IPconfigure New Release Claims 'Most Secure' VMS

Author: Brian Karas, Published on Mar 09, 2016

The latest release of IPConfigure's Orchid VMS server makes bold claims about being the "most secure" VMS.

In this brief update we take a look at what IPConfigure has added and how it will impact a typical user.

*** ****** ******* ** ***********'* ****** *** ****** ***** **** claims ***** ***** *** "**** ******" ***.

** **** ***** ****** ** **** * **** ** **** IPConfigure *** ***** *** *** ** **** ****** * ******* user.

[***************]

Overview ** *********** ****** ***

****** ** * ******* ***** *** ******** **** ** ******* ****** executable, ** ***** ** **** **** *****. ****** **** ****** ** "mobile *****" ** *******, *** ********* ********** ******** ** ********.  Orchid **** ** ******** ** ******* ************* (** ******* ** less). ************, *********** ****** ****** ****** ***** ** * *****-******, larger *******.

"Most ******" ******

***********'**.* **************** **** ******* *** ******, ***** ***** **** ***** ******* they **** ***** ****** "*** **** ****** *** ********* *** ******** *********."

What ** ****?

****** ******* ** *** ** **** ** ** * ***** streaming ********, *** **** ** ***** ******** **************/********** ********* (*** S ** ****).  **** ** ********** ******* ** *** ** cameras, *** ** *** **** ******** ******* *** **** *** other *********.  

SRTP ** *****

*** **** ****** *** ** ****** ******* ** ***** ************ systems *** **** ********* **** ***** (*** ********** ***** ** ********* ****/*** ****** *****).

**** ** ******* ** ***** ** **** ** *** ******* a ************** ****** ******* * *******, *** ** *** ***** benefit *** ****-********* ******* (**** ** ***** ** *****) ** generally ***** ***** ******* *** **** ******** **** *****, ****** it ** *** ***** *** *********** **** ***** ** ** practice *** ***** *********** ******** *** *****.

SRTP **** ** ** ****

**** ******* ** ** ******* ********* ***** ** **** ** best. ** **** ** ** ********, *********** **** **** **** Cisco ******* ***** *** * *** ********* ******* **** ** on ***** ************* ******. ******* ** **** **** ** ****** support, *********** ** *** ********** **** **** ****** ** ******.

Server ** ****** ****

***********'* "**** ******" ****** **** ***** ** *** ************ **************.  There ** ** ******* ** ******** ****** *** ******->****** **** stream, *** ************* *** ****** ***** **** ** ** ****** vector **** *** *** ** ****** ** ******* ******* ** replaced ****** ******* *** ****** ******** ************ ** **** ******* providing *** ************.

Secure ********* **** *********

**** **** ******** ****** ********* *** *********** ** ********** ** ******* encrypted ********* **** ***** ******* ** *******. **** ** *** available **** *****. *******, ********* ** ****** ******** ** ******* *********** and ** *** ******* **** ** ****** ****, ****** **** **** limited *************.

Certificate ******* *** ** *******

******* ** *** ****** ******** *** *****/**** ******** *********** **********, signing *** ************.  *** ********* *** ******* ***** ***** ** their ***, ** *********** *** ******* **** ** * ****-*** service *** $***/******. 

Impact ****** ** ** *******

************** ******** ** (***) ****** ******* ********* ** *** ******** sector, *** ***** ***** *** ****** ** **** ***** ********, it ***** ***** ** **** ******** *** ** *** ******** chart. ********* **** ****** ** ***** ******** ****** *** ** organizations **** **** ********* ******* / ******** *****, ******* ** Orchid's ************.  ** ** *** ********** ***** ******** ************ ** **** a ***** ****** ****** ******* *** ***** **** *********** *** some **** ***, ******** ********* *****. 

Comments (7)

Setting up web server security for HTTPS/SRTP requires certificate generation, signing and installation. The installer can perform these steps on their own, or IPConfigure can provide this as a turn-key service for $500/server.

I'm not sure how that reconciles with this answer given here:

As a design decision, Orchid does not support self-signed certificates without a CA.

I was trying to not get bogged down in minor details on this post.

I didn't mean to imply that you could self-sign your cert, just that you can create a cert/signing request on your own, get it signed, and install the cert all without having to pay IPConfigure $500.

I was trying to not get bogged down in minor details on this post.

I appreciate that. No worries:)

The thing is that since this is aimed at small installations, the added cost of someone having to register and renew a yearly CA is non-trivial.

Verisign is at least a couple hundred a year.

What does an 8-user Orchid Core license cost?

Unless, I'm misunderstand Dr. Tompkins, to use the secure VMS, you need to

  1. Already have a trusted cert
  2. Buy one from them for $500
  3. Get one from someone else $$ ?

Though I may be misunderstanding. What is your interpretation?

UD1,

You can use Orchid out of the box in its unencrypted mode. If you want to enable encrypted mode and you elect to configure this yourself, you need to:

  1. Generate a private key on your Orchid server.
  2. Buy a TLS/SSL certificate. Certificates signed by a "big name" root CA and accepted in all modern browsers can be had for less than $50/yr.
  3. Put your private key and certificate files in a directory, edit a text file, restart Orchid.

As long as an integrator or end-user is even passingly technical, this is an easy and well-documented process.

Our $500 service offering is designed for those who are willing to pay for a completely turn-key configuration solution.

With respect to cost, Orchid is licensed on a per-camera basis ($69 MSRP); there is no restriction on the number of users.

UD1,

Both of those points are consistent. In the first, I meant that an integrator/end-user could purchase a normal TLS certificate from the likes of Digicert, Thawte, Symantec, etc. and install that certificate themselves without paying the $500 for our turn-key certificate installation service.

In the second point, I meant that our SRTP client will reject all self-signed certificates unless you are acting as your own Certificate Authority and configure all of your clients to accept your own root CA.

Best,
Cort Tompkins
VP Engineering, IPConfigure

Legitimate TLS/SSL certificates recognized by all major browsers can now be had for free: https://letsencrypt.org/

Update: Genetec reports that their most recent 5.4 Security Center release supports SRTP from server to clients.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports on VMS

Axis Perimeter Defender Video Analytics Tested on Jul 12, 2018
Axis 'high security' video analytics offering is Perimeter Defender, OEMed / developed with Digital Barriers. But how good is Perimeter Defender?...
Drops Dahua, Fenner Becomes ISS CMO on Jul 09, 2018
Hired to improve Dahua's miserable marketing just last year, Janet Fenner has quit Dahua, joining VMS manufacturer ISS as Chief Marketing...
UK VSaaS Startup Ocucon on Jul 03, 2018
Decreasing exposure to fraudulent slip-and-fall insurance claims and lawsuits is one of the oldest selling points of video surveillance for retail....
Digital Watchdog Low Cost 4MP Camera Tested on Jul 02, 2018
Based on member 4MP testing requests, we bought and tested Digital Watchdog's low-cost 4MP DWC-MTT4Wi to see how it performs in real world scenes,...
Panoramic Fisheye Camera Shootout - Avigilon, Axis, Dahua, Hanwha, Hikvision, Oncam And Vivotek on Jun 27, 2018
IPVM tested Avigilon, Axis, Dahua, Hanwha, Hikvision, Oncam And Vivotek 12MP panoramic fisheye cameras head to head, as shown in the test setup...
Snap Surveillance Profile on Jun 26, 2018
There are not a lot of video surveillance companies that survive 9 years with only one feature that makes their product stand out. In the case of...
OpenEye Apex VMS Tested on Jun 26, 2018
OpenEye is a US company, founded nearly 20 years ago. In the past few years, OpenEye has been one of a few VMS providers that have pivoted to being...
Most Wanted Improvements In Manufacturer Technical Support (Statistics) on Jun 21, 2018
5 key areas of improvement and 1 clear wanted support feature were voiced by 140+ integrator responses to: What improvement in manufacturer...
Axis Guardian - Cloud VMS And Alarm Monitoring - Released on Jun 19, 2018
Axis has struggled to deliver a cloud-based managed service video platform. Video service providers have utilized AVHS for over a decade, and have...
ReconaSense - The AI / Access Control / Analytics / IoT / Video Company Profile on Jun 12, 2018
One company's ISC West booth stood out for displaying a light-up tower of buzzwords. The company, ReconaSense, pledged to be 'making sense of it...

Most Recent Industry Reports

Amazon Ring Alarm System Tested on Jul 16, 2018
Amazon Ring is going to hurt traditional dealers, and especially ADT, new IPVM test results of Ring's Alarm system underscore. IPVM found that...
Hikvision Wins Chinese Government Forced Facial Recognition Project Across 967 Mosques on Jul 16, 2018
Hikvision has won a Chinese government tender which requires that facial recognition cameras be set up at the entrance of every single mosque...
Installing Dome Cameras Indoors Guide on Jul 16, 2018
IPVM is producing the definitive series on installing surveillance cameras. This entry covers one of the most common scenarios - installing dome...
Security Sales Course Summer 2018 on Jul 13, 2018
Based on member's interest, IPVM is offering a security sales course this summer. Register Now - IPVM Security Sales Course Summer 2018 This...
US Tariffs Hit China Video Surveillance on Jul 13, 2018
Chinese video surveillance products avoided tariffs for the first two rounds. Now, in the third round, many video surveillance products will be...
Last Chance - July 2018 IP Networking Course on Jul 12, 2018
Registration ends today, Thursday. Register now. This is the only networking course designed specifically for video surveillance...
4 Most Difficult Camera Installs (Statistics) on Jul 12, 2018
Heavy housings, cumbersome brackets, heavy ladders required, and tricky field of view requirements will cause difficulties no matter the camera...
Axis Perimeter Defender Video Analytics Tested on Jul 12, 2018
Axis 'high security' video analytics offering is Perimeter Defender, OEMed / developed with Digital Barriers. But how good is Perimeter Defender?...
Hikvision Fights Ban - Claims 'Red Scare', Hires 14 Term Ex-Congressman on Jul 11, 2018
Hikvision is fighting back against the House Bill Ban of their products. Hikvision has hired one of the biggest lobbying firms, led by a 14 term...
Arecont Acquisition By Costar on Jul 11, 2018
Arecont Vision acquisition by Costar Technologies has been approved by the court, concluding the bankruptcy process triggered by Arecont's...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact