AXIS OS for your enterprise IT infrastructure

Easy implementation of zero-trust

With Axis devices running on AXIS OS, it's easy to implement zero-trust. Get a secure and automated network integration without vendor lock-in, and ensure 24/7 monitoring.

Enrollment over Secure Transport (EST)
Audit logs
Secure device onboarding with IEEE 802.1X/802.1AR
MACsec
OAuth 2.0
Firewall

AXIS OS software support device lifecycle management

Secure device lifecycle management

Easily understand which regulations and standards your AXIS OS-based devices comply with. Stay aware of vulnerabilities and enjoy long and transparent software support.

AXIS OS Trust Center
Transparent and predictable software support
Vulnerability Management
Publicly open API integration
Device management software

Subscribe to stay aware

Through vulnerability patching and new cybersecurity features, AXIS OS-based devices improve for every release. To stay aware of newly patched CVEs and new cybersecurity functionality, make sure to subscribe to the following services.

Enrollment over Secure Transport (EST)

AXIS OS 12.10 and onwards supports the Enrollment over Secure Transport (EST) network standard (RFC 7030). It streamlines the automatic lifecycle and renewal of X.509 certificates, for example HTTPS, 802.1X and other services. Axis devices automatically request and continuously renew X.509 certificates by communicating with centralized IT infrastructure and applications such as KeyFactor EJBCA, HPE Aruba ClearPass Policy Manager, or Cisco Identity Service Engine (ISE)®.

For technical details and integration guides, visit AXIS OS Knowledge base.

Audit logs

AXIS OS supports 24/7 audit logging through remote Syslog for SIEM and SNMP monitoring applications. With 10+ event classes, such as suspicious network activity and intrusion detection, it offers you:

Traceability - captures user behavior and system activities 24/7

Cybersecurity -  detects unauthorized access and suspicious behavior

Compliance - a requirement in many regulations and IoT cybersecurity standards.

The audit logs are easy to integrate and can be forwarded to different IT monitoring platforms for centralized storage and analysis. They are also conformant to industry standards (OCSF). 

Learn more by watching AXIS OS Technical update video on Audit logging.

Secure device onboarding with IEEE 802.1X/802.1AR

AXIS OS supports IEEE technologies such as IEEE 802.1AR for secure device identification and authenticity, and IEEE 802.1X for network authentication. So, your network policy engine or access control application can securely onboard and operate Axis devices automatically. Axis devices are also preconfigured from factory, with no vendor lock-in. For instance, they work with several common network manufacturers such as Extreme Networks (Fabric Attach), HPE Aruba, and others.

Learn more technical details by study the integration with Extreme Networks and HPE Aruba, or by watching the AXIS OS Technical update on the partnership and joint solution with HPE Aruba.

MACsec

AXIS OS supports IEEE 802.1AE MACsec for fundamental network layer-2 encryption, effectively doubling network security when used in combination with HTTPS and other TLS protocols. MACsec enables authorized Ethernet devices to encrypt traffic and prevent both eavesdropping and man-in-the-middle data insertion attacks. By supporting MACsec at the device level, we provide true end-to-end protected networks for video, access control, and audio systems.

Learn more by visiting AXIS OS Knowledge base and by watching AXIS OS Technical update video on MACsec. 

OAuth 2.0

AXIS OS supports OAuth 2.0, the preferred authentication method in modern applications. Centralized identity and access management (IAM) with OAuth 2.0 integration allows you to authenticate your Axis devices using multi-factor authentication (MFA) and tailored password complexity enforcement and rotation. Through OAuth 2.0, broad compatibility is given to many common Identity-Provider such as Microsoft Azure, Microsoft Windows Server AD FS, Google Cloud Platform and many more.

Learn more technical details by visiting AXIS OS Knowledge base, or by watching the AXIS OS Technical update on OAuth 2.0.

Firewall

This Layer 2/3 host-based firewall provides micro-segmentation, significantly boosting network security for your Axis devices. Adhering to zero-trust principles, it ensures only authorized clients gain tailored access. Key features include IP-address-range, Port, and MAC-address filtering for incoming requests. It also offers Denial-of-Service (DoS) mitigation by limiting concurrent and new connections, ensuring robust network layer protection at all times.

Learn more by visiting AXIS OS Knowledge base.

AXIS OS Trust Center

AXIS OS Trust Center is a resource page that provides compliance and certification information as well as descriptions of the cybersecurity measures supported by AXIS OS-based network products. It contains a wide range of information, from cybersecurity practices and measures, to certificates, guides, and reports. This makes it easy for you to vet adherence to requirements and regulations. 

Learn more by visiting  AXIS OS Trust Center.

Transparent and predictable software support

Device software updates along with release notes for different AXIS OS tracks. Our long-term support (LTS) track offers regular security patches and bug fixes, while the active track also includes the most up-to-date feature.

Disclosed Software Bill of Materials (SBOMs).

Disclosed end of software support dates from launch of all AXIS OS-based devices, which normally is around 8-12 years from product launch.

For more in-depth knowledge about AXIS OS Lifecycle management, visit AXIS OS Portal. Go here to download the latest device software and get access to the SBOM, end of software support date as well as the release note.

Vulnerability Management

To minimize your risk of exposure, Axis implements industry best practices for transparently managing vulnerabilities. This includes making you aware of vulnerabilities, so you can act in a timely manner. Among other things, AXIS OS discloses vulnerabilities through CVE IDs. We also collaborate with ethical hackers connected to Bugcrowd, and together we run a public Bug bounty program for AXIS OS-based products.

Learn more by visiting Axis Vulnerability management webpage and AXIS OS Security Scanner Guide, that offers recommendations on how to solve certain remarks from the vulnerability scanning.

Publicly open API integration

VAPIX is an open application programming interface (API) developed by Axis. It uses standard protocols to provide direct access, configuration, and control of Axis devices. You can use these interfaces to integrate with your IT systems and customize solutions to fit your needs.

Learn more by visiting VAPIX® Axis developer documentation where you can find the complete reference documentation to all VAPIX APIs organized by category.

Device management software

Whether you’re running an on-premises, cloud-based, or hybrid system, Axis offers a portfolio of device management software that makes it easy to protect and manage your devices throughout the lifecycle. 

To ensure the security of the system, these applications make it easy to apply and maintain safeguards throughout a device’s lifecycle. For instance, you’ll know whenever there's an update available, so you can quickly install software to ensure your devices get the latest bug fixes and vulnerability patches. It’s also easy to control user access and permissions to help ensure data confidentiality. 

Learn more by visiting the Device management software webpage. 