IPconfigure New Release Claims 'Most Secure' VMS

Author: Brian Karas, Published on Mar 09, 2016

The latest release of IPConfigure's Orchid VMS server makes bold claims about being the "most secure" VMS.

In this brief update we take a look at what IPConfigure has added and how it will impact a typical user.

*** ****** ******* ** ***********'* ****** *** ****** ***** **** claims ***** ***** *** "**** ******" ***.

** **** ***** ****** ** **** * **** ** **** IPConfigure *** ***** *** *** ** **** ****** * ******* user.

[***************]

Overview ** *********** ****** ***

****** ** * ******* ***** *** ******** **** ** ******* ****** executable, ** ***** ** **** **** *****. ****** **** ****** ** "mobile *****" ** *******, *** ********* ********** ******** ** ********.  Orchid **** ** ******** ** ******* ************* (** ******* ** less). ************, *********** ****** ****** ****** ***** ** * *****-******, larger *******.

"Most ******" ******

***********'**.* **************** **** ******* *** ******, ***** ***** **** ***** ******* they **** ***** ****** "*** **** ****** *** ********* *** ******** *********."

What ** ****?

****** ******* ** *** ** **** ** ** * ***** streaming ********, *** **** ** ***** ******** **************/********** ********* (*** S ** ****).  **** ** ********** ******* ** *** ** cameras, *** ** *** **** ******** ******* *** **** *** other *********.  

SRTP ** *****

*** **** ****** *** ** ****** ******* ** ***** ************ systems *** **** ********* **** ***** (*** ********** ***** ** ********* ****/*** ****** *****).

**** ** ******* ** ***** ** **** ** *** ******* a ************** ****** ******* * *******, *** ** *** ***** benefit *** ****-********* ******* (**** ** ***** ** *****) ** generally ***** ***** ******* *** **** ******** **** *****, ****** it ** *** ***** *** *********** **** ***** ** ** practice *** ***** *********** ******** *** *****.

SRTP **** ** ** ****

**** ******* ** ** ******* ********* ***** ** **** ** best. ** **** ** ** ********, *********** **** **** **** Cisco ******* ***** *** * *** ********* ******* **** ** on ***** ************* ******. ******* ** **** **** ** ****** support, *********** ** *** ********** **** **** ****** ** ******.

Server ** ****** ****

***********'* "**** ******" ****** **** ***** ** *** ************ **************.  There ** ** ******* ** ******** ****** *** ******->****** **** stream, *** ************* *** ****** ***** **** ** ** ****** vector **** *** *** ** ****** ** ******* ******* ** replaced ****** ******* *** ****** ******** ************ ** **** ******* providing *** ************.

Secure ********* **** *********

**** **** ******** ****** ********* *** *********** ** ********** ** ******* encrypted ********* **** ***** ******* ** *******. **** ** *** available **** *****. *******, ********* ** ****** ******** ** ******* *********** and ** *** ******* **** ** ****** ****, ****** **** **** limited *************.

Certificate ******* *** ** *******

******* ** *** ****** ******** *** *****/**** ******** *********** **********, signing *** ************.  *** ********* *** ******* ***** ***** ** their ***, ** *********** *** ******* **** ** * ****-*** service *** $***/******. 

Impact ****** ** ** *******

************** ******** ** (***) ****** ******* ********* ** *** ******** sector, *** ***** ***** *** ****** ** **** ***** ********, it ***** ***** ** **** ******** *** ** *** ******** chart. ********* **** ****** ** ***** ******** ****** *** ** organizations **** **** ********* ******* / ******** *****, ******* ** Orchid's ************.  ** ** *** ********** ***** ******** ************ ** **** a ***** ****** ****** ******* *** ***** **** *********** *** some **** ***, ******** ********* *****. 

Comments (7)

Setting up web server security for HTTPS/SRTP requires certificate generation, signing and installation. The installer can perform these steps on their own, or IPConfigure can provide this as a turn-key service for $500/server.

I'm not sure how that reconciles with this answer given here:

As a design decision, Orchid does not support self-signed certificates without a CA.

I was trying to not get bogged down in minor details on this post.

I didn't mean to imply that you could self-sign your cert, just that you can create a cert/signing request on your own, get it signed, and install the cert all without having to pay IPConfigure $500.

I was trying to not get bogged down in minor details on this post.

I appreciate that. No worries:)

The thing is that since this is aimed at small installations, the added cost of someone having to register and renew a yearly CA is non-trivial.

Verisign is at least a couple hundred a year.

What does an 8-user Orchid Core license cost?

Unless, I'm misunderstand Dr. Tompkins, to use the secure VMS, you need to

  1. Already have a trusted cert
  2. Buy one from them for $500
  3. Get one from someone else $$ ?

Though I may be misunderstanding. What is your interpretation?

UD1,

You can use Orchid out of the box in its unencrypted mode. If you want to enable encrypted mode and you elect to configure this yourself, you need to:

  1. Generate a private key on your Orchid server.
  2. Buy a TLS/SSL certificate. Certificates signed by a "big name" root CA and accepted in all modern browsers can be had for less than $50/yr.
  3. Put your private key and certificate files in a directory, edit a text file, restart Orchid.

As long as an integrator or end-user is even passingly technical, this is an easy and well-documented process.

Our $500 service offering is designed for those who are willing to pay for a completely turn-key configuration solution.

With respect to cost, Orchid is licensed on a per-camera basis ($69 MSRP); there is no restriction on the number of users.

UD1,

Both of those points are consistent. In the first, I meant that an integrator/end-user could purchase a normal TLS certificate from the likes of Digicert, Thawte, Symantec, etc. and install that certificate themselves without paying the $500 for our turn-key certificate installation service.

In the second point, I meant that our SRTP client will reject all self-signed certificates unless you are acting as your own Certificate Authority and configure all of your clients to accept your own root CA.

Best,
Cort Tompkins
VP Engineering, IPConfigure

Legitimate TLS/SSL certificates recognized by all major browsers can now be had for free: https://letsencrypt.org/

Update: Genetec reports that their most recent 5.4 Security Center release supports SRTP from server to clients.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports on VMS

Magos Radar Company Profile on Nov 12, 2018
Magos America General Manager Yaron Zussman admits when he first came across Magos, he asked himself: "What's innovative about radar?" Be that as...
Axis 2N Intercom Tested on Nov 08, 2018
Axis expanded its video intercom business buying Czech-based 2N in 2016. Despite competing against owner Axis' intercoms, 2N recently registered as...
Dahua Dual Imager Dome Camera Tested (HDBW4231FN-E2-M) on Nov 07, 2018
Dahua has introduced a dual-imager dome model, the HDBW4231FN-E2-M, with two independently positionable sensors including integrated IR, not found...
Avigilon Opens Up Analytics And Cameras on Nov 06, 2018
Avigilon is opening up. The company historically famous for advocating its own end-to-end solutions and making it harder for 3rd parties to...
Worst Products on Nov 03, 2018
Security integrators periodically report on their favorite and worst products to IPVM. These are known integrators who IPVM pays to answer surveys....
Unisight Company Profile on Nov 01, 2018
Hikvision's largest US OEM, LTS has started to carry Unisight, whose products (shown below) look a lot like Hikvision's rival Dahua: Who is...
VMS Camera Management Shootout - Avigilon, Dahua, Exacq, Genetec, Hanwha, Hikvision, Milestone, Network Optix on Oct 29, 2018
Camera setup, configuration and maintenance are the most common tasks when managing a surveillance system. Who does it best and worst? Who offers...
Axxon Face Search Tested on Oct 26, 2018
AxxonSoft has brought facial recognition to their Axxon Next VMS for free with the simply named Face Search, claiming to allow users to find...
Exacq Co-Founders Return, Start Qumulex on Oct 24, 2018
Exacq co-founders Dan Rittman, Tom Buckley, and David Underwood are back, starting up Qumulex. In 2000, they sold Integral to Andover...
Geutebruck Company Profile on Oct 22, 2018
Geutebrück has been in business for nearly 50 years, but they are not well known within the US surveillance market. In this report, we profile...

Most Recent Industry Reports

Integrator Credit Card Alternative Divvy on Nov 13, 2018
Most security integrators are small businesses but large enough that they have various employees that need to be able to expense various charges as...
Directory of Video Intercoms on Nov 13, 2018
Video Intercoms, also known as Video Door-Phones or Video Entry Systems, have been growing in the past decade as more and more IP camera...
Beware Amazon Go Store Hype (Tested) on Nov 13, 2018
IPVM's trip to and testing of Amazon Go's San Francisco store shows a number of significant operational and economic issues that undermine the...
Magos Radar Company Profile on Nov 12, 2018
Magos America General Manager Yaron Zussman admits when he first came across Magos, he asked himself: "What's innovative about radar?" Be that as...
Genetec Privacy Protector Tested on Nov 12, 2018
Genetec has built Kiwi Security's Privacy Protector into Security Center, an analytic which anonymizes individuals in cameras' fields of view...
Chinese Government Increases Hikvision Ownership on Nov 12, 2018
The Chinese government - Hikvision's controlling shareholder - is increasing its ownership of the video surveillance giant amid sharp stock price...
Axis: "No One Wants To Buy A Camera" on Nov 09, 2018
Axis has, in its own description, made a bold declaration: The industry is changing so rapidly that the following statement might seem bold but...
Video Surveillance Hard Drive Size Statistics 2018 on Nov 08, 2018
What is the most common hard drive size for video surveillance? 150+ integrators answered: What size hard drive do you most commonly use? What...
Axis 2N Intercom Tested on Nov 08, 2018
Axis expanded its video intercom business buying Czech-based 2N in 2016. Despite competing against owner Axis' intercoms, 2N recently registered as...
Haven Targets School Security with Lockdown Lineup on Nov 08, 2018
Haven, a US startup founded in 2014 as a residential-focused company, has now raised funding and is offering a lineup of commercial grade locks for...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact