Cisco Cisco VC220 Dome Network Camera Wartungshandbuch

Network Setting > 802.1X

VC 220 Dome WDR Day/Night PoE Network Camera Administration Guide

54

802.1X is an IEEE standard for media-level access control, offering the capability to 
permit or deny network connectivity, control VLAN access, and apply traffic policy 
based on user or machine identity. When you complete the configuration, click 
Save to save the settings; otherwise click Cancel to discard the changes.

Enable this function if your network environment uses IEEE 802.1x, which is a port-
based network access control. 802.1X uses Extensible Authentication Protocol 
(EAP) so multiple different authentication schemes may be added including smart 
cards, Kerberos, public key, one-time passwords, and others. 

A summary of the most used EAP authentication mechanism are listed below. A 
full list of registered EAP authentication types is available at IANA: 
http://www.iana.org/assignments/eap-numbers. 

Not all authentication mechanisms are considered secure.

MD5-Challenge requires a username and password, and is equivalent to the
PPP CHAP protocol, RFC1994. This method does not provide dictionary attack 
resistance, mutual authentication, or key derivation, and has therefore little use in a 
wireless authentication environment. 

Creates a TLS session within EAP, between the Supplicant and the Authentication 
Server. Both the server and the client(s) need a valid (x509) certificate, and 
therefore a PKI. This method provides dual authentication. EAP-TLS is described in 
RFC2716. 

Sets up a encrypted TLS tunnel to safely transport authentication data. Within the 
TLS tunnel, other authentication methods may be used. Developed by Funk 
Software and Meetinghouse, and is currently an IETF draft.