Submit a request
Returns Investigations Critical Event Assistance

Agency Configuration

See more

Controlling security settings

The Security Settings section allows administrators to: 1) control access to their agency's Axon Evidence account by limiting IP address and apply exceptions for Axon applications, 2) Configure password requirements for their agency, 3) Multi-Factor Authentication settings, and 4) Configure API access clients

IP Security

By enabling the IP Security, agency administrators can define who is allowed or not allowed to access their agency’s Evidence.com accounts based on the IP address. By default, when your Evidence.com agency is created, IP security is disabled and your agency’s sign-in page can be accessed from anywhere within your country.

If you enable IP security, you can authorize specific IP addresses and ranges of IP addresses, such as the IP addresses used at your agency headquarters or at specific districts. Only devices assigned one of the authorized IP addresses can access your Evidence.com agency.

Note: Before you enable IP security, work with your IT staff and your Internet provider to acquire static (non-changing) IP addresses. If you do not use static IP addresses, your agency could be denied access from its own Evidence.com agency. Consumer-grade Internet lines, such as DSL or cable modems, typically have a 200-hour lease. This means that every 200 hours the IP address is refreshed with a new one.

  1. On the menu bar, click Admin and then under Security Settings, click IP Address.
    The IP Active Session Security area appears at the top of the page.
  2. Click Add New IP Address.
  3. Select if you are adding a Single IP Address or Range of IP Addresses.
  4. Enter the IP Address or range of addresses.
  5. Enter a useful description of this address in the Label field. The Label field is optional, but descriptive labels help make managing your Evidence.com account easier.
  6. Click Add.
    The newly added IP Address shows in the table.
  7. You can continue adding additional IP Addresses as needed.
  8. Select Restrict User Access to the Trusted IP Addresses Below located at the top of the page.
    Note: You cannot select this option unless at least one IP address or range of IP addresses has been added.
  9. If at any time you want to prevent access from any IP addresses, click the corresponding Delete icon. However, to prevent being locked out of your account ensure that you do not delete your current IP address.

IP Allowed Lists for Multi-Homed Networks

Evidence.com supports IP security allowed lists for agencies where web traffic can originate from multiple IPs during the same user session. The standard IP allowed list security detects if an active user changes source IP address in the middle of a session and logs the user out. The new setting still restricts site usage to the IP allowed list ranges, but does not terminate a user session if there is an IP change mid-session.

This setting is designed for agencies using network designs where web traffic is sourced from multiple IPs. For example, networks with multiple firewalls or proxy servers can exhibit this behavior. Agencies that load balance outbound traffic across multiple network links also fall into this category. These designs are perfectly valid but cause a false positive for our “Man in the Middle” protection. Until now, these agencies have not been able to utilize our IP allowed list security.

If your agency is not using this type of design, it is recommended that you employ the standard IP session security for the highest levels of protection.

  1. On the menu bar, click Admin and then under Security Settings, click IP Address.
    The IP Active Session Security area appears at the top of the page.
  2. Click Add New IP Address.
  3. Select if you are adding a Single IP Address or Range of IP Addresses.
  4. Enter the IP Address or range of addresses.
  5. Enter a useful description of this address in the Label field. The Label field is optional, but descriptive labels help make managing your Evidence.com account easier.
  6. Click Add.
    The newly added IP Address shows in the table.
  7. You can continue adding additional IP Addresses as needed.
  8. Select the Allow IP Address To Change During An Active Session To The Trusted IP Addresses Below check box.

Axon Application Exceptions

The IP restrictions feature provides additional access security to Axon Evidence. However, implementing this feature can impact Axon mobile applications by blocking access, which makes it difficult for officers to effectively use them.

The Axon Application Exceptions settings allow administrators to easily add exceptions to IP restrictions for specific Axon applications.

This feature is only supported on the following Axon mobile application versions:

  • Axon Device Manager for iOS v2.0.5 or later
  • Axon Device Manager for Android v3.0.4 or later
  • Axon View for iOS v5.0.1 or later
  • Axon View for Android v5.0.3 or later
  • Axon Capture for iOS v5.0 or later
  • Axon Capture for Android v5.0 or later
  • Axon Aware mobile application for both iOS and Android

Note that previous versions of the Axon mobile applications will continue to function normally, but will be subject to the IP restrictions, if enabled for your agency.

  1. On the menu bar, click Admin and then under Security Settings, click IP Address.
  2. Scroll to the bottom of the page to the Axon Application Exceptions section.
  3. Select the Axon Applications (Axon View, Axon Capture, Axon Device Manager, Axon Air, and Axon Aware) you want to exempt from IP Restrictions.
  4. Return to the main System Administration page.

Configure Password Settings

This feature enables administrators to define password settings for all users in the agency.

  • Session Timeout – Sets the number of minutes a user can be inactive before the user is automatically signed out of Evidence.com. [default 10, min 10, max 480]
  • Failed Login Limit — Sets the number of failed login attempts before the account is locked out. [default 5, min 1, max 25]
  • Lockout Duration — Sets the number of minutes a user is locked out of their account due to failed login attempts. [default 60, min 1, max 720]
  • Password History — Sets the number of unique new passwords a user must use before an old password can be reused. [default 10, min 1, max 25]
  • Maximum Password Age — Determines how many days a password can be used before the user is required to change it. [default 90, min 7, max 365]
  • Minimum Password Age – Sets the number of days a user must wait between manually changing their password. This setting does not affect administrative password resets. [default 1, min 0, max 7]
  • Minimum Password Length — Sets how short passwords can be. [default 8, min 6]
  • Password Character Requirements – Sets the types of characters required in a user’s password. Only the Special Characters option is editable. When enabled, users must include at least one special character in their password.

Note: There are no configuration settings for user security questions. Users have 15 attempts to enter their correct security question responses. User that fail to enter the correct security question responses are locked out of the system for 1 hour.

  1. On the menu bar, click Admin and then under Security Settings, click IP Security.
    The Password Configuration page with the various settings appears. Below each setting are a description and the default and maximum (max) values of the setting.
  2. Set the options based on your agency’s requirements.

    Note: If you want to start over with customizing the password configuration settings, click Restore Defaults.

  3. When have finished configuring password settings, click Save.
  4. On the notification message box, click OK.

API Settings

The API Settings section is only available to al Axon Evidence agencies who request access to the Evidence.com Partner API. The Axon Evidence Partner API provides a programmatic means to access the data in your Axon Evidence agency. By developing API-compliant client software or using third-party client software, you can use the Partner API to integrate your Axon Evidence agency with other systems.

The API Settings page provides administrators with the ability to ensure that only authenticated and authorized clients can use the Partner API feature to programmatically configure your Axon Evidence agency. An API client can request, create, read, update and delete operations on a variety of data resources supported by the API, which include the following object types:

  • Users
  • Groups
  • Cases
  • Evidence
  • Devices
  • Reports
  • Category Management

The Partner API is available to all Axon Evidence agencies. To request access to the Partner API, contact your Axon representative. If you need assistance developing API client software, Axon Professional Services are available for billable work.