AXIS M5065 PTZ Network Camera
About system options
The Axis product can be configured to require HTTPS when users from different user groups (administrator, operator, viewer) log in.
To use HTTPS, an HTTPS certificate must first be installed. Go to
System Options > Security > Certificates
to install and manage
certificates. See
.
To enable HTTPS on the Axis product:
1. Go to
System Options > Security > HTTPS
2. Select an HTTPS certificate from the list of installed certificates.
3. Optionally, click
Ciphers
and select the encryption algorithms to use for SSL.
4. Set the
HTTPS Connection Policy
for the different user groups.
5. Click
Save
to enable the settings.
To access the Axis product via the desired protocol, in the address field in a browser, enter
https://
for the HTTPS protocol
and
http://
for the HTTP protocol.
The HTTPS port can be changed on the
System Options > Network > TCP/IP > Advanced
page.
IEEE 802.1X
IEEE 802.1X is a standard for port-based Network Admission Control providing secure authentication of wired and wireless network
devices. IEEE 802.1X is based on EAP (Extensible Authentication Protocol).
To access a network protected by IEEE 802.1X, devices must be authenticated. The authentication is performed by an authentication
server, typically a
RADIUS server
, examples of which are FreeRADIUS and Microsoft Internet Authentication Service.
In Axis implementation, the Axis product and the authentication server identify themselves with digital certificates using EAP-TLS
(Extensible Authentication Protocol - Transport Layer Security). The certificates are provided by a
Certification Authority
(CA).
You need:
•
a CA certificate to authenticate the authentication server.
•
a CA-signed client certificate to authenticate the Axis product.
To create and install certificates, go to
System Options > Security > Certificates
. See
To allow the product to access a network protected by IEEE 802.1X:
1. Go to
System Options > Security > IEEE 802.1X
.
2. Select a
CA Certificate
and a
Client Certificate
from the lists of installed certificates.
3. Under
Settings
, select the EAPOL version and provide the EAP identity associated with the client certificate.
4. Check the box to enable IEEE 802.1X and click
Save
.
Note
For authentication to work properly, the date and time settings in the Axis product should be synchronized with an NTP
server. See
.
About certificates
Certificates are used to authenticate devices on a network. Typical applications include encrypted web browsing (HTTPS), network
protection via IEEE 802.1X and notification messages for example via email. Two types of certificates can be used with the Axis
product:
Server/Client certificates -
To authenticate the Axis product. A
Server/Client
certificate can be self-signed or issued by a Certificate
Authority (CA). A self-signed certificate offers limited protection and can be used before a CA-issued certificate has been obtained.
44