IPconfigure New Release Claims 'Most Secure' VMS

By: Brian Karas, Published on Mar 09, 2016

The latest release of IPConfigure's Orchid VMS server makes bold claims about being the "most secure" VMS.

In this brief update we take a look at what IPConfigure has added and how it will impact a typical user.

*** ****** ******* ** IPConfigure's ****** *** ****** makes **** ****** ***** being *** "**** ******" VMS.

** **** ***** ****** we **** * **** at **** *********** *** added *** *** ** will ****** * ******* user.

[***************]

Overview ** *********** ****** ***

****** ** * ******* ***** VMS ******** **** ** Windows ****** **********, ** there ** **** **** *****. Orchid **** ****** ** "mobile *****" ** *******, not ********* ********** ******** or ********.  ****** **** is ******** ** ******* installations (** ******* ** less). ************, *********** ****** Orchid ****** ***** ** a *****-******, ****** *******.

"Most ******" ******

***********'**.* **************** **** ******* *** Orchid, ***** ***** **** other ******* **** **** makes ****** "*** **** ****** *** efficient *** ******** *********."

What ** ****?

****** ******* ** *** in **** ** ** a ***** ********* ********, but **** ** ***** security **************/********** ********* (*** S ** ****).  **** is ********** ******* ** for ** *******, *** it *** **** ******** heavily *** **** *** other *********.  

SRTP ** *****

*** **** ****** *** to ****** ******* ** video ************ ******* *** been ********* **** ***** (see ********** ***** ** ********* RTSP/RTP ****** *****).

**** ** ******* ** HTTPS ** **** ** can ******* * ************** stream ******* * *******, but ** *** ***** benefit *** ****-********* ******* (such ** ***** ** video) ** ********* ***** lower ******* *** **** overhead **** *****, ****** it ** *** ***** how *********** **** ***** be ** ******** *** could *********** ******** *** gains.

SRTP **** ** ** ****

**** ******* ** ** cameras ********* ***** ** rare ** ****. ** know ** ** ********, IPConfigure **** **** **** Cisco ******* ***** *** a *** ********* ******* list ** ** ***** specification ******. ******* ** this **** ** ****** support, *********** ** *** supporting **** **** ****** to ******.

Server ** ****** ****

***********'* "**** ******" ****** only ***** ** *** ServerClient **************.  ***** ** no ******* ** ******** around *** ******->****** **** stream, *** ************* *** camera ***** **** ** an ****** ****** **** the *** ** ****** to ******* ******* ** replaced ****** ******* *** Orchid ******** ************ ** this ******* ********* *** notification.

Secure ********* **** *********

**** **** ******** ****** ********* and *********** ** ********** to ******* ********* ********* from ***** ******* ** clients. **** ** *** available **** *****. *******, multicast ** ****** ******** ** smaller *********** *** ** not ******* **** ** ****** ones, ****** **** **** limited *************.

Certificate ******* *** ** *******

******* ** *** ****** security *** *****/**** ******** certificate **********, ******* *** installation.  *** ********* *** perform ***** ***** ** their ***, ** *********** can ******* **** ** a ****-*** ******* *** $500/server. 

Impact ****** ** ** *******

************** ******** ** (***) slowly ******* ********* ** the ******** ******, *** while ***** *** ****** to **** ***** ********, it ***** ***** ** rank ******** *** ** the ******** *****. ********* most ****** ** ***** security ****** *** ** organizations **** **** ********* feature / ******** *****, outside ** ******'* ************.  We ** *** ********** ***** security ************ ** **** a ***** ****** ****** overall *** ***** **** IPConfigure *** **** **** end, ******** ********* *****. 

Comments (7)

Setting up web server security for HTTPS/SRTP requires certificate generation, signing and installation. The installer can perform these steps on their own, or IPConfigure can provide this as a turn-key service for $500/server.

I'm not sure how that reconciles with this answer given here:

As a design decision, Orchid does not support self-signed certificates without a CA.

I was trying to not get bogged down in minor details on this post.

I didn't mean to imply that you could self-sign your cert, just that you can create a cert/signing request on your own, get it signed, and install the cert all without having to pay IPConfigure $500.

I was trying to not get bogged down in minor details on this post.

I appreciate that. No worries:)

The thing is that since this is aimed at small installations, the added cost of someone having to register and renew a yearly CA is non-trivial.

Verisign is at least a couple hundred a year.

What does an 8-user Orchid Core license cost?

Unless, I'm misunderstand Dr. Tompkins, to use the secure VMS, you need to

  1. Already have a trusted cert
  2. Buy one from them for $500
  3. Get one from someone else $$ ?

Though I may be misunderstanding. What is your interpretation?

UD1,

You can use Orchid out of the box in its unencrypted mode. If you want to enable encrypted mode and you elect to configure this yourself, you need to:

  1. Generate a private key on your Orchid server.
  2. Buy a TLS/SSL certificate. Certificates signed by a "big name" root CA and accepted in all modern browsers can be had for less than $50/yr.
  3. Put your private key and certificate files in a directory, edit a text file, restart Orchid.

As long as an integrator or end-user is even passingly technical, this is an easy and well-documented process.

Our $500 service offering is designed for those who are willing to pay for a completely turn-key configuration solution.

With respect to cost, Orchid is licensed on a per-camera basis ($69 MSRP); there is no restriction on the number of users.

UD1,

Both of those points are consistent. In the first, I meant that an integrator/end-user could purchase a normal TLS certificate from the likes of Digicert, Thawte, Symantec, etc. and install that certificate themselves without paying the $500 for our turn-key certificate installation service.

In the second point, I meant that our SRTP client will reject all self-signed certificates unless you are acting as your own Certificate Authority and configure all of your clients to accept your own root CA.

Best,
Cort Tompkins
VP Engineering, IPConfigure

Legitimate TLS/SSL certificates recognized by all major browsers can now be had for free: https://letsencrypt.org/

Update: Genetec reports that their most recent 5.4 Security Center release supports SRTP from server to clients.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports on VMS

Anyvision Facial Recognition Tested on Aug 21, 2019
Anyvision is aiming for $1 billion in revenue by 2022, backed by $74 million in funding. But does their performance live up to the hype they have...
Dahua 4K Camera Shootout on Aug 20, 2019
Dahua's new Pro Series 4K N85CL5Z claims to "deliver superior images in all lighting and environmental conditions", but how does this compare to...
Proactive CCTV "Only Affordable Video Archiving Solution" Profile on Aug 12, 2019
Proactive CCTV is claiming to offer "the only affordable video archiving solution on the market", reducing the storage typically required for H.265...
Milestone "GDPR-ready" Certification Claim Critiqued on Aug 12, 2019
Milestone is touting that its latest XProtect VMS is "GDPR-ready" with a 'European Privacy Seal'. However, our investigation raises significant...
Axis Door Station A8207-VE Tested on Aug 07, 2019
Axis newest door station, the A8207-VE, claims to deliver "video surveillance, two-way communication, and access control" in a single device. But...
Avigilon Blue VSaaS Tested on Aug 05, 2019
Avigilon says Blue is a "powerful integrator cloud service platform", easy to set up and configure, quickly scale business, by leveraging cloud...
Cisco Settles False Claims Act Suit For Video Surveillance Vulnerabilities on Aug 01, 2019
Cisco entered the video surveillance market in 2007 and suffered for many years through a variety of its own errors and arrogance. The conclusion...
Ionodes Company Profile on Jul 31, 2019
What happened to Ionodes? With seasoned leadership from Jean-Paul Saindon founder of SmartSight and Dr. Michael Gilge, founder of VCS, back in...
Vivotek Trend Micro Cyber Security Camera App Tested on Jul 22, 2019
Vivotek and Trend Micro are claiming five million blocked attacks on IP cameras, with their jointly developed app for Vivotek cameras. This new...
Avigilon ACC7 VMS Tested on Jul 22, 2019
Avigilon's Control Center 7 boldly claims it will "transform live video monitoring" with the new Focus of Attention "AI-enabled" interface. We...

Most Recent Industry Reports

TMA Apologizes to Amazon / Ring on Aug 23, 2019
Not only is Amazon / Ring making major incursions into the residential security market, the organization representing the biggest incumbents, The...
China Dahua Replaces Their Software With US Pepper on Aug 22, 2019
What does a US government banned company do to improve its security positioning in the US? Well, Dahua is unveiling a novel solution, partnering...
Security Integrators Outlook On Remaining Integrators In 2025 on Aug 22, 2019
The industry has changed substantially in the last decade, with the rise of IP cameras and the race to the bottom. Indeed, more changes may be...
First GDPR Facial Recognition Fine For Sweden School on Aug 22, 2019
A school in Sweden has been fined $20,000 for using facial recognition to keep attendance in what is Sweden's first GDPR fine. Notably, the fine is...
Anyvision Facial Recognition Tested on Aug 21, 2019
Anyvision is aiming for $1 billion in revenue by 2022, backed by $74 million in funding. But does their performance live up to the hype they have...
JCI Sues Wyze on Aug 21, 2019
The mega manufacturer / integrator JCI has sued the fast-growing $20 camera Seattle startup Wyze. Inside this note: Share the court...
Dahua 4K Camera Shootout on Aug 20, 2019
Dahua's new Pro Series 4K N85CL5Z claims to "deliver superior images in all lighting and environmental conditions", but how does this compare to...
ZK Teco Atlas Access Control Tested on Aug 20, 2019
Who needs access specialists? China-based ZKTeco claims its newest access panel 'makes it very easy for anyone to learn and install access control...
Uniview Beats Intel In Trademark Lawsuit on Aug 19, 2019
Uniview has won a long-running trademark lawsuit brought by Intel, with Beijing's highest court reversing an earlier Intel win, centered on...
Suprema Biometric Mass Leak Examined on Aug 19, 2019
While Suprema is rarely discussed even within the physical security market, the South Korean biometrics manufacturer made global news this past...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact