As the Information Technology (IT) network becomes more tightly integrated with the Operational Technology (OT) environment, it is important that they work together in a safe and trusted way, meeting IT requirements, but at the same time making the operational security installation a breeze. With the right combination of expertise, capabilities, and tools you will improve the security control.
Simplify network onboarding
Zero-touch secure onboarding of Axis devices onto an IP network
Achieve better network security
Open and standardized framework for seamless integrations into daily workflows
Decrease operational costs
Automated security provisioning of devices, without the need for IT skilled labor in the field
Zero trust network integrations
The root-of-trust and other security capabilities provided by the hardware-based cybersecurity platform, Axis Edge Vault, creates the necessary integration interfaces for the Axis device to integrate into customer networks. In practice, this means that HTTPS and IEEE 802.1X standards for port-based network access control are enabled on Axis devices by default, allowing for zero-touch onboarding without configuration. In addition, IEEE 802.1AE MACsec security standard for Ethernet Layer 2 network encryption are supported in products with AXIS OS 11.8, which significantly enhancing security in zero-trust networks.
Trusted devices
Axis devices act as intelligent and secure IoT (Internet of Things) devices. The Axis device ID is provisioned from factory and can prove the authenticity of the Axis device, including its serial number and other device-specific information across the whole device lifecycle. This ensures that the device can be uniquely identified, profiled, and trusted during its lifecycle. Furthermore, the focus on secure network protocol alternatives such as HTTPS TLS 1.2/1.3, secure syslog, network time security (NTS), IEEE 802.1X and IEEE 802.1AE MACsec ensure that the device can be securely operated at any time.
Monitoring and visibility
Profiling the type of IoT device entering the network and continuously monitoring them, are key elements during the lifecycle. Axis devices adhere to IT industry standard discovery protocols such as Link Layer Discovery Protocol (LLDP), Cisco Discovery Protocol (CDP) and Bonjour/MDNS to share device information in factory default state. For monitoring purposes, a comprehensive audit log is provided for monitoring configuration changes and login attempts that can be sent to a central monitoring system through the IT industry standardized syslog format.
Cost-efficient automation
The sheer number of IoT devices that can populate a network can be overwhelming when it comes to manageability and following IT compliance rules. That’s why Axis made it as easy as possible to manage these devices. Device onboarding, for instance, can be fully automated in Axis devices through IEEE 802.1X using the IEEE 802.1AR-compliant Axis device ID certificate. Furthermore, certificate enrollment through standard IT network protocols such as SCEP and EST will remove the need for manual certificate management per device and allows for meeting IT compliance when it comes to certificate and Transport Layer Security (TLS) management.
IT compliance
Manufacturers and vendors who adopt open and well-defined network protocols and standards will be able to partner with other vendors regardless of brand. By avoiding proprietary specifications and vendor lock-in situations, customers benefit from increased efficiency for their business while increasing overall security. This is one reason why Axis find it important to support industry standards.
Automation
Network integration guide
Secure integration of Axis devices into Aruba networks.
AXIS OS Hardening Guide
This guide helps you to better secure your network, devices, and services.
Network security
Certificate management
Encrypted HTTPS and other secure connections to access the devices securely.
Audit logs for compliance
AXIS OS provides detailed logs of events, for audit and access control management purposes.
Network access and device identity
Axis devices support IEEE 802.1X, IEEE 802.1AR and IEEE 802.1AE.
Signed certificates
AXIS Device Manager comes with a built-in CA service to issue signed certificates.
Lifecycle management and monitoring
Proactive monitoring
Quickly view potential vulnerabilities and detect connectivity issues.
Operational status
Quickly know operation status of Axis software.
Axis Cybersecurity
Learn more about assessing risks and consequences, and taking appropriate steps.