New ONVIF Profile Q Aims To Change Discovery and Default Passwords

Author: John Honovich, Published on Jan 13, 2015

ONVIF is gearing up to release a new profile, called Q.

They market it as providing "quick configuration and installation, providing innate discoverability and reliable device monitoring and event management capabilities."

However,

  • How is Profile Q different than the current Profile S?
  • What are the big changes / additions in Profile Q?
  • How will requirements in discovery and default passwords impact manufacturers and systems?

Inside, we answer these questions based on a discussion with the engineers contributing to this upcoming Profile.

***** ** ******* ** ** ******* * *** *******, ****** Q.

**** ****** ** ***********"***** ************* *** ************, ********* ****** *************** *** ******** ****** monitoring *** ***** ********** ************."

*******,

  • *** ** ******* * ********* **** *** ******* ******* *?
  • **** *** *** *** ******* / ********* ** ******* *?
  • *** **** ************ ** ********* *** ******* ********* ****** ************* and *******?

******, ** ****** ***** ********* ***** ** * ********** **** the ********* ************ ** **** ******** *******.

[***************]

Profile * ** ******* * *** *

******* * ** *** *** *********** ** ******* * (*********) and * (*********). *** ***** ************* **** ******* * *** we ***** ****** **** ***** ****** **** ******** * ** also ******* *.

* ** ******** ******* ** *** *********, ************ *** **********. It **** *** ******* *********, ****** *************, ****** *********, ***, i/o, ***. *** ** **** ******* ** ******* *. ** that ***, ******* * ** ****** ******* ** ** ** enhancement ** ******* *.

*** ***** *** **** ** **** *** ****** ****, ********** * ******* ********* *.* ************* ** ********* ****. ** **** ******* *** *** ******** *****.

Requires ********

*****, ** ****** ************* ****** **** * **** ******* ** ways ** ** **********, **** ********* ********* ********* *** **** some **** *** * ***** ** *******. ******* ** ****, it *** ** ********* ** ********* **** ********* ******* ***, at *****, ******** *** *** ** ********* / **** *** each ************ **** ***** ***** ********** ** ******* *******.

******* * **** *** ******* ********** ******* ** ******* **********, aka**** ************* **********, ***** ** **** ***** *** ********* * ***.*.*.* ******* if * ******* ******* *** *** ** ******** ** * DHCP ******.

** **** ************* ***** ******* *, *** *** ******* *** the **** ********* ********, ** ****** ******** *** ******** *** probability ** ******* *** ** ******* / ******* ** * local *******. *******, ** ************* ********* *** * ********* ********, it ***** ******* **** ** ****** ** ** ****** **** Profile *.

Requires ** ******* ********

**** ** ******* ***** **** ****-***** ******* ** *********, *.*., admin/admin ** *****/****, ***. (*** ***** ****** ******* ******** *********).

******* * ******** *********** ****. **** ******* *, * ****** will *** **** *** ******* ******** *** **** *** ***** connects, ** * ******* *****, *** *** **** ******** ** setup * ********. *** ***** ******** **** ****, **** ** how **** ** ** (***: ** ****** ********* - ****, *****, *******).

***** **** ************* ***** **** * ******* ********, **** ***** require **** ** ****** ***** *********** ******** ********.

***** ** **** ****** ***** ****** *********, ***** ***** **** this **** ******** ******** ***** ** ** ********* **** ******** in *** ******* ******** *** ******* **** ******.

Other ******* * ******* ************

*** ***** *** **** *** ******** ********* *******. ***** *** a *** ***** ************ / ******** ***** ******:

  • **** ***** ********** ************ **** ** ********* *****, **** ** last ***** *** **** ****** *** **** **** ***************.
  • ********** *********** ** **** *************** ***** *** ****** ************ ******.
  • **** *** ******** *** **** ***, ******* * **** ******* restricts **** **** ****** *** **** ******* ** ****** ******** / ********.

Impact ** ***** ******* *

*** *** *** ******** ** ******* * ***** ******* * notable **** ****** ** ***** ** *******. *******, **** **** require ************* ****** **** ******* * ***, ** ***** **, changing **** ** ***** ***** **********.

** ****** ******* * ** ** ******** ****** *** *** of **** *** ** **** * *** ***** *** ******** to ******.

 

Comments (15)

**** ******* *, * ****** **** *** **** *** ******* password *** **** *** ***** ********, ** * ******* *****, you *** **** ******** ** ***** * ********.

****.*'** **** **** ** ******** ** ****.

** ****,

**** * ******** *** * *** *****:

********: "********** *********** ** **** *************** ***** *** ****** ************ issues." - *** *** ******* ***** *********** ** ****** ** have *** **, ** *********** ** *** ****-****** (**** ** not ** ******* ** **** **************), ** ********* ****?

*****: **** ***** *****-******* **** *** ***** * ***** ********** period, *** ******* ** **** (*) ***** ****-**** ****** ** releases ******/****** *** (*) ***** ******** ** ****** ********* *********** by *** ******* ****** ********* ******, ***** ** * **** probability **** ***** **** ** ******* **** ******** ******* * conformance ** *** *** ** **** ******.

*****: *****-***** ********* ** **** ** ********** **** ** ******* S, *** ******* * ******** ** ** ** ****** ** by ******* *** ***** **-****** "**** ******* *****". ** ********** with ****/********, ***** ****** *** ******** ******** *** *** ******* and ***** ** ** **** *** ****** ** **********

*****: *** ******* ******** **** ************ **** **** ** *** VMS - **** ** *** **** *** *********** ******* (** all ******** ** ******* * ****** ** ******* **-*****). ****** that *** *** ************ *** **** *** ***** ******* ******, but ***** **************/*********.

* **** * ********, ** ***** ************ ******? ** ****, for *******, ******* *** ********? * **** **** * *** but ** **** **** ** ** **** **** ** ***** already ** ***** *** *******. ** ***** ** **** **** you ****** ** * **** ***** ***** *** ******* ********* manufacturers ******* *********** ** **** **** *** ******* ******* *** configuration, ******** *******, ******* ** ****, ***. ** **** **** profile **** * *** *******.

** ***** ************ ******?

*** ***** ****** ** ***.

**** ******: ** ** ****** ** * ***** ***** ** active ******* (***** ** ********* - ** *** **** **** most ** ***** *****, *** **** **** *** **** *****), and ********* ******* ** *** **** *** ************ ******* (***** 50 *********). ******* *** ** ***** ** ***** ****, ** rules ** ********** *** ** ************** *********.

********* ******** *** *** "***.***.***.***" ********** *****. **** ********* **** *****. *** "***.***.***.***" ** ****** "****-*****" *** ** the ****-******** ******* *** *** **** ** **** ****** ** availablea *** *** ***'* **** * ****** ******.

******** ** * *** ** ******** ***/** ******** **** ******* you******, ******* **'* ****, ******, ** ****-*****, ***** ********* *** (mDNS). *******, ****** ********, ****-***** ********* ****, ** ** *******, not ******, ******* **** **** *** ****** * ****** *** an ******* ** *** ***** ******* ** *** ******'* **** out **** ** ***.

**** ** ******* ******** ** ******* ** *******? - ***** yes.

*** ****** *** ******* ** ** ******* **** ********* *********? - ***** **.

*** ***** ****** *** ***** **-********* ** ******** ***** ******* devices, *** ** **** ******* ***** ** ******* ******.

** **** ***** *********** - ******** ** **** *********, ******** their ***** ********* ***** ** ** ********* ******* ** ********.

* ** **** *** **** **** ******* **** *** ******** zeroconf ************* **** **** ******.

******** **, ** *** ****, ******* ******* ************* *** ********* using *********-***.

****-***** ********** ******** ******** ********* ** ****** * ******. ******* has ********* ** ***** ******* **. * ***** *** **** most ******'* ***** ******** ** ** *** **** ***** ******* machines ******'* ******* ** *** *******, **** ******* ***** ******** and *** ** ******* ******** **** ***.***. * **** * did, * *** *** **** **** *** *** ***** ***** years *****. ****-***** ** ***** ******* ** ** **** ** Zeroconf, ******* ****'** ***** **** ********. ****, *** ****-***** ********* are ******* ****** ***** ** **** ********* ****** ** ***, so * ***** ****'* *** **** *** ***** ********.

* *** ***** ****, * *********** ******** ** *******'* ****** control ******. * ***** ** **** ********** ** *** ***** devices *********** **. **** **** ******* ****, * ****** ****** not ** ******** ******** *******.

*********** *** **** *** **. ***** ***** ***** ** ***** now, ***** **** ***... ***** **********.

*** *** ** ****** - ***** ** ***** **-********* ***** is ** *** ** ***** *** **** ***** ***** ********* but **** *** *******. *** ** ** *** ***** ******** but ** ***** ******* ***, ***** ** ****** (********* ***-*****). Which ******* *** ***** ******* * ***** - ******* **** from *** *****.

* **** ** *** ****** *** * *** ******* **** different ******* - ** ******** * **** ***** **** *** mdns *******.

*'* ********* **** *****'* ** ******* ** *** ******* ***** Profile *'* ******* *** ********* ***** ******** **** ****** ************* via ***********/*** ************** ******* ******/******.

*** ****** *** **** ********? * *** ***** *** ********** that ****** ***** *** * *** **** ** ******* *.

**** ******* *** ** ******** *** **** *******. ***********, ******* q ** ******** ** ****** ***** * ******* ***** ***** out-of-the-shelf ***** **. ** ** ****** ******* ***, ******* * dictate ***** ********/****** ****.

** *** **** *** - ****** **** *** ******* *, that ** ******** ** ****** ****** **************.

***** ********:

******* * ******** *** ************ ** ****** *** ** *** device ******** **. ** ** ***** ** * *********** ***********. We ****** *** ****** ******** **** **** ** **** ** also ******** ******* * ********** ** ***** *** ***** ******* elements *** *** ******** ******** ******** **** *** ********* *****.

**, **** ***** **** *****. ****** *** *** ****.

******** ***** ********:

*: **** ** ******* ******** ** ******* ** *******?

*: **** ** ***. ******* ** ******* *.*.*. **, ***.

*: *** ****** *** ******* ** ** ******* **** ********* hostnames? - ***** **.

*: ********** ** *** * ****** ** *******, ******** -> IP ******* ** ********* ** ** ********* ******* ** *** records.

**** *********** **** ******* **** *** ******** *** ** *****-****** (e.g. *****-******).

*: ***** ******* *** ***** **-********* ** ******** ***** ******* devices, *** ** **** ******* ***** ** ******* ******. *** does ******* * ****?

***** ******* ********* * **-********* ***** ******* **** *********. ******* respond **** ***** ******.

**** * **-********* ****** ***** *** ******* (****, **** **********, etc.), ** ********** * **-********* ***** **** *********. ******* *** listen *** ***** *******, *** *********** **** * ***** ** the ******** ****** ** ********* ** **’* ** ********.

*: ** **** ** ***** *********** - ******** ** **** linklocal, ******** ***** ***** ********* ***** ** ** ********* ******* of ********. ***** *** **********?

*: ***************** *** **** ********* *** **** ***************, ******** *********** IPv4 ********* ** **** * ****** ** *****************. *** ******** spec ******* *** ***************** ** ** ******* ** **** ********* (from ******* *: “… **** **** ***** ******* (******* ** ZeroConfiguration **********) …”).

*: ** ******* **** *** ******** ******** ************* **** **** inside?

***************** ******** *** ******* ** ********* ***. **** ********* **** not. ******* * ******* *** ******.

*** ** **** ** *** **** *** **** *********!

***** *** * *** ******** *************. * *** *** ****** that ** ******** ********* ***** **** ********** **** **** * such ****** ********.

***, ** *** *** ************ ************ *** *** *** ***********: may *** *** *** ***** ** *** **** **** ***** of ********* ******** ******* ** ******* *? *** ** ****/**** for ***? ** ***** *** *** *** ****** **** ******* at ***?

***** ********:

************* *** **** * **** ***** ******* *, * ** C ************** ******* *** **** ******* * * **** *********** addition ** ***** *******'* ************. ** ***** ***** **** *** very **** ** ********** *** ******** ** ********* ********* *******.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

Uniview Low-Cost Bullet PTZ Tested on Jun 21, 2017
Uniview is offering a HD zoom bullet camera, the IPC742SR9-PZ30-32G, with an integrated pan / tilt positioner, for the price of a low-cost...
ESX 2017 Final Show Report on Jun 16, 2017
The ESX (Electronic Security Expo) day 3 / Thursday is done and the exhibits are over. IPVM was in Nashville covering it in-depth. Below covers...
Camera Course Summer 2017 on Jun 08, 2017
Learn video surveillance and get certified. IPVM provides live online classes, recorded videos, personal help, cutting edge education and...
RMR Integrator Importance Statistics on Jun 08, 2017
How do integrators feel about offering RMR / recurring revenue services? For many, their business revolves around RMR, while others see no...
Security Yard Signs and Stickers Guide on Jun 05, 2017
Many security integrators use signs or stickers with their company name and logo. Posting these in front the homes of residential customers...
Access Control AHJ Nightmares on Jun 01, 2017
For access control jobs, a single person can be the difference between finishing a job, costing thousands in extra dollars, and being profitable...
Ex-ADT President And PE Firm Pay $200M+ For Alarm Dealer Guardian on May 31, 2017
Private equity firms are on the hunt for security companies with strong RMR numbers. One such security company, Guardian Alarm, was recently...
Chinese Direct Disruptor Reolink Tested on May 31, 2017
Another Chinese disruptor, Reolink, is gaining attention. This one is selling direct from its own website, with fulfillment by Amazon. And a...
H.265 / HEVC Codec Tutorial 2017 on May 25, 2017
Since 2013, video surveillance professionals have talked about the potential for H.265. Now, in 2017, H.265 is starting to gain mainstream...
Remote Video Monitoring Providers Directory on May 21, 2017
Remote video monitoring can help integrators generate RMR plus end users lower their security costs and/or improve response to critical...

Most Recent Industry Reports

Avigilon Announces RADAR-Based Presence Detector on Jun 22, 2017
RADAR is gaining momentum within physical security. Two months after Axis announced a network radar detector, Avigilon has announced a RADAR-Based...
Covert Cloud Camera Service Launching (KJB) on Jun 22, 2017
Cloud IP cameras, for consumers, has become increasingly commonplace. However, covert cameras, lag there, with few options. Now, North America's...
Manufacturers Shipping Unlicensed H.265 Products on Jun 22, 2017
While H.265 support in video surveillance is growing, IPVM's research shows that most surveillance manufacturers are shipping H.265 products with...
Uniview Low-Cost Bullet PTZ Tested on Jun 21, 2017
Uniview is offering a HD zoom bullet camera, the IPC742SR9-PZ30-32G, with an integrated pan / tilt positioner, for the price of a low-cost...
QSR Video Surveillance Best Practices on Jun 21, 2017
Fast food restaurants or QSRs (quick service restaurants), are frequent victims of crime and fraud. Because they are open late, deal with cash, and...
45 Drives 'Lowest Cost' Enterprise Storage Company Profile on Jun 21, 2017
45 Drives claims the "lowest cost per Hard Drive Slot in the industry." But who or what is '45 Drives'? What started as a product design to...
No Hack, Still Liable, Court Finds ADT on Jun 20, 2017
Recently, ADT has been in the news for a $16 million settlement for a cyber security vulnerability class action suit. One of the most important...
Resolver / PPM 2000 Incident Management Platform Profile on Jun 20, 2017
You might have seen the company whose employees wear hockey jerseys at trade shows and wondered "what do they do?" PPM 2000 has been active in...
Axis P3225 Mk II Tested Vs. Original on Jun 20, 2017
Axis has released a number of 'Mk II' versions of their cameras, which are the same fundamental camera but with specific improvements. We tested...
Directory of 40 IP Camera Manufacturer Discovery Tools on Jun 19, 2017
Locating the IP address of a DHCP client or factory defaulted device on a network is often a difficult task.  In another report, we discussed...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact