This article lists how to configure ANR feature in BVMS and how correctly to set up iSCSI and direct replay.
Configuration of ANR in BVMS system
Insert SD card into camera and power it on.
In Configuration Client, select Devices page.
Device password and CHAP password. There are two possible configuration set ups - to configure password for both device and iSCSI connection or to leave both without password. Choose and configure one of them (3.1 or 3..2).
3.1. Set device user password and CHAP password
3.2. No CHAP password for ANR
Note: Mixing the parameters between the two options 3.1 and 3.2 will lead to issues in direct replay from SD card.
According to the BVMS 11. Release notes > 2.2. Removed functionality chapter > The digital monitor wall functionality has been removed.
This removal has impact on the BVMS Viewer → Decoders are not supported anymore in BVMS Viewer starting with version 11.0
Other devices and functions that have been removed to ensure software security:
Map migration (removed Autodesk design review installation)
Note: The Monitor Group functionality is still available in BVMS Professional/ Plus/ Lite.
BVMS v10.1 and BVMS v11.0 come with a checkbox where you can logon to the Operator Client with Windows Credentials.
If you want to use this function, you need to set up the BVMS Configuration Client and browse the AD users-groups. Then, the users can sign in to Operator Client with their Windows-Credentials.
BVMS is a data-driven video management system that supports predictive solutions by establishing a decision center delivering actionable insights to customers.
The latest version offers a map-based tracking assistant and improved geographical awareness with online maps. Read on to learn how to configure the map-based tracking assistant.
The map-based tracking assistant requires a license. Before beginning, check the license in Configuration Client by accessing the License Inspector, which is found under the Tools menu.
The value of the Online map and Map-based tracking assistant licenses must list "True" in the License Limit column.
In order to increase system security in BVMS, it is recommended to set the Global CHAP password.
This article contains the configuration steps for an existing fully operational BVMS 11.x system with no CHAP password configured.
Monitor Group gives operators flexible control over the content of a video wall or allows them to let the system take over this control automatically based on pre-defined scenarios.
This article describes h ow to create a Monitor Group on a decoder VJD 7xxx/ 8xxx in BVMS Configuration Client.
°Each decoder requires one or two channel expansion licenses (depending on the number of monitor ports available)
The current MG implementation requires the availability of the Management server during operation
Former Digital wall implementation has been removed in BVMS >=11.0
NEW BVMS v.11.0 feature
The configuration step 9+10 from this article can be done also using the “Protect iSCSI storage with global CHAP password” (Menu item under Hardware). In case the function has been already enabled, step 9+10 is obsolete.
The calculation of the storage capacity is done in different way in Configuration Client and VRM Monitor:
In BVMS Configuration Client Capacity (GB) stands for the available physical capacity of the storage, as calculated and provided by the storage vendor (for example NetApp).
In VRM Monitor – under Target Overview – Total is listed the number of all available blocks multiplied by the size of the blocks that is by default 1GB. This calculation concerns the logical storage and depends on the way the storage is used (for example how many Luns are imported in the system).
See also: Video Storage Calculator web site
The firewall configuration dialog is a fixed step in the setup process and will allow automatic configuration of all required firewall settings to run BVMS. The applied rules and settings can be found in the readable command script file "C:\Program Files\Bosch\VMS\bin\FirewallConfig.cmd".
The firewall rules that have been applied with the setup cannot be reverted and must be manually changed/removed if required.
The BVMS Logbook database can be moved to another SQL Server.
This article describes the steps that are necessary to migrate the database and describes how to confirm if the migration was successful.
BVMS is using Microsoft SQL Server Express to store its logbook. Based on the information provided by Microsoft (Compare SQL Server 2017 editions), SQL Server Express is limited to a 10GB database size.
This could be insufficient for larger installations or installations that require a very long logbook retention time. Additionally, some organizations have a dedicated SQL server environment which should be utilized by all applications. The BVMS Logbook database can be moved to another SQL Server. This guide describes the steps that are necessary to migrate the database and describes how to confirm if the migration was successful.
Time is everything: meetings, public transportation, religion, transactions: the whole world is working because the concept of “time” exists. Within a security (or any other) system this is not different: recording schedules, logging, authorizations, encryption keys, timelines, all of these concepts can exist because of time.
As a result, time can either make or break a system: problems can appear only due to a time difference of a couple of seconds between two system components.
This article describes how time services can be configured in a BVMS version ≤ 10.1 environment.
For BVMS version ≥ 11.0 please refer to the following article:
Where can you configure NTP server for cameras/encoders in BVMS≥11?
Time: what is the challenge?
Each device has its own internal clock, which is based on a hardware mechanism. This mechanism acts like a watch: try to put two watches together and synchronize them on the millisecond. A security system consists out of more than two devices, it can consist of thousands of devices.
Synchronizing the time of all these devices by hand is a very time consuming task. Additionally, due to small differences in electronic components, devices can have deviations from one another.
These deviations cannot be detected by the human eye, but can result in considerable time differences when a device is running for months.
The Network Time Protocol (NTP) was created to solve these challenges. The Network Time Protocol is a network-based protocol for clock synchronization between system components. The protocol utilizes a standard IP network to communicate and can maintain a time difference (considering a local area network) of less than one millisecond between components. The Network Time Protocol is a standard protocol and documented in RFC 5905.
The operation and configuration of the Network Time Protocol are complex: a hierarchical architecture needs to be set-up including several layers of systems which are able to run the Network Time Protocol. To reduce complexity the Simple Network Time Protocol (SNTP) was created. The Simple Network Time Protocol is mainly used when less accuracy (deviations of 1-2 seconds are acceptable).
Windows Time Service
The Bosch Video Management System is running on Microsoft Windows Server operating systems. Windows includes an internal time service, which is explained on Microsoft Technet:
“The Windows Time service, also known as W32Time, synchronizes the date and time for all computers running in an AD DS domain. Time synchronization is critical for the proper operation of many Windows services and line-of-business applications. The Windows Time service uses the Network Time Protocol (NTP) to synchronize computer clocks on the network so that an accurate clock value, or time stamp, can be assigned to network validation and resource access requests. The service integrates NTP and time providers, making it a reliable and scalable time service for enterprise administrators.
The W32Time service is not a full-featured NTP solution that meets time-sensitive application needs and is not supported by Microsoft as such. For more information, see Microsoft Knowledge Base article 939322,Support boundary to configure the Windows Time service for high-accuracy environments (http://go.microsoft.com/fwlink/?LinkID=179459).”
Source: Windows Time Service Technical Reference - Microsoft Technet
The Windows Time service is based on the Simple Network Time Protocol.
The Network Time Protocol requires a very complex infrastructure, which impacts the total installation and configuration effort of the system. The Simple Network Time Protocol (also used for the Windows Time Service) reduces the complexity, but at the same time also reduces the accuracy.
For most security applications the Simple Network Time Protocol provides sufficient accuracy. Bosch recommends to use the Windows Time service, based on the Simple Network Time Protocol, as basis for time synchronization in a security network. This article provides best-practices on how to configure the Bosch Video Management System and related components in a time synchronization environment based the Windows Time service.
Alternatively, the Network Time Protocol can be used whenever it is already existing inside an infrastructure or when event accuracy with a deviation less than one second is required. Due to the complexity of the infrastructure Bosch does not make any recommendations related to the Network Time Protocol.
Management server configuration
A. Operating system configuration
This section also applies for the Video Recording Manager and Mobile Video Service when these are not running on the management server.
Microsoft has prepared a lot of documentation related to time configuration Go to the Microsoft Support: How to configure an authoritative time server in Windows Server page and scroll down to the section “Configuring the Windows Time service to use an external time source”. Click the download button under the “Here’s an easy fix” section.
Figure: Download the Microsoft Windows Time service configuration utility
The utility will configure external time servers. To select these, browse to http://pool.ntp.org and select two servers which are related to the geographical location of the system, for example “de.pool.ntp.org” and “nl.pool.ntp.org”, referring to Germany and the Netherlands. Another (local or external) (S)NTP server can also be chosen.
Start the Microsoft configuration utility and configure it as indicated and shown in the figure below.
Administrative access is required to run the utility.
Figure: Pool.ntp.org locations
Figure: Windows Time service configuration
Alternatively the configuration can be done from the command-line, using the command shown below.
net stop w32time w32tm /config /syncfromflags :manual /manualpeerlist : "nl.pool.ntp.org, de.pool.ntp.org" net start w32time
The configuration can be verified by starting the Windows Command prompt and issuing the command “w32tm /query / status”, as shown in the figure below. Notice the time source, this should point towards the configured servers.
Figure: verifying configuration
It can take up to one minute before the correct time source is displayed.
When there is a problem, the configured (S)NTP server can be tested by issuing the “w32tm /stripchart /computer:de.pool.ntp.org”, which should result in the output displayed in the figure below.
Figure: test the (S)NTP service
When an unexpected result is returned, it is recommended to check access to the specific (S)NTP server. A firewall might prevent the communication between the (S)NTP server and the management server.
B. BVMS Management Server configuration
BVMS automatically points devices to its own time-server. This can be changed by editing the BvmsCenterlServer.exe.config file, located in C:\Program Files\Bosch\VMS\bin\. Find the key "TimeServerIPAddress" and adjust the value, as shown in the example below (192.168.0.1).
<!-- Ip address of the time server for VRM/NVR encoders(defaults to the Central-Server IP if not set) . --> < add key = "TimeServerIPAddress" value = "192.168.0.1" />
C. Workstation configuration
The Bosch Video Management System Operator client runs on a Windows workstation. When the workstation and server are part of the same Microsoft Active Directory service domain, no manual time synchronization needs to be configured.
Figure: workstation configuration, "192.168.0.200" needs to be replaced by the IP address or Fully Qualified Domain Name of the management server.
When the Bosch Video Management System workstation and management Server are not joined in a domain, or into the same domain, the workstation(s) need to be manually configured to use the management server as a time server. To achieve this, the description above can be used. Instead of using the pool.ntp.org as a server, the management server is now entered.
D. Camera configuration
If a camera is connected to a BVMS system the time server will be automatically configured.
The GDPR (General Data Privacy Regulation) is enforced on the 25th of May 2018. As a regulation it is directly applicable to all EU member states without the need for national implementing legislation. As information captured, processed and stored by video surveillance systems is classified as "sensitive" the GDPR will cause significant impact on the video surveillance installations throughout Europe. This article gives insights into the new legislation and describes how a video surveillance system can be designed and configured in order to help an organization comply with this new regulation.
This article describes how the GDPR impacts video surveillance systems and how BVMS can be configured to function in a GDPR compliant organization.
Since the publication of this guide the European Data Protection Board (EDPB) has issued a paper specifically targeted at video surveillance installations: GDPR video surveillance guide.
This article guides you through the process of installing the BVMS Logbook Health Checker. The Bosch VMS Logbook Health Checker is a tool that is capable of fixing the overflow of the Bosch VMS Logbook database before it occurs.
You can find it in the Configuration Client > Main window > Settings menu > Remote Access Settings... command > Show Port Mapping... button > Port Mapping Table dialog box
Port Mapping Table dialog box displays the port mapping for the IP addresses of the configured devices in your BVMS.
You can find here the private and public ports that are in use in the BVMS system.
All local ports that must be open on the computer where the server is installed or on the router/ level 3 switch that is connected to the server can be found in Help section (F1) from Configuration Client or you can see some useful examples, Q&A and specific cases in the following Knowledge Base article:
Which are the ports that must be open within a LAN for all BVMS components?
No. It is not possible to disable the time synchronization function of BVMS.
It is only possible to configure a single time server per BVMS system to be used as time source for the VRM encoders.
You can check the article below, if needed:
How to configure time services in a BVMS environment?
DIVAR IP 3000 and DIVAR IP 7000 video management appliances come pre-loaded with the latest available BVMS version from factory.
In order to make use of new VMS features and to attach most current devices, it may be required to perform a software upgrade, when a new BVMS version is available.
In this article it is explained how to do the initial system setup and how you can upgrade the BVMS installation to a newer version on a DIVAR IP 3000 or DIVAR IP 7000 video management appliance.
Initial system setup
Second revision DIVAR IP 7000 systems (DIP-71xx-xxx) allow for Appliance BVMS Installer packages to be imported directly during initial system setup. The following steps have to be performed in order to import a custom Appliance BVMS Installer package on a second revision DIVAR IP 7000 video management appliance:
- Download and unzip the Appliance BVMS Installer archive from http://www.boschsecurity.com - Copy the files Bosch_Appliance_BVMS_Installer_xx.xx.xxxx.exe and Setup-x.x.x.xxx.zip to a folder named “BoschAppliance” on a USB drive - Connect the USB drive to the DIVAR IP 7000 system during initial setup - Proceed with the system setup until the software selection screen is shown - Select the Appliance BVMS Installer version that shall be installed on the system
The following steps have to be performed in order to upgrade an existing BVMS installation on a DIVAR IP 3000 or DIVAR IP 7000 video management appliance: - Download and unzip the Appliance BVMS Installer archive from http://www.boschsecurity.com - Copy the content to a USB drive - When the BVMS default screen is shown, press CTRL + ALT + DEL - Hold down the SHIFT key while clicking Switch User (not Log off) - Log in as BVRAdmin - Transfer the folder that contains the files Bosch_Appliance_BVMS_Installer_xx.xx.xxxx.exe and Setup-x.x.x.xxx.zip from the USB drive to the BVRAdmin desktop - Double click Bosch_Appliance_BVMS_Installer_xx.xx.xxxx.exe inside the transferred folder. - Wait until the BVMS setup screen appears and select the upgrade option - Follow the installation procedure without changing any settings
Notes: - The system may request a reboot and re-login during the installation or upgrade procedure. - The upgrade procedure can alternatively be performed via Remote Desktop connection. - The software upgrade requires a system reboot which results in a short (~ 5 min) recording gap.
Please note that the latest information about the Appliance BVMS Installer for DIVAR IP 3000 and DIVAR IP 7000 can be found in the Release Notes on the product page, under Downloads menu > Literature > Release notes
Please follow the steps below when an error message appears that the license is wrong, such as:
“Sorry, you've exceeded the amount of activations for this Authorization"
“Activation invalid: Key mismatch”