AXIS OS 12: Major Security Overhaul for Network Cameras

Axis Communications announces the release of AXIS OS 12, a significant firmware update focused on strengthening cybersecurity for its network cameras and devices. This update includes mandatory HTTPS, removal of outdated TLS protocols, and upgraded cryptography, making it a crucial upgrade for maintaining robust network security. However, these changes will require users to update configurations and ensure compatibility with third-party software.

Let's delve into the specific enhancements and modifications that AXIS OS 12 brings to the table.

Key Changes and Insights

1. Mandatory HTTPS and Security Enhancements

AXIS OS 12 requires all communications to be encrypted via HTTPS, eliminating HTTP Port 80 redirects. This change ensures that data is protected from interception right from the start, significantly reducing the risk of unauthorized access. This is an enhancement as a crucial step in mitigating a common vulnerability in network security.

2. Removal of TLS 1.0/1.1

By discontinuing support for the outdated TLS 1.0 and 1.1 protocols, AXIS OS 12 addresses known security vulnerabilities associated with these versions. Upgrading to TLS 1.2 and later versions enhances encryption strength, protecting against sophisticated attacks. This aligns with industry best practices and compliance requirements, ensuring secure and reliable network communications.

3. Updated Cryptography

The removal of support for OpenSSL 1.1.1 in favor of newer versions improves the security framework of AXIS devices. This update ensures that devices are protected by the latest cryptographic standards, enhancing overall system integrity.

4. IPv4 Address Changes

Previously, the default IP address configuration of AXIS devices could lead to conflicts and network disruptions. By eliminating default IP addresses and relying on DHCP or static configurations with proper fallback mechanisms, AXIS OS 12 enhances network reliability and compliance with RFC standards.

·  Improved Network Management: Simplifies network management and reduces the risk of IP address conflicts.

·  Enhanced Reliability: Ensures consistent and reliable network operations, especially in large-scale deployments.

5. Enhanced Security Protocols

Disabling UPnP and WS-Discovery protocols by default reduces potential attack surfaces while still allowing users the flexibility to enable these features if needed. This approach balances security and functionality, giving users greater control over their network configurations.

6. Edge Storage Enhancements

Removing support for outdated SMB versions and the vFAT file system promotes the use of more secure and efficient storage protocols. This update ensures that network storage connections are protected against vulnerabilities, maintaining the integrity of stored data.

Timeline

AXIS OS 11 to Long-Term Support (LTS): Transitioning in September 2024, meaning it will receive security updates but no new features.

AXIS OS 12 Launch: Expected shortly after the LTS transition, in Q4 2024, as the new active track with ongoing feature development.

Impact on Users

These changes will affect all users, requiring configuration updates and ensuring compatibility with third-party software. It's essential for users to review the detailed list of changes and prepare their systems accordingly.

·  Configuration Updates: Configure devices for HTTPS and update third-party integrations.

·  Compatibility Checks: Ensure all third-party software is compatible with the new protocols and standards.

Benefits

Enhanced Cybersecurity

·  Stronger encryption

·  Removal of vulnerabilities

·  Disabled insecure protocols

Improved Functionality

·  Adoption of modern protocols

·  Streamlined operations

·  Enhanced storage management

Industry Compliance

·  Alignment with best practices

·  Latest security standards

Next Steps

Review Documentation: Access the official Axis website for detailed information.

By staying informed and proactive, you can ensure a seamless upgrade and continued protection of your security systems with AXIS OS 12.