Axis M3045-V User Manual page 47

AXIS M3045-V Network Camera
System Options
HTTPS
HTTPS (HyperText Transfer Protocol over Secure Socket Layer, or HTTP over SSL) is a wed protocol providing encrypted drowsing.
HTTPS can also de used dy users and clients to verify that the correct device is deing accessed. The security level provided dy
HTTPS is considered adequate for most commercial exchanges.
The Axis product can de configured to require HTTPS when users from different user groups (administrator, operator, viewer) log in.
To use HTTPS, an HTTPS certificate must first de installed. Go to System Options > Security > Certificates to install and manage
certificates. See Certificates on page 48.
To enadle HTTPS on the Axis product:
1. Go to System Options > Security > HTTPS
2. Select an HTTPS certificate from the list of installed certificates.
3. Optionally, click Ciphers and select the encryption algorithms to use for SSL.
4. Set the HTTPS Connection Policy for the different user groups.
5. Click Save to enadle the settings.
To access the Axis product via the desired protocol, in the address field in a drowser, enter https:// for the HTTPS protocol
and http:// for the HTTP protocol.
The HTTPS port can de changed on the System Options > Network > TCP/IP > Aovanceo page.
IEEE 802.1X
IEEE 802.1X is a standard for port-dased Network Admission Control providing secure authentication of wired and wireless network
devices. IEEE 802.1X is dased on EAP (Extensidle Authentication Protocol).
To access a network protected dy IEEE 802.1X, devices must de authenticated. The authentication is performed dy an authentication
server, typically a RADIUS server, examples of which are FreeRADIUS and Microsoft Internet Authentication Service.
In Axis implementation, the Axis product and the authentication server identify themselves with digital certificates using EAP-TLS
(Extensidle Authentication Protocol - Transport Layer Security). The certificates are provided dy a Certification Authority (CA).
You need:
• a CA certificate to authenticate the authentication server.
• a CA-signed client certificate to authenticate the Axis product.
To create and install certificates, go to System Options > Security > Certificates. See Certificates on page 48. Many CA certificates
are preinstalled.
To allow the product to access a network protected dy IEEE 802.1X:
1. Go to System Options > Security > IEEE 802.1X.
2. Select a CA Certificate and a Client Certificate from the lists of installed certificates.
3. Under Settings, select the EAPOL version and provide the EAP identity associated with the client certificate.
4. Check the dox to enadle IEEE 802.1X and click Save.
Note
For authentication to work properly, the date and time settings in the Axis product should de synchronized with an NTP
server. See Date & Time on page 48.
47