Configuring the Cisco VC 220 Network Camera Software
Network Setting > 802.1X
VC 220 Dome WDR Day/Night PoE Network Camera Administration Guide
54
6
Network Setting > 802.1X
802.1X is an IEEE standard for media-level access control, offering the capability to
permit or deny network connectivity, control VLAN access, and apply traffic policy
based on user or machine identity. When you complete the configuration, click
Save
to save the settings; otherwise click
Cancel
to discard the changes.
IEEE802.1X
Enable this function if your network environment uses IEEE 802.1x, which is a port-
based network access control. 802.1X uses Extensible Authentication Protocol
(EAP) so multiple different authentication schemes may be added including smart
cards, Kerberos, public key, one-time passwords, and others.
A summary of the most used EAP authentication mechanism are listed below. A
full list of registered EAP authentication types is available at IANA:
http://www.iana.org/assignments/eap-numbers.
!
CAUTION
Not all authentication mechanisms are considered secure.
EAP-MD5
MD5-Challenge requires a username and password, and is equivalent to the
PPP CHAP protocol, RFC1994. This method does not provide dictionary attack
resistance, mutual authentication, or key derivation, and has therefore little use in a
wireless authentication environment.
EAP-TLS
Creates a TLS session within EAP, between the Supplicant and the Authentication
Server. Both the server and the client(s) need a valid (x509) certificate, and
therefore a PKI. This method provides dual authentication. EAP-TLS is described in
RFC2716.
EAP-TTLS
Sets up a encrypted TLS tunnel to safely transport authentication data. Within the
TLS tunnel, other authentication methods may be used. Developed by Funk
Software and Meetinghouse, and is currently an IETF draft.
