This article summarizes the BVMS design details, and serves as a guide to planning a BVMS system with Bosch cameras and storage. It focuses on BVMS combined with the VRM.
The BVMS 11.0 release notes can be found on the Bosch Security Systems website. This article lists the valid design specifications for BVMS 11.0.
The recommended hardware for the Operator Client, VRM and server components (Management Server, VSG and MVS) can be found on the different (BVMS Professional, Plus and Lite) datasheets. The recommended hardware is fine-tuned to the maximum system size.
The server components of the BVMS can be virtualized. More information on virtualization can be found in the Virtualization - A concept explained document.
All Bosch cameras can be used under the device compatibility concept, which is described in the article "Which Bosch encoders and decoders are compatible with BVMS?" on the Bosch Security & Safety community. The list of tested ONVIF cameras can be found on the Bosch Security Systems website.
The BVMS Network Design Guide (which can be found on the Bosch Security System Community) describes general recommendations related to the network.
To achieve the performance listed in the table below, an 1 Gigabit/s network is a minimum requirement between the Operator Client and Management Server.
BVMS is designed to run on the Microsoft Windows operating system. This section lists the tested BVMS operating system versions and the expected end-of-service dates from Microsoft.
The overview below relates Windows version to specific BVMS releases. We distinguish two levels of compatibility:
The tested operating systems (also listed on the datasheets. These versions are tested extensively).
The compatible operating systems are tested for selected use-cases and we are confident they are usable in production environments.
If you run into an issue on a compatible operating system, our after sales support teams will investigate this issue to determine the root-cause. It might be recommended to upgrade your Windows version if we determine the root-cause is related to this. For Windows Server based operating systems, we always recommend to use the tested versions.
Mainstream support: security updates/patches as well as non-security updates/patches.
Extended support: only security updates.
Source: Search product lifecycle and Microsoft Business, Developer and Desktop Operating systems policy
Using Windows as a Service (Windows 10) requires an organization to update their systems on a regular basis. Bosch might require the organization to update the system to the latest available version in order to use support.
Sources: Quick guide to Windows as a Service, Overview of Windows as a Service, Windows lifecycle fact sheet and Windows 10 update history
BVMS Plus, BVMS Professional, and DIVAR IP All-in-one 7000 can act as a BVMS Enterprise server and be expanded with subsystems. This expands the previously known Enterprise functionality to BVMS Plus, Professional, and DIVAR IP All-in-one 7000 as well. Each workstation which is connected to the Enterprise management server should be licensed as MBV-XWST-xx, where xx is the BVMS version. Workstation licenses are not relevant for subsystems that are connected to an Enterprise management server. The workstation licenses are relevant when workstations are directly connected to the subsystem.
For each site, the MBV-XSITE-xx license is required. The DIVAR IP 3000/7000 cannot be expanded with MBV-XSITE-xx.
DIVAR IP All-in-one 7000 can be expanded with MBV-XSITE-xx and therefore act as an unmanaged site server. Devices inside the subsite do not need to be licenses in the main site, but (depending on the device) need to be licensed within the sub-site.
If the BVMS Management Server does not have locally connected cameras it serves as an address book for the Operator Clients. In this case, the Management Server can run on Microsoft Azure. We recommend to tailor the performance of the Azure virtual machine to match your expected performance and use SSH to login to the Management Server.
Consider this table for the design decision to go for unmanaged site concept on a Professional License or for a “Managed Solution” => Enterprise license with subsystems.
A subsystem is equal to a site.
The software security concept is explained in the BVMS - Securing a Security System document, which can be found on the Bosch Security Systems Community.
When an operator client is connected to an older version (then itself) of the (Enterprise) Management Server, it will run in compatibility mode.
In production systems it is not recommended to use versions which are released more than two years apart.
The web client requires a Mobile Video Service (available with the BVMS setup).
The speed at which a map is opened is depending on the amount of objects that is placed on a map and the size of the map file.
The amount of maps that can be opened simultaneously is also depending on the amount of objects that are placed on a map.
With BVMS 11.0, new Global Maps feature was implemented. It is possible to use it with:
There's no limit for number of viewports, that can be configured to create crop view of the Global Map, available in the device tree.
Map-based tracking assistant is only supported with Global Maps module.
For DWF: Only use layers containing the building structure and remove all unnecessary layers (for example, electronic, water, and others) as they increase the file size of the file, and therefore the loading time. 3D and multimaps cannot be used. It is recommended to use DWF files with version 5 or higher.
*In Global Maps feature, introduced with BVMS 11.0, only PNG and JPG format are supported.
For remote security connectivity the built-in SSH service can be used. Due to the increased overhead it is not recommended to use the SSH service's functionality in a local network:
The number of cameras is depending on the bandwidth generated per cameras.
Each decoder requires a channel license per connected monitor: if a VIDEOJET 7000 and VIDEOJET 8000 have 2 connected monitors, 2 channel licenses are required.
From BVMS 10.0.1 onwards panoramic pre-positions can be assigned to the monitor group in alarm scenarios.
Panoramic pre-positions cannot be assigned manually to the monitor group.
Digital Monitor Wall (DMW) function was removed in BVMS 11.0. Monitor Groups (MG) function should be used instead.
Please see the comparison below.
While we are working on improving the security configuration, the following settings are tested related to the usage of decoders.
Barco developed a RCP+ SDK Agent to integrate the BARCO Transform N series for BVMS 5.0 or higher.
TransForm N Universal Streaming Video Input Node
The latest list of tested ONVIF cameras can be found on https://community.boschsecurity.com
Some manufacturers do not provide a de-bounce time, leading to events occurring in high frequency. Therefore, please ensure that the total event load in the system does not exceed 500 events/second. To ensure this:
The Video Streaming Gateway acts as an iSCSI NVR for ONVIF cameras in the BVMS environment.
VSG throughput and performance is determined by several factors:
When designing a system, all of these factors must be considered in order to build a cleanly-functioning system. When using a standalone server, the VSG throughput will vary based on the hardware platform itself. Older generation servers could provide 350 to 400 Mb/s of throughput. This includes both the RTSP pull from cameras, as well as the iSCSI push to the storage target. The new Generation 10 Server can supply 3000 Mb/s of throughput.
The second part of the equation is the available throughput of the iSCSI target.
The table below shows the VSG performance when using DIVAR IP appliances.
The table below shows the VSG performance when using a dedicated VSG server combined with an external iSCSI target (for example, the DSA E2800).
In a VSG standalone sever scenario with a camera that is streaming at 3Mb/s:
Bandwidth calculation for a single camera would be 9 Mb/s. A 100 camera system would be calculated at a theoretical worst case scenario 900 Mbit/s.
BVMS offers two ways to access the system from a remote connection:
SSH Tunnelling constructs an encrypted tunnel established by an SSH protocol/socket connection. This encrypted tunnel can provide transport to both encrypted and un-encrypted traffic. The Bosch SSH implementation also utilizes Omni-Path protocol, which is a high performance low latency communications protocol developed by Intel.
The SSH client is embedded into the BVMS Operator Client. The SSH service can be, optionally, installed on the BVMS management server. When using SSH tunneling, all BVMS related traffic is routed through the SSH service and this will therefore also create a single-point-of-failure in the system.
Due to the huge amount of data that needs to be transferred to the BVMS operator client a limited version of Forensic Search is available when connected to a BVMS system via SSH.
Transcoding enables to BVMS Operator Client to operate within low bandwidth (>=300 kbit/s) networks.
If no transcoder sessions or hardware transcoder is available in the VRM no image will be displayed in the BVMS operator client. Transcoded videos are selected by operator per device and it will be indicated in the cameo that a transcoded stream is being used. The following operations cannot be executed when a transcoded session to a device is used:
Software transcoding is offered in Operator Client as a fall-back level when no hardware transcoder is available, but only for live.
The hardware transcoder is available for Llve and playback for VRM connected Bosch cameras. BVMS is able to utilize the transcoder service within the internal transcoder of the VRM installed on DIVAR IP 3000/7000 as well as DIVAR IP 2000/6000. The hardware transcoding device or service cannot be configured from the BVMS config client, but needs to be configured in the Bosch Configuration Manager.
When planning for larger environments we strongly recommend using large sized disk arrays instead of a large number of small disk arrays (vertical scaling instead of horizontal scaling). For systems with more than 40 disk arrays, please contact a Bosch Pre-sales engineer. iSCSI based storage systems not qualified by Bosch are not supported.
One VRM is required to manage:
The VRM tolerates a downtime of 7 days of the BVMS management server, as the central server executes a license push. This means the recording will continue for 7 days if the BVMS management server is down. After 7 days the VRM will stop recording. With older VRM versions (prior to 3.55) the recording will stop after 24 hours.
BVMS supports multiple Pools (Pooling implemented in VRM 3.0), a migration from former VRM versions is possible.
Direct iSCSI and Local Storage is supported for devices which support Firmware 4.x and above. I.e. no Local Storage support for VIPX1/X2 and VJ800x.
Pre-Alarm, Alarm and Post-Alarm, while pre- and post- must be at least 15 seconds. This means, pre-alarm is always streaming over the network (except when using ANR).
Continuous, Alarm and Post-Alarm, while post must be at least 15 seconds.
VRM/iSCSI and local recording do not support the configuration of Holidays for recording. Special Days must be used.
Support of E-series with dual controller system with 2x2 ports to increase number of cameras
Dual recording:
ANR is meant to buffer network outages and then push it to storage, once network is back.
Person identification is currently only possible with Bosch cameras.
BVMS 5.5 or higher supports UL intrusion panels supporting Mode 2 protocol:
Supported feature set:
From BVMS 10.0 onwards the BVMS installation package can be directly installed on the supported DIVAR IP devices.
BVMS can operate in a system with:
One MBV-XDVR-xx license is required per DVR. The connected cameras are included.
Implemented functionality:
Each DIVAR can handle up to five simultaneous connections. One connection is consumed by:
For example, if 2 operators are looking at 2 cameras each, LIVE:
1 Server + 2 LIVE + 2 LIVE = 5 connections.
It is not possible to send cameras connected to a DIVAR to a decoder
BVMS 5.0 and higher can record additional data. Additional data is searchable in the BVMS via the Logbook.
Additional data can be received by BVMS by the following means:
Known restrictions:
The BVMS management server, the VRM and the workstations can function perfectly in an enterprise (domain) environment. Bosch recommends the following:
Locations:
When problems arise when running BVMS in a domain environment, Bosch recommends looking at the Windows event log for service start-up problems. Alternatively the BVMS Config Collector can be used to gather the required log files and these can be send to the technical support team for further analysis.
The BVMS SDK capabilities are documented in the BVMS SDK documentation. The BVMS SDK documentation is available on the Bosch Knowledge Base.
The software security concept is explained in the BVMS - Securing a Security System document, which can be found on the Bosch Security Systems Community.
When installed on a single device, BVMS installs the services mentioned in the table below.
Technical support services and upgrading to a newer BVMS version requires Software Assurance PRO. The table below can be used to check the exact release dates of the different BVMS versions.