I know there are several posts and videos covering VLAN best practices for security cameras. I have several different platforms that I leverage with a combination of synology, pfsense and other IP camera systems.
However, Unifi’s preferred behavior of having everything of theirs on the default network is definitely not in line with how I set up our systems. Unifi had this response about 5 years ago (https://community.ui.com/questions/Cameras-and-Protect-VLAN/64271269-9e33-4c22-a4e6-f6a420ff47be#answer/2595606d-12e0-4cff-bed7-4c55544df106) which more or less suggested adopting the cameras on the default network for adoption before migrating them over to a security vlan. That won’t work on my network for several different reasons, and it was before they released the NVR line.
I would love to see an updated video covering how you’d approach using a UNVR/UNVR Pro while keeping the cameras on a camera-only, restricted VLAN. I’ve got a large campus that has a lot of Amcrest and Reolink cameras. I’ve verified that the ONVIF support of these cameras plays well with the latest 3rd party camera update, so I’m thinking of migrating their NVR system to the UNVR Pro. This also opens the door for me to start leveraging some of the latest Protect cameras with advanced detection, but I"m not sure what else might suffer during the transition. We have unifi Access on the default lan, but does having protect and access on different vlans impact camera integration for door events? So many questions…
I’m assuming I’d just put the NVR on the camera VLAN and map the appropriate firewall rules to give it access for updates/etc, but I’m also sure you’d do things differently with your experience than mine (I only have about 6 campuses with about 100 +/- cameras – not enough to be an expert).
If this makes your video roadmap, it’d be appreciated.
