Loading ...
Loading ...
Loading ...
![](https://files.manualsfile.com/65843763-0269x-001/bg19.png)
AXISC1110-ECabinetSpeaker
Thewebinterface
•Keytype:Selectthedefaultoradifferentencryptionalgorithmfromthedrop-downlisttoprotectthecerticate.
Thecontextmenucontains:
•Certicateinformation:Viewaninstalledcerticate’sproperties.
•Deletecerticate:Deletethecerticate.
•Createcerticatesigningrequest:Createacerticatesigningrequesttosendtoaregistrationauthoritytoapply
foradigitalidentitycerticate.
Securekeystore
:
•Secureelement(CCEAL6+):Selecttousesecureelementforsecurekeystore.
•TrustedPlatformModule2.0(CCEAL4+,FIPS140-2Level2):SelecttouseTPM2.0forsecurekeystore.
IEEE802.1xandIEEE802.1AEMACsec
IEEE802.1xisanIEEEstandardforport-basednetworkadmissioncontrolprovidingsecureauthenticationofwiredandwireless
networkdevices.IEEE802.1xisbasedonEAP(ExtensibleAuthenticationProtocol).
ToaccessanetworkprotectedbyIEEE802.1x,networkdevicesmustauthenticatethemselves.Theauthenticationisperformedby
anauthenticationserver,typicallyaRADIUSserver(forexample,FreeRADIUSandMicrosoftInternetAuthenticationServer).
Certicates
WhenconguredwithoutaCAcerticate,servercerticatevalidationisdisabledandthedevicetriestoauthenticateitself
regardlessofwhatnetworkitisconnectedto.
Whenusingacerticate,inAxis'implementation,thedeviceandtheauthenticationserverauthenticatethemselveswithdigital
certicatesusingEAP-TLS(ExtensibleAuthenticationProtocol-TransportLayerSecurity).
Toallowthedevicetoaccessanetworkprotectedthroughcerticates,youmustinstallasignedclientcerticateonthedevice.
Authenticationmethod:SelectanEAPtypeusedforauthentication.ThedefaultoptionisEAP-TLS.EAP-PEAP/MSCHAPv2isa
moresecureoption.
Clientcerticate:SelectaclientcerticatetouseIEEE802.1x.Theauthenticationserverusesthecerticatetovalidatethe
client’sidentity.
CAcerticate:SelectCAcerticatestovalidatetheauthenticationserver’sidentity.Whennocerticateisselected,thedevice
triestoauthenticateitselfregardlessofwhatnetworkitisconnectedto.
EAPidentity:Entertheuseridentityassociatedwiththeclientcerticate.
EAPOLversion:SelecttheEAPOLversionthatisusedinthenetworkswitch.
UseIEEE802.1x:SelecttousetheIEEE802.1xprotocol.
IEEE802.1AEMACsec
IEEE802.1AEMACsecisanIEEEstandardformediaaccesscontrol(MAC)securitythatdenesconnectionlessdatacondentiality
andintegrityformediaaccessindependentprotocols.
ThesettingsareonlyavailableifyouuseEAP-TLSastheauthenticationmethod:
Mode
•DynamicCAK/EAP-TLS:Thedefaultoption.Afterasecuredconnection,thedevicechecksforMACseconthenetwork.
•StaticCAK/pre-sharedkey(PSK):Selecttosetthekeynameandvaluetoconnecttothenetwork.
ThesettingsareonlyavailableifyouuseEAP-PEAP/MSCHAPv2astheauthenticationmethod:
•Password:Enterthepasswordforyouruseridentity.
•Peapversion:SelectthePeapversionthatisusedinthenetworkswitch.
•Label:Select1touseclientEAPencryption;select2touseclientPEAPencryption.SelecttheLabelthatthenetwork
switchuseswhenusingPeapversion1.
25
Loading ...
Loading ...
Loading ...