Sony SNCCX600 ユーザーズマニュアル
Ad
minis
minis
tra
ting t
he Camer
a
Setting the Security — Security Menu
39
4
Select Certificates from the list, then click Add.
Certificate Snap-in is displayed.
Certificate Snap-in is displayed.
5
Select Computer account as the certificate
administrated in this Snap-in, then click Next.
administrated in this Snap-in, then click Next.
6
Select Local Computer as the computer
administrated in this Snap-in, then click Finish.
administrated in this Snap-in, then click Finish.
7
Close Add Standalone Snap-in (for Windows XP
Professional only) and Add/Remove Snap-in...
dialogs.
The items for administrating Certificates appears
in the Console Route window.
Confirm the relevant certificate, then remove it.
Professional only) and Add/Remove Snap-in...
dialogs.
The items for administrating Certificates appears
in the Console Route window.
Confirm the relevant certificate, then remove it.
802.1X Tab
Configure the wired port-based authentication in
compliance with the 802.1X standard.
compliance with the 802.1X standard.
Notes
• To use the 802.1X authentication function, you need
knowledge of the 802.1X authentication and digital
certificate. To establish an 802.1X network, you need
to configure the authenticator, authentication server
and other elements. For details on these settings, refer
to the manual of the corresponding equipment.
certificate. To establish an 802.1X network, you need
to configure the authenticator, authentication server
and other elements. For details on these settings, refer
to the manual of the corresponding equipment.
• When using the 802.1X authentication function,
always configure the settings after setting the date and
time of the camera. If the date and time are incorrect,
port authentication may not be performed correctly.
time of the camera. If the date and time are incorrect,
port authentication may not be performed correctly.
System configuration of 802.1X
network
network
The following figure shows a general system
configuration of an 802.1X network.
configuration of an 802.1X network.
Supplicant
A supplicant is a device that connects to the
authentication server to join the network. This camera
serves as a supplicant in the 802.1X network. The
supplicant can enter the 802.1X network after
appropriate authentication by the authentication server.
A supplicant is a device that connects to the
authentication server to join the network. This camera
serves as a supplicant in the 802.1X network. The
supplicant can enter the 802.1X network after
appropriate authentication by the authentication server.
Authenticator
An authenticator forwards certificate request data or
response data that the supplicant or authentication server
issues to the other party. Normally a hub, router or
access point serves as an authenticator.
An authenticator forwards certificate request data or
response data that the supplicant or authentication server
issues to the other party. Normally a hub, router or
access point serves as an authenticator.
Authentication server
An authentication server has a database of connecting
users and verifies if the supplicant is a valid user or not.
It can also be called RADIUS server.
An authentication server has a database of connecting
users and verifies if the supplicant is a valid user or not.
It can also be called RADIUS server.
CA (Certificate Authority)
A CA issues and manages certificates of the
authentication server (CA certificates) and user
certificates. The CA is essential for certificate-based
user authentication. Normally a CA is located inside an
authentication server.
A CA issues and manages certificates of the
authentication server (CA certificates) and user
certificates. The CA is essential for certificate-based
user authentication. Normally a CA is located inside an
authentication server.
Note
This camera supports EAP mode in which the supplicant
and the server authenticate using the certificate. This
mode requires a CA to issue the certificate.
and the server authenticate using the certificate. This
mode requires a CA to issue the certificate.
Common setting
Enable
Select the checkbox to enable the 802.1X authentication
function.
Select the checkbox to enable the 802.1X authentication
function.
EAP identity
Type the user name to identify the client in the 802.1X
authentication server up to 250 characters.
authentication server up to 250 characters.
EAP password
A supplicant EAP password is needed to be inputted
when PEAP is selected with EAP condition. The
password can contain half-width letters and the length
should be within 50 characters.
when PEAP is selected with EAP condition. The
password can contain half-width letters and the length
should be within 50 characters.
Reset
To change the once set EAP password, click Reset and
clear the current password. A new password can be
entered.
To change the once set EAP password, click Reset and
clear the current password. A new password can be
entered.
Note
After you click Reset, if you wish to cancel the EAP
password change, click Cancel at the bottom of the
screen. This will cancel other changes made to the
settings.
password change, click Cancel at the bottom of the
screen. This will cancel other changes made to the
settings.
EAP method
You can select the authentication method used with the
authentication server. This device supports TLS and
PEAP.
authentication server. This device supports TLS and
PEAP.
Supplicant
(camera)
(camera)
Authenticator
(hub or router)
(hub or router)
Authentication
server + CA
server + CA