FW 11.50.2 must be used for Single Controllers and 11.60.2 for Dual Controllers
In Q1 of the year 2020 the BU BT-VS announced that NetApp forces to update all systems E2800 to newer firmware than 11.40.x.
At that time, it was strongly recommended to go to version 11.50.2 and in February 2020 recommendation was given for 11.50.R2
The version 11.50.R2 was forced by NetApp to
get proper NetApp support services while valid warranty contract is active
and to fix vulnerability aspects.
Newer NetApp controller firmware might be approved and qualified by BOSCH.
(e.g. status 08/2020 there is an 11.60.2 qualified by BOSCH) - Details can always be found at the BOSCH product catalogue and Release Note
All customers owning a NetApp storage system with valid warranty agreement and registered unit do have access to the public announcement of NetApp.
This was announced by NetApp on their support websites (see https://mysupport.netapp.com/).
Please follow our BOSCH Knowledge Base and monitor for updates at this article for important news. The BOSCH sub model ID 356 ensures that the NetApp system is optimized for 24/7 video recording.
Possible causes and solution(s)
The parts included in the kit (DIP-7GRSN-P6) are the following:
1 x Graphics card for DIVAR IP all-in-one 7000 appliances
1 x Sound card for DIVAR IP all-in-one 7000 appliances
4 x Mini DisplayPort to DisplayPort adapter
The kit must contain the proper brackets for the low profile (2u) and normal mounting (3u).
At first sight, you might think that the model is the correct one that shows in the Datasheet, but the Video card is smaller than the DIP Slot.
Please note that it may be possible that:
the Audio card comes with the normal mounting (3u) bracket preinstalled and the kit contains the low profile bracket
while the Video card comes with the low profile preinstalled and the kit contains the normal mounting bracket
The video card model is the same for all types of sizes of DIP-7000 AIO.
1) Question Is it still necessary to move the jumper to disable the on-board VGA?
Answer: It is NOT necessary to move the jumper to disable the on-board VGA.
2) Question: Are BIOS changes also required?
Answer: No, as per BIOS specifications, the graphic priority should always be set to “off-board”. per default.
3) Question How can you mount the brackets?
Answer Only two screws need to be tightened.
BVMS is a data-driven video management system that supports predictive solutions by establishing a decision center delivering actionable insights to customers.
The latest version offers a map-based tracking assistant and improved geographical awareness with online maps. Read on to learn how to configure the map-based tracking assistant.
The map-based tracking assistant requires a license. Before beginning, check the license in Configuration Client by accessing the License Inspector, which is found under the Tools menu.
The value of the Online map and Map-based tracking assistant licenses must list "True" in the License Limit column.
VCA (Video content analysis) is the process of automatically analyzing video images to alarm on predefined events like the detection of moving objects in the monitored area or tampering with the camera. It can also be used to gather statistics about the detected objects.
Depending on the camera type, the following VCA algorithm are available in Bosch cameras:
– Intelligent Video Analytics:
Mission-critical, long-distance intrusion detection in extreme weather conditions.
Detection and tracking of moving objects.
– Intelligent Video Analytics Flow:
Basic motion detection of cells in a grid with velocity and direction. Used for counter flow detection in crowds.
– Essential Video Analytics:
Reliable video analytics for small and medium businesses, large retail stores, commercial buildings, and warehouses. Detection and tracking of moving objects.
Basic change detection of cells in a grid. Can be used to trigger recordings.
– Tamper detection:
Detects camera occlusion, turning away from the monitored scene, extreme lighting conditions and basic idle / removed object detection.
If you would like to stop this setting, please follow the steps below.
In order to increase system security in BVMS, it is recommended to set the Global CHAP password.
This article contains the configuration steps for an existing fully operational BVMS 11.x system with no CHAP password configured.
The purpose of this article is to provide a step by step guide about how to perform backup and recovery procedures of the VRM data base in the DIVAR IP 2000 EZ Recording Appliance.
Backing Up the Working Configuration:
1.To backup the working configuration of a DIVAR IP 2000 Recording Appliance, open the Appliance's "Dashboard":
2. From the Dashboard select the "Configuration" tab in the top right hand portion of your browse:
Monitor Group gives operators flexible control over the content of a video wall or allows them to let the system take over this control automatically based on pre-defined scenarios.
This article describes h ow to create a Monitor Group on a decoder VJD 7xxx/ 8xxx in BVMS Configuration Client.
°Each decoder requires one or two channel expansion licenses (depending on the number of monitor ports available)
The current MG implementation requires the availability of the Management server during operation
Former Digital wall implementation has been removed in BVMS >=11.0
NEW BVMS v.11.0 feature
The configuration step 9+10 from this article can be done also using the “Protect iSCSI storage with global CHAP password” (Menu item under Hardware). In case the function has been already enabled, step 9+10 is obsolete.
Some devices that demand 60W or less are not powered by the NPD-9501A Midspan
Possible causes and solution(s)
Some devices that demand 60W or less are not powered by the NPD-9501A Midspan
The Midspan was released before the standards on mega poe were crystallized into accepted definitions at the IEEE standardization body. This device specifically targets to support power application to Bosch products that could not be served by lower capacity power source equipment.
Using power devices that are not listed for this product in the datasheet migth result in power failure.
NPD-9501 Midspan will not work with UHO-PoE-10 Housing
For products demanding 60W or less advise to use NPD-6001B Midspan.
To achieve a broader compatibility with switches and Midspans, for example the NPD-9501 Midspan and Cisco PoE+ switches (like C2960X, C3560CX and C9200).
The UHO-POE-10 Outdoor housing received a product enhancement.
How to identify if UHO-PoE-10 is the new variant?
The new batch contains products which contain SN starting with 404023113800040670
POE module is Blue, previous was Black!
Not all Cisco PoE+ switches are able to power up the UHO-PoE-10 or VSP-UHO-PoE-10 outdoor housing (F.01U.300.502, F.01U.332.052).
Bosch has introduced the UHO-PoE-10 in 2014 following the IEEE802.3-2009 standards
Cisco claims that the Bosch UHO-PoE-10 at startup for a short moment (around 1 micro second) exceeds maximum current peek allowed by the updated IEEE 802.3-2015 standard, allowing the PSE (Power Source Equipment) to withdraw the power as a protective measure.
Due to analogue overcurrent protector components in the Cisco switch it can happen that tolerances may cause variety in behavior over different Cisco switches, even when the same model and setups are used.
Currently this behavior is only known on some Cisco models. (reports were seen on C2960X, C3560CX and recently C9200.)
If one of DIVARs IP 5000 AIO is selected on a user profile, the Operator Client opens the site and works fine. One message is displayed when two or more DIVARs are added into the same Enterprise system.
If you already have a DIP 5000 AIO into your Enterprise system and you want to add additional units but you receive the following message, you can solve this by using the steps below:
"Server of configuration database is already in the server list. Remove either the server that is twice in the list or make sure that the configuration database is not cloned between servers."
If you have the option "Extended (security)/configuration mode" active on a VIDEOJET decoder 7000 (VJD-7513) in Configuration Manager, then no video image will be shown and the BOSCH logo will be displayed at the cameo of the monitor output of the decoder.
This is as designed in Configuration Manager, and this mode is to give you the opportunity to enable the SSD Encryption and to disable the USB ports.
Once you are finished changing the extended security features, you must uncheck the check box and the decoder will go back to normal functioning.
If the administrator account (which was originally created when initial setup wizard was run) has been deleted locally and another new administrator account was created, then it is not possible to create user via web. Only locally is possible, as the application is still looking for the original admin account.
A workaround here would be to default your Divar Network and follow the setup wizard > this will create the administrator user again and will let you create new users again.
Or create the new users locally on your Divar.
Bosch strongly recommends upgrading to the latest firmware for the best possible functionality, compatibility, performance and security.
Check http://downloadstore.boschsecurity.com/ regularly to see if there is a new firmware version available.
Alarm functions include local inputs and relay outputs, plus motion detection in user-defined areas. If an alarm is detected, the DIVAR can:
send an e-mail notification and/or FTP push
sound a buzzer and/or display a warning
activate local alarm output
The calculation of the storage capacity is done in different way in Configuration Client and VRM Monitor:
In BVMS Configuration Client Capacity (GB) stands for the available physical capacity of the storage, as calculated and provided by the storage vendor (for example NetApp).
In VRM Monitor – under Target Overview – Total is listed the number of all available blocks multiplied by the size of the blocks that is by default 1GB. This calculation concerns the logical storage and depends on the way the storage is used (for example how many Luns are imported in the system).
See also: Video Storage Calculator web site
The firewall configuration dialog is a fixed step in the setup process and will allow automatic configuration of all required firewall settings to run BVMS. The applied rules and settings can be found in the readable command script file "C:\Program Files\Bosch\VMS\bin\FirewallConfig.cmd".
The firewall rules that have been applied with the setup cannot be reverted and must be manually changed/removed if required.
The BVMS Logbook database can be moved to another SQL Server.
This article describes the steps that are necessary to migrate the database and describes how to confirm if the migration was successful.
BVMS is using Microsoft SQL Server Express to store its logbook. Based on the information provided by Microsoft (Compare SQL Server 2017 editions), SQL Server Express is limited to a 10GB database size.
This could be insufficient for larger installations or installations that require a very long logbook retention time. Additionally, some organizations have a dedicated SQL server environment which should be utilized by all applications. The BVMS Logbook database can be moved to another SQL Server. This guide describes the steps that are necessary to migrate the database and describes how to confirm if the migration was successful.
he Project Assistant offers two ways of importing existing project data:
Option 1) Importing a .bpassist file, which was exported from the app at some point and which contains all information and data ever created/entered inside the app for that specific project. Simply select the "Project Assistant" mode >> click "continue" >> and press "import".
Option 2) Importing from a tab-separated text file. This option may be useful, if you have existing project data, e.g. in an Excel spreadsheet, which you want to transfer into the Project Assistant for further use.
This article deals with option 2 and explains the steps potentially needed before you can refer to the steps explained in the following Youtube video ("Import from file").
The museum mode of Intelligent and Essential Video Analytics is an optimized tracking mode to detect whenever someone tries to reach towards and touch a valuable asset like a museum exhibit.
It can also be used in any other application where approaching a sterile zone from a more crowded environment shall be detected.
Time is everything: meetings, public transportation, religion, transactions: the whole world is working because the concept of “time” exists. Within a security (or any other) system this is not different: recording schedules, logging, authorizations, encryption keys, timelines, all of these concepts can exist because of time.
As a result, time can either make or break a system: problems can appear only due to a time difference of a couple of seconds between two system components.
This article describes how time services can be configured in a BVMS version ≤ 10.1 environment.
For BVMS version ≥ 11.0 please refer to the following article:
Where can you configure NTP server for cameras/encoders in BVMS≥11?
Time: what is the challenge?
Each device has its own internal clock, which is based on a hardware mechanism. This mechanism acts like a watch: try to put two watches together and synchronize them on the millisecond. A security system consists out of more than two devices, it can consist of thousands of devices.
Synchronizing the time of all these devices by hand is a very time consuming task. Additionally, due to small differences in electronic components, devices can have deviations from one another.
These deviations cannot be detected by the human eye, but can result in considerable time differences when a device is running for months.
The Network Time Protocol (NTP) was created to solve these challenges. The Network Time Protocol is a network-based protocol for clock synchronization between system components. The protocol utilizes a standard IP network to communicate and can maintain a time difference (considering a local area network) of less than one millisecond between components. The Network Time Protocol is a standard protocol and documented in RFC 5905.
The operation and configuration of the Network Time Protocol are complex: a hierarchical architecture needs to be set-up including several layers of systems which are able to run the Network Time Protocol. To reduce complexity the Simple Network Time Protocol (SNTP) was created. The Simple Network Time Protocol is mainly used when less accuracy (deviations of 1-2 seconds are acceptable).
Windows Time Service
The Bosch Video Management System is running on Microsoft Windows Server operating systems. Windows includes an internal time service, which is explained on Microsoft Technet:
“The Windows Time service, also known as W32Time, synchronizes the date and time for all computers running in an AD DS domain. Time synchronization is critical for the proper operation of many Windows services and line-of-business applications. The Windows Time service uses the Network Time Protocol (NTP) to synchronize computer clocks on the network so that an accurate clock value, or time stamp, can be assigned to network validation and resource access requests. The service integrates NTP and time providers, making it a reliable and scalable time service for enterprise administrators.
The W32Time service is not a full-featured NTP solution that meets time-sensitive application needs and is not supported by Microsoft as such. For more information, see Microsoft Knowledge Base article 939322,Support boundary to configure the Windows Time service for high-accuracy environments (http://go.microsoft.com/fwlink/?LinkID=179459).”
Source: Windows Time Service Technical Reference - Microsoft Technet
The Windows Time service is based on the Simple Network Time Protocol.
The Network Time Protocol requires a very complex infrastructure, which impacts the total installation and configuration effort of the system. The Simple Network Time Protocol (also used for the Windows Time Service) reduces the complexity, but at the same time also reduces the accuracy.
For most security applications the Simple Network Time Protocol provides sufficient accuracy. Bosch recommends to use the Windows Time service, based on the Simple Network Time Protocol, as basis for time synchronization in a security network. This article provides best-practices on how to configure the Bosch Video Management System and related components in a time synchronization environment based the Windows Time service.
Alternatively, the Network Time Protocol can be used whenever it is already existing inside an infrastructure or when event accuracy with a deviation less than one second is required. Due to the complexity of the infrastructure Bosch does not make any recommendations related to the Network Time Protocol.
Management server configuration
A. Operating system configuration
This section also applies for the Video Recording Manager and Mobile Video Service when these are not running on the management server.
Microsoft has prepared a lot of documentation related to time configuration Go to the Microsoft Support: How to configure an authoritative time server in Windows Server page and scroll down to the section “Configuring the Windows Time service to use an external time source”. Click the download button under the “Here’s an easy fix” section.
Figure: Download the Microsoft Windows Time service configuration utility
The utility will configure external time servers. To select these, browse to http://pool.ntp.org and select two servers which are related to the geographical location of the system, for example “de.pool.ntp.org” and “nl.pool.ntp.org”, referring to Germany and the Netherlands. Another (local or external) (S)NTP server can also be chosen.
Start the Microsoft configuration utility and configure it as indicated and shown in the figure below.
Administrative access is required to run the utility.
Figure: Pool.ntp.org locations
Figure: Windows Time service configuration
Alternatively the configuration can be done from the command-line, using the command shown below.
net stop w32time w32tm /config /syncfromflags :manual /manualpeerlist : "nl.pool.ntp.org, de.pool.ntp.org" net start w32time
The configuration can be verified by starting the Windows Command prompt and issuing the command “w32tm /query / status”, as shown in the figure below. Notice the time source, this should point towards the configured servers.
Figure: verifying configuration
It can take up to one minute before the correct time source is displayed.
When there is a problem, the configured (S)NTP server can be tested by issuing the “w32tm /stripchart /computer:de.pool.ntp.org”, which should result in the output displayed in the figure below.
Figure: test the (S)NTP service
When an unexpected result is returned, it is recommended to check access to the specific (S)NTP server. A firewall might prevent the communication between the (S)NTP server and the management server.
B. BVMS Management Server configuration
BVMS automatically points devices to its own time-server. This can be changed by editing the BvmsCenterlServer.exe.config file, located in C:\Program Files\Bosch\VMS\bin\. Find the key "TimeServerIPAddress" and adjust the value, as shown in the example below (192.168.0.1).
<!-- Ip address of the time server for VRM/NVR encoders(defaults to the Central-Server IP if not set) . --> < add key = "TimeServerIPAddress" value = "192.168.0.1" />
C. Workstation configuration
The Bosch Video Management System Operator client runs on a Windows workstation. When the workstation and server are part of the same Microsoft Active Directory service domain, no manual time synchronization needs to be configured.
Figure: workstation configuration, "192.168.0.200" needs to be replaced by the IP address or Fully Qualified Domain Name of the management server.
When the Bosch Video Management System workstation and management Server are not joined in a domain, or into the same domain, the workstation(s) need to be manually configured to use the management server as a time server. To achieve this, the description above can be used. Instead of using the pool.ntp.org as a server, the management server is now entered.
D. Camera configuration
If a camera is connected to a BVMS system the time server will be automatically configured.
The GDPR (General Data Privacy Regulation) is enforced on the 25th of May 2018. As a regulation it is directly applicable to all EU member states without the need for national implementing legislation. As information captured, processed and stored by video surveillance systems is classified as "sensitive" the GDPR will cause significant impact on the video surveillance installations throughout Europe. This article gives insights into the new legislation and describes how a video surveillance system can be designed and configured in order to help an organization comply with this new regulation.
This article describes how the GDPR impacts video surveillance systems and how BVMS can be configured to function in a GDPR compliant organization.
Since the publication of this guide the European Data Protection Board (EDPB) has issued a paper specifically targeted at video surveillance installations: GDPR video surveillance guide.