Axis Products With AXIS OS 11 Now Support IEEE 802.1AE MACsec

Axis Communications announces the support for the IEEE 802.1AE MACsec security standard in the latest release of the Axis operating system, AXIS OS 11.8, for more than 200 network devices, including cameras, intercoms, and audio speakers. The development enables such devices to automatically encrypt data at a foundational level to enhance zero-trust networking. Axis becomes the first manufacturer of physical security products to support MACsec (Media Access Control Security), underscoring the company’s ongoing commitment to both device and data security.

With AXIS OS 11.8, MACsec is enabled by default (through EAP-TLS/Dynamic CAK mode). Data is encrypted at the Ethernet Layer 2 (data link) network level, safeguarding the integrity of data being transferred between Axis devices and MACsec-enabled Ethernet switches. Because it operates at layer 2, MACsec can encrypt and protect data that could not previously be encrypted such as NTP, DHCP for general device operation, and RTP/RTSP for video streaming. Even if a user is already implementing HTTPS or a different form of encryption at another layer, adding MACsec at layer 2 effectively double encrypts the data, ensuring that an attacker would need to intercept and decrypt both layers in order to see or steal critical information. This makes the attacker’s job considerably more difficult, significantly increasing protection against attacks including denial of service, intrusion, man-in-the-middle data insertion and eavesdropping.

“Customers benefit from security features that are enabled by default and that do not require any pre-configuration,” says Andre Bastert, Global Product Manager of AXIS OS. “They lower installation complexity, and thereby, literally save time and money. These security features are great examples of zero-trust security that do not require more time from customers. With the increase in the convergence of OT (operational technology) and IT (information technology), these standard security mechanisms are what IT professionals expect of smart IoT products, and we are meeting their needs as part of Axis’ long-term strategy to enable secure, zero-touch integration of Axis network products into zero-trust networks.”

The adoption of IEEE 802.1AE MACsec builds on Axis’ implementation of the IEEE 802.1AR Secure Device Identity (DevID) standard, together with IEEE 802.1X EAP-TLS network access control. Default support for the three IEEE standards on Axis devices enables automated device onboarding, authentication, and end-to-end encryption, providing IT professionals with standard mechanisms to efficiently and securely integrate Axis devices into a corporate network.

MACsec allows for an exchange and verification of encryption keys between a MACsec-enabled device and switch. Data within each Ethernet frame is then encrypted and decrypted in real time using AES-GCM 128-bit, enabling fast and secure transfer of data. AXIS OS 11.8 supports the two standard IEEE 802.1AE security modes: dynamic CAK (EAP-TLS), which is automatic and enabled by default, and static CAK (pre-shared key) for manual configuration.

Featured

  • ASIS International and SIA Release “Complexities in the Global Security Market: 2024 Through 2026”

    ASIS International and the Security Industry Association (SIA) – the leading security associations for the security industry – have released ”Complexities in the Global Security Market: 2024 Through 2026”, a new research report that provides insights into the equipment, technologies, and employment of the global security industry, including regional market breakouts. SIA and ASIS partnered with global analytics and advisory firm Omdia to complete the research. Read Now

  • President Biden Issues Executive Order to Bolster U.S Port Cybersecurity

    On Wednesday, President Biden issued an Executive Order to bolster the security of the nation’s ports, alongside a series of additional actions that will strengthen maritime cybersecurity and more Read Now

  • Report: 15 Percent of All Emails Sent in 2023 Were Malicious

    VIPRE Security Group recently released its report titled “Email Security in 2024: An Expert Look at Email-Based Threats”. The 2024 predictions for email security in this report are based on an analysis of over 7 billion emails processed by VIPRE worldwide during 2023. This equates to almost one email for everyone on the planet. Of those, roughly 1 billion (or 15%) were malicious. Read Now

  • ASIS Announces ANSI-Approved Cannabis Security Standard

    ASIS International, a leading authority in security standards and guidelines, proudly announces the release of a pioneering American National Standards Institute (ANSI)-approved standard dedicated to cannabis security. This best-in-class standard, meticulously developed by industry experts, sets a new benchmark by providing comprehensive requirements and guidance for the design, implementation, monitoring, evaluation, and maintenance of a cannabis security program. Read Now

Featured Cybersecurity

Whitepapers

New Products

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3

  • Hanwha QNO-7012R

    Hanwha QNO-7012R

    The Q Series cameras are equipped with an Open Platform chipset for easy and seamless integration with third-party systems and solutions, and analog video output (CVBS) support for easy camera positioning during installation. A suite of on-board intelligent video analytics covers tampering, directional/virtual line detection, defocus detection, enter/exit, and motion detection. 3

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction. 3