Vivotek Trend Micro Cyber Security Camera App Tested

By: Ethan Ace, Published on Jul 22, 2019

Vivotek and Trend Micro are claiming five million blocked attacks on IP cameras, with their jointly developed app for Vivotek cameras.

This new app integrates Trend Micro's IoT security platform directly into Vivotek cameras and NVRs to block brute force password attempts and over 1,000 cyber attacks.

In this report, we look at the Vivotek/Trend Micro app and see how it performs, looking at:

  • What cyber security events does it monitor and prevent?
  • What attack details are provided?
  • How does it compare to other cameras' automatic account lockout?
  • How simple is app configuration?
  • What cameras does it integrate with?
  • How does it integrate to VMS?

******* *** ***** ***** are ******** **** ******* blocked ******* ** ** cameras, **** ***** ******* developed *** *** ******* cameras.

**** *** *** ********** Trend *****'* *** ******** platform ******** **** ******* cameras *** **** ** block ***** ***** ******** attempts *** **** *,*** cyber *******.

** **** ******, ** look ** *** *******/***** Micro *** *** *** how ** ********, ******* at:

  • **** ***** ******** ****** does ** ******* *** prevent?
  • **** ****** ******* *** provided?
  • *** **** ** ******* to ***** *******' ********* account *******?
  • *** ****** ** *** configuration?
  • **** ******* **** ** integrate ****?
  • *** **** ** ********* to ***?

[***************]

*******

***** ** *** *****, Vivotek's ***** ***** *** security *** *** **** positives:

  • ******* ********* ********:**** *** ****** ** two ***** ** *******, the ***** ***** *** blocked *** ****** **** 1,800 ********* ******** ** a ****** ********* ** the ********, ********* ********** by ******** ************ *********. Users ********** ************* ** cyber ******** *** ** not **** *** ** otherwise ******, *******, *** research ***** ******* **** this ********** ****** ** installing *** ***.
  • ******* ******:*** ***** ***** *** allows ***** ** ******* instant ****** ** ***** security ******, ***** *** camera's ***** ** ****** over *****, ***** ***** VMS, ** *******'* *** VAST2 ********. ***** ****** are *** ********* ********* for *** ** ** cameras.
  • ****** ************:********** *** *** *********** only ******** ********* ** to *** ****** *** turning ** **. ** other ************* ** ********* of ******** ** ********.

*******, ***** *** *** issues ***** ***** *** usefulness:

  • ** ****** *******:***** *** *********** ******* many ******* ****** *** course ** *** *******, there ** ** ******** information ** **** ***** attacks ******* **, **** a **** ** ******* and ****. ************* ** the ******** ****** ******** more ******** ********.
  • ** ********* ** ***** settings:******, ***** *** ** threshold ** ***** ******** for ***** *************, ** users **** ******* * separate ***** ** *** event *** **** ******, potentially ******** ** ****** per *** ** ******** camera *******.
  • ** ****** ******* *******:** *** *****, ****** trying ***** ********* ******** times *** *** ******* brute ***** *********, *** did ****** ******* ***** scripts ** ******* ****** UI *** *****. ******* says **** ***** ***** detection ** ******* *** 100 ***** ******** ** 20 *******, *** ** were ****** ** ******** this.

Less ******** ** ******* ********

**********, * **** *** installs *** ******** **** a ******* ** ****** security ********* ****** *** to *** ***** ******* on *** ****** ********, significantly ******** *** *****, though ** ***** ***** be ********* ** ********* internal / ****** ******* is ******.

Versus *********** ***** ******** ********

***** *******'* ***** ***** app ****** ******** ******** functionalities *** ******* ** other *******, ** **** not ***** ****** ******* lockout ** *** ******** attempts, *** ******** ** several *************' *******, ********* Dahua, *********, *** ****** (see:** ************ ***** ******** Compared).

*******, **** ** ***** competitive ****** ** *** notify ***** ** ***** attempts. *******, *** ******* or ********'* ** ******* is ****** ******* *** a *** ****** ** time. ** **** *****, users *** **** ** idea **** *** ******* has ****** ******, ** current ******* ** *** remain *********.

Pricing *** ************

*** ***** ***** *** is **** *** * period ** *-* *****, depending ** *** ****** model,******** ** ***** ************* page.

***** **** ******, ******* varies **** $** *** per ****** *** *** year ** $** *** camera *** ** ********* license. ******** *** **** than ** ******* *** discounted **% ($** *** camera *** *** ****, $28 *** ****** *********).

Vivotek / ***** ***** ********

*******'* ***** ***** *** is ***-********* ** ******* firmware *********** ******. ***** ** **** little ************* ********, **** on/off *** ******* ****** are **** ** *****-***** systems (******* *********, ********* in ** ******** ****** pack, ********* *****).

Basic Settings Simple To Configure

***** ***** ********** *** this *** *** ************* updated ** ******* *** can ** ******** ******* as *********.

***** ** * ****** summary ******* ****** ** each **** ** ****** as **** ** ** option ** ****** **** via .*** ****** *** further *************.

Summary Of Attacks On Camera  No Detailed Information In Web UI

Events ********

*** *** ******* ***** separate ******:

  • ***** *****:************ ***** ******** ** a **** **** * per ******. *** ****** will ** ****** *** 300 ******* ***** * detected ***** ***** *******.
  • ***** ******:*** ***** ******** ** Trend *****'******* **********(********* **** *,*** ******** attacks).
  • **********:** ***** ***** ******* outbound ****** ******** **** the ******, ** **** self-quarantine ** ***** *** issue ** ** ******** without ******* ****** ** other *******.

** *** *****, **** cyber ****** ****** **** triggered, **** ** ***** force ******** ****** (****** we *********) *** ** quarantine.

Attack ********** ********

***** ***** ******* ***** to *,*** ********* *******, ranging **** ****** ****** such ** ** ******* to ****** * ****** port (***, ***, ***.) to **** ******* *************** such ** **** *********, DNS *** **** *************** and ****, ****** ******* *************(.**** ******, **.*** ***** below):

***** ******* ** **** beyond **** **** ** cameras **** ******, ***** is ********* ******* ** bad ****** ****.

Limited ****** ******

*** **** ********** ** the *********** ******** ** Trend ***** ** **** it ** ***** *** requires * ****** ********** to ********* *** ***** nature ** *** ****** or *** ********* ******** to ** (** ***).

*** *******, **** ******* in *** ******* **** shown ** *******:

Limited Attack Information In Vivotek Software

******* ** **** ** 1133810 ** ***** *****'* signatures, ** *** **** that **** ** ** attempt ** ****** * closed ****:

Rule Definition Must Be Manually Looked Up

** **** ****, ***** the **** ** ******, no ******** *** ** warranted, *** *** **** complex *******, *************** ***** be ****** ** **** knowledgeable ** ** ******* may *** **** *** to *******.

Repeated ***** ******** ** *** ******* ***** ***** *********

** *** *****, **** of *** ******** ** log **** *** ****** using ********* *********** ********* a ***** ***** *****. We ********* ** ***** to *** ****** **** wrong *********** **********, ******** (using *** ***** ******), via ******* (********** ********** URLs **** ********* ***********), and ***** **** ****** brute ***** *****.

********* ** *******, ***** Force ****** ** ********* if *********** *** ********* at * **** ** 5 *** ****** *** 20 ******* (*** ********).

VAST ****** ******** ******

** ******** ** ****** reporting, ***** *** **** use *******'* **** ******** to **** ***** *********** on ************* ******, **** graphs ** ******* **** time, ******** ** ** address, ****, *** ******** event.

Vivotek VAST Client Event Search And Trends

VMS ***********

** ******** ** ****** events *** ***** *** VAST ********, ******* **** integrates ***** ***** ****** with ******* ******** ******, and **** ********* ******** should ** ********** ** an ******** ****** ****.

***** ***** ************. ***** Micro ****** ****** *** displayed ********* ** ***** camera ******, ***** ** "CyberAttack" ** "**********", **** the *********** ********** **** and **** ***********.

Vivotek Trend Micro Events Integrated To Genetec

Versions ******

******** *******: *****

***** ***** ***********:*.****

Comments (8)

*** **** *** ** have **** ******* *** many ***** **** ***** results *** ***** *********.  However, *** ******** * have ***** ****** ***** install ** **** ** physically ******** **** *** ADMIN *** *** **** often ***** ********* ** any ****** ** ********, is **** **** ** a ******* ******* ***** that ** **** ***** see **** *** ** or ** * ******* something?

**** **********. * ********** get *** ***** ** cameras *** ** *** LAN ** *** ********** separate **** *** ********.  Just ****** ** *** past *** "** ****" point **** **** **** introduced * ******** ****** that ****'* **** *** facility ****** **** *-* partitioned *****.

** ***** **** ****** against ****** *******. *** example, **** ** ** premise ********** *** *********** a ******, **** *** cable ** ***** ******.

******* ****** ****** ******* that **** ************* *** require ****** ***** ** reactivate **.

*** *** ******** *** network ** ****** **** that. **** ***** ******* is * **** **** for ***** *****.

**... ****** **** ** paper. ***** ** ******* the ****** ** *******.

****** *: ** *** have ****** ****** ***** to ******* *** **** on ********* **** *** would **** *** ****** feed/playback ** ***** ** excessive ****** **** (***** happen *** ******** *******) and *** ***** **** manual ************ ** *** the ****** **** ******.

****** *: ** *** have *** ****** ***** to ******* ** ***/******* MAC ********* (*** **** system *** *****) **** you **** *** ******** a ****** ** ***** the ******'* *** ******* and **** ***** ******** into *** ********* *******.

**** ******* ***** ********* to ** *******. **** being **** ****** * coupled **** ********** ******** tends ** ** *** best *** ** ** for **** *********. ***** your **** ****** ** ID * ****** ***** be * ***** ********* followed ** ****** ******* than ******.

**** ** * *****. 

**** **** **** **** a **** ** *** right *********?  ** ** it ****.  ***** * have ***** **** ** sold *** ** *** above ******** *** **** with *** *********** ** least **** **** ***** steps ** ******* ***** security ****** **** ****** Cisco *** * **** piece ** ****** **** handicapping * ***** ******** specialist.  *** ************ ** IP ******* ****** **** the ******** ******* ****** just ******** ******* *** forcing ****** ********* ** a ****** *** **** industry.

Attack ********** ********

*** ** ****** **** signature?

*** "***** *****'* ****** **********" **** ** ****. Nothing *********. 

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports on VMS

Open vs End-to-End Systems: Integrator Statistics 2019 on Nov 11, 2019
Preference for open systems is on the decline, according to new IPVM statistics. We asked integrators: For video surveillance systems, do you...
Rhombus Cameras, VMS and Analytics Tested on Nov 06, 2019
Rhombus boasts they have created "the new standard in Enterprise, cloud-managed video security" and told IPVM in January 2019 they offer twice the...
Aiphone Video Intercom Tested (IX Series 2) on Nov 05, 2019
Aiphone was one of integrator's favorite intercom manufacturers but how well do their products work? The company's newest offering, the IX Series 2...
90+ Companies Profile Directory on Nov 05, 2019
While IPVM covers the largest companies in the industry regularly (like Axis, Dahua, Hikvision, etc.), IPVM strives to do a profile post on each...
Avigilon Appearance Search Tested on Oct 30, 2019
Avigilon Appearance Search claims that it "sorts through hours of video with ease, to quickly locate a specific person or vehicle of interest...
Remote Access (DDNS vs P2P vs VPN) Usage Statistics on Oct 25, 2019
Remote access can make systems more usable but also more vulnerable. How are integrators delivring remote access in 2019? How many are using...
Security Canada Central Show Report 2019 on Oct 24, 2019
IPVM attended Security Canada Central in Toronto to see what is new in the Canadian market. Inside, we share videos and dozens of images...
Illustra Pro Gen3 4K Camera Tested on Oct 23, 2019
Johnson Controls has released the latest generation in their Illustra Pro line, the Pro Mini-Dome Gen 3, a non-OEM model claiming to "optimize...
Access Control Door Controllers Guide on Oct 22, 2019
Door controllers are at the center of physical access control systems connecting software, readers, and locks. Despite being buried inside...
Alarm.com Acquires OpenEye on Oct 21, 2019
Alarm.com is targeting commercial expansion and now they have a commercial cloud VMS with the acquisition of OpenEye. In this note, based on...

Most Recent Industry Reports

Hikvision Markets Uyghur Ethnicity Analytics, Now Covers Up on Nov 11, 2019
Hikvision has marketed an AI camera that automatically identifies Uyghurs, on its China website, only covering it up days ago after IPVM questioned...
Open vs End-to-End Systems: Integrator Statistics 2019 on Nov 11, 2019
Preference for open systems is on the decline, according to new IPVM statistics. We asked integrators: For video surveillance systems, do you...
Biggest Low Light Problems 2019 on Nov 08, 2019
Over 150 integrators responded to our survey question: "What are the biggest problems you face getting good low-light images?" Inside, we share...
US Issues Criminal Charges For Fraudulently Selling Hikvision And Other China Products on Nov 07, 2019
The US government has made an unprecedented move on the video surveillance supply chain, charging a US company, Aventura for "having conspired with...
The Access Control Codes Guide: IBC, NFPA 72, 80 & 101 on Nov 07, 2019
For access, there is one basic maxim: Life safety above all else. But how do you know if all applicable codes are being followed? While the...
Rhombus Cameras, VMS and Analytics Tested on Nov 06, 2019
Rhombus boasts they have created "the new standard in Enterprise, cloud-managed video security" and told IPVM in January 2019 they offer twice the...
"Stress in the Residential Market" - Major Lender Exits on Nov 06, 2019
The residential security / 'alarm' market is getting worse, at least for traditional players. Now, one of the biggest lenders in the industry has...
Aiphone Video Intercom Tested (IX Series 2) on Nov 05, 2019
Aiphone was one of integrator's favorite intercom manufacturers but how well do their products work? The company's newest offering, the IX Series 2...
90+ Companies Profile Directory on Nov 05, 2019
While IPVM covers the largest companies in the industry regularly (like Axis, Dahua, Hikvision, etc.), IPVM strives to do a profile post on each...
Hikvision USA Fights LTS on Nov 04, 2019
Hikvision's USA subsidiary is fighting with LTS, having recently quietly dropped LTS as an authorized distributor amidst ongoing face-offs between...