IPconfigure New Release Claims 'Most Secure' VMS

By: Brian Karas, Published on Mar 09, 2016

The latest release of IPConfigure's Orchid VMS server makes bold claims about being the "most secure" VMS.

In this brief update we take a look at what IPConfigure has added and how it will impact a typical user.

Overview ** *********** ****** ***

****** ** * ******* ***** VMS ******** **** ** Windows ****** **********, ** there ** **** **** *****. Orchid **** ****** ** "mobile *****" ** *******, not ********* ********** ******** or ********.  ****** **** is ******** ** ******* installations (** ******* ** less). ************, *********** ****** Orchid ****** ***** ** a *****-******, ****** *******.

"Most ******" ******

***********'**.* **************** **** ******* *** Orchid, ***** ***** **** other ******* **** **** makes ****** "*** **** ****** *** efficient *** ******** *********."

What ** ****?

****** ******* ** *** in **** ** ** a ***** ********* ********, but **** ** ***** security **************/********** ********* (*** S ** ****).  **** is ********** ******* ** for ** *******, *** it *** **** ******** heavily *** **** *** other *********.  

SRTP ** *****

*** **** ****** *** to ****** ******* ** video ************ ******* *** been ********* **** ***** (see ********** ***** ** ********* RTSP/RTP ****** *****).

**** ** ******* ** HTTPS ** **** ** can ******* * ************** stream ******* * *******, but ** *** ***** benefit *** ****-********* ******* (such ** ***** ** video) ** ********* ***** lower ******* *** **** overhead **** *****, ****** it ** *** ***** how *********** **** ***** be ** ******** *** could *********** ******** *** gains.

SRTP **** ** ** ****

**** ******* ** ** cameras ********* ***** ** rare ** ****. ** know ** ** ********, IPConfigure **** **** **** Cisco ******* ***** *** a *** ********* ******* list ** ** ***** specification ******. ******* ** this **** ** ****** support, *********** ** *** supporting **** **** ****** to ******.

Server ** ****** ****

***********'* "**** ******" ****** only ***** ** *** ServerClient **************.  ***** ** no ******* ** ******** around *** ******->****** **** stream, *** ************* *** camera ***** **** ** an ****** ****** **** the *** ** ****** to ******* ******* ** replaced ****** ******* *** Orchid ******** ************ ** this ******* ********* *** notification.

Secure ********* **** *********

**** **** ******** ****** ********* and *********** ** ********** to ******* ********* ********* from ***** ******* ** clients. **** ** *** available **** *****. *******, multicast ** ****** ******** ** smaller *********** *** ** not ******* **** ** ****** ones, ****** **** **** limited *************.

Certificate ******* *** ** *******

******* ** *** ****** security *** *****/**** ******** certificate **********, ******* *** installation.  *** ********* *** perform ***** ***** ** their ***, ** *********** can ******* **** ** a ****-*** ******* *** $500/server. 

Impact ****** ** ** *******

************** ******** ** (***) slowly ******* ********* ** the ******** ******, *** while ***** *** ****** to **** ***** ********, it ***** ***** ** rank ******** *** ** the ******** *****. ********* most ****** ** ***** security ****** *** ** organizations **** **** ********* feature / ******** *****, outside ** ******'* ************.  We ** *** ********** ***** security ************ ** **** a ***** ****** ****** overall *** ***** **** IPConfigure *** **** **** end, ******** ********* *****. 

Comments (7)

Setting up web server security for HTTPS/SRTP requires certificate generation, signing and installation. The installer can perform these steps on their own, or IPConfigure can provide this as a turn-key service for $500/server.

I'm not sure how that reconciles with this answer given here:

As a design decision, Orchid does not support self-signed certificates without a CA.

I was trying to not get bogged down in minor details on this post.

I didn't mean to imply that you could self-sign your cert, just that you can create a cert/signing request on your own, get it signed, and install the cert all without having to pay IPConfigure $500.

I was trying to not get bogged down in minor details on this post.

I appreciate that. No worries:)

The thing is that since this is aimed at small installations, the added cost of someone having to register and renew a yearly CA is non-trivial.

Verisign is at least a couple hundred a year.

What does an 8-user Orchid Core license cost?

Unless, I'm misunderstand Dr. Tompkins, to use the secure VMS, you need to

  1. Already have a trusted cert
  2. Buy one from them for $500
  3. Get one from someone else $$ ?

Though I may be misunderstanding. What is your interpretation?

UD1,

You can use Orchid out of the box in its unencrypted mode. If you want to enable encrypted mode and you elect to configure this yourself, you need to:

  1. Generate a private key on your Orchid server.
  2. Buy a TLS/SSL certificate. Certificates signed by a "big name" root CA and accepted in all modern browsers can be had for less than $50/yr.
  3. Put your private key and certificate files in a directory, edit a text file, restart Orchid.

As long as an integrator or end-user is even passingly technical, this is an easy and well-documented process.

Our $500 service offering is designed for those who are willing to pay for a completely turn-key configuration solution.

With respect to cost, Orchid is licensed on a per-camera basis ($69 MSRP); there is no restriction on the number of users.

UD1,

Both of those points are consistent. In the first, I meant that an integrator/end-user could purchase a normal TLS certificate from the likes of Digicert, Thawte, Symantec, etc. and install that certificate themselves without paying the $500 for our turn-key certificate installation service.

In the second point, I meant that our SRTP client will reject all self-signed certificates unless you are acting as your own Certificate Authority and configure all of your clients to accept your own root CA.

Best,
Cort Tompkins
VP Engineering, IPConfigure

Legitimate TLS/SSL certificates recognized by all major browsers can now be had for free: https://letsencrypt.org/

Update: Genetec reports that their most recent 5.4 Security Center release supports SRTP from server to clients.

Read this IPVM report for free.

This article is part of IPVM's 6,545 reports, 882 tests and is only available to members. To get a one-time preview of our work, enter your work email to access the full article.

Already a member? Login here | Join now

Related Reports

IPConfigure Presents Orchid Fusion VSaaS on Apr 30, 2020
IPConfigure presented Orchid Fusion VSaaS at the April 2020 IPVM New Products...
Add Door Operators To Fight Coronavirus on Mar 31, 2020
IPVM recommends that integrators advocate and end-users consider adding door...
FLIR New Coronavirus Prioritized Temperature Screening Camera Examined on Apr 03, 2020
FLIR has announced a new series of thermal cameras "prioritized for entities...
Huawei Releases a 'Fever' Smartphone on Jun 16, 2020
Fever cameras, fever tablets, fever helmets, fever sunglasses, fever guns,...
Phone Camera Calculator Released on Mar 10, 2020
IPVM has released the first-ever Phone Calculator, video surveillance design...
ZKTeco Presents SpeedFace Recognition + Body Temperature Detection on Apr 21, 2020
ZKTeco presented its SF1008+ reader with body temperature and face mask...
Camio Presents Coronavirus Social Distancing Analytics on Apr 20, 2020
Camio presented its social distancing analytics for responding to coronavirus...
Clinton Public View Monitor (PVM) Mask Detection Tested on Jul 09, 2020
Face mask detection, or more specifically not wearing one, is expanding...
Genetec Security Center 5.9 Release Examined on Feb 06, 2020
Genetec released the next major version of Security Center, less than a year...
IBM Video Analytics Reborn on May 01, 2020
IBM is back in video analytics and they are even offering AI-based fever...
School District Admits Not Following FDA Guidelines With 144, No Blackbody, Hikvision Fever Cameras on Aug 21, 2020
The Baldwin County School District has admitted it is not following FDA...
SimpliSafe Business Security Launched Examined on Sep 22, 2020
SimpliSafe has launched "SimpliSafe Business Security" that the company...
Avigilon ACC Cloud Tested on Jul 08, 2020
Avigilon merged Blue and ACC, adding VSaaS features to its on-premise VMS,...
New: Mobile Access Proxy Releases 'World's Smallest Mobile Reader' on Mar 04, 2020
Mobile access provider Proxy claims its new Nano is 'the world’s smallest...
ProCam Low-Cost Open Thermal Temperature Project on May 12, 2020
An engineering professor in Switzerland is building what he hopes will be the...

Recent Reports

FaceFirst Problems And Layoff on Oct 01, 2020
FaceFirst, a US company and one of the oldest ongoing facial recognition...
Ava / Vaion Releases Cloud Connected IP Cameras, Verkada Competitor on Oct 01, 2020
Ava (formerly Vaion) announced its new direct-to-cloud AVA Aware IP cameras...
Single Frame Gait Recognition From Michigan State and Osaka University Examined on Oct 01, 2020
Gait recognition has the potential for accurate identification at a distance,...
CDW Sells School District 36 Low-Res, No Blackbody Hikvision Fever Cameras With Federal Funds on Oct 01, 2020
Mega IT distributor CDW sold low-resolution Hikvision fever cameras with no...
Temperature Tablet Shootout - Dahua, Hikvision, ZKTeco, TVT + 5 More on Sep 30, 2020
Temperature tablets, aka terminal or stations, have emerged as a 'low-cost...
New Products Show Fall 2020 Concluded on Sep 30, 2020
IPVM's sixth online show has concluded. The first 2 days of recorded videos...
ButterflyMX Raises $35 Million on Sep 30, 2020
Startup ButterflyMX has raised $35 million for its smartphone based intercom...
Worst Access Control Manufacturers 2020 on Sep 30, 2020
200+ Integrators told IPVM "In the past year, what access control...
Access Control Levels and Schedules Tutorial on Sep 29, 2020
Configuring access levels and setting up schedules is central to maintaining...
Avigilon / Motorola VS Virtual ISC West on Sep 29, 2020
ISC West has historically been so dominant that no player would think of...
Dartmouth College Deploys K3 Temperature Screening on Sep 29, 2020
While Dartmouth College has a $6+ billion endowment, the College has bought...
Hanwha AI Object Detection Tested on Sep 28, 2020
Hanwha has added detection and classification of people, cars, clothing...
Favorite Access Control Manufacturers 2020 on Sep 28, 2020
200+ Integrators told IPVM "What is your favorite access control management...
OnTech Smart Services Partners With Google and Amazon To Compete With Integrators on Sep 25, 2020
A pain point for many homeowners to use consumer security and surveillance is...
The Future of Metalens For Video Surveillance Cameras - MIT / UMass / Immervision on Sep 25, 2020
Panoramic cameras using 'fisheye' lens have become commonplace in video...