Axis 211W Guida Utente

The AXIS 211W supports encrypted browsing using HTTPS. 

A self-signed certificate can be used until a Certificate Authority-issued certificate has been obtained. Click the 

Create self-signed Certificate button to install a self-signed certificate. Although self-signed certificates are free 

and offer some protection, true security will only be implemented after the installation of a signed certificate 

issued by a certificate authority. 

A signed certificate can be obtained from an issuing Certificate Authority by clicking the Create Certificate 

Request button. When the signed certificate is returned, click the Install signed certificate button to import the 

certificate. The properties of any certificate request currently resident in the camera or installed can also be 

viewed by clicking the Properties... button. The HTTPS Connection Policy must also be set in the drop-down 

lists to enable HTTPS in the camera. For more information, please refer to the online help.

 

802.1X - Network Admission Control
The settings here enable AXIS 211W to access a wired network protected by 802.1X/EAPOL (Extensible 

Authentication Protocol Over LAN). IEEE 802.1X is an IEEE standard for port-based Network Admission Control. 

It provides authentication to devices attached to a network port, establishing a point-to-point connection, or if 

authentication fails, preventing access on that port. 802.1X is based on EAP (Extensible Authentication 

Protocol). 

In a 802.1X enabled network switch, clients equipped with the correct software can be authenticated and 

allowed or denied network access at the Ethernet level. 

Clients and servers in an 802.1X network may need to authenticate each other by some means. In the Axis 

implementation this is done with the help of digital certificates provided by a Certification Authority. These are 

then validated by a third-party entity, such as a RADIUS server, examples of which are FreeRADIUS and 

Microsoft Internet Authentication Service.

To perform the authentication, the RADIUS server uses various EAP methods/protocols, of which there are 

many. The one used in the Axis implementation is EAP-TLS (EAP-Transport Layer Security). 

The AXIS network video device presents its certificate to the network switch, which in turn forwards this to the 

RADIUS server. The RADIUS server validates or rejects the certificate and responds to the switch, and sends its 

own certificate to the client for validation. The switch then allows or denies network access accordingly, on a 

preconfigured port. 

RADIUS (Remote Authentication Dial In User Service) - AAA (Authentication, Authorization and Accounting) 

protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming 

situations.

CA servers - In cryptography, a Certification Authority (CA) is an entity that provides signed digital certificates 

for use by other parties, thus acting a trusted third party. There are many commercial CA’s that charge for their 

services. Institutions and governments may have their own CA, and there are free CA’s available. 

Current Server Time - displays the current date and time (24h clock). The time can be displayed in 12h clock 

format in the Overlay (see below).

New Server Time - Select your time zone from the drop-down list. If you want the server clock to automatically 

adjust for daylight savings time, select the Automatically adjust for daylight saving time changes. 

From the Time Mode section, select the preferred method to use for setting the time:

• Synchronize with computer time - sets the time from the clock on your computer. 
• Synchronize with NTP Server - the camera will obtain the time from an NTP server every 60 minutes. 

The NTP Server can be set under Network > TCP/IP > Advanced or click on the No server specified 

• Set manually - this option allows you to manually set the time and date.