About Axis network and camera configuration

The properties and options that configure Axis camera-to-station communication provide flexibility and support for legacy cameras that lack a secure video stream as well as newer cameras that support TLS secure communication.

Axis networks

You can have two Axis networks: one to manage legacy cameras that do not support secure communication, and a second network to manage newer cameras that support secure communication. A single network cannot support both configurations.

Two properties play important roles in configuring these networks.

Figure 25. Station with two Axis networks

Camera(s) that support secure communication
Legacy camera(s) without secure communication

The Use Tls property on the Axis network tab (property sheet) enables and disables TLS security. The Tcp Ip Port must be unique for each network.

Axis camera communication channels

The camera properties configure the protocol, Web Port and CODEC used to communicate with the station. Three channels of communication connect to each video camera. Ideally, each should be secure.

Figure 26. Communication channels to and from a camera

Station—this channel delivers configuration properties and presets to the camera. These control how the camera operates.
Web UI—this channel receives the video stream from the camera and displays it in a browser.
Niagara Enterprise Security ( Workbench)—this channel receives the video stream from the camera and displays it in a Surveillance Viewer.
Configuration data
Video stream
Video stream sent to Workbench

Newer cameras support TLS certificates for authenticating the camera as the server of video content and encrypting the video stream. Two protocols (one or the other) manage the video stream: HTTP or HTTPS (secure communication), and the more common RTSP (Real Time Streaming Protocol). Http and RTSP are not secure. The camera property that configures the protocol is Use Rtsp Stream (true = RTSP, false = Http or Https).

Communication security

The network property: Use Tls, and the camera property Use Rtsp Stream work together to configure secure channels when connected using a browser.

Properties		Channel protocols				Comments
If Use Tls is ...	If Use Rtsp Stream is ...	The configuration data channel uses ...	HTML5 video streaming uses ...	The video stream to the Web Launcher / Java applet (for Maxpro streaming) uses ...	The video stream to Workbench uses ...	Comments
false	false	Http	Http	Http	Http	None of the channels are secure. The camera’s `Web Port` must be changed to 80. Its CODEC can remain at the default (MPEG, that is Ffmpeg_CODEC_ID_MPEG4).
false	true	Http	Http	RTSP	RTSP
true	true	Https	Https	RTSP	RTSP	Configuration data are secure but the video stream is not secure. The camera’s `Web Port` can remain at the default: 443. Its CODEC should be changed to H264 (Ffmpeg_CODEC_ID_H264).
true	false	Https	Https	Https	Https	Configuration data are secure but the video stream is not secure unless you accept and approve the camera’s self-signed certificate or install a server certificate in the camera that was signed by a root CA certificate in the browser’s trust store. The Workbench video stream is secure. The camera’s `Web Port` can remain at the default: 443. Its CODEC should be changed to MPEG4 (Ffmpeg_CODEC_ID_MPEG4).

A CODEC is a coder/decoder. The term refers to the method the camera uses to transmit a video stream.

More information about configuring Axis cameras for secure video streaming is available in the Niagara Video Framework Guide.