Axis achieves compatibility of the IEEE 802.1AE MACsec standard in its cameras

More than two hundred Axis Communications They support this standard to improve network security and integration with zero-trust network architectures, becoming the first physical security manufacturer to achieve this.

Compatibility with the security standard IEEE 802.1AE MACsec in the latest version of the Axis OS 11.8 It allows you to More than two hundred network devices, as cameras, Intercoms & Speakers, Automatically encrypt data in the second layer (Data Link) Ethernet for Strengthening Communication in Zero Trust Networks.

As a result,, Axis has become the First manufacturer of physical security products to incorporate MACsec (Media Access Control Security), which is on by default (via EAP-TLS/Dynamic CAK mode) on Axis OS 11.8 For Protect the integrity of transferred data between your Axis devices and Ethernet switches.

MACsec Protects Data Communications and Network Protocols at the Elementary Level, increasing protection against low-level attacks, as a denial of service, Intrusion, Data insertion through intermediary and interception.

The adoption of MACsec IEEE 802.1AE is in addition to Axis' implementation of the IEEE 802.1AR Secure Device Identity Standard (DevID), along with that of IEEE 802.1X EAP-TLS Network Access Control.

Out-of-the-box support for these three IEEE standards on Axis devices opens the door to automating new integrations, authentication and End-to-end encryption of devices.

"Customers have security features that are turned on by default and you don't have to configure anything," he says Andre Bastert, Global Product Manager, Axis OS-. Reduce installation complexity and, therefore, save time and money.".

These security features "are a great example of zero trust security that doesn't force customers to invest more time," he said. With an ever-increasing convergence of OT (Operational Technology) and IT (Information Technology), these standard security mechanisms are what IT professionals expect from intelligent IoT products, and from Axis we are responding to their needs".

MACsec allows you to exchange and verify encryption keys between a device and a switch with this standard. After, data in each Ethernet frame is encrypted and decrypted in real-time using AES-GCM 128 Bit, which opens the door to a Fast and secure data transfer.

Axis OS 11.8 supports two standard IEEE 802.1AE security modes: Dynamic CAK (EAP-TLS), which is automatic and on by default, And Static CAK (Pre-shared key) for manual configuration.

The onboarding An Axis device's secure security can be performed through IEEE 802.1X EAP-TLS PORT-BASED NETWORK ACCESS CONTROL, combined with the IEEE 802.1AR standard supported on the manufacturer's device.

IEEE 802.1AR is part of the cybersecurity platform Axis Edge Vault and enables automatic authentication on an IEEE 802.1X network. The company uploads the initial device identifiers (IDevID) Unique, compliant with this standard, on a hardware cryptographic computing module, Tamper-proof, embedded in IoT products at the time of manufacture.

Other articles on Axis