Please wait, authorizing ...

Don't have an account? Register here today.


Axis Implements MACsec Standard in Zero Trust Network Solutions

Axis implementa

International. Axis Communications announced the support of the latest version of its AXIS OS 11.8 operating system with the IEEE 802.1AE Media Access Control Security security standard on more than 200 network devices, including cameras, intercoms and speakers.

This advancement allows such devices to automatically encrypt data in the second layer (data link) of Ethernet to strengthen communication in zero trust networks. In this way, Axis becomes the first manufacturer of physical security products to incorporate Media Access Control Security (MACsec).

With AXIS OS 11.8, MACsec is enabled by default (via EAP-TLS/Dynamic CAK mode) to protect the integrity of data transferred between Axis devices and MACsec-enabled Ethernet switches.

In addition, MACsec protects data communications and network protocols at the elementary level, increasing protection against low-level attacks such as denial-of-service, intrusion, man-in-the-middle data insertion, and interception.

- Publicidad -

The adoption of IEEE 802.1AE MACsec is in addition to Axis' implementation of the IEEE 802.1AR Secure Device Identity (DevID) standard, along with the IEEE 802.1X EAP-TLS network access control standard.

Out-of-the-box support for these three IEEE standards on Axis devices opens the door to automating end-to-end device onboarding, authentication, and encryption, allowing IT professionals to have standard mechanisms for integrating Axis devices into corporate networks.

"Customers have security features that are turned on by default and you don't have to configure anything," says Andre Bastert, Global Product Manager at AXIS OS. "They reduce the complexity of the installation and therefore save time and money. These security features are a great example of zero trust security that doesn't force customers to invest more time. With the increasing convergence of OT and IT, these standard security mechanisms are what IT professionals expect from intelligent IoT products, and Axis is responding to their needs as part of a well-established strategy to facilitate the secure, zero-touch integration of Axis network products into zero trust networks."

Features & Compatibility
MACsec allows you to exchange and verify encryption keys between a device and a switch with MACsec. The data in each Ethernet frame is then encrypted and decrypted in real-time using 128-bit AES-GCM, opening the door to fast and secure data transfer.

AXIS OS 11.8 supports two standard IEEE 802.1AE security modes: Dynamic CAK (EAP-TLS), which is automatic and enabled by default, and Static CAK (pre-shared key) for manual configuration.

The securely stored Axis Device ID [1], a secure IEEE 802.1AR-compliant device identity, is used for authentication on networks with MACsec [4,5] via IEEE 802.1X EAP-TLS port-based network access control (2). In the EAP-TLS session, MACsec keys are automatically exchanged to create a secure link [3] that protects all network traffic from the Axis device to a MACsec-enabled switch.

- Publicidad -

Secure onboarding of an Axis device can be done through IEEE 802.1X EAP-TLS port-based network access control, combined with the IEEE 802.1AR standard supported on the Axis device. IEEE 802.1AR is part of the Axis Edge Vault cybersecurity platform and enables automatic authentication on an IEEE 802.1X network.

Axis uploads unique IEEE 802.1AR compliant Initial Device Identifiers (IDevIDs) into a tamper-proof hardware cryptographic computing module integrated into Axis IoT products at the time of manufacture, with the goal of protecting IDevIDs from potential eavesdropping.

Easy onboarding is possible on any IEEE compliant network, for example with the HPE Aruba Networking ClearPass Policy Manager when an integration guide is available. For more technical information on IEEE 802.1AE MACsec on AXIS OS, you can refer to the AXIS OS Knowledge Base.

Álvaro León Pérez Sepúlveda
Author: Álvaro León Pérez Sepúlveda
Editor - Latin Press, Inc.
Comunicador Social Periodista egresado de la Universidad de Antioquia, con más de 14 años de experiencia en medios periodísticos y proyectos de comunicación digital. [email protected]

No thoughts on “Axis Implements MACsec Standard in Zero Trust Network Solutions”

• If you're already registered, please log in first. Your email will not be published.

Leave your comment

In reply to Some User
Suscribase Gratis

Webinar: NxWitness el VMS rápido fácil y ultra ligero

Webinar: Por qué elegir productos con certificaciones de calidad

Por: Eduardo Cortés Coronado, Representante Comercial - SECO-LARM USA INC La importancia de utilizar productos certificados por varias normas internacionales como UL , Ul294, CE , Rosh , Noms, hacen a tus instalciones mas seguras y confiables además de ser un herramienta más de venta que garantice nuestro trabajo, conociendo qué es lo que certifica cada norma para así dormir tranquilos sabiendo que van a durar muchos años con muy bajo mantenimiento.

Webinar: Anviz ONE - Solución integral para pymes

Por: Rogelio Stelzer, Gerente comercial LATAM - Anviz Presentación de la nueva plataforma Anviz ONE, en donde se integran todas nuestras soluciones de control de acceso y asistencia, video seguridad, cerraduras inteligentes y otros sensores. En Anviz ONE el usuario podrá personalizar las opciones según su necesidad, de forma sencilla y desde cualquier sitio que tenga internet.

Webinar: Aplicaciones del IoT y digitalización en la industria logística

Se presentarán los siguientes temas: • Aplicaciones del IoT y digitalización en la industria logística. • Claves para decidir el socio en telecomunicaciones. • La última milla. • Nuevas estrategias de logística y seguimiento de activos sostenibles

Sesión 5: Milestone, Plataforma Abierta que Potencializa sus Instalaciones Manteniéndolas Protegidas

Genaro Sanchez, Channel Business Manager - MILESTONE
Load more...

Latest Newsletter