What is the Axon Dock?

The Axon Dock provides for the intuitive uploading of data from Axon cameras to Evidence.com, recharging of Axon camera batteries, and acts as a mechanism to ensure Axon cameras receive and operate the most updated firmware.

Axon Dock Security Safeguards

The Axon Dock protects the confidentiality and integrity of Axon camera data files and an agency's associated Axon cameras through the following safeguards:

SECURE DESIGN

• The Axon Dock leverages strong, FIPS 140-2 validated cryptography provided by Evidence.com and the Axon Cryptographic Module (cert #2878), to securely transfer Axon camera data to Evidence.com
• The Axon Dock is a hardened appliance that is developed and maintained by Axon
• The Axon Dock configuration administration can be secured forcing HTTPS-only connections originating from private agencies networks

LIMITED FUNCTIONALITY

• The Axon Dock does not directly provide functionality to view, modify or delete video data stored on Axon cameras
• Once installed, users simply place their Axon camera in the Axon Dock - there is no additional requirement to log in or further interface with the Axon Dock
• The Axon Dock requires Evidence.com administrator credentials for the initial pairing/authentication of a dock to an Evidence.com agency

PART OF THE AXON NETWORK

• The Axon Dock is included in Axon's commitment to exceed security expectations of our customers
• Security upgrades and product enhancements are automatically deployed
• The Axon Dock regularly undergoes security and penetration testing evaluations to ensure ongoing defense against sophisticated attackers

How Does the Axon Dock Work?

REGISTERING THE AXON DOCK TO AN AGENCY

Axon Dock requires outbound internet access to enable connectivity between the Axon Dock and Evidence.com. An Evidence.com agency administrator must register the Axon Dock, via the Dock's configuration portal, using their Evidence.com credentials. The Axon Dock will then be paired with that agency. This process is described in more detail in the Axon Help Center.

OFFICER INTERACTIONS WITH THE AXON DOCK

After installation and pairing of the Axon Dock to an Evidence.com agency, subsequent officer interactions are only physical, meaning officers do not need to login to the Axon Dock or interact via technology with the Axon Dock. Officers simply place their assigned Axon camera in an Axon Dock and interpret camera offload, charging, and system status via the LED on the Axon camera. Data from Axon cameras become associated with officers based upon previous registration and association of the Axon camera to a unique officer.

ADMINISTRATOR INTERACTIONS WITH THE AXON DOCK

Administrative communications between an agency administrator and the Axon Dock can be conducted over an encrypted session. A unique user name and password is required to connect to the Dock's configuration portal. Functionality includes:

• System Status and Health
• Dock Administration and Configuration

Axon Dock Technical Security Details

NETWORK CONNECTIVITY

Only outbound internet connectivity over TCP port 443 (HTTPS), TCP port 80 (HTTP), and UDP port 53 (DNS) is required for the Axon Dock to function. Agency network security functionality should be configured to ensure only outbound initiated connections are permitted.

The Axon Dock will initiate TLS 1.2 secured communications with Evidence.com using FIPS 140-2 validated cryptography. Specifically, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 is negotiated between the Axon Dock and Evidence.com to ensure the confidentiality and integrity of data in transfer to Evidence.com. The Axon Cryptographic Module (cert #2878) is used to provide for the secure communications between the Axon Dock and Evidence.com over the internet.

SECURE DEVELOPMENT

The Axon Dock is part of the Axon network and as such, the Axon Dock regularly undergoes security and penetration testing evaluations to ensure an ongoing defense against sophisticated attackers. All identified vulnerabilities are evaluated by the Axon Information Security team, assigned risk and remediation time frames, and tracked through remediation.

UPDATES

Firmware updates and enhancements to Axon cameras and the Axon Dock are deployed by Axon. Customer interaction is not required. Updates are retrieved, installed, and validated during the normal device charging and data transfer process. Firmware updates to both Axon cameras and the Axon Dock are systematically rolled out to customers in waves.

PHYSICAL PORTS

• WAN Ethernet Port: Interface for ongoing, operational Axon Dock connectivity to Evidence.com
• LAN Ethernet Port: Interface for initial Axon Dock configuration and troubleshooting
• USB B-Female: Currently disabled by firmware
• Power Port: Only for use with an Axon authorized and provided power adapter
• Bridge adaptors (USB B-Female & Power Port): Used to extend Axon Dock core with up to five individual bays or one 6-bay.

Axon Dock Agency Requirements

LIMIT NETWORK CONNECTIVITY TO THE AXON DOCK

The Axon Dock is a network connected device and should be installed only on networks trusted by the agency in accordance with agency policy. DO NOT expose the Axon Dock directly on the Internet. The Axon Dock must be connected behind a firewall or secure network to prevent unauthorized connections being initiated from the Internet or from clients not trusted by the agency.

The Axon Dock requires only the following connectivity outside of its trusted network:

• Outbound TCP Port 443 to *.evidence.com
• Outbound TCP Port 80 to *.evidence.com (for fallback time synchronization)
• Outbound UDP Port 53 to agency DNS servers

Note: Axon recommends whitelisting based on fully qualified domain names (FQDN). If your agency whitelists based on IPs, please reference or contact support within the Axon Help Center for the public IPs of Evidence.com in your region.

CHANGE DEFAULT ACCOUNTS

The Axon Dock is shipped from Axon with a default user name and password provided in the included installation guide. Both the user name and password must be immediately changed upon initial login.

PROVIDE PHYSICAL PROTECTIONS

Maintain the Axon Dock in a physically secure location. Where possible, avoid installing the Axon Dock in publicly accessible areas or anywhere it may be extremely hot, cold, humid, or where the Axon Dock may become wet. Additionally, keep Axon cameras and the Axon Dock away from strong magnets or magnetic fields.

Axon offers assistance to customers regarding the installation of the Axon Dock. For assistance, go to the Axon Help Center.