Axis Criticizes OEMs: "When You Buy An Axis Camera, An Axis Camera Is What You Get!"

By Brian Karas, Published May 19, 2017, 02:00pm EDT

When you buy a Honeywell camera, you likely get a Hikvision, Dahua or some other company's product.

The same goes for easily 100 different 'manufacturers' as we covered in our Dahua OEM directory and Hikvision OEM directory.

Axis is taking aim at this in their cybersecurity training program. Axis highlights the usual weaknesses of default passwords and out of date software, but goes on to describe OEM/ODM products as risky choices for customers concerned about cyber security.

Axis describes their development/manufacturing approach as one where the customer receives a genuine product, implying that products sold under other well-known brands (e.g., Honeywell) may not actually be the engineering effort of those companies:

In this report we analyze Axis' claims of OEM risk.

Axis *** ******** **** ******

** **** ** *********** ******** ******* ************* module(****: ************ ********), **** highlights ********* ***** **** OEM/ODM *******, ***** *** manufacturer ******* *** ******* under ***** *** ***** may **** ******* ******* to ******* ** ******** flaws:

**** **** ** ****, for *******, ***** ******** such ******************(*** ****** ******) ***** out ***** ****** ******** ************* *** revealed. ***** *********, *** many ******, ***** ********** dependent ** ***** ** update ******** *** ***** products, ******* **** ****** to ******* ******** ******** for ******* ******** *******.

In ***** *********** ********

**** **** ** ** promote *** ******** ** in-house ***********, ****** **** control **** ******* *********** and ******* ** ******* to ******** ******:

***** ** ** ***** benefits ** **-***** ***********, not *** ***** ***** that * ******* **** develops *** *** ******** tends ** **********, ** great *****, *** ** was ********. ** ********, many **** **** ****** to ******* ***** *** software ** '*****' *******, beyond ******** ** ****** the *** *** **** / ******* ** *** OEMs.

No *** ******

*** ********, ******* ********* internally ** *****, *** have ***************. ******, ********* and *****, *** '*******' their *** ******** **** had ******* ***************, ********* backdoors. **** *** *** had ***************, ****** **** harder ** *******, *.*.,*** **** **** ******** vulnerability*** *** **** ************* ****** ** **** vulnerabilities.

Dahua / ********* ******** ****

***** *** ********* ****** products ** * *********** number ** ******/************, ********* several ***** ******** ***** (FLIR, *********, **********, *********, among ******)

***** ****:

********* ****:

** **** *****, **** of ***** ****** **** have ***** ************** ** portions ** *** ******* UI ** ********/************. **** can **** ** ********** taxing *** *****/********* **** they **** * ************* requiring * ******** *****/******, as ** *** ****** in ******** ******** ****** needing ** ** ******* and ******** ** ***** manufacturers/distributors.

Many ***** ******* ****

***** ***** *** ********* combined ** *** **** volume ** ******, ***** are ****** ** ***** manufacturers *** *** ** Western *********, **** ******* code *** ******** ****** effort ******* ***** ********. For *******, ****** ******* ******* ************ ***'* vulnerability***** ** ********** ***** not *** *** *** been **** ** **** of * *** ****** attack.

Benefit *** *** - ***** ****

**** *** *** ***** costs **** ***** ***** suppliers **** **** **** charges. *** *******, ******* 'manufacturers' *** *** $** or **** *** ***** level *** *******, *** less **** ******** ********* from ****.

**********, ******* **** **** (or ***** ************* ******** their *** ******** **** as ********, *****, ****, etc.) **** ** ** more ********* *** ********** specifications. ****** ********-********* ************* can ***** ** ********* that *** ***** ******* is **********, ***** ******* budget-conscious ********* *** ****** security ******** *** * product **** *** ***** a **% ******** *******, particularly ** ** ** from * ********** ***** OEMing (***, ****, *********, etc.).

OEM/ODM **** *** ********* ****

****** ******* * ******* is ***'* **** *** mean ** ** ********** insecure, ******* *************** **** exist ** *** "********" product *** ****** ** be ****** **** ** any *** ******** *** it **** ********* ** more ********* *** **** consuming ** *** *****.

Assessing ************* ****

************* ***** *** ********** a ****** ** * given *****'* ********** ** the *****, *** **** a ****** ** *** manufactured *** *******. ********* is *** **** ********** of ** "*****-*********" *******, yet *** *** ** the ***** ************* ***** records. **********, ********* **** Dynacolor **** ********** ** nothing *** ***/*** ********, have ** *** ******* to ******* ******** **** are ********** **** ** reported ***************. **** ***** be *** ** ***** products ***** **** ******** than *********, ****** *********** practices, ** * *********** of ****.

** **** ** ***** training ******, **** ******** a **** ** ********* to *** ********* *********:

** *******, ***** *** good *********, *** *** full *** ** ********* should ** ***** ** any ********* ************/*****, ********** of ******* ******.

Assume ********** ***** ****** *********

** ************ ** ***** ************ Cybersecurity *************** *** *************, *************** **** **** found ** ******* *****/********* brands, ********* ****. ***** should *** ****** ***** concerns ****** ******* *************** based ****** ** *** manufacturing ******** ****.

*******, ** ** ***** that ***** ********, *********, increase *** **** ** vulnerabilities *** ******** ** responding ** ****.

Comments (52)

Avatar

Tony Darland

IPVMU Certified | 05/19/17 03:02pm

"As part of their training module, Axis provides a list of questions to ask potential suppliers:"

Is it just assumed a suppler will answer these questions honestly? In lieu of outright lying, it seems they would at the very least be vague if answering in the negative if they felt it would jeopardize a deal.   

Avatar

Brian Karas

IPVM | In reply to Tony Darland | 05/19/17 03:09pm

Tony, that is a good question.

In some cases, like asking about backdoors, it may be hard to dispute a given answer, however it would still be helpful to ask (and document the response) in case of any future vulnerabilities. How you deal with a manufacturer that gave you incorrect data would vary depending on the situation, but I think you would be better off than never having asked.

Other items, like penetration test results should be shareable and reproducible.

 

John Honovich

IPVM | In reply to Tony Darland | 05/19/17 03:13pm

Is it just assumed a supplier will answer these questions honestly? In lieu of outright lying

If you want something more factual / verifiable, ask: Has there been any DHS ICS-CERT advisories on your company's products?

Undisclosed Integrator #1

05/19/17 04:15pm

The problem with OEM as an integrator is that it's hard to know if the same vulnerabilities affect the OEM as the name brand manufacturers. As an example, Hikvision has changed and updated their login/password procedures over the past couple of years but not all OEMs have followed this path which means there could be authentication differences yet it's very hard to know where the changes take place and if particular OEMs are actually affected by vulnerabilities found. 

In both the Dahua and Hikvision recent security issues, I'm seeing OEMs that don't even know about the issue and have yet to receive or release new firmware let alone let their customers know about it. 

It makes it hard to pick suppliers because, on one hand, the OEMs we work with tend to be very responsive and extremely helpful compared to working with Dahua or Hikvision directly. Yet when problems like security issues arise, OEMs can fall short in handling it in a short time if at all.

 

John Honovich

IPVM | In reply to Undisclosed Integrator #1 | 05/19/17 07:41pm

Hikvision has changed and updated their login/password procedures over the past couple of years but not all OEMs have followed this path

Good example. Related: ADI Finally Fixes Hikvision OEM'd Security Risk

Undisclosed Integrator #2

05/20/17 05:15am

If you buy axis you are buying axis that is unless you buy canon which is axis but not axis... well it's kinda axis but also....

 

;)

Avatar

Sean Nelson

Nelly's Security
05/20/17 05:35am

The issue with Axis is they offer no great benefit over the major chinese manufactured cameras to justify the costs.

Nothing against Axis, they are just overpriced and they are obviously feeling the pressure to respond to the asian manufacturers via their training module as well as their recently poor attempt to offer low cost cameras to compete with these manufacturers. They still do well with project based jobs but losing ground with the everyday integrator.

Michael Miller

In reply to Sean Nelson | 05/20/17 12:44pm

Have you ever completed any large projects with Axis cameras?

Undisclosed #3

IPVMU Certified | In reply to Michael Miller | 05/20/17 02:16pm

Here we go ;)

Avatar

Jon Dillabaugh

Pro Focus LLC
In reply to Sean Nelson | 05/20/17 03:01pm

This isn't entirely accurate. Axis has software the just works, vs some of the software available from Dahua and Hikvision that either doesn't always work, or is very difficult at best. 

One example is that ability to quickly administer firmware updates. Axis Camera Management is a really good tool. Dahua and Hikvision have utilities to update firmware too, but not as easily. 

If you really want to go a step further, Avigilon makes it even easier. It's automatic. 

Some of these don't matter when you are managing under 16 cameras and they all the same model. But when you manage hundreds of units of varying models, tools like this are essential. 

Avatar

Paul Curran

In reply to Jon Dillabaugh | 05/20/17 03:26pm

Agreed:)

Nicolas Heyman

In reply to Jon Dillabaugh | 05/21/17 03:47am

I'd also add, there is no way to patch the firmware of an OEM / ODM's hikvision or dahau, with out going through the OEM. I have more faith in hikvision being able to patch their cameras directly than 95% of their OEMs.

Avatar

Jon Dillabaugh

Pro Focus LLC
In reply to Nicolas Heyman | 05/21/17 04:09am

That's not 100% correct either. You can flash Dahua with DH or General firmware on any device. It doesn't matter who the OEM is either. You can flash DH firmware on a Flir if you want to. 

John Honovich

IPVM | In reply to Jon Dillabaugh | 05/21/17 10:28am

You can flash DH firmware on a Flir if you want to.

Have you verified that specifically?

Avatar

Jon Dillabaugh

Pro Focus LLC
In reply to John Honovich | 05/21/17 11:11am

Yes, Speco too. Probably other brands too, but can't think of them at the moment. I've flashed various non-branded OEM (General) with DH firmware too. The one and only thing you have to be careful with is NTSC vs PAL on anything analog. IP doesn't seem to make a difference, maybe unless you are using the analog output on an IP device. 

Undisclosed #5

In reply to Sean Nelson | 05/20/17 11:58pm

the everyday integrator.

What is the everyday integrator?

Undisclosed Integrator #6

In reply to Sean Nelson | 05/21/17 12:59am
"The issue with Axis is they offer no great benefit over the major chinese manufactured cameras to justify the costs." This is only true if you are selling just a 'security camera'. If you expect hardware support, continuing security patches, software and feature improvements, bug fixes and testing with third party software then there are huge differences.

Undisclosed #8

In reply to Sean Nelson | 05/23/17 01:55am

Comments like this should be grounds for expulsion from IPVM.

 

Opinions are one thing. Outright and blatant stupidity is another.

Avatar

Jon Dillabaugh

Pro Focus LLC
In reply to Undisclosed #8 | 05/23/17 01:57am

That's an easy shot, coming from someone hiding behind an undisclosed tag.

Avatar

Sean Nelson

Nelly's Security
In reply to Undisclosed #8 | 05/23/17 03:02am

You mad bro?

Undisclosed #8

In reply to Sean Nelson | 05/23/17 03:39am

Not at all. Your posts are frequently great for a laugh.

Mostly, I'm thankful that you use your real name, company name, and photo so that I know exactly who to never consider doing business with in the future!

Avatar

Sean Nelson

Nelly's Security
In reply to Undisclosed #8 | 05/23/17 01:01pm

What a shame. Hate to miss out on doing business with what seems to be a pleasurable gentlemen or lady or whatever you are. I think i will just let axis have that pleasure.

Undisclosed #3

IPVMU Certified | In reply to Undisclosed #8 | 05/23/17 05:40am

Comments like this should be grounds for expulsion from IPVM.

Yes but you'll do better in the future, I'm sure...

John Honovich

IPVM | In reply to Undisclosed #8 | 05/23/17 10:43am

Outright and blatant stupidity is another.

That's out of line and unfair. Feel free to disagree but calling someone stupid is ad hominem and unprofessional.

Avatar

Ross Vander Klok

IPVMU Certified | In reply to Undisclosed #8 | 05/23/17 12:18pm

What comment are you referring to?  Did it get yanked?  

Avatar

Tony Darland

IPVMU Certified | In reply to Ross Vander Klok | 05/23/17 03:31pm

I was wondering the same thing. What comment? I'm so confused.

Avatar

Ross Vander Klok

IPVMU Certified | In reply to Tony Darland | 05/23/17 03:42pm

Apparently it was the original comment "The issue with Axis is they offer no great benefit over the major chinese manufactured cameras to justify the costs." that is grounds for expulsion.  Someone is a bit too thin skinned apparently.  

I was looking for something about someones mom or their ethnic heritage, but it was seriously just that comment.....

Undisclosed Integrator #11

In reply to Ross Vander Klok | 05/23/17 03:33pm

 

Undisclosed Integrator #4

05/20/17 04:29pm

Axis should consider bringing on more companies to relable their products. Axis support for smaller integrators is terrible, this is why their product never took off for us. I called several times and could never get anyone to come out and train us because we were new to IP video and they didn't take us seriously. In the last 5 years we've now sold thousands of IP cameras. It was a loss for Axis. On the other hand we've worked with people who relable other cameras, because they're smaller I've found they paid more attention to us and provided the support we needed in the beginning to get moving. I am of the opinion of Axis sold their products through a few reputable firms who relabled them and provided their own support they could reach some integrators they would not normally reach. I could be totally wrong but that's my 2 cents. 

Michael Miller

In reply to Undisclosed Integrator #4 | 05/20/17 04:38pm

Axis offers training all over the world.  Did you sign up and attend any of the training events? 

Undisclosed Integrator #4

In reply to Michael Miller | 05/21/17 10:46pm

I'm not going to drive two hours and spend a day in training to learn about their product line. I've had dozens of camera manufacturers and VMS providers come to our office and spend an hour with us. At the time we were not looking for a full training just someone to quickly go over the product line and help us understand how project registration worked and a few other things, including their own VMS. Basically I wanted someone at Axis to sell me Axis. When I started looking at product lines I had never heard of Axis before. 

Avatar

Kyle Folger

IPVMU Certified | In reply to Undisclosed Integrator #4 | 05/23/17 02:31pm

I would have to disagree with the lack of support for the smaller integrator. I had an issue with two Axis camera shortly after a firmware upgrade. They randomly froze. I logged into my Axis account, followed the instructions, and got a reply shortly after. They sent a different version of the firmware and briefly explained the issue. I generally never need support from most manufacturers. It's really only when things go wrong or products fail do you really need support and that's when you discover how good or bad a manufacturer's support is. I found that Axis was responsive and better than some of the others I've experienced.

The only time I might need camera support is if there is a new product or a unique product offered that may need some assistance to see if it would work for a particular scenario.

As far as training goes, I prefer web training when available.

Avatar

Tony Darland

IPVMU Certified | In reply to Kyle Folger | 05/23/17 03:34pm

I've never had a bad experience with Axis Support. Come to think of it, I've not had many experiences with Axis Support in general in 15 years. I guess that says something.  

Undisclosed Integrator #4

In reply to Kyle Folger | 05/23/17 05:34pm

Maybe I'm alone in the fact that I want a relationship with the company I am doing business with. We hardly call tech support for any of the dozens of manufacturers we offer.

I'm not saying Axis doesn't have good tech support (I've never needed it), only that they might benefit from using companies who will relabel their products and provide some sales people on the ground to push it locally.

With the exception of Ubiquiti, I refuse to offer a product without first meeting with someone first. Even if it's a web meeting. I want to talk to someone. Currently, Axis doesn't have much of a local sales force, and I would venture to guess they're losing a lot of deals to companies who do.  I have personally sold thousands of IP Cameras now, less than 50 of those were Axis. Had Axis or a company who relabeled Axis showed up; maybe they would have gotten that business.

I realize the focus of the article is Axis is saying they don't relabel other cameras. My point and I should have been more clear is that Axis MIGHT consider allowing other companies to relabel their product IF they're not going to strengthen their local sales force. As great as they are if new integrators don't know about their product they're not going to sell it. 

John Honovich

IPVM | In reply to Undisclosed Integrator #4 | 05/23/17 08:45pm

I refuse to offer a product without first meeting with someone first. Even if it's a web meeting. I want to talk to someone.

I believe that's an important and widely held position amongst integrators. It is also one of the things that Hikvision has done right. They have hired a lot of sales people and made them accessible to mid size and smaller integrators, an underserved market.

Axis, at least it appears to me, is more focused on larger integrators and pulling in larger end users.

Avatar

Ross Vander Klok

IPVMU Certified | In reply to Undisclosed Integrator #4 | 05/24/17 11:35am

Not sure where you are located, but I know we have 2 AXIS guys in Michigan that are  easy to get in touch with.  I would think it is like that all over?  Have you tried reaching out to them again?  I just find it hard to believe that if there was an opportunity to sell more cameras they would pass it up.   https://www.axis.com/us/en/partners 

Avatar

Dwayne Cooney

05/22/17 06:31pm

In the last few years we have standardized on Axis enterprise wide. I have over 1500 Axis cameras globally and our service rates have dropped dramatically when compared to other manufacturers. The engineering and build quality are above and beyond all other cameras I have tested. Of course ease of installation, compatibility and image quality are other factors where Axis has exceeded expectations.

Undisclosed #7

In reply to Dwayne Cooney | 05/22/17 09:13pm
Thank you for posting Dwayne. All too often we hear integrators (such as myself) fight it out on here regarding ease of install, cost, etc. It is nice to have a client perspective.
Avatar

Kyle Folger

IPVMU Certified | In reply to Undisclosed #7 | 05/23/17 02:38pm

Axis has been relatively easy to install and so has Avigilon. When speaking about camera installation specifically, Dahua and Hikvision have caught up with a lot of their accessories. I find the manufacturer back boxes and compatibility with standard electrical boxes to help in installation. Dahua has one issue that they seem to be slowly changing. Some of their conduit KO's are M20 and some of their newer boxes have 1/2". For that we use M20 to 1/2" adapters. Hikvision seems to use 3/4" on all of their products.

I find it more difficult when a manufacturer makes a great product and then doesn't have the hardware to make it easy to install in many scenarios.

Undisclosed Manufacturer #13

In reply to Dwayne Cooney | 05/23/17 07:59pm

Hi Dwayne, could you give us an idea against which other manufacturers you have tested Axis?

Avatar

Dwayne Cooney

In reply to Undisclosed Manufacturer #13 | 05/24/17 03:43pm

Undisclosed Distributer,

That would be three of the top "undisclosed manufacturers".

You know who they are but I wouldn't dare to begin listing them in this thread.

Dwayne

 

Undisclosed Manufacturer #9

05/23/17 07:16am

As far as I remember Axis also OEM some of their models from Taiwanese manufacturer, at least in the past, do they stop all the OEMs now or they just hide it better than others?

Undisclosed Integrator #6

In reply to Undisclosed Manufacturer #9 | 05/23/17 08:14am

post some supporting information please.

Undisclosed #7

In reply to Undisclosed Manufacturer #9 | 05/23/17 08:53pm

Axis used to OEM from a Japanese manufacturer - Canon.  I am not aware of any Taiwanese product though some of their product is certainly produced there.

Undisclosed Integrator #6

In reply to Undisclosed #7 | 05/24/17 09:54am

OEM FOR* a Japanese manufacturer you mean...

Undisclosed Manufacturer #14

In reply to Undisclosed #7 | 07/12/17 01:36pm

Doesn't Canon own Axis?

Undisclosed Manufacturer #9

05/23/17 09:02am

Hmm.. you can easily find supporting information if you can read Chinese, the manufacturer I am referring to is a listed company in Taiwan and you can easily find public information as long as you search Axis + the manufacturer's name in Chinese. Here is one link for your reference, maybe you can google translate.

https://statementdog.com/insight/posts/42-%E5%BD%A9%E5%AF%8C(5489)-%E9%9D%A2%E5%B0%8D%E4%B8%AD%E5%9C%8B%E7%AB%B6%E7%88%AD%E7%9A%84%E5%AE%89%E6%8E%A7%E8%A8%AD%E5%82%99%E4%BB%A3%E5%B7%A5%E5%BB%A0

Of course, maybe they stop it now so they made that claim in this article, or it's not cameras but NVR or joysticker or some other accessories they are OEM from the manufacturer, but personally I don't believe so....

Undisclosed Integrator #6

In reply to Undisclosed Manufacturer #9 | 05/23/17 09:16am

Dynacolor? That is only the test monitors and complimentary accessories - I'm not sure thats a fair comparison to companies above who do not engineer cameras and simply rebrand others.

 

AXIS used to be an OEM for other brands such as Canon but worked very hard to get out of that business once their own brand was sustainable.

Undisclosed Manufacturer #10

In reply to Undisclosed Manufacturer #9 | 05/23/17 03:10pm

Many accessories, such as lenses and joysticks are OEM or relabels (like many others in the industry).  But their core camera business I believe is what we should be referring to.  Of course, some of the core components of the camera are not manufactured by Axis, rather OEM/ODM, similar to how apple approaches their markets.  Axis does a good job of taking ownership and saying they are a true manufacturer, vs. using contract manufacturing.  

Maybe that is a point for a new discussion:  What security manufacturers have their own manufacturing facilities to make PCBs, assemble components, perform optical testing.  This is as opposed to a contract facility that may make cameras one day for Brand A, and then Mobile phones for Brand B the next day.   Is this a requirement to be a top tier manufacturer, or just the MO of the new world order?  Are there advantages/disadvantages to a company having their own manufacturing facility in terms of product price, quality, speed to market, etc....???

Undisclosed #12

05/23/17 07:31pm

I don't know Axis offer in depth, but someone told me last year that their cheapest cameras are manufactured in "Asia". Is that true? If true, is it like a OEM/ODM or just is that they have a factory there?

Thanks.

Undisclosed Integrator #6

In reply to Undisclosed #12 | 05/24/17 10:00am

Yes, they have manufacturing in several places - including China but these cameras are currently only for the chinese market. They also have some very specific products only for the Chinese market which you can't find on their english website. They have CLC's where the cameras are configured and tested in several locations throughout the world - but all cameras are axis products, axis designed and running axis software.

John Honovich

IPVM | In reply to Undisclosed Integrator #6 | 05/24/17 10:08am

Yes, they have manufacturing in several places

We covered this here - Axis: Minimal Made In China Products, Ending This Year (Except For In China Sales)

Read this IPVM report for free.

This article is part of IPVM's 6,728 reports, 907 tests and is only available to members. To get a one-time preview of our work, enter your work email to access the full article.

Already a member? Login here | Join now
Loading Related Reports