1. Home
  2. Axis
  3. Axis 0272-001 EOL User Manual
  4. Page 23

Axis 0272-001 EOL 247S Video Server 0272-001

Axis 247S User Manual - Page 23

For 0272-001 EOL.

PDF File Manual, 44 pages, Read Online | Download pdf file

0272-001 EOL photo
Loading ...
Loading ...
Loading ...
AXIS 247S - System Options
23
3. Create self-signed certificate generates and installs a certificate which will be displayed under
Installed Certificate.
Create Certificate Request generates a PEM formatted request which you copy and send to a CA for
signing. When the signed certificate is returned, click Install signed certificate... to install the
certificate in the Video Server.
4. Set the HTTPS Connection Policy for the administrator, Operator and Viewer to enable HTTPS
connection (set to HTTP by default)
Please refer to the home page of your preferred CA for information on where to send the request etc. For more
information, please see the online help
802.1X - Network Admission Control
IEEE 802.1X is an IEEE standard for port-based Network Admission Control. It provides authentication to
devices attached to a network port (wired or wireless), establishing a point-to-point connection, or, if
authentication fails, preventing access on that port. 802.1X is based on EAP (Extensible Authentication
Protocol).
The authentication process
In a 802.1X enabled network switch, clients equipped with the correct software can be authenticated and
allowed or denied network access at the Ethernet level.
Clients and servers in an 802.1x network may need to authenticate each other by some means. In the Axis
implementation this is done with the help of digital certificates provided by a Certification Authority. These
are then validated by a third-party entity, such as a RADIUS server, examples of which are Free Radius and
Microsoft Internet Authentication Service.
To perform the authentication, the RADIUS server uses various EAP methods/protocols, of which there are
many. The one used in the Axis implementation is EAP-TLS (EAP-Transport Layer Security).
Protected network
Axis video device
Q: Certificate OK?
Certificate
Authority (CA)
3
1
2
4
A: OK
RADIUS
server
Network
switch
Q: Certificate OK?
A: OK
Certificate
Certificate
1. A CA server provides the required signed certificates.
2. The Axis video device requests access to the protected network at the network switch. The switch forwards
the video device’s CA certificate to the RADIUS server, which then replies to the switch.
3. The switch forwards the RADIUS server’s CA certificate to the video device, which also replies to the
switch.
4. The switch keeps track of all responses to the validation requests. If all certificates are validated, the Axis
video device is allowed access to the protected network via a preconfigured port.
Loading ...
Loading ...
Loading ...