New ONVIF Profile Q Aims To Change Discovery and Default Passwords

Author: John Honovich, Published on Jan 13, 2015

ONVIF is gearing up to release a new profile, called Q.

They market it as providing "quick configuration and installation, providing innate discoverability and reliable device monitoring and event management capabilities."

However,

  • How is Profile Q different than the current Profile S?
  • What are the big changes / additions in Profile Q?
  • How will requirements in discovery and default passwords impact manufacturers and systems?

Inside, we answer these questions based on a discussion with the engineers contributing to this upcoming Profile.

***** ** ******* ** ** ******* * *** *******, ****** Q.

**** ****** ** ***********"***** ************* *** ************, ********* ****** *************** *** ******** ****** monitoring *** ***** ********** ************."

*******,

  • *** ** ******* * ********* **** *** ******* ******* *?
  • **** *** *** *** ******* / ********* ** ******* *?
  • *** **** ************ ** ********* *** ******* ********* ****** ************* and *******?

******, ** ****** ***** ********* ***** ** * ********** **** the ********* ************ ** **** ******** *******.

[***************]

Profile * ** ******* * *** *

******* * ** *** *** *********** ** ******* * (*********) and * (*********). *** ***** ************* **** ******* * *** we ***** ****** **** ***** ****** **** ******** * ** also ******* *.

* ** ******** ******* ** *** *********, ************ *** **********. It **** *** ******* *********, ****** *************, ****** *********, ***, i/o, ***. *** ** **** ******* ** ******* *. ** that ***, ******* * ** ****** ******* ** ** ** enhancement ** ******* *.

*** ***** *** **** ** **** *** ****** ****, ********** * ******* ********* *.* ************* ** ********* ****. ** **** ******* *** *** ******** *****.

Requires ********

*****, ** ****** ************* ****** **** * **** ******* ** ways ** ** **********, **** ********* ********* ********* *** **** some **** *** * ***** ** *******. ******* ** ****, it *** ** ********* ** ********* **** ********* ******* ***, at *****, ******** *** *** ** ********* / **** *** each ************ **** ***** ***** ********** ** ******* *******.

******* * **** *** ******* ********** ******* ** ******* **********, aka**** ************* **********, ***** ** **** ***** *** ********* * ***.*.*.* ******* if * ******* ******* *** *** ** ******** ** * DHCP ******.

** **** ************* ***** ******* *, *** *** ******* *** the **** ********* ********, ** ****** ******** *** ******** *** probability ** ******* *** ** ******* / ******* ** * local *******. *******, ** ************* ********* *** * ********* ********, it ***** ******* **** ** ****** ** ** ****** **** Profile *.

Requires ** ******* ********

**** ** ******* ***** **** ****-***** ******* ** *********, *.*., admin/admin ** *****/****, ***. (*** ***** ****** ******* ******** *********).

******* * ******** *********** ****. **** ******* *, * ****** will *** **** *** ******* ******** *** **** *** ***** connects, ** * ******* *****, *** *** **** ******** ** setup * ********. *** ***** ******** **** ****, **** ** how **** ** ** (***: ** ****** ********* - ****, *****, *******).

***** **** ************* ***** **** * ******* ********, **** ***** require **** ** ****** ***** *********** ******** ********.

***** ** **** ****** ***** ****** *********, ***** ***** **** this **** ******** ******** ***** ** ** ********* **** ******** in *** ******* ******** *** ******* **** ******.

Other ******* * ******* ************

*** ***** *** **** *** ******** ********* *******. ***** *** a *** ***** ************ / ******** ***** ******:

  • **** ***** ********** ************ **** ** ********* *****, **** ** last ***** *** **** ****** *** **** **** ***************.
  • ********** *********** ** **** *************** ***** *** ****** ************ ******.
  • **** *** ******** *** **** ***, ******* * **** ******* restricts **** **** ****** *** **** ******* ** ****** ******** / ********.

Impact ** ***** ******* *

*** *** *** ******** ** ******* * ***** ******* * notable **** ****** ** ***** ** *******. *******, **** **** require ************* ****** **** ******* * ***, ** ***** **, changing **** ** ***** ***** **********.

** ****** ******* * ** ** ******** ****** *** *** of **** *** ** **** * *** ***** *** ******** to ******.

 

Comments (15)

**** ******* *, * ****** **** *** **** *** ******* password *** **** *** ***** ********, ** * ******* *****, you *** **** ******** ** ***** * ********.

****.*'** **** **** ** ******** ** ****.

** ****,

**** * ******** *** * *** *****:

********: "********** *********** ** **** *************** ***** *** ****** ************ issues." - *** *** ******* ***** *********** ** ****** ** have *** **, ** *********** ** *** ****-****** (**** ** not ** ******* ** **** **************), ** ********* ****?

*****: **** ***** *****-******* **** *** ***** * ***** ********** period, *** ******* ** **** (*) ***** ****-**** ****** ** releases ******/****** *** (*) ***** ******** ** ****** ********* *********** by *** ******* ****** ********* ******, ***** ** * **** probability **** ***** **** ** ******* **** ******** ******* * conformance ** *** *** ** **** ******.

*****: *****-***** ********* ** **** ** ********** **** ** ******* S, *** ******* * ******** ** ** ** ****** ** by ******* *** ***** **-****** "**** ******* *****". ** ********** with ****/********, ***** ****** *** ******** ******** *** *** ******* and ***** ** ** **** *** ****** ** **********

*****: *** ******* ******** **** ************ **** **** ** *** VMS - **** ** *** **** *** *********** ******* (** all ******** ** ******* * ****** ** ******* **-*****). ****** that *** *** ************ *** **** *** ***** ******* ******, but ***** **************/*********.

* **** * ********, ** ***** ************ ******? ** ****, for *******, ******* *** ********? * **** **** * *** but ** **** **** ** ** **** **** ** ***** already ** ***** *** *******. ** ***** ** **** **** you ****** ** * **** ***** ***** *** ******* ********* manufacturers ******* *********** ** **** **** *** ******* ******* *** configuration, ******** *******, ******* ** ****, ***. ** **** **** profile **** * *** *******.

** ***** ************ ******?

*** ***** ****** ** ***.

**** ******: ** ** ****** ** * ***** ***** ** active ******* (***** ** ********* - ** *** **** **** most ** ***** *****, *** **** **** *** **** *****), and ********* ******* ** *** **** *** ************ ******* (***** 50 *********). ******* *** ** ***** ** ***** ****, ** rules ** ********** *** ** ************** *********.

********* ******** *** *** "***.***.***.***" ********** *****. **** ********* **** *****. *** "***.***.***.***" ** ****** "****-*****" *** ** the ****-******** ******* *** *** **** ** **** ****** ** availablea *** *** ***'* **** * ****** ******.

******** ** * *** ** ******** ***/** ******** **** ******* you******, ******* **'* ****, ******, ** ****-*****, ***** ********* *** (mDNS). *******, ****** ********, ****-***** ********* ****, ** ** *******, not ******, ******* **** **** *** ****** * ****** *** an ******* ** *** ***** ******* ** *** ******'* **** out **** ** ***.

**** ** ******* ******** ** ******* ** *******? - ***** yes.

*** ****** *** ******* ** ** ******* **** ********* *********? - ***** **.

*** ***** ****** *** ***** **-********* ** ******** ***** ******* devices, *** ** **** ******* ***** ** ******* ******.

** **** ***** *********** - ******** ** **** *********, ******** their ***** ********* ***** ** ** ********* ******* ** ********.

* ** **** *** **** **** ******* **** *** ******** zeroconf ************* **** **** ******.

******** **, ** *** ****, ******* ******* ************* *** ********* using *********-***.

****-***** ********** ******** ******** ********* ** ****** * ******. ******* has ********* ** ***** ******* **. * ***** *** **** most ******'* ***** ******** ** ** *** **** ***** ******* machines ******'* ******* ** *** *******, **** ******* ***** ******** and *** ** ******* ******** **** ***.***. * **** * did, * *** *** **** **** *** *** ***** ***** years *****. ****-***** ** ***** ******* ** ** **** ** Zeroconf, ******* ****'** ***** **** ********. ****, *** ****-***** ********* are ******* ****** ***** ** **** ********* ****** ** ***, so * ***** ****'* *** **** *** ***** ********.

* *** ***** ****, * *********** ******** ** *******'* ****** control ******. * ***** ** **** ********** ** *** ***** devices *********** **. **** **** ******* ****, * ****** ****** not ** ******** ******** *******.

*********** *** **** *** **. ***** ***** ***** ** ***** now, ***** **** ***... ***** **********.

*** *** ** ****** - ***** ** ***** **-********* ***** is ** *** ** ***** *** **** ***** ***** ********* but **** *** *******. *** ** ** *** ***** ******** but ** ***** ******* ***, ***** ** ****** (********* ***-*****). Which ******* *** ***** ******* * ***** - ******* **** from *** *****.

* **** ** *** ****** *** * *** ******* **** different ******* - ** ******** * **** ***** **** *** mdns *******.

*'* ********* **** *****'* ** ******* ** *** ******* ***** Profile *'* ******* *** ********* ***** ******** **** ****** ************* via ***********/*** ************** ******* ******/******.

*** ****** *** **** ********? * *** ***** *** ********** that ****** ***** *** * *** **** ** ******* *.

**** ******* *** ** ******** *** **** *******. ***********, ******* q ** ******** ** ****** ***** * ******* ***** ***** out-of-the-shelf ***** **. ** ** ****** ******* ***, ******* * dictate ***** ********/****** ****.

** *** **** *** - ****** **** *** ******* *, that ** ******** ** ****** ****** **************.

***** ********:

******* * ******** *** ************ ** ****** *** ** *** device ******** **. ** ** ***** ** * *********** ***********. We ****** *** ****** ******** **** **** ** **** ** also ******** ******* * ********** ** ***** *** ***** ******* elements *** *** ******** ******** ******** **** *** ********* *****.

**, **** ***** **** *****. ****** *** *** ****.

******** ***** ********:

*: **** ** ******* ******** ** ******* ** *******?

*: **** ** ***. ******* ** ******* *.*.*. **, ***.

*: *** ****** *** ******* ** ** ******* **** ********* hostnames? - ***** **.

*: ********** ** *** * ****** ** *******, ******** -> IP ******* ** ********* ** ** ********* ******* ** *** records.

**** *********** **** ******* **** *** ******** *** ** *****-****** (e.g. *****-******).

*: ***** ******* *** ***** **-********* ** ******** ***** ******* devices, *** ** **** ******* ***** ** ******* ******. *** does ******* * ****?

***** ******* ********* * **-********* ***** ******* **** *********. ******* respond **** ***** ******.

**** * **-********* ****** ***** *** ******* (****, **** **********, etc.), ** ********** * **-********* ***** **** *********. ******* *** listen *** ***** *******, *** *********** **** * ***** ** the ******** ****** ** ********* ** **’* ** ********.

*: ** **** ** ***** *********** - ******** ** **** linklocal, ******** ***** ***** ********* ***** ** ** ********* ******* of ********. ***** *** **********?

*: ***************** *** **** ********* *** **** ***************, ******** *********** IPv4 ********* ** **** * ****** ** *****************. *** ******** spec ******* *** ***************** ** ** ******* ** **** ********* (from ******* *: “… **** **** ***** ******* (******* ** ZeroConfiguration **********) …”).

*: ** ******* **** *** ******** ******** ************* **** **** inside?

***************** ******** *** ******* ** ********* ***. **** ********* **** not. ******* * ******* *** ******.

*** ** **** ** *** **** *** **** *********!

***** *** * *** ******** *************. * *** *** ****** that ** ******** ********* ***** **** ********** **** **** * such ****** ********.

***, ** *** *** ************ ************ *** *** *** ***********: may *** *** *** ***** ** *** **** **** ***** of ********* ******** ******* ** ******* *? *** ** ****/**** for ***? ** ***** *** *** *** ****** **** ******* at ***?

***** ********:

************* *** **** * **** ***** ******* *, * ** C ************** ******* *** **** ******* * * **** *********** addition ** ***** *******'* ************. ** ***** ***** **** *** very **** ** ********** *** ******** ** ********* ********* *******.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

Search More Important Than Live Monitoring - Statistics on Oct 18, 2017
Search is overall more important than live monitoring to integrators, according to new IPVM statistics.  The key themes found in integrator...
Exacq M Series Low Cost NVR Tested on Oct 12, 2017
With recent cyber security issues hitting NVRs and cameras from low cost leaders Dahua and Hikvision, users are increasingly seeking alternatives...
Surveillance Systems Remote Access Usage Statistics on Oct 11, 2017
Remote access is a major benefit and risk for video surveillance. It is a benefit because it allows users to manage security or review...
Deceptive ASIS Attendance on Oct 06, 2017
ASIS is being deceptive with its conference reporting, effectively inflating the event's real actual attendance. What they try, but struggle to...
Bosch Divar NVR Tested vs Dahua on Oct 05, 2017
Bosch has a partnership with Dahua. But what type of partnership is it? How much is Bosch's own vs taken from embattled mega-OEM Dahua? We bought...
Last Chance October Camera Course Registration on Oct 05, 2017
This is the last chance to register for the October Camera Course. Register now. Learn video surveillance and get certified. IPVM provides live...
Honeywell Discontinuing DragonFly on Oct 05, 2017
DIY is a big trend in the intrusion market and threat to incumbents. However, Honeywell is discontinuing their DragonFly DIY video-verified...
Geovision Doorstation Tested (CS1320) on Sep 12, 2017
Geovision has released the GV-CS1320 door station, priced at a fraction of others, with additional bells and whistles like a built in card reader,...
Dahua and Hikvision Entering Access Control on Sep 05, 2017
Until now, Chinese video giants Hikvision and Dahua have held back releasing access internationally. Both companies have now pulled the trigger,...
Hikvision Backdoor Exploit on Sep 03, 2017
Full disclosure to the Hikvision backdoor has been released, allowing easy exploit of vulnerable Hikvision IP cameras. As the researcher, Monte...

Most Recent Industry Reports

Cisco Falling - Favorite Network Switches 2017 on Oct 20, 2017
1 major manufacturer fell and 1 outsider manufacturer gained as integrator favorites for network switches from more than 140 votes / explanations...
Uniview Recorder Backdoor Examined on Oct 20, 2017
A Chinese research group has identified a vulnerability in Uniview recorders that allows backdoor access in a method similar to the Dahua...
Hikvision Access Control Tested on Oct 19, 2017
Hikvision aggressive pricing and marketing combined with generally reliable hardware and free software has made them a major player in video...
Verkada, Silicon Valley VSaaS Startup, Targets Enterprise on Oct 19, 2017
Verkada says they are building an enterprise-class VSaaS offering, calling it "The new platform for video security". This is a departure from the...
Exacq Unbreaks Avigilon Integration on Oct 18, 2017
For nearly 4 years, Exacq had broken and effectively blocked use with Avigilon cameras, as IPVM reported in January 2014. Now, Exacq has...
Search More Important Than Live Monitoring - Statistics on Oct 18, 2017
Search is overall more important than live monitoring to integrators, according to new IPVM statistics.  The key themes found in integrator...
Axis 'Sold Out' P3707-PVE Multi-Imager Tested on Oct 18, 2017
Axis faced significant product shortages over the summer. Perhaps the most notorious and significantly sold out model was the Axis P3707-PE 8MP...
Dahua Removes Auto Rebooting on Oct 17, 2017
For years, Dahua has automatically programmed its IP cameras to reboot weekly, a highly atypical and questionable practice. Following IPVM...
Deep Learning Tutorial For Video Surveillance on Oct 17, 2017
Deep learning is a growing buzzword within physical security and video surveillance. But what is 'deep learning'? In this tutorial, we explain...
Multipoint Lock Access Control Tutorial on Oct 17, 2017
Doors are notoriously weak at stopping entry, and money can be misspent on wrong locks that leave doors quite vulnerable. While closed and locked...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact