So after talking to multiple “Security Camera Specialists” and being rather unimpressed with their solutions, I’m hoping I can get some thoughts and ideas on implementing a secure multi-site CCTV solution that allows for both remote viewing and is secure from a network point of view.
I am helping out my community modernize their camera systems which are currently at every entry point into the community. Each entry has a 2 to 3 PoE cameras, a UPS, an NVR, and its own internet connection which uses a router provided by the ISP. The ISP is fiber based with plenty of symmetric bandwidth and each location utilizes static IP addresses. That’s the easy part. The community also has a main gate which has an on-site security guard. The community wants a live feed of all the entries viewable by the guard. Currently this is accomplished by port mapping the NVR’s directly onto the internet (I can hear the collective gasp), and using software provided by the NVR vendor on a Windows 10 PC to view all of the cameras. None of it is currently implemented with any security in mind, no encryption (not even https), and raw RTSP feeds. To make things worse, the NVRs have not been updated by the vendor in quite some time.
So looking at this, it is very similar to a small business with a couple of sites that I want to network together, and that is how I ended up here. I was thinking of reaching out to companies like Lawrence tech services (and I would but we are not geographically near them) because of how little thought security camera vendors actually put into securing the systems they sell. Only one vendor out of many that I have spoken to even talked about networking and VPN equipment.
To me the solution that has the fewest components in harsh environments (NVRs in non-climate controlled boxes), is to create VPN connections between each entry and the main gate and record all of the feeds to one NVR (realizing this would need to be a high capacity/bandwidth NVR). While this looks good on paper, I don’t have the experience with commercial camera systems to know if this is even a reliable approach. This would also require networking equipment capable of multiple VPN connections with each connection having about ~10-20mpbs of continuous traffic. The community also wants continuous recording (being burned by motion activated recording a couple times). It isn’t a mission critical application but a needs to have a good up time and be able to recover if something goes down without user intervention. The second approach would be to continue each location recording to a local NVR but then using a secondary stream to send to the guard, using a secure network connection.
So my ask to the community is, anyone have a similar configuration and what did you do to solve it? Any particular camera, NVR, or networking suggestions? A pure Cloud solution is not out of the question either but there are a bunch of cloud only vendors and trying to find one that will still exist in 5 years may be the hard part.
In general the cameras need to be PoE, IP66 or IP67 and IK10 rated. Most the quotes I have seen so far are using cameras by Axis Communications, Arecont, Digital Watchdog or Panasonic. Some of the NVRs are Tyco’s exacq or Pansonic’s offerings. Open to anything but Hik-Vision equipment and would prefer some type of SSA.
I did think about going all Ubiquiti with a Dream Machine Pro and Ubiquiti cameras but being the cameras use proprietary protocols and being unsure if you could view all of the feeds from separate NVRs in one screen sort of ruled that out.