1. Home
  2. Axis
  3. Axis 02328-001 User Manual
  4. Page 30

Axis 02328-001 P3265-LVE 2MP Outdoor Network Dome Camera

Axis P3265-LVE User Manual - Page 30

For 02328-001.

PDF File Manual, 57 pages, Read Online | Download pdf file

02328-001 photo
Loading ...
Loading ...
Loading ...
AXISP32DomeCameraSeries
Thedeviceinterface
Certicatesareusedtoauthenticatedevicesonanetwork.Thedevicesupportstwotypesofcerticates:
Client/servercerticates
Aclient/servercerticatevalidatesthedevice’sidentity,andcanbeself-signedorissuedbyaCerticateAuthority(CA).
Aself-signedcerticateofferslimitedprotectionandcanbeusedbeforeaCA-issuedcerticatehasbeenobtained.
CAcerticates
YoucanuseaCAcerticatetoauthenticateapeercerticate,forexampletovalidatetheidentityofanauthentication
serverwhenthedeviceconnectstoanetworkprotectedbyIEEE802.1X.Thedevicehasseveralpre-installedCA
certicates.
Theseformatsaresupported:
Certicateformats:.PEM,.CER,and.PFX
Privatekeyformats:PKCS#1andPKCS#12
Important
Ifyouresetthedevicetofactorydefault,allcerticatesaredeleted.Anypre-installedCAcerticatesarereinstalled.
Filterthecerticatesinthelist.
Addcerticate:Clicktoaddacerticate.
Thecontextmenucontains:
Certicateinformation:Viewaninstalledcerticate’sproperties.
Deletecerticate:Deletethecerticate.
Createcerticatesigningrequest:Createacerticatesigningrequesttosendtoaregistrationauthoritytoapply
foradigitalidentitycerticate.
IEEE802.1x
IEEE802.1xisanIEEEstandardforport-basednetworkadmissioncontrolprovidingsecureauthenticationofwiredandwireless
networkdevices.IEEE802.1xisbasedonEAP(ExtensibleAuthenticationProtocol).
ToaccessanetworkprotectedbyIEEE802.1x,networkdevicesmustauthenticatethemselves.Theauthenticationisperformedby
anauthenticationserver,typicallyaRADIUSserver(forexampleFreeRADIUSandMicrosoftInternetAuthenticationServer).
Certicates
WhenconguredwithoutaCAcerticate,servercerticatevalidationisdisabledandthedevicetriestoauthenticateitself
regardlessofwhatnetworkitisconnectedto.
Whenusingacerticate,inAxis'implementation,thedeviceandtheauthenticationserverauthenticatethemselveswithdigital
certicatesusingEAP-TLS(ExtensibleAuthenticationProtocol-TransportLayerSecurity).
Toallowthedevicetoaccessanetworkprotectedthroughcerticates,asignedclientcerticatemustbeinstalledonthedevice.
Clientcerticate:SelectaclientcerticatetouseIEEE802.1x.Theauthenticationserverusesthecerticatetovalidatethe
client’sidentity.
CAcerticate:SelectaCAcerticatetovalidatetheauthenticationserver’sidentity.Whennocerticateisselected,thedevice
triestoauthenticateitselfregardlessofwhatnetworkitisconnectedto.
EAPidentity:Entertheuseridentityassociatedwiththeclientcerticate.
EAPOLversion:SelecttheEAPOLversionthatisusedinthenetworkswitch.
UseIEEE802.1x:SelecttousetheIEEE802.1xprotocol.
Preventbrute-forceattacks
30
Loading ...
Loading ...
Loading ...