Key ********
***** *** *** *** **** ******** cited ****** ****** ********** **** (**** ~50% ** *********), **** *** ***** closing, ****** ** ** ~**% ** the ***** ***** *****:
***
**** **** ********* *** ***** ********* security **** **** *** ******* ** larger ************:
- "*** *** *** ************ ******."
- "***... **** ****** *** ********"
- "***, **** ******... *** **** ******."
- "*** ******* - **** *** **** more ******. **'** *** ********** ***** DDNS."
- "*** - ******** *** ******* ** access ***** ********* ** *** *******."
- "***. ***** *** ******** ******* ** the ****** ** ***** *** ** they ***** *** ** ******* *** device ** *** *******. *** ****** also *** * ******** **/*** ***** that ****** *** ******** ** ********** disable *** ******."
- "********* ** *** ** ****** *** VPN, ** **** ** * **** that **** ******* *** *** ***** systems. ** *** ****** ********* ** existing **************."
- "** ******* ******** ***** **** ********* the *** ******** ********. **** *** easy ** *** **, *** ***** active ****** ********** ***** *** **** cost *** *** ******** **** ***** it (**** ******* **** ****** *** VPN)."
- "** **** **** *** *** ********* who ***'* **** ******* **** ******* VPN. ******** *** ****."
- "***. **** ****** ****** *** **** allows *** ****** ****** ** ***** work *********. **** ********* *** **** to **** ******* ******** **** ********** having ****** ****** ** **** *********, so **** ********* *** ******** ****** expense *** ********** ** * *** router."
- "*** ** ******** (************ *******, *******). Simple, **** ********."
- "*** ** ******. *** ******** *** initiate *** *** *** *******. ***** liability *** ** **."
- "***. **** ** ** ********* *** medium ***** ******** **** ***** **** may *** **** ********* ** *****, they *** ** ***** ******** ** staff."
- "*** **** ****** *** ******** ** adamant *** ***** ** *** ***** otherwise. ******** ****** *** *** ***** the **** ***."
****
** ********, **** **** ****** ****** because **** **** **** ** *** and *** *** ******* **** ***** or ******* ****** **** ********:
- "**** - ******* *** ****** *** to *******."
- "**** - ******* ** *********."
- "**-** **** **** **** **********."
- "****, ******* ** ** *** ******* method *** ******* *********** ** *** user. **** ** ********** ******** ** required ** ***** *****."
- "****. ** *** *** **-** *** include ** ** * ***** *** for *** *********. ** **** *** our ****** **** ** ***** **** they *** ** ***** ** * small *** ********** ******** **** ** are *** **** *** **** ***** system."
- "****. ****** ** ** * ********** customer ** ********* ******** (*******, **********, utilities, ***.) **** ****** ********* ****** things ** **** ** ** *** or *******. *** ** **** ** dead ** **** *****."
- "**** ** ****** **. * ***** use *** ***** ** **** ** any ** *** ***** "****" ***** in *******. * **** ** ******* who ** **** ** *** ****** of *** *******."
- "******* *** *******. * ******* *** one ** **** *** ****** *** customer."
- "****, ******* * **** ***** ** Chinese ***** *******. * ***** **** can ****** ** ***** *******. * worked ******** *** ***** *** ***** in * ******* ***** **** ******* people."
- "****, ******* **** ****** *** **** naming & *** ***** ******* ****** access."
- "**** ******* *** *** ******* *** cheapest ***."
- "********* ** *** *********** ***** *** port **** ******* *** ********."
- "**** - **** ** *** ********* rely ** ******** ** (** **** even **** ** *******) *** **** installations *** *** ******** ********."
Mix - *** *** ****
* ****** ********** ******** *** **** they **** * ******* ** **** for ****** ********* *** **** *** smaller *********:
- "****** **** *** ***. ** *** DDNS *** ***** ****** *** *** for ****** *******. *** ** ***'* trust **."
- "*** ** ********. **** ** ****** declines *** ******."
- "*** ***** ********* ********* *******, ********, etc., ** ****** **** **** *** their ******** *** **************, ** ** set *** ** *** ****. *** smaller *************, *****, ** **** ******* ports. *'** ********* **** ** **** a ****** **** ********* **** ** such *********, *** **** ***** ****'* happened. *** **** *****."
- "** ****** ******* ** *** ******** and ****** ***. ** ** ** a *********** *********** ******* ** *** been ****. ********** ** ********* ******** by *** ** **********. * ***** say * *** ** *** ****** setup *** **********."
- "**** *** ***...**** ** *** ************ are ** ****** ******** ******** *** they **** * ****** **** *** security ** ***** ******** *** **** are *** ****** ** *** **********...** use **** *** ****** ****** ***** of **** *** ***** ********** *******..."
- "**** ********* *** ********* **** ***. Typically ********** **** ******. ***** ********* only **** ****** ** * ****** NVR, *** ** * ****, *** DDNS ** **** *** ******** ***** internet-connected *********."
- "****** **** ***** ** *** **** VPN, *** ******* **** ** *** customer's ** *****. *** ******* *********, direct *********** ***** **** ********** *** worked ****."
***
*** *** * *** ***** ******, with **** ~**% ** *********** ****** it:
- "*** ** **** **** * ****** public ** *******."
- "***. * ** ***** ********"
- "* *** *** ******** ** *** Dahua *************. ** ** ** ****** that * *** ** ** **** the ***** **** *** ********."
- "******* ******* ** *** *** *** ease ** ****** *** ******* ** involvement."
- "**** ** *** ********* *** *********** or ***, ** **** **** ** the **** * *** ** ****** access *** ***"
*******, *** *** ** ******* **
- "**** ********* ** ***"
- "**** ************, *** ************* ******* *** as *** ********* **** ********* ***********."
- "*** *** ******** ** ********* * P2P *** ***** *** ** *** next ******* **** **** *** ******* port ********** *** ***** **** ****, we **** ******* ****** **. ** that **** ** *** ****** *** us."
******* ** ********* *** ******** *** more **** ** ***** ******* *** their ******* ***** ** ****** ******* from ***** ****, **** **** **** push *********** ** ***, ***** ********* is *** ********** (*** ******* / Ezviz). ************, ** ****** ***** ** similarly ******** *** ** **** *** to ******* **** *** ********.
** *** ***** ****, *** ******** trust *** *** ******** ** *** P2P ********, ***** **** ** * question *** *** *** ********* *** especially ** *** ***** *** ********* given ***** ***** ******.
Cloud / ******
** *** *********, **** ***** ***** / ****** *****. ***** ********* ** some ***** / ****** ***** ***** used *** ** ******* ******* * niche *********** (*.*., **** *** ** home / *********** **** ****, *****.***, etc.) *** *** ***** ***** ******** in *** ********** / ********** ******.
Comments (12)
John Bazyk
IPVMU Certified | 03/30/17 01:20pm
What I see the cloud being used for the most in the near future is for remote connections rather than storing video. You connect to the cloud, the cloud connects you to your system (P2P). The cloud should create a secure VPN from your device to your system. No port forwarding and no VPN appliance on-site. While small systems might store video in the cloud, I think we're still pretty far from being able to do that reliably. Some cities that have Google Fiber could probably do it. However, the rest of the world is stuck on minimal bandwidth.
Create New Topic
Sean Nelson
03/30/17 01:28pm
I think P2P is fantastic. We just need full control of all the settings just as if we did port forwarding. As of right now, its somewhat limited as to what you can control through P2P.
The advantages of P2P are:
- incredibly easy to setup, most end users can do it on their own. Can all be done from a cell phone.
- No need to worry about dynamic IP addresses changing, so no need for DDNS
- If your router resets or if you change your router, you dont have to worry about re-configuring the clients router again. (Less Call Backs)
Disadvantages:
- Security Concerns
- Less Control over Unit settings as compared to traditional port forwarding
- Performance is based on cloud server. I will say that performance was slow when P2P first arrived, but lately, i see no issues at all.
Most users only care about live view and simple playback when it comes to remote viewing, for this reason, we have switched to primarily using P2P on tech support calls, which results in less call backs and issues.
Create New Topic
Undisclosed Integrator #1
Maybe I'm missing something, but VPN and DDNS aren't really interchangeable. Some sites can use VPN as they would probably have a fixed IP endpoint (hence no need for Dynamic DNS) and required VPN ports already forwarded (443/500/1723 etc).
All DDNS does is update an internet name (e.g. Client001.thruhere.net) with an IP address that changes intermittently. Even with VPN, you still need a fixed endpoint, whether IP or DNS name, to connect to. If you don't have that fixed IP, then you need DDNS, whether or not you use VPN.
The benefit of VPN is that it gives tighter control over users using things like RADIUS authentication and it gives the user access to any number of devices on the secured network. To do this with DDNS (assuming a single public IP) you need many port forwards which increases your attack surface area. You're also relying on the devices resistance to attack (brute force or otherwise) which can vary greatly.
Create New Topic
Michael Archer
Perhaps all those VPN users like to be sure they are up to date with versions.
Open VPN is what's uses in DD-WRT routers, as it's open source.
https://www.exploit-db.com/exploits/41993/
Naturally vendor specific VPNs may not be effected.
Better safe than sorry.
Create New Topic