Safeguard Against Cyber Attacks with a Secure Product Development Program
Illustra Essentials, Flex and Pro IP cameras have been designed to protect against cyber-threats. This resilient solution has a security overview page so that administrators can quickly determine if the proper levels of protection are applied. Safeguard controls include an enhance security mode which forces the use of complex, non-default passwords and encrypted communications. Illustra Flex and Pro IP cameras adheres to the rigorous standards of the Johnson Controls Product Security Program. The holistic approach to cyber protection is aimed at providing peace of mind to our customers. This security mindset begins at initial design concept and is supported through deployment, including a rapid incident response to meet the comprehensive and evolving cybersecurity environments.
Secure Boot – Select Illustra cameras utilize a secure boot protection mechanism that prevents non-genuine or altered firmware from being loaded and executed by the camera. As a result, attempts to load malicious code on the camera via unofficial firmware can be thwarted.
Enhanced Security Mode – By enabling the Enhanced Security Mode, all users are forced to change default usernames and change passwords to credentials with an enhanced level of complexity. Enhanced Security Mode also defaults to the minimum configuration of communication methods and discovery methods, such as allowing only HTTPS and disabling discovery methods.
Encrypted Communications – Illustra cameras only support encrypted communications using TLSv1.2 and cipher suites with a 256 bit minimum length.
Security Overview Page – Illustra cameras include a security overview page which allows for convenient viewing of the status of security relevant items. The user has the ability to see what protocols are enabled, what ports are being utilized, if a firewall is enabled, if 802.1X is enabled and other relevant items.
RTSP Authentication – Illustra cameras have authentication on the Real Time Streaming Protocol (RTSP) video stream, and if requested, this authentication can be sent in a more secure manner.
IEEE 802.1X – Illustra cameras supports 802.1X as a supplicant (client device). The 802.1X support allows the camera to be authenticated prior to gaining network access.
Auditability – Illustra cameras have internal logs which may be remotely viewed. Logs may be downloaded through File Transfer Protocol (FTP) or Simple Mail Transport Protocol (SMTP). This enables an analyst or auditor to review the information to see if malicious activity has taken place and by whom.
User Roles – Users may be assigned to roles to restrict their access to a subset of functions needed for their task. Assignable roles on the camera include admin, operator, and user.
Local Video Storage – If the camera is installed with an SD card, the camera will continue to record video locally in case of network loss. When the connection is restored, the recorded data is then transferred to the network video recorder reducing video loss during network outage.