Built-in cybersecurity features

Axis network products offer a variety of built-in cybersecurity features to counter different types of cyber-attacks, effectively battle vulnerabilities, and prevent unauthorized access to your system. From detecting firmware tampering to preventing device replacement, these features safeguard your system and help reduce the risk of digital attacks.
chip viewed in 3d on a black background

Authenticated by Axis

How do you know your system is communicating with an authorized Axis device and that the video captured by the device hasn’t been tampered with? Following the latest international standard for secure device identity (IEEE 802.1AR), the Axis Edge Vault security component enable automatic and secure identification of new devices during installation. It also simplifies authorization of Axis products on your network. Axis Edge Vault protects the Axis device ID, a collection of certificates including a digitally signed version of the globally unique serial number of your Axis device.

Signed video in Axis cameras

For added trust and assurance, signed video adds a cryptographic checksum into each video frame, which is then signed by a unique key in Axis Edge Vault. This allows video to be traced back to the Axis camera from where it originated, so it’s possible to verify that the footage hasn’t been tampered with after it left the camera. 

Signed video is available for compatible cameras with firmware 10.11, and video recordings can be verified using AXIS File Player.

padlock on a black chip that glows in a yellow color

Certified key storage

Used in selected Axis products, the Trusted Platform Module (TPM) is a standalone hardware component that ensures cryptographic keys and certificates are safe and secure, even in the event of a security breach. All private keys are stored within the TPM and all cryptographic operations requiring the private key are sent to the TPM for processing. It’s not possible to modify anything inside the TPM, so the secret part of the certificate is always safeguarded. The TPM in Axis products is certificated to meet the requirements of FIPS 140-2 level 2 and includes role-based operator authentication and tamper evidence.

Axis firmware – only from Axis

Attackers may try to deceive system owners into installing altered firmware which may include malicious code. Signed firmware prevents this. You can verify the integrity of the firmware before you install new devices or upgrade existing ones. Axis firmware is signed using a digital signature. This process is based on the RSA public-key encryption method, where the public key is embedded in the Axis device and the private key is stored in a safe and secure location at Axis. Devices with signed firmware can validate the firmware before allowing installation. This guarantees that the firmware is indeed from Axis and hasn’t been compromised.

ones and zeros flying around at a high speed

Secure startup every time

Based on the use of signed firmware, secure boot acts as a gatekeeper for your surveillance system. This functionality ensures unauthenticated, tampered code is blocked and rejected during the boot process before it can attack or infect your system. Furthermore, Axis signed firmware ensures that any new firmware to be downloaded and installed on a device is signed by Axis. So you can be sure your device will boot only trusted, authentic firmware that originates from Axis.

Product awards

Award security today 2022

Product of the Year

Signed video - Product of the year 2022

Related resources

You may also be interested in