificate and private key are used to authenticate the network device. They can be uploaded as separate files or in one combined file (e.g. a PFX file or a PEM file). Use the Client private key field if uploading one combined file. For each file, enter the path to the file, or locate the file using the Browse button. Then click Upload. To remove a file, click Remove.

Select the EAPOL version (1 or 2) as used in your network switch.

Enter the user identity (maximum 16 characters) associated with your certificate.

Enter the password (maximum 16 characters) for the private key.

Check the box to enable the IEEE 802.1X protocol.

Certificates

Certificates are used to authenticate devices on a network. Typical applications include encrypted web browsing (HTTPS), network protection via IEEE 802.1X and secure upload of images and notification messages for example via email. Two types of certificates can be used with the Axis product:

42

Page 41 Page 43
Image 42
Page 41 Page 43
Contents Axis M3007-P Liability About this DocumentLegal Considerations Intellectual Property RightsSupport Learn MoreTable of Contents Axis M3007-PConnectors and Buttons Hardware OverviewHardware Overview SD Card Slot LED IndicatorsNetwork Connector Control ButtonAccessing the Product Accessing the ProductAccess from a Browser Accessing the Product Access from the Internet Set the Root PasswordClick Create self-signed certificate Set Power Line Frequency Live ViewControls on the Live View PTZ Controls Go to Setup EventsAxis Media Control viewer toolbar Manual TriggerAxis M3007-P Media Streams How to Stream H.264Media Streams Axis Media Control AMCAlternative Methods of Accessing the Video Stream Axis M3007-P Setting Up the Product Setting Up the ProductBasic Setup Setting Up the Product Video Video StreamPixel Counter View modes OverviewPanorama Double Panorama Quad ViewImage Direction264 MjpegImage Appearance Camera SettingsStream Profiles White BalanceShutter & Gain Exposure SettingsView areas Set Shutter toGo to Video Video Stream and select the Image tab OverlayOverlay Image Go to Video Overlay ImageUsing Overlay Text in an Action Rule Privacy MaskGo to Events Action Rules Live View Config Live View ConfigDefault Viewer for Browsers Viewer Settings User Defined LinksBrowser Viewer Description PTZ Pan Tilt Zoom Preset PositionsGo to PTZ Preset Positions PTZ Pan Tilt ZoomControls PTZ Pan Tilt Zoom Guard TourAdvanced Go to PTZ Guard Tour and click AddCamera Tampering DetectorsDetectors Motion DetectionGo to Detectors Motion Detection Set Up Motion Detection WindowsMotion Detection Parameters Parameter Object Size History Sensitivity DescriptionLow level 0% Default valuesMedium level 50% Recommended valuesApplications Install ApplicationApplications Application LicensesAxis M3007-P Events EventsFallback Action Setting Up an Action RuleRecipients Go to Events Action Rules and click AddSetting Up an Email Recipient Recipient Use with actionGo to Events Recipients and click Add Go to Events Schedules and click Add Events SchedulesRecurrences Go to Events Recurrences and click AddRecording List RecordingsRecordings Continuous RecordingClick Save to save and start the recording Languages LanguagesSecurity System OptionsSystem Options UsersIeee CertificatesCertificates Go to Setup System Options Security Certificates Date & TimeBasic TCP/IP Settings NetworkDNS Configuration Advanced TCP/IP SettingsAxis Internet Dynamic DNS Service Axis Video Hosting System AvhsLink-Local IPv4 Address NTP ConfigurationHost Name Configuration NAT traversal port mapping for IPv4QoS Quality of Service FTPRTP/H.264 UPnPTM can be disabled under System Options Network UPnPTMUPnPTM BonjourNetwork Share System Options StorageSD Card Go to System Options Storage and click SD CardSupport Overview MaintenanceSupport System OverviewScripting Plain ConfigLogs & Reports File UploadSystem Options Reset to Factory Default Settings Checking the Firmware TroubleshootingTroubleshooting Upgrading the FirmwareProduct is accessible locally but not externally Problems setting the IP addressProduct cannot be accessed from a browser Problems with streaming H.264Storage and disk management problems Video and image problems, generalVideo Camera Settings Key framesTechnical Specifications Technical SpecificationsInstallation aids Data Streaming Function/group SpecificationsMaintenance Built-in PowerTechnical Specifications Performance Considerations M4.5
Top Page Image Contents