According to the BVMS 11. Release notes > 2.2. Removed functionality chapter > The digital monitor wall functionality has been removed.
This removal has impact on the BVMS Viewer → Decoders are not supported anymore in BVMS Viewer starting with version 11.0
Other devices and functions that have been removed to ensure software security:
Map migration (removed Autodesk design review installation)
Note: The Monitor Group functionality is still available in BVMS Professional/ Plus/ Lite.
BVMS v10.1 and BVMS v11.0 come with a checkbox where you can logon to the Operator Client with Windows Credentials.
If you want to use this function, you need to set up the BVMS Configuration Client and browse the AD users-groups. Then, the users can sign in to Operator Client with their Windows-Credentials.
BVMS is a data-driven video management system that supports predictive solutions by establishing a decision center delivering actionable insights to customers.
The latest version offers a map-based tracking assistant and improved geographical awareness with online maps. Read on to learn how to configure the map-based tracking assistant.
The map-based tracking assistant requires a license. Before beginning, check the license in Configuration Client by accessing the License Inspector, which is found under the Tools menu.
The value of the Online map and Map-based tracking assistant licenses must list "True" in the License Limit column.
In order to increase system security in BVMS, it is recommended to set the Global CHAP password.
This article contains the configuration steps for an existing fully operational BVMS 11.x system with no CHAP password configured.
Monitor Group gives operators flexible control over the content of a video wall or allows them to let the system take over this control automatically based on pre-defined scenarios.
This article describes h ow to create a Monitor Group on a decoder VJD 7xxx/ 8xxx in BVMS Configuration Client.
°Each decoder requires one or two channel expansion licenses (depending on the number of monitor ports available)
The current MG implementation requires the availability of the Management server during operation
Former Digital wall implementation has been removed in BVMS >=11.0
NEW BVMS v.11.0 feature
The configuration step 9+10 from this article can be done also using the “Protect iSCSI storage with global CHAP password” (Menu item under Hardware). In case the function has been already enabled, step 9+10 is obsolete.
The calculation of the storage capacity is done in different way in Configuration Client and VRM Monitor:
In BVMS Configuration Client Capacity (GB) stands for the available physical capacity of the storage, as calculated and provided by the storage vendor (for example NetApp).
In VRM Monitor – under Target Overview – Total is listed the number of all available blocks multiplied by the size of the blocks that is by default 1GB. This calculation concerns the logical storage and depends on the way the storage is used (for example how many Luns are imported in the system).
See also: Video Storage Calculator web site
The firewall configuration dialog is a fixed step in the setup process and will allow automatic configuration of all required firewall settings to run BVMS. The applied rules and settings can be found in the readable command script file "C:\Program Files\Bosch\VMS\bin\FirewallConfig.cmd".
The firewall rules that have been applied with the setup cannot be reverted and must be manually changed/removed if required.
The BVMS Logbook database can be moved to another SQL Server.
This article describes the steps that are necessary to migrate the database and describes how to confirm if the migration was successful.
BVMS is using Microsoft SQL Server Express to store its logbook. Based on the information provided by Microsoft (Compare SQL Server 2017 editions), SQL Server Express is limited to a 10GB database size.
This could be insufficient for larger installations or installations that require a very long logbook retention time. Additionally, some organizations have a dedicated SQL server environment which should be utilized by all applications. The BVMS Logbook database can be moved to another SQL Server. This guide describes the steps that are necessary to migrate the database and describes how to confirm if the migration was successful.
Time is everything: meetings, public transportation, religion, transactions: the whole world is working because the concept of “time” exists. Within a security (or any other) system this is not different: recording schedules, logging, authorizations, encryption keys, timelines, all of these concepts can exist because of time.
As a result, time can either make or break a system: problems can appear only due to a time difference of a couple of seconds between two system components.
This article describes how time services can be configured in a BVMS version ≤ 10.1 environment.
For BVMS version ≥ 11.0 please refer to the following article:
Where can you configure NTP server for cameras/encoders in BVMS≥11?
Time: what is the challenge?
Each device has its own internal clock, which is based on a hardware mechanism. This mechanism acts like a watch: try to put two watches together and synchronize them on the millisecond. A security system consists out of more than two devices, it can consist of thousands of devices.
Synchronizing the time of all these devices by hand is a very time consuming task. Additionally, due to small differences in electronic components, devices can have deviations from one another.
These deviations cannot be detected by the human eye, but can result in considerable time differences when a device is running for months.
The Network Time Protocol (NTP) was created to solve these challenges. The Network Time Protocol is a network-based protocol for clock synchronization between system components. The protocol utilizes a standard IP network to communicate and can maintain a time difference (considering a local area network) of less than one millisecond between components. The Network Time Protocol is a standard protocol and documented in RFC 5905.
The operation and configuration of the Network Time Protocol are complex: a hierarchical architecture needs to be set-up including several layers of systems which are able to run the Network Time Protocol. To reduce complexity the Simple Network Time Protocol (SNTP) was created. The Simple Network Time Protocol is mainly used when less accuracy (deviations of 1-2 seconds are acceptable).
Windows Time Service
The Bosch Video Management System is running on Microsoft Windows Server operating systems. Windows includes an internal time service, which is explained on Microsoft Technet:
“The Windows Time service, also known as W32Time, synchronizes the date and time for all computers running in an AD DS domain. Time synchronization is critical for the proper operation of many Windows services and line-of-business applications. The Windows Time service uses the Network Time Protocol (NTP) to synchronize computer clocks on the network so that an accurate clock value, or time stamp, can be assigned to network validation and resource access requests. The service integrates NTP and time providers, making it a reliable and scalable time service for enterprise administrators.
The W32Time service is not a full-featured NTP solution that meets time-sensitive application needs and is not supported by Microsoft as such. For more information, see Microsoft Knowledge Base article 939322,Support boundary to configure the Windows Time service for high-accuracy environments (http://go.microsoft.com/fwlink/?LinkID=179459).”
Source: Windows Time Service Technical Reference - Microsoft Technet
The Windows Time service is based on the Simple Network Time Protocol.
The Network Time Protocol requires a very complex infrastructure, which impacts the total installation and configuration effort of the system. The Simple Network Time Protocol (also used for the Windows Time Service) reduces the complexity, but at the same time also reduces the accuracy.
For most security applications the Simple Network Time Protocol provides sufficient accuracy. Bosch recommends to use the Windows Time service, based on the Simple Network Time Protocol, as basis for time synchronization in a security network. This article provides best-practices on how to configure the Bosch Video Management System and related components in a time synchronization environment based the Windows Time service.
Alternatively, the Network Time Protocol can be used whenever it is already existing inside an infrastructure or when event accuracy with a deviation less than one second is required. Due to the complexity of the infrastructure Bosch does not make any recommendations related to the Network Time Protocol.
Management server configuration
A. Operating system configuration
This section also applies for the Video Recording Manager and Mobile Video Service when these are not running on the management server.
Microsoft has prepared a lot of documentation related to time configuration Go to the Microsoft Support: How to configure an authoritative time server in Windows Server page and scroll down to the section “Configuring the Windows Time service to use an external time source”. Click the download button under the “Here’s an easy fix” section.
Figure: Download the Microsoft Windows Time service configuration utility
The utility will configure external time servers. To select these, browse to http://pool.ntp.org and select two servers which are related to the geographical location of the system, for example “de.pool.ntp.org” and “nl.pool.ntp.org”, referring to Germany and the Netherlands. Another (local or external) (S)NTP server can also be chosen.
Start the Microsoft configuration utility and configure it as indicated and shown in the figure below.
Administrative access is required to run the utility.
Figure: Pool.ntp.org locations
Figure: Windows Time service configuration
Alternatively the configuration can be done from the command-line, using the command shown below.
net stop w32time w32tm /config /syncfromflags :manual /manualpeerlist : "nl.pool.ntp.org, de.pool.ntp.org" net start w32time
The configuration can be verified by starting the Windows Command prompt and issuing the command “w32tm /query / status”, as shown in the figure below. Notice the time source, this should point towards the configured servers.
Figure: verifying configuration
It can take up to one minute before the correct time source is displayed.
When there is a problem, the configured (S)NTP server can be tested by issuing the “w32tm /stripchart /computer:de.pool.ntp.org”, which should result in the output displayed in the figure below.
Figure: test the (S)NTP service
When an unexpected result is returned, it is recommended to check access to the specific (S)NTP server. A firewall might prevent the communication between the (S)NTP server and the management server.
B. BVMS Management Server configuration
BVMS automatically points devices to its own time-server. This can be changed by editing the BvmsCenterlServer.exe.config file, located in C:\Program Files\Bosch\VMS\bin\. Find the key "TimeServerIPAddress" and adjust the value, as shown in the example below (192.168.0.1).
<!-- Ip address of the time server for VRM/NVR encoders(defaults to the Central-Server IP if not set) . --> < add key = "TimeServerIPAddress" value = "192.168.0.1" />
C. Workstation configuration
The Bosch Video Management System Operator client runs on a Windows workstation. When the workstation and server are part of the same Microsoft Active Directory service domain, no manual time synchronization needs to be configured.
Figure: workstation configuration, "192.168.0.200" needs to be replaced by the IP address or Fully Qualified Domain Name of the management server.
When the Bosch Video Management System workstation and management Server are not joined in a domain, or into the same domain, the workstation(s) need to be manually configured to use the management server as a time server. To achieve this, the description above can be used. Instead of using the pool.ntp.org as a server, the management server is now entered.
D. Camera configuration
If a camera is connected to a BVMS system the time server will be automatically configured.
The GDPR (General Data Privacy Regulation) is enforced on the 25th of May 2018. As a regulation it is directly applicable to all EU member states without the need for national implementing legislation. As information captured, processed and stored by video surveillance systems is classified as "sensitive" the GDPR will cause significant impact on the video surveillance installations throughout Europe. This article gives insights into the new legislation and describes how a video surveillance system can be designed and configured in order to help an organization comply with this new regulation.
This article describes how the GDPR impacts video surveillance systems and how BVMS can be configured to function in a GDPR compliant organization.
Since the publication of this guide the European Data Protection Board (EDPB) has issued a paper specifically targeted at video surveillance installations: GDPR video surveillance guide.
This article guides you through the process of installing the BVMS Logbook Health Checker. The Bosch VMS Logbook Health Checker is a tool that is capable of fixing the overflow of the Bosch VMS Logbook database before it occurs.
You can find it in the Configuration Client > Main window > Settings menu > Remote Access Settings... command > Show Port Mapping... button > Port Mapping Table dialog box
Port Mapping Table dialog box displays the port mapping for the IP addresses of the configured devices in your BVMS.
You can find here the private and public ports that are in use in the BVMS system.
All local ports that must be open on the computer where the server is installed or on the router/ level 3 switch that is connected to the server can be found in Help section (F1) from Configuration Client or you can see some useful examples, Q&A and specific cases in the following Knowledge Base article:
Which are the ports that must be open within a LAN for all BVMS components?
No. It is not possible to disable the time synchronization function of BVMS.
It is only possible to configure a single time server per BVMS system to be used as time source for the VRM encoders.
You can check the article below, if needed:
How to configure time services in a BVMS environment?
DIVAR IP 3000 and DIVAR IP 7000 video management appliances come pre-loaded with the latest available BVMS version from factory.
In order to make use of new VMS features and to attach most current devices, it may be required to perform a software upgrade, when a new BVMS version is available.
In this article it is explained how to do the initial system setup and how you can upgrade the BVMS installation to a newer version on a DIVAR IP 3000 or DIVAR IP 7000 video management appliance.
Initial system setup
Second revision DIVAR IP 7000 systems (DIP-71xx-xxx) allow for Appliance BVMS Installer packages to be imported directly during initial system setup. The following steps have to be performed in order to import a custom Appliance BVMS Installer package on a second revision DIVAR IP 7000 video management appliance:
- Download and unzip the Appliance BVMS Installer archive from http://www.boschsecurity.com - Copy the files Bosch_Appliance_BVMS_Installer_xx.xx.xxxx.exe and Setup-x.x.x.xxx.zip to a folder named “BoschAppliance” on a USB drive - Connect the USB drive to the DIVAR IP 7000 system during initial setup - Proceed with the system setup until the software selection screen is shown - Select the Appliance BVMS Installer version that shall be installed on the system
The following steps have to be performed in order to upgrade an existing BVMS installation on a DIVAR IP 3000 or DIVAR IP 7000 video management appliance: - Download and unzip the Appliance BVMS Installer archive from http://www.boschsecurity.com - Copy the content to a USB drive - When the BVMS default screen is shown, press CTRL + ALT + DEL - Hold down the SHIFT key while clicking Switch User (not Log off) - Log in as BVRAdmin - Transfer the folder that contains the files Bosch_Appliance_BVMS_Installer_xx.xx.xxxx.exe and Setup-x.x.x.xxx.zip from the USB drive to the BVRAdmin desktop - Double click Bosch_Appliance_BVMS_Installer_xx.xx.xxxx.exe inside the transferred folder. - Wait until the BVMS setup screen appears and select the upgrade option - Follow the installation procedure without changing any settings
Notes: - The system may request a reboot and re-login during the installation or upgrade procedure. - The upgrade procedure can alternatively be performed via Remote Desktop connection. - The software upgrade requires a system reboot which results in a short (~ 5 min) recording gap.
Please note that the latest information about the Appliance BVMS Installer for DIVAR IP 3000 and DIVAR IP 7000 can be found in the Release Notes on the product page, under Downloads menu > Literature > Release notes
Please follow the steps below when an error message appears that the license is wrong, such as:
“Sorry, you've exceeded the amount of activations for this Authorization"
“Activation invalid: Key mismatch”
By default all cameras/encoders added to BVMS will be configured to start NTP synchronization against the Operating System of the Management server.
Whenever a central NTP Server is available the recommendation is to synchronize all cameras against the NTP central server.
In BVMS ≥ 11 there is a new configuration option.
This article describes how a Tattile camera can be connected to BVMS. We recommend keeping the Tattile camera documentation and BVMS configuration manual at hand to fine tune the system configuration to the specific needs of your project
This article helps you to configure three aspects:
Match list configuration: the Tattile cameras can load a license plate match list from an FTP server. This article describes how you can enable an FTP server on the BVMS management server and use this as a source of the license plate match list.
Camera configuration: the Tattile camera itself requires specific settings before it can be added to BVMS.
BVMS Configuration: adding the Tattile camera to BVMS.
Check list configuration
Tattile cameras can have up to two check lists: A and B. This article helps you to configure check list A based on an FTP server running on the BVMS management server. The article is written based on Windows Server 2019 but can also be used Windows Server 2016 and Windows Server 2012 R2 as they look and feel similar.
1. Setting up an FTP server on the BVMS management server
Open the Internet Information Services Manager and add an FTP site to the local server.
You can give the FTP site an arbitrary name. The physical path needs to be accessible for a user with both read and write access on the file system as well as via the FTP site.
The FTP site should not be configured with SSL. The other settings can be adjusted based on the security-level of the installation. The security-level can be increased by applying, for example, IP filtering on the FTP site or in the Windows Firewall. This way, only configured cameras can access the FTP site.
The FTP site uses Basic authentication. This means that the FTP authentication uses the Windows authentication mechanisms in the background. Users (cameras) should only have read access on the FTP site. This prevents unauthorized modifications of the match list.
Use the computer manager to create a special user, for example, "ftp_user". This user should have read and write access on the FTP site folder and on the file system.
Create a file in the FTP site, for example, BlackList.txt using Notepad. Save the file using UTF8 encoding:
The contents of the file should match the following format: License plate; Country;Comments Please be aware that the Country identifier always consists of three letters. ### can be used as a wildcard and represents all countries
AB134HK;ITA; Test BS46588;###; Substitute car RS054HG;ITA; President’s car
Test if you can open the file using your favorite browser by entering the FTP address: ftp://ftpuser:firstname.lastname@example.org:21/ BlackList.txt. The username and password dialogue should not pop-up and you should have direct access to the content of the BlackList.txt file.
1.1. Synchronizing the check list in the camera with the FTP server
Plate Reader => Check List => Check List A You should enable check list A and configure the List Location as FTP. The FTP IP should match the location of the IP address from the BVMS management server. The File Name should match the name of the file storing the check list.
When you click Reload List, the List Loaded message should appear, including the number of license plates you have put on the list. Multiple cameras can point to the same check list. The checklist can also be generated by an external application that writes the file considering the required format.
1.2. Configure match list management from BVMS Operator Client
BVMS operators can manage the check list from the BVMS Operator Client. The user account the operator uses to login to Windows needs to have read and write access to the file that the FTP server hosts. You can achieve this by creating a new shared folder or by using the existing (hidden) shared folder. In the example below we use an existing (hidden) share folder: c$. Use the BVMS configuration client to open the resource manager.
Add a new resource, in our case, an external application.
The external application launched notepad.exe and points to the location of the check list using an argument.
Add the external application to the BVMS logical tree. This way operators can access it when they want to adjust the check list. Of course you can also put the external application in a folder.
2. Camera configuration
The Tattile camera can handle one admin connection simultaneously. As a result, you can add one camera to one BVMS system.
2.1. Add user
System => HTTP Users Change the default usernames and passwords or add an additional admin user that BVMS can use to login to the camera.
2.2. Configure communication protocol
System => Protocols => VRC BVMS communicates with the Tattile cameras using a secured protocol (VRCS). Configure the VRC server settings as indicated in the image below.
System => Network Configure the IP address from the BVMS management server in the Static hosts section. The Names must state BvmsLpr_Server (case sensitive).
If the Names does not match BvmsLpr_Server, in this dialog or in the events / action settings, the BVMS management server will not receive events from the Tattile camera.
2.3 Configure event and action settings
Plate Reader => Events Actions The Tattile camera has several events and actions. We use two events: Ocr Read and Match On List A. Configure the Template Message for these events by clicking on the image.
You should configure both events in the same way using the example below. The Server name/IP must state BvmsLpr_Server .
The Text Value should state:
Apply the changes. Plate Reader => Events Actions => Template Configuration (Config, bottom of the page) Additionally, you need to upload a template message. Click the Upload Page and load the file C:\ProgramFiles\Bosch\VMS\Appdata\LPR_Event_Template.txt on systems where the BVMS configuration client is installed.
2.4. Configure separator plate
Optionally you can configure a separator plate for specific countries. This determines how the detected license plates are written into the BVMS logbook. The camera user manual contains more information.
3. BVMS configuration
The BVMS configuration manual also describes how to add LPR devices to the BVMS configuration.
3.1. Add LPR camera
Add an LPR device by right clicking on the LPR devices node.
3.2. Add video (RTSP) camera
Some Tattile cameras also have a video output (Not possible for the basic family). You can add these cameras to the Video Streaming Gateway (VSG) configuration as an RSTP camera.
Use the rstp://x.x.x.x without authentication to load the video stream into BVMS.
3.3. Configure LPR events
You can use the Events and Alarms tab in the BVMS configuration client to configure the events and alarms. BVMS receives License plate detected (Ocr read) and License plate identified (Match On List A) from the camera.
We recommend to configure an alarm on the License plate identified event and store the License plate detected event in the BVMS logbook.
3.4. Allow only users in the "Admin" group to manage license plates
Some user groups might not be allowed to edit the check list. You can remove the rights by de-selecting the node in the logical tree on the User groups tab in the BVMS configuration client.
Alarms from the camera are processed using the normal BVMS alarm management. The check list can be easily edited by an operator by dragging and dropping the Manage License Plates application into an image pane, editing the file, and saving it (either by CTRL+S or by clicking File / Save).
4.1 Alarm Handling
If the License plate identified or License plated detected events are configured to trigger alarms, the following information will be displayed in an alarm:
The standard BVMS alarm information as timestamp, event type, alarm title, triggering device, etc.
The license plate itself
The country identified (DEU for Germany, etc.)
4.2 Investigation / Reporting
With the LPR events License plate identified and License plate detected stored in the BVMS logbook, it is possible to solve use cases as "When did a car enter and leave the premises". Open the logbook search in the Operator Client, define a search filter for the License Plate detected or License Plate identified event and run the search, if you want to get an overview of all detected plates. If you look for a specific number plate, you can additionally enter the license plate in the Text Data field.
The results are listed below and can be exported using the Save results button.