Filter
Top Products
39
AXIS 243Q Blade - System options
HTTPS
For greater security, the AXIS 243Q Blade can be configured to use HTTPS (Hypertext
Transfer Protocol over SSL (Secure Socket Layer)). That is, all communication that would
otherwise go via HTTP will instead go via an encrypted HTTPS connection.
Certificate - to use HTTPS for communication with the
AXIS 243Q Blade, a Certificate must
be created using one of these methods:
• A self-signed certificate can be created in the video server
, but this does not guar-
antee the same level of security as
an official certificate.
• An official certificate issued by a CA (Certificate Authority).
A CA issues and
manages security credentials and public keys for message encryption.
To create a certificate:
1. Click either Crea
te self-signed certificate or Create Certificate Request and enter
the required information in the provided fields
2. Click OK.
3. The Create self-signed certificate option generates and installs a certificate that
is displayed under Installed Certificate.
The Create Certificate Request option generates a PEM (Privacy Enhanced Mail)
formatted request which you copy and send to a CA for signing. When the signed
certificate is returned, click Install signed certificate... to install the certificate in
the AXIS 243Q Blade.
4. Set the HTTPS Connection Policy for the administrator, Operator and Viewer to
enable HTTPS connection (set to HTTP by default)
Note:
Privacy Enhanced Mail (PEM), is an early IETF proposal for securing email using public key cryptography.
Please refer to the home page of your preferred CA for information on where to send the
request. For more information, please see the online help .
IEEE 802.1x
IEEE 802.1x is an IEEE standard for port-based
Network Admission Control. It provides
authentication to devices attached to a network port (wired or wireless), establishing a
point-to-point connection, or, if authentication fails, preventing access on that port.
802.1x is based on EAP (Extensible Authentication Protocol). There are many EAP methods
available to access a network protected by 802.1x/EAPOL (Extensible Authentication
Protocol Over Lan). The one used here is EAP-TLS (EAP-Transport Layer Security).
In a 802.1x enabled network switc
h, clients equipped with the correct software can be
authenticated and allowed or denied network access at the Ethernet level.
Clients and servers in an 802.1x network may need to authenticate each other. In the Axis
implementation this is
done with the help of digital certificates provided by a Certification
Authority. These are then validated by a third-party entity, such as a RADIUS server,
examples of which are Free Radius and Microsoft Internet Authentication Service.