VERIPATROL Network Whitepaper

VERIPATROL Network Whitepaper
Version 4.6.0.7523
VERIPATROL
Network
Whitepaper
Overview
The following document describes in detail the VERIPATROL system, installation and
deployment planning, system requirements, communication methods, and system security.
Contact Us
If you need assistance operating the VERIPATROL system or VIEVU cameras, please visit
www.vievu.com/support, contact us by phone at 888-285-4548 or email support@vievu.com.
VERIPATROL
Network Whitepaper
Contents
Planning
2
Network Installation Requirements.............................................................. 2
System Architecture…….............................................................................. 3
Network Architecture.................................................................................... 4
Data and Communication Processes………………...……………………….. 5
Determining File Storage Requirements...................................................... 6
Data Transfer Rates/Time…………………...…………………………………. 6
Date/Time Automatic Updating………..…………………………………….… 6
Network Installation
7
Installation Instructions……………............................................................... 7
Unattended Installation…………………………………………………………. 7
Silent Installation Switches……………………………………………………... 8
System Configuration & Options
10
Configuring a Video Storage Location......................................................... 10
Set a Default Storage Location………...……………………………………… 11
Move an Existing File Storage Location……………………………..……….. 11
VERIPATROL Cloud Functionality & Activation…..……………………….… 12
Set the Video Retention Period.................................................................... 14
Optional Logging………………………………………...………………………. 15
Export Master Log with Video Copies………………………………………… 15
Set a File Deletion Schedule........................................................................ 16
LE3 Camera Settings…………………………………………………………… 16
Enable Local Time on LE3 Cameras………………………………………….. 17
Multi-Dock…………………………………………………………………………17
Export/Import Database and Videos…………….…………………………….. 18
VERIPATROL Mobile…………………………………………………………… 18
Net Transcripts Audio Transcription Services………………………………... 20
Security
21
User Security Matrix……………………………………………………............. 21
VidLock Security Suite………...………………………………………………... 22
Lockdown Video…………………………………………………………………. 22
Securing the System.................................................................................... 23
VERIPATROL Cloud Security………………………………………………….. 24
VERIPATROL Mobile Security………………………………………………….24
Network White Paper Ver 4.6.0.7523
Page 1
VERIPATROL
Network Whitepaper
_________________________________________________________________________________________________________
Planning
NETWORK INSTALLATION REQUIREMENTS
Domain
1. The Server and Client workstations belong to the same Domain. The
network installation cannot be performed without a Windows domain.
Note: The hardware
requirements vary
based on the number
of concurrent
connections, video
retention period and
the number of
cameras. Contact
VIEVU if you need
assistance selecting a
server.
Server
1. Windows compatible server with the following specifications:
a) Operating System: Microsoft Server 2003, 2008 or 2012.
b) Processor: Core i7/Xeon, 2.0GHz or higher.
c) Memory (RAM): 8GB DDR3-1333 or higher.
2. Database Program: Microsoft SQL Server 2005 or 2008. SQL Server
minimum hardware requirements may be higher than the minimum
specifications listed above. Please check with Microsoft for the
current requirements for the version being installed and the number
of concurrent connections.
3. Microsoft .NET Framework 4.5.1 or higher.
4. Microsoft Visual C++ 2013.
5. Firewall exception for TCP Port 43690 and UDP Port 123. Add an
exception for TCP 80 and TCP 443 if using VERIPATROL Cloud.
6. Local or Network storage space sufficient to store the amount of
video desired. *Does not apply to deployments that utilize the Cloud*
Note: The
hardware
requirements
vary based on the
number of
concurrent
Note: Use the ‘Video
Storage
Calculator’ at
connections,
www.vievu.com to
video
estimateretention
the amount
Workstations
of
storage
space
period
and
the
required for your
1. Windows compatible computer with the following specifications:
number
of
deployment.
cameras. Contact
a) Operating System: Windows Vista, 7 or 8.
b) Processor: Pentium III or compatible - 1 GHz or higher.
VIEVU if you
c) Memory (RAM): 512 MB or higher.
need
assistance
Note: Use the
d) Display with 1024 x 768 resolution. 1280 x 1024 or higher
selecting
a
‘Video
Storage
recommended.
server.
Calculator’ at
www.vievu.com
2. Windows Media Player 10 or higher.
to estimate the
3. Microsoft .NET Framework 4.5.1 or higher.
Note: The
4. Microsoft Visual C++ 2013.
amount
of
hardware
5. 2 available USB ports.
storage space
requirements
required for your
vary based on the
deployment.
Additional System Requirements for VERIPATROL Mobile:
Note:
VERIPATROL
number
of
Mobile has 2
concurrent
operating
modes: A
Server
free
remote viewing
connections,
Note:
Use
the
application and
1. 1 Public Static IP address if using Mobile+ Remote File
video retention
Mobile+
which
allows
‘Video
Storage
Transfer.
for
transferring
period
and the
Calculator’
at
2.
Firewall exception for TCP 14444 if using Mobile+ Remote
videos from
number of
computers
mounted
www.vievu.com
File Transfer.
in
a car. Mobile+
cameras.
Contact
to
estimate
the
requires the purchase
VIEVU
if you
of
a software
license.
amount
of
need
assistance
storage space
selecting
a your
required for
Network
Page 2
server.White Paper Ver 4.6.0.7523
Note:
deployment.
VERIPATROL
Mobile has 2
Note: Use
Themodes:
operating
the
VERIPATROL
Network Whitepaper
SYSTEM ARCHITECTURE
The VERIPATROL system consists of 7 components. 4 required and 3 optional:
1. (required) VERIPATROL Server:
SQL Database: Used to store information about the video files
and user data. Database named “SvdsDB2”.
Server Configuration: Program used to connect the
VERIPATROL server service to the database
instance, set the TCP port used for
communication, set the NTP server pool and
Proxy settings.
Note: The VIEVU
VERIPATROL Server
service is the ‘brains’
of the system. The
system will not
function if the service
is not running.
Note: The
VIEVU
VERIPATROL
Server service is
the ‘brains’ of
the system. The
system will not
function if the
service is not
running.
Note: The
VIEVU
VERIPATROL
Server service is
the ‘brains’ of
the system. The
system will not
function if the
service is not
running.
Note: The
VIEVU
VERIPATROL
Server service is
the ‘brains’ of
Network White Paper Ver 4.6.0.7523
the system. The
system will not
function if the
service is not
VIEVU VERIPATROL Server service: Windows service that runs
on the server to communicate with the database,
file storage location and client workstations.
2. (required) VERIPATROL Admin: Program used to administer the
VERIPATROL system (add/remove users, delete video, etc).
3. (required) VERIPATROL Client: Program used to transfer video files
from a camera and for general users with limited security.
4. (required) ffdshow Codec: MPEG-4 decompression codec required
to view video recorded with VIEVU cameras.
5. (optional) VERIPATROLMulti-Dock: Program that communicates
with a Multi-Dock to perform automated downloads of cameras.
6. (optional) VERIPATROL Mobile: Program used for playback of
videos in computers mounted in cars without a constant network
connection.
7. (optional) LinkPro Client: Program used with VERIPATROL Mobile to
support the transfer of remote video files to the VERIPATROL
Server.
8. (optional) LinkPro Server. Only installed when using VERIPATROL
Mobile+ for remote video transfer:
SQL Database: Used to store information about remote video
transfers and devices. Database named
“LinkPro”.
LinkPro Server: Program used to monitor, configure and run
reports about remote video transfers and
devices.
LinkPro Configuration Editor: Program used to edit configuration
files for LinkPro remote video transfer system.
LinkPro Service: Windows service that runs on the server to
communicate with remote computers for video
transfer.
Page 3
VERIPATROL
Network Whitepaper
NETWORK ARCHITECTURE
Note: The video
storage location can
be placed on the
same computer as the
VERIPATROL server
component, or placed
on a different storage
media (SAN, NAS, File
Server, Separate
HDD/Partition)
including the Cloud.
Each of the 8 system components will be installed in the following locations:
Note: The video
storage location
can be placed on
the same
computer as the
VERIPATROL
server
component, or
placed on a
different storage
media (SAN,
NAS, File
Server, Separate
HDD/Partition)
including the
Cloud.
Note: The video
storage location
can be placed on
the same
computer as the
VERIPATROL
server
component, or
placed on a
different storage
media (SAN,
NAS, File
Server, Separate
HDD/Partition)
including the
Cloud.
Network White Paper Ver 4.6.0.7523
Note: The video
storage location
can be placed on
the same
1. VERIPATROL Server: Installed on the computer running the SQL
database.
2. VERIPATROL Admin: Installed on the VERIPATROL Server and any
client machines where administrative functions will be performed.
3. VERIPATROL Client: Installed on any client machines where direct
video downloads or video playback will occur.
4. ffdshow Codec: Codec must be installed on the server and all
computers where video playback will occur.
5. VERIPATROL Multi-Dock: Installed on any client machines that are
connected to Multi-Docks.
6. VERIPATROL Mobile: May be installed on any computers mounted
in cars.
7. LinkPro Client: Automatically installed with VERIPATROL Mobile on
computers mounted in cars.
8. LinkPro Server: Installed on the VERIPATROL Server when using
Mobile+ remote video transfer.
VERIPATROL Server
Software Installed
SQL Server Instance (VIEVU)
VERIPATROL Server
VERIPATROL Administrator
ffdshow Codec
LinkPro Server (optional)
Role
Administrator
Software Installed
VERIPATROL Admin
ffdshow Codec
Client Workstation
Role
Regular User
Software Installed
VERIPATROL Client
ffdshow Codec
Client Workstation
Role
Multi-Dock Download
Multi-Dock Workstation
(optional)
Software Installed
VERIPATROL Multi-Dock
ffdshow Codec
Role
Mobile User
Software Installed
VERIPATROL Mobile
LinkPro Client
ffdshow Codec
Remote Workstation
Mounted In Car (optional)
Page 4
VERIPATROL
Network Whitepaper
DATA AND COMMUNICATIONS PROCESSES
The VERIPATROL system communicates using the following processes:
Client/Multi-Dock Workstation to Server
TCP Port: Bi-Directional data transfer over TCP 43690*.
Server to File Storage
TCP/IP: Bi-Directional data transfer over TCP/IP SMB.
Server to NTP Server Pool
UDP Port: Bi-Directional data transfer over UDP 123.
Server to Cloud (optional)
HTTP/HTTPS: Bi-Directional data transfer over TCP 80 and 443.
Mobile Workstation to Server (optional)
TCP Port: Bi-Directional data transfer over TCP 43690*.
TCP Port: Bi-Directional data transfer over TCP 14444*. Mobile+
only.
Optional Remote Storage Location
SAN/NAS/File Server
Date/Time Source
VERIPATROL Cloud
Optional Cloud Based Storage
TCP 80, 443
NTP Server Pool
TCP/IP SMB
VERIPATROL Server
LinkPro Server
TCP 43690*
RS-232
USB
VERIPATROL Client
USB
Multi-Dock
VERIPATROL Multi-Dock
TCP 14444 (Moble+ Only)*
VIEVU Camera
TCP 43690*
number by the
computer. The
Note: Communication
COM
portwith an
ports listed
Note:
For
large
asterisk can
be be
number
must
changed in the it is
deployments
less
than
19.
‘Server
Configuration’
recommended
to
program located on
the VERIPATROL
permanently
server.
assign
a
Note: Each
download
download cable
cable
to
each
computer
is
given a unique
Note:
to
prevent
COM
port COM
Communication
port
assignment
number
by the
ports listed
with
issues.
computer.
an asteriskThe
can
COM
port in the
be changed
number
‘Server must be
Note:
For19.
large
less
than
Configuration’
deployments it is
program located
recommended to
on the
permanently
Note:
Each
VERIPATROL
assign
a
download
server. cable
download
cable
is given a unique
to
eachport
computer
COM
to
prevent
COM
number
Note: by the
port
assignment
computer.
The
Communication
issues.
COM
port
ports listed with
number
must
an asterisk
canbe
less
than
19.
be changed in the
Note: For large
‘Server
deployments it is
Configuration’
recommended to
Note:
Each
program
located
permanently
download
cable
on the
assign a
is
given a
VERIPATROL
download cable
unique
server. COM
to each computer
port number
by
Network
WhiteCOM
Paper Ver 4.6.0.7523
to prevent
the computer.
port assignment
The
Note:COM port
issues.
number
must be
Communication
less than 19.
RS-232: Bi-Directional data transfer over Serial RS-232.
USB: Uni-Directional data transfer over Universal Serial Bus.
TCP 43690*
Note: For large
deployments it is
Note:
Each
recommended to
permanently assign
download
cable a
download cable to
is
given a unique
each computer to
prevent port
COM port
COM
assignment issues.
Camera to Client Workstation
UDP 123
Note: Each download
cable is given a
unique COM port
number by the
computer.
RS-232
USB
VIEVU Camera
VERIPATROL Mobile
Page 5
VERIPATROL
Network Whitepaper
DETERMINING FILE STORAGE REQUIREMENTS
Note: A calculator is
located on
www.vievu.com to
perform this
calculation.
The VIEVU cameras record at a rate of approximately 1 gigabyte per hour at
standard definition. The LE3 camera records at a rate of 2.3 gigabytes per hour
at high definition (720p). The exact file size will vary based on the subject of the
recording due to compression variations. The file storage requirements are
based upon four factors:
1) The number of cameras.
2) The average number of hours of video recorded each day.
3) The retention period in days.
4) Video resolution
Note: Video files that
are marked to ‘Never
Be Deleted’ will
increase the storage
requirements as they
will not be deleted
after expiration of the
retention period.
Note: Video files
that are marked
to ‘Never Be
Deleted’ will
increase the
storage
requirements as
Note:
A
typical
they
will
notuser
be
only records ~ 1hr of
deleted
video
per after
day.
expiration of the
retention period.
These four factors can be combined in the following equation to determine the
recommended storage capacity in gigabytes. Recoding format values are
standard definition = 1, high definition = 2.3
(# of Cameras) X (Avg. Hrs Per Day) X (Retention Period) X (Recording Format) = (Size in GB)
1 camera X 1 hr per day X 90 days X 2.3 = 207 GB
DATA TRANSFER RATES/TIME
Due to the high level of processing, digital signature verification and security
employed in the VERIPATROL application, the data transfer rates are reduced
from a typical unsecured file transfer across the network.
The LE2 camera download operates at an average speed of ~3 MB/Sec. The
LE3 camera download operates at an average speed of ~10 MB/Sec. Adding a
remote file storage location may reduce this transfer rate as a second connection
is established between the server and the file storage location. Further
degradation of the transfer rate can occur from sources such as reduced network
bandwidth, high server load, server processing speed and client processing
speed.
DATE/TIME AUTOMATIC UPDATING
The VERIPATROL server uses UDP port 123 to query the current time from an
internet based Network Time Protocol (NTP) server pool. During the camera
assigning or video download process, the Date and Time on the camera is
updated.
Network White Paper Ver 4.6.0.7523
Page 6
VERIPATROL
Network Whitepaper
The LE2 camera has the Date and Time settings in sync with Greenwich Mean
Time (GMT). GMT may also be referred to as Coordinated Universal Time (UTC)
or in the Military as “Zulu” time. This setting on the LE2 cannot be changed. The
LE3 camera adds the ability to set the Date and Time settings to sync with GMT
or with the local time zone of the server. See the section “Enable Local Time on
LE3 Cameras” in this document for more information.
Note: The NTP server
pool and proxy server
settings are changed
in the ‘Server
Configuration’
program found on the
VERIPATROL server.
The default NTP server pool is set to the United States pool (us.pool.ntp.org). If
the VERIPATROL server is located in another region of the world, you may
change the NTP server pool to use a pool that is geographically closer. This will
ensure that the Date and Time being applied to the camera is as accurate as
possible.
_________________________________________________________________________________________________________
Network
Installation
INSTALLATION INSTRUCTIONS
Network Installation instructions can be downloaded from
www.vievu.com/support. VERIPATROL Mobile installation instructions are
located in a separate document which can also be downloaded from vievu.com.
UNATTENDED INSTALLATION/UPGRADE
Note: When installing
Mobile on the remote
computers, you must
also install
LinkProTablet.msi.
Additional
information can be
found in the
VERIPATROL Mobile
installation
instructions.
The VERIPATROL installation and upgrade executables files contain the ability
to automate the installation or upgrade of the VERIPATROL software on a client
computer using a preconfigured answer file – it cannot be used to install the
VERIPATROL server. This answer file will supply the executable files with the
configuration options you desire for the computer it is deployed on. When the
answer file exists, the GUI interface is suppressed. An unattended installation is
the most reliable option for use with remote installation software to push the
VERIPATROL software to computers on the network.
Network White Paper Ver 4.6.0.7523
Page 7
VERIPATROL
Network Whitepaper
The answer file uses XML format. The answer file is included in the Network
Installation Zip file or it can be downloaded from
www.vievu.com/veripatrolsupport.
The answer file is compatible with the following VERIPATROL executables:
Network Installation
Network Upgrade
Mobile Installation
Configuration
To configure the answer file, the following sections will be updated with values for
your specific installation and network configuration.
<LicenseAgreement>: Indicate your acceptance of the VERIPATROL EULA.
<IPAddress>: Input the IP Address of the VERIPATROL server.
<Port>: Input the port used by the VERIPATROL server. The default is 43690.
<UpgradeExistingComponentsOnly>: This option is only valid for upgrading the
VERIPATROL software. When this option is set to YES, the Network
Upgrade file will upgrade the components currently installed on the
computer. Using this option will allow you to deploy the same answer file
across computers that have different VERIPATROL components
installed. If this option is set to YES, the Admin/Client/Mobile sections
are ignored.
<Admin>: Indicate if the Admin component should be installed.
<Client>: Indicate if the Client component should be installed.
<Mobile>: Indicate if the Mobile component should be installed.
Use
Note: The
VERIPATROL
executable will need
to be launch as a user
with Administrative
permissions on the
computer.
Once the answer file is configured, place the XML file in the same directory as
the VERIPATROL executable. Upon launch, the executable will read the XML file
and perform the operation without a GUI. When deploying the software using an
automated system, simply deploy the answer file and the executable to the same
directory, and then launch the executable file.
SILENT INSTALLATION SWITCHES
The installation MSI file (VIEVU VERIPATROL.msi) has been included in the
“MSI” folder in the network installation media. This MSI file supports the use of
silent installation switches. Care must be taken with using a silent installation to
confirm that all prerequisites have been installed on the computers. The MSI
installation will not check for any prerequisites. The switches are as follows:
Network White Paper Ver 4.6.0.7523
Page 8
VERIPATROL
Network Whitepaper
Components to Install
“/q ADDLOCAL=D,S,A,C”
S = Server component is installed.
A = Admin component is installed.
C = Client Component is installed.
M = Mobile component is installed.
Note: When installing
Mobile on the remote
computers, you must
also install
LinkProTablet.msi.
Additional
information can be
found in the
VERIPATROL Mobile
installation
instructions.
Example:
VIEVU Veripatrol.msi /q ADDLOCAL=D,S,A
This will install the Admin and Server components.
VIEVU Veripatrol.msi /q ADDLOCAL=D,C
This will install the Client component.
VIEVU Veripatrol.msi /q ADDLOCAL=D,A,C
This will install the Admin and Client components.
VIEVU Veripatrol.msi /q ADDLOCAL=D,M
This will install the Mobile component.
Installation Directory
“TARGETDIR=Directory Path”
Example:
VIEVU Veripatrol.msi TARGETDIR=D:\Programs
This will install VERIPATROL in the location
D:\Programs
Reboot at end of Installation
“REBOOT=F/S/R”
F = Force. Always prompt for a restart at the end of the installation.
S = Suppress. Suppress prompts for a restart at the end of the
installation.
R = ReallySuppress. Suppress all restarts and restart prompts initiated
by ForceReboot during the installation.
Example:
VIEVU Veripatrol.msi REBOOT=F
This will prompt the user to restart the computer when
the installation is finished
Combining Switches
The switches can be combined to provide granular control of the
installation process.
Example:
VIEVU Veripatrol.msi /q ADDLOCAL=D,A,C REBOOT=R
TARGETDIR=D:\Programs
This will install the VERIPATROL Admin and Client components
to the location D:\Programs and suppress a reboot at the end of
installation
Network White Paper Ver 4.6.0.7523
Page 9
VERIPATROL
Network Whitepaper
_________________________________________________________________________________________________________
System
Configuration
& Options
Note: Creating a file
storage location does
not change any user
storage mappings.
Use the ‘Set Default
Storage’ process to
change the file
storage location for
all users configured
to use the default
storage location or
manually change the
storage mapping by
editing the user in the
Admin application.
CONFIGURING A VIDEO STORAGE LOCATION
The VERIPATROL system can be configured to store video files on the same
server as the VERIPATROL server component or placed on a separate storage
device. The video storage locations are managed from the “Server Setup” tab in
the Admin application. The default video storage location is as follows:
Server 2003:
C:\Documents and Settings\All Users\Application Data\VIEVU\VIEVU
VERIPATROL Server\FileStorage
Server 2008/2012:
C:\Program Data\VIEVU\VIEVU VERIPATROL Server\FileStorage
If the storage location is not local to the server (I.E. internal/external HDD or
separate partition) the “VIEVU VERIPATROL Server” service’s log on credentials
will need to be changed to allow for authentication with the video storage
location. This service is used by the VERIPATROL system to access the SQL
database and the video storage location.
From the Server:
Click “Start” and select “Run”.
Type in “services.msc” and click “OK”. The services window will appear.
Double click on “VIEVU VERIPATROL Server”.
Click on the “log on” tab at the top.
Change “Log on as:” to “This Account”. Complete the User ID and
password fields with a valid domain account that has read/write access
to the remote storage location.
6. Click “OK”.
7. Stop and restart the service.
1.
2.
3.
4.
5.
Once the service has been changed and restarted, the storage location can be
created.
Note: In network
installations, the
‘Server Setup’ tab in
the Admin application
is only accessible
from the server. The
Server Setup tab is
not available from the
Admin application on
a client workstation.
Log in to the Admin application on the server:
1. On the “Server Setup” tab click the “New Storage” button.
2. Enter the storage path into the box or click the “browse” button to select
the location. When complete click “OK”. If an error is received the
network path is incorrect or permissions are not setup properly.
Network White Paper Ver 4.6.0.7523
Page 10
VERIPATROL
Network Whitepaper
SET A DEFAULT STORAGE LOCATION
To allow for the easy management of the video storage locations, a default
storage location can be set. Any users who are configured to use the default
storage location will be automatically updated when the default storage is
changed. Changing the default storage location will change the location where
new video files are stored; existing files will remain in their current location.
Note: In network
installations, the
‘Server Setup’ tab in
the Admin application
is only accessible
from the server. The
Server Setup tab is
not available from the
Admin application on
a client workstation.
Log in to the Admin application on the server:
1. On the “Server Setup” tab, highlight the storage to be set as the default.
2. Click the “Set Default Storage” button.
3. (Default Storage) will now be listed to the left of the storage path.
MOVE AN EXISTING FILE STORAGE LOCATION
Note: We have
attempted to make
the file transfer
process as safe and
error free as possible;
however, there will
always be a risk of
information being lost
or corrupt during the
transfer. A backup
prior to the transfer is
highly recommended.
Note: In network
installations, the
‘Server Setup’ tab in
the Admin application
is only accessible
from the server. The
Server Setup tab is
not available from the
Admin application on
a client workstation.
The VERIPATROL system can move video files from one existing storage
location to another. This can be used when migrating to a new storage location,
or to quickly move files if videos were accidently uploaded to the incorrect
location.
Log in to the Admin application on the server:
1.
2.
3.
4.
On the “Server Setup” tab highlight the storage location to be moved.
Click the “Move Files” button at the bottom.
Select the location where the files will be moved to and click “OK”.
A progress bar will appear while the files are being transferred.
Note: The new
storage location
needs to be added to
the system before
files can be moved.
Network White Paper Ver 4.6.0.7523
Page 11
VERIPATROL
Network Whitepaper
VERIPATROL CLOUD FUNCTIONALITY & ACTIVATION
Note: To estimate the
costs associated with
utilizing VERIPATROL
Cloud, please contact
a VIEVU sales
representative.
VERIPATROL Cloud is an optional Cloud based video storage solution.
Configuring Cloud storage will direct the VERIPATROL system to store the video
files in the Microsoft Azure Cloud.
How it Works
Note: Once the Cloud
is activated, any
videos currently
stored in the ‘Default
Storage Location’ will
be transferred to the
Cloud. If you do not
wish for existing
videos to be
transferred, change
the default storage
location to a location
that is empty before
configuring the
Cloud.
1. Video is downloaded from a camera to the VERIPATROL server. The
video file is temporarily stored locally for immediate playback.
2. After ~1hr, the VERIPATROL system transfers the video file to the Cloud
for permanent storage.
3. All video files stored in the Cloud will be streamed for playback.
Cloud Architecture
The Cloud uses a hybrid architecture to provide a low cost/maximum
performance system. The hybrid architecture requires an on-site VERIPATROL
server with an SQL database.
Hosted On-Site
VERIPATROL Server
SQL Database
Hosted in Cloud
Optional Temporary
Video Storage Location
SAN/NAS/File Server
Permanent Video Storage
HTTP: TCP 80
HTTPS: TCP 443
Client Workstations
Streaming Video Server
Cloud Bandwidth Requirements
For VERIPATROL Cloud to work efficiently, the internet upload bandwidth must
be sized appropriately. If the upload bandwidth is too low, the upload queue may
continuously grow as video files are being created faster than they can be
transferred to the Cloud. Low bandwidth may also cause impacts to other internet
enabled systems.
Network White Paper Ver 4.6.0.7523
Page 12
VERIPATROL
Network Whitepaper
Below is a table listing the minimum internet upload bandwidth required for the
VERIPATROL Cloud.
Number of
Cameras
15
16-30
31-45
46-75
76-105
106+
Internet Upload
Bandwidth (Mbps)
10
15
25
40
55
55+
Activating the Cloud
First, you must sign up for Cloud service at by contacting a VIEVU Sales
Representative. Access to the cloud is licensed. A VIEVU Solution license will give
you access to the Cloud.
Please be aware that you must maintain an accurate amount of licenses for the
number of cameras that are assigned in VERIPATROL. Assigning more cameras
than licenses may prevent VERIPATROL from transferring video to the Cloud.
However, access to existing videos would be retained.
Additional signup instructions are available in the Admin User Guide.
Note: In network
installations, the
‘Server Setup’ tab in
the Admin application
is only accessible
from the server. The
Server Setup tab is
not available from the
Admin application on
a client workstation.
Log in to the Admin application on the server:
1. On the “Server Setup” tab click the “Configure Cloud Storage” button.
2. Input the “Account Name” and the “Access Key” that was provided to you
by VIEVU.
3. Click the “Start Integration” button.
4. Once the integration is finished, click the “Finish Integration” button.
Video files will be automatically transferred to the Cloud approximately 1 hour
after download. Video files that have been transferred to the Cloud will be listed
in italics in the video list.
Note: Secure links
allow playback of the
video from any
computer with
internet access and
the ffdshow codec
installed. If you
cannot watch the
video, you may need
to install the ffdshow
codec. The ffdshow
codec is available for
download at
www.vievu.com.
Create Secure Video Links
Secure links can be created for any video file stored in the Cloud. These secure,
expiring links allow for effortless sharing of video files without burning copies onto
a disc. Secure links are only available for video files stored in the VERIPATROL
Cloud.
To create a video link:
1. Begin playback of the video file from the Admin or Client application.
2. Click the “Pause” button located in the lower left of the screen.
Network White Paper Ver 4.6.0.7523
Page 13
VERIPATROL
Network Whitepaper
3. Input the desired link expiration Date/Time into the “Video Link” box at
the top of the playback window.
4. Click the “Generate Link” button. A message will be given indicating the
link has been copied to the clipboard. You may now “paste” the link into
the desired location, such as an email.
Disable the Cloud
Note: In network
installations, the
‘Server Setup’ tab in
the Admin application
is only accessible
from the server. The
Server Setup tab is
not available from the
Admin application on
a client workstation.
VERIPATROL Cloud can be deactivated at any time. You are free to move to
and from the Cloud without any impacts on the setup of the VERIPATROL
system or how the users interact with the system.
To Disable the Cloud:
1.
2.
3.
4.
Log in to the Admin application on the server.
On the “Server Setup” tab click the “Configure Cloud Storage” button.
Click the “Disable Cloud” button on the top right.
Select the location where the video files should be moved to.
VERIPATROL will now being transferring all video files stored in the
Cloud to the local storage location. If the network connection drops or the
file transfer is interrupted, VERIPATROL will display an error message.
When the network connection has recovered, repeat the disable Cloud
process again. The transfer process will being from where it left off.
5. When the file transfer is complete, VERIPATROL will confirm the Cloud
is now disabled.
SET THE VIDEO RETENTION PERIOD
Note: Caution should
be used whenever the
retention policy is
modified. Any videos
that are removed
cannot be recovered
with the application.
The VERIPATROL system is pre-configured with the retention period turned off.
If the retention period is activated, all video files that exceed the retention period
will be removed unless the video is marked “never be deleted”. Each file category
has its own retention period. The retention period is calculated from the date of
upload, not the date of record. The retention period can be set to as short as 1
day. The retention period is set in the VERIPATROL Admin application.
Note: In network
installations, the
‘Server Setup’ tab in
the Admin application
is only accessible
from the server. The
Server Setup tab is
not available from the
Admin application on
a client workstation.
Log in to the Admin application on the server:
On the “Server Setup” tab click the “Categories & Retention” tab.
Highlight the category to change and click the “Retention Period” button.
Change the “By Default Store Files For:” to the new value (1-99999).
Click "Ok".
Click “Yes” to restart the Server processes (the physical server will not
restart).
6. Once the server is restarted click “Ok”.
1.
2.
3.
4.
5.
Network White Paper Ver 4.6.0.7523
Page 14
VERIPATROL
Network Whitepaper
OPTIONAL LOGGING
VERIPATROL allows for the customization of several logging features. In
addition to required logging, 5 additional actions can be logged.
Optional Logging Includes:
1. Log User Login: Log each time a User accesses the Admin or Client
application.
2. Log Camera Download: Log each time a camera is downloaded.
3. Log Viewing Video Files: Log each time a User views a video.
4. Log User Comments: Log each time a video comment is added or
modified.
5. Log Category Change: Log each time a video category is selected or
changed.
Note: In network
installations, the
‘Settings’ button on
the Master Log tab in
the Admin application
is only accessible
from the server. The
‘Settings’ button is
not available from the
Admin application on
a client workstation.
To enable optional logging, log in to the Admin application on the server:
1.
2.
3.
4.
Click the “Master Log” tab.
Click the “Settings” button on the bottom left.
Remove the checkmark next to “Export Master Log with Video Copies”
Click "Ok".
EXPORT MASTER LOG WITH VIDEO COPIES
When enabled, this feature will create a text file containing all Master Log records
related to a video file when a copy is made. The text file name will be the same
as the video file name. This will provide a chain of custody record of the time the
video was download, when the copy was made and any additional logging events
that may have occurred while the video was stored in the system. This feature is
enabled by default.
Note: In network
installations, the
‘Settings’ button on
the Master Log tab in
the Admin application
is only accessible
from the server. The
‘Settings’ button is
not available from the
Admin application on
a client workstation.
To disable this feature, log in to the Admin application on the server:
1.
2.
3.
4.
Network White Paper Ver 4.6.0.7523
Click the “Master Log” tab.
Click the “Settings” button on the bottom left.
Remove the checkmark next to “Export Master Log with Video Copies”.
Click "Ok".
Page 15
VERIPATROL
Network Whitepaper
SET A FILE DELETION SCHEDULE
The VERIPATROL system will delete video files based upon the retention policy.
The deletion schedule can be set to run the deletion process at any desired time
during the day.
Note: In network
installations, the
‘Server Setup’ tab in
the Admin application
is only accessible
from the server. The
Server Setup tab is
not available from the
Admin application on
a client workstation.
Note: The “Force
Cleanup” button on
the ‘Cleanup
Schedule’ window will
manually start the
deletion check.
Log in to the Admin application on the server:
On the “Server Setup” tab click the “Categories & Retention” tab.
Click the “Cleanup Schedule” button.
Input the desired time the deletion process should begin.
Set the deletion interval. The interval is the number of days to wait
between deletion cycles.
5. Click “Apply”.
1.
2.
3.
4.
Alternatively, the deletion check can be triggered from an external program such
as “Scheduled Tasks”. The deletion process will begin by running the SvdsServer
executable, located in C:\Program Files\VIEVU VERIPATROL\bin, with the
/forcecleanup switch.
LE3 CAMERA SETTINGS
Note: There are no
settings available for
the LE2 camera. It will
only record with the
microphone On in SD
video resolution.
The LE3 camera supports 2 device settings:
1. Microphone: On or Off.
2. Video Resolution: 1280x720 (HD) or 848x480 (Widescreen SD)
The LE3 camera’s default setting is Microphone On and HD video resolution.
When the LE3 camera settings are changed in VERIPATROL, VERIPATROL will
update the settings on each LE3 camera when the camera is assigned.
Log in to the Admin application:
Note: The camera
settings should be
selected before
assigning LE3
cameras. The camera
settings are only
applied to the LE3
camera during the
assigning process.
1. On the “Cameras” tab click the “Camera settings” button.
2. Select the desired microphone and video resolution settings.
3. Click “Ok”.
The “Not Set” option will tell VERIPATROL to make no changes to the LE3
camera when it is assigned. This is useful when you want to have cameras
operating with multiple configuration profiles.
Settings are only applied when the cameras are assigned. If setting changes are
made in VERIPATROL, the cameras will not be updated unless it is reassigned.
Network White Paper Ver 4.6.0.7523
Page 16
VERIPATROL
Network Whitepaper
ENABLE LOCAL TIME ON LE3 CAMERAS
Note: The LE2 camera
has the Date and
Time settings in sync
with Greenwich Mean
Time (GMT). This
setting on the LE2
cannot be changed.
The Date and Time stamp on the LE3 camera can be set to sync with GMT or
the local time zone of the server. The default setting is to use GMT.
To Change the Date and Time setting:
1.
2.
3.
4.
5.
Launch the “Server Configuration” program from the server.
Click the “Date and Time Settings” button.
Under the heading “LE3 Time Settings”, select the correct option.
Click “Ok”
Click “Apply”, then “Yes” to restart the VERIPATROL service.
The Date and Time setting on LE3 cameras will be updated when a camera is
assigned or downloaded. VERIPATROL will only change the date and time on a
camera if it can successfully receive the current time from the NTP internet time
pool. If the server cannot obtain the current time, the cameras will not be
updated.
MULTI-DOCK
The Multi-Dock is a hardware solution that allows for automated download of up
to 15 cameras when connected to a computer that is running the VERIPATROL
Multi-Dock software. The Multi-Dock can be used as a simple charging device if it
is not connected to a computer. Only 1 Multi-Dock is supported per computer.
Each Multi-Dock will download up to 3 cameras at a time to prevent over
utilization of available network bandwidth. This can be further reduced to limit the
system to only downloading 1 camera at a time if necessary. Contact VIEVU for
assistance making this configuration change.
Note: If the Client and
Multi-Dock software
are installed on the
same computer, the
‘Download Videos
from Camera’ button
will be grayed out in
the Client software
when the Multi-Dock
service is running to
prevent
communication errors
with the cameras.
The Multi-Dock software is installed using the network installation or upgrade file.
The Multi-Dock software runs as a Windows service. Therefore it is not
necessary to have a user logged into the computer for the automated download
process to occur.
When cameras are downloaded using the Multi-Dock, the video is assigned to
the user based on the camera assignment table in the VERIPATROL admin
software. This is different from doing a directly download with the Client software
where the video is assigned to the user who is logged into the software.
Network White Paper Ver 4.6.0.7523
Page 17
VERIPATROL
Network Whitepaper
EXPORT/IMPORT DATABASE AND VIDEOS
Note: The
Export/Import
process should be
done with the same
version. Ensure both
the source and target
systems are using the
same version of
VERIPATROL to
prevent errors.
Note: The ‘Server
Configuration’
program is located in
the program folders
group at START>All
Programs >VIEVU
VERIPATROL.
The VERIPATROL system supports an import/export feature to make moving the
system between computers, migrating between different versions of SQL and
combining existing installations into an easy process. The export process will
make copies of all videos in the export location. You must have enough free
space in the export location to contain all of the video files currently in the
system.
To Export the Database and Videos:
1.
2.
3.
4.
5.
6.
Launch the “Server Configuration” program from the server.
Select “File” and choose “Import/Export”.
Select “Export”
Select a time period or “All” and choose “Next”.
Select an export location and choose “Next”.
The export process will now begin. Once finished, click “Finish”.
To Import a Database and Videos:
Note: During Import,
all video files will be
transferred to the
current default
storage location.
Launch the “Server Configuration” program from the server.
Select “File” and choose “Import/Export”.
Select “Import” and choose “Next”.
Select the SvdsDB2.xml file to import and click “Next”.
The import will begin. Users will be matched based on the login ID. If a
user does not currently exist in the database, you will be prompted for an
action. If the user has a different login, select the correct user to map the
user to and click “Match User”. If the user is new, select “Create New
User”. The “Apply for all” feature will remember the selection and apply
the same selection to any future users.
6. When the import is finished, click “Finish”.
1.
2.
3.
4.
5.
VERIPATROL MOBILE
Note: Contact a
VIEVU sales
representative for
pricing on a license
for VERIPATROL
Mobile+.
VERIPATROL Mobile is an optional add-on to VERIPATROL that allows for
accessing video on cameras from computers installed in cars where a connection
to the server is not available. VERIPATROL Mobile has 2 operating modes:
Mobile and Mobile+. Mobile is a free add-on that facilitates the review of video
files currently stored on a camera for report writing and analysis in the field.
Mobile+ is a licensed add-on that allows for the download, review and transfer of
video files over Wi-Fi/3G/4G to the VERIPATROL server using Bee Networx’s
proprietary and patented technology called LinkPro. Video files are encrypted
while stored on the computer to prevent unauthorized access or manipulation.
Network White Paper Ver 4.6.0.7523
Page 18
VERIPATROL
Network Whitepaper
Modes of Operation
Mobile: Free add-on to VERIPATROL that allows a person to watch the
videos stored on the camera while in the field without a network
connect to the VERIPATROL server. It does not remove the
videos from the camera. The user must go back to the station
and download the camera later. The video is available on the
computer for playback for 1 hour. After 1 hour the video will be
deleted.
Mobile+: Mobile+ adds the ability to transfer the video from the remote
computer in the car to the VERIPATROL server. The user will
download the camera to the computer in the car. They can then
watch the video, add comments or other details. The user can
then specify the transfer priority and speed to maximize the
efficiency of the connections for cost and time sensitivity.
Mobile+ is ideal for users who work completely out of the vehicle
– they can be completely autonomous and do all of their camera
work from the vehicle.
Logging
The same level of logging available in VERIPATROL continues with
VERIPATROL Mobile. Actions performed and logged in VERIPATROL
Mobile on remote computers are transferred to the VERIPATROL server
to provide one central location for all user action reporting and
monitoring.
Video Transfer Priority
There are 3 video transfer priorities. The priority levels are used to define
the order to transfer the videos and the connection methods to use. The
priority levels are: Normal, High and Emergency. All videos are uploaded
at the lowest “Normal” priority level. The user can choose to enable
“High” priority or “Emergency” if necessary. When a video is in Normal or
High priority, the video is held on the computer for 1 hour for playback
and adding comments/category information. When a video is placed in
Emergency priority, the transfer immediately begins and the video is no
longer available for playback or adding comments/category information.
BOLO Message
Mobile+ provides the ability to quickly distribute a file/picture/document to
all Mobile+ computers mounted in cars. This feature can quickly alert
users to be on the lookout for a person or vehicle.
To Distribute a BOLO File:
1.
Network White Paper Ver 4.6.0.7523
On the VERIPATROL Server, navigate to the folder:
C:\LinkPro\BOLO\Send
Page 19
VERIPATROL
Network Whitepaper
2.
Note: BOLO files are
only sent once to
each Mobile+
computer.
3.
Place the file that you wish to distribute into this folder. LinkPro
will immediately begin distributing the file to Mobile+ computers
when they connect.
Once the BOLO is no longer applicable. Delete the file from the
folder.
NET TRANSCRIPTS AUDIO TRANSCRIPTION SERVICES
VIEVU has partnered with Net Transcripts to offer VIEVU customers with
transcription services. VERIPATROL includes the ability to export an audio only
copy of a video file. This audio file can be securely uploaded to Net Transcripts
through an internet portal for transcription services. Net Transcripts will transcribe
the audio on the selected file and provide you with an evidence quality
transcription.
To sign up for Transcription services or to upload an audio file for transcription
visit: http://nettranscripts.com/vievu/vievu-client-registration.htm
For more information about pricing, features, service levels and supported
languages contact Net Transcripts or visit http://nettranscripts.com
Network White Paper Ver 4.6.0.7523
Page 20
VERIPATROL
Network Whitepaper
_________________________________________________________________________________________________________
Security
USER SECURITY MATRIX
VERIPATROL allows for the customization of user access security/permissions.
4 security check boxes create 5 separate security levels plus lockdown video
access. Use the security selection matrix below to determine the correct security
level for each user.
Administrator
Delete
Videos in
Admin
Nothing
Checked
Make
Copies
in Client
View All
Videos
in Client
Admin Application
Log in to Admin Application
X
Add/Remove/Edit a User
X
Assign/Unassign a Camera
X
Make a Copy of any Video
X
Make Copies
in Client and
View all
Videos in
Client
Access
Lockdown
Videos**
Log In to
VERIPATROL
Mobile**
X
Delete Any Video
Add/Change Details of any Video
X
View Master Log
X
Change Logging Settings *
X
Add/Change/Move/Set Default File Storage
Location *
X
Add/Rename/Remove File Categories *
X
Change File Retention Period *
X
X
Access Lockdown Videos**
X
Log In to VERIPATROL Mobile**
Client Application
Log in to Client Application
X
X
X
X
X
View Videos Recorded by Me
X
X
X
X
X
X
X
X
X
X
X
View Videos Recorded by Others
X
Add/Change Details of a Video Recorded
by Me
Add/Change Details of a Video Recorded
by Others
X
Make a Copy of a Video Recorded by Me
X
Make a Copy of a Video Recorded by
Others
X
X
X
X
X
Access Lockdown Videos**
Log In to VERIPATROL Mobile**
X
X
X
X
* Additional Security Prevents All Administrators from Making These Changes in Network Installations
** Security can be Added to any User
Network White Paper Ver 4.6.0.7523
Page 21
VERIPATROL
Network Whitepaper
VIDLOCK SECURITY SUITE
Note: All VIEVU
cameras MUST be
assigned in the
VERIPATROL Admin
application before
recording any video.
Failure to assign a
camera before
recording video will
prevent the videos
from being
downloaded. If you
have any questions
about the assigning
process or VidLock
security, please
contact us.
The VERIPATROL application includes the VidLock Security Suite. VidLock
security provides the strictest evidence management processes available. Some
of the security features are as follows:
1. All LE2 and LE3 cameras are secured to prevent unauthorized access to
the content of the camera.
2. VERIPATROL pairs a camera with an installation of the server through
the camera assigning process. Once paired, the videos recorded on the
camera can only be downloaded to your installation of VERIPATROL. If
the camera were to be lost or stolen, the video files cannot be accessed
by anyone else.
3. Access to the video file storage location is secured using windows NTFS
file security.
4. Video files are masked with a GUID to prevent identification of the video
files and their contents by a systems administrator with access to the file
storage location.
5. All video files recorded on the LE2 and LE3 cameras are marked with a
SHA cryptographic hash digital certificate to ensure the video integrity
has not been compromised during the transfer from the camera to
VERIPATROL. This cryptographic hash function was designed by the
National Security Agency (NSA).
6. VERIPATROL uses an internet time server to determine the exact
date/time. This very precise date/time is applied to each camera during
download to ensure the date/time does not drift.
LOCKDOWN VIDEO
The lockdown video feature is available to prevent access, modification or
deletion of a video file by an unauthorized user. Once a video has been marked
for “Lockdown”, the video can only be accessed by a user with “View Lockdown
Video” security. This can be used to prevent the spread and playback of highly
sensitive videos by the user who recorded the video, users with access to view
all videos and administrators. Any user can mark a video for lockdown.
To mark a video for lockdown, log in to the Admin application:
1. Click the “Videos” button located at the top of the window.
2. Highlight the desired video and click the “Add Details” button located in
the lower left corner.
3. Place a checkmark in “Lockdown Video”.
4. Click the “Apply” button located in the lower left corner.
Network White Paper Ver 4.6.0.7523
Page 22
VERIPATROL
Network Whitepaper
SECURING THE SYSTEM
Note: VERIPATROL
Cloud can also
enhance security by
preventing direct
access to the video
files by System
Administrators
outside of the
VERIPATROL system.
Note:
VERIPATROL
Cloud can also
enhance
security by
preventing
direct access to
the video files
by System
Administrators
outside of the
VERIPATROL
system.
Note:
VERIPATROL
Cloud can also
enhance security
by preventing
direct access to
the video files by
System
Administrators
outside of the
VERIPATROL
system.
A network installation provides the most robust levels of security available. The
VERIPATROL system can be secured so that only a single domain account is
used to access the SQL database and the video file storage location. VIEVU
recommends to create a domain account that is only used for the VERIPATROL
system. Each end user of the VERIPATROL system will never directly access the
SQL database or the video file storage location. The VERIPATROL server
service accesses the locations on behalf of the user.
To secure the system, first change the “VIEVU VERIPATROL Server” service to
a domain account.
From the Server:
Click “Start” and select “Run”.
Type in “services.msc” and click “OK”. The services window will appear.
Double click on “VIEVU VERIPATROL Server”.
Click on the “log on” tab at the top.
Change “Log on as:” to “This Account”. Complete the User ID and
password fields with a valid domain account that has read/write access
to the remote storage location and the SQL database.
6. Click “OK”.
7. Stop and restart the service.
1.
2.
3.
4.
5.
Once the service logon account has been changed, authentication from the
VERIPATROL server service to the video storage location and the SQL database
will utilize this domain user account.
SQL Database: Permissions to the SQL server and database “SvdsDB2” can be
restricted so that the only domain account that has access to the
database and tables is the account the “VIEVU VERIPATROL
Server” Service was setup to log on with above. If you need
assistance securing SQL, please see the following Microsoft
document, or the document for your particular version of SQL:
SQL Server 2005 Security Best Practices.
Video Storage Location: Permissions to the storage location can be restricted
using NTFS so that the only domain account that has access to
the location is the account the “VIEVU VERIPATROL Server”
Service was setup to log on with above. If you need assistance
security folders with NTFS, please see the following Microsoft
document: Securing Files with NTFS.
Note:
VERIPATROL
Cloud can also
enhance security
by preventing
direct access to
the video files by
System
Network
White Paper Ver 4.6.0.7523
Administrators
outside of the
VERIPATROL
system.
Page 23
VERIPATROL
Network Whitepaper
VERIPATROL CLOUD SECURITY
Note: Non United
States Government
customers are hosted
on the public Azure
platform.
VIEVU partnered with Microsoft® to develop
the VIEVU Solution™ Cloud platform on
Microsoft® Azure Government, the first
enterprise Cloud designed specifically for
United States government customers that
directly supports CJIS. The VIEVU Solution
allows government customers to store their
data in the Cloud without concern over CJIS compliance. Microsoft® Azure
Government has statutory CJIS compliance to state laws, regulations, agency
requirements and is FBI-certified.





Physically isolated datacenter and network
Data, applications, and hardware reside in the continental United
States
Provides true geographic redundancy with datacenters located more
than 500 miles apart
Operated by screened U.S. persons
Committed to meeting rigorous compliance requirements and
government policies
Additional information about Microsoft Azure features, security and compliance
can be found here: http://azure.microsoft.com/en-us/features/gov/
VERIPATROL MOBILE SECURITY
VERIPATROL Mobile utilizes the same VidLock security suite to prevent
unauthorized access to video files stored on the camera. Additionally
VERIPATROL Mobile encrypts all video files on the remote computer to ensure
the evidence is protected while stored for playback in the car.
When Mobile+ is used, the video file is transferred in an encrypted state to
prevent interception during the transfer process.
The technologies and processes used in VERIPATROL Mobile are protected by
US patents: 8,190,088; 8,351,449; and 8,412,101. Multiple Patents Pending.
Network White Paper Ver 4.6.0.7523
Page 24
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertising