AXIS T8705 Video Decoder
The device interface
Bonjour
®
: Turn on to allow automatic discovery on the network.
Bonjour name
: Enter a friendly name to be visible on the network. The default name is the device name and MAC address.
Use UPnP
®
: Turn on to allow automatic discovery on the network.
UPnP name
: Enter a friendly name to be visible on the network. The default name is the device name and MAC address.
Security
Certificates
Certificates are used to authenticate devices on a network. The device supports two types of certificates:
•
Client/server certificates
A client/server certificate validates the device’s identity, and can be self-signed or issued by a Certificate Authority (CA).
A self-signed certificate offers limited protection and can be used before a CA-issued certificate has been obtained.
•
CA certificates
You can use a CA certificate to authenticate a peer certificate, for example to validate the identity of an authentication
server when the device connects to a network protected by IEEE 802.1X. The device has several pre-installed CA
certificates.
These formats are supported:
• Certificate formats: .PEM, .CER, and .PFX
• Private key formats: PKCS#1 and PKCS#12
Important
If you reset the device to factory default, all certificates are deleted. Any pre-installed CA certificates are reinstalled.
Filter the certificates in the list.
Add certificate
: Click to add a certificate.
The context menu contains:
•
Certificate information
: View an installed certificate’s properties.
•
Delete certificate
: Delete the certificate.
•
Create certificate signing request
: Create a certificate signing request to send to a registration authority to apply
for a digital identity certificate.
IEEE 802.1x
IEEE 802.1x is an IEEE standard for port-based network admission control providing secure authentication of wired and wireless
network devices. IEEE 802.1x is based on EAP (Extensible Authentication Protocol).
To access a network protected by IEEE 802.1x, network devices must authenticate themselves. The authentication is performed by
an authentication server, typically a RADIUS server (for example FreeRADIUS and Microsoft Internet Authentication Server).
Certificates
When configured without a CA certificate, server certificate validation is disabled and the device tries to authenticate itself
regardless of what network it is connected to.
When using a certificate, in Axis' implementation, the device and the authentication server authenticate themselves with digital
certificates using EAP-TLS (Extensible Authentication Protocol - Transport Layer Security).
To allow the device to access a network protected through certificates, a signed client certificate must be installed on the device.
13