Are you designing a BVMS or DIVAR IP based video surveillance system? Do you need to calculate the storage consumption of a Bosch video surveillance system? The BVMS Project Checklist is an Excel-based tool which makes it easier to design a BVMS system. There are two files attached to this article:
The project checklist (Excel) itself.
How can I protect my security system, from an IT security perspective?
The attached document explains how the security system can be hardened. Additionally the BVMS - Network Design Guide includes best practices for desgning a secure network.
BVMS customers can download camera updates free of charge, in order to integrate approved, third-party cameras. BVMS scans for third-party cameras, automatically configuring motion and other key events; it also enables installers to configure the most important settings for third-party cameras from a single user interface, without the hassle of having to access the websites of other camera manufacturers.
The attached files include a list of compatible cameras and the ONVIF mapping files for each specific BVMS version.
The attached documents should help you to make the upgrade process as smooth as possible. The upgrade itself is not restricted to BVMS software only. The supported software and firmware versions can be found in the release notes of the related BVMS version.
An attachment is added to this article for each BVMS version. Currently the upgrade guides for BVMS 8.0 and 9.0 are attached to this article. From BVMS 10.0 onwards a description on how to migrate systems has been included as well.
When working with previous versions of BVMS, remote connectivity was cumbersome due to the amount of port mapping that needed to be configured. BVMS 7.5 provides a new method of remote connectivity utilizing Secure Shell (SSH) Tunnelling.
The attached document (attachments can be found on the bottom of the page) describes the set-up and configuration of the SSH functionality in BVMS.
What is the decoding performance of BVMS? How many cameras can I open on the screen before the systems is overloaded (and frames are being dropped)?
The BVMS client performance overview is attached to this article and shows, based on several workstation configurations and a specific BVMS version, how many cameras can be opened before the workstation is overloaded.
In many cases a minimum and maximum retention time needs to be defined in a video surveillance systems due to legal requirements. While the minimum retention time defines the time period for how long video recordings need to be stored, the maximum retention time defines after which period of time the recordings have to be deleted. Thus, the minimum retention time is going to influence the amount of storage needed. The higher the minimum retention time the more storage space is required.
Hence, the storage space needs to be large enough to store the recordings for the minimum retention. For the maximum retention time this doesn’t have to be the case. Still users might be confused why recordings gaps might appear sort-of randomly, if the system does not have enough storage space to keep all recordings until the maximum retention time is reached. To understand what is going on we have to remember the principle of the VRM block assignment first.
For each camera in the system the BOSCH Video Recording Manager (VRM) generates a list of recording blocks (LUNs) on which the camera can next record. Therefore, the VRM makes an estimation based on the data rate and the amount of data of each camera in the system (global optimization). Basically, the VRM predicts when which camera needs a new block and always lists the block which will be the oldest block at the time the camera needs to record on the next block. One could think of it as a “next oldest block” estimation done by the VRM. But the prediction of the VRM might differ from the reality (mainly because of variance in recording bitrate) and this can cause recording gaps if the storage space is not large enough to support the maximum retention time.
Let’s have a closer look on the following two cases:
Sufficient storage space for maximum retention time
Insufficient storage space for maximum retention time
Sufficient storage space for maximum retention time
In case of sufficient storage space to fulfill the maximum retention time for every camera in the system no random recording gaps will appear, because the VRM will always assign a block containing recordings, which are older than the maximum retention time. Thus, for each camera the recording blocks will be kept until the maximum retention time is reached as illustrated in Figure 1.
Figure 1: Enough storage space to cover the maximum retention time for each camera of the system
Insufficient storage space for maximum retention time
In case the system is designed such that the storage space is not large enough to store all recordings from all cameras until the maximum retention time is reached, the VRM will of course still do its estimation and predict the oldest recording block when a camera will ask for a new block. Assuming an ideal setup (with ideal network connection where each camera has the same data rate and all cameras record the same amount of video data simultaneously), the oldest block would always be assigned by the VRM. Hence, no recordings gaps should appear for recordings older than the minimum retention time, compare Figure 2. This is was most customers falsely assume or expect.
Figure 2: Customer expectation of the system behaviour in case of insufficient storage space to cover the maximum retention time for each camera of the system
However, in reality the stated assumptions do not apply. Network connection, data rate, amount of recorded video data, etc. varies. Thus, the “next oldest block” estimation of the VRM can differ from reality. Since each camera already got its block list from the VRM and records according to this block list, it can happen that not the truly oldest block is used and recording gaps appear as shown in Figure 3.
Figure 3: System behaviour in case of insufficient storage space to cover the maximum retention time for each camera of the system
How to avoid or minimize this effect
To avoid this effect of random recording gaps simply add enough storage to your system. To get the best out of your system in terms of storage usage, the optimum would be to set the maximum retention time to storage limit, see Figure 4, but that is almost impossible to realize in practice.
Figure 4: In principle a maximum retention time set to the storage limit would avoid random recording gaps
Option 1 to minimize the effect in practice is to estimate the maximum retention time so that it will not exceed the storage limit of the system as illustrated in Figure 5.
Figure 5: Maximum retention very close to the storage limit will minimize the random recording gaps
Another less recommended option is to set a smaller time difference between the minimum and maximum retention time. But especially when the minimum retention time is shifted closer to the maximum retention time that introduces the risk that the VRM cannot free up storage space in case the minimum retention time is reached, which might result in a recording stop. Thus, we recommend to go for the first option.
One last hint: Changing the retention time on a running system is not going to influence the retention time of already recorded blocks. but will of cousre only be applied to new recorded video footage. Hence, changing the retention time is no option for an immediate change of required storage.
Compared to hardware, in which it is relatively easy to define an end-of-support concept based on the expected lifetime, software behaves totally different. In theory, when the environment does not change, software can still be running ten years after it has been installed. As new versions of the software are released regularly, it is important for customers to know what they can expect from Bosch Building Technologies when the software is purchased. This document describes how Bosch Building Technologies handles the life-cycle of the BVMS, BIS, AMS, and APE, and in which state a specific release can reside. Additionally this document lists the up-to-date situation for all of those software packages.
The Activation Key provided from SLMS cannot be activated in BVMS.
During the introduction of BVMS 10.0 the BVMS Lite16, 32, and 64 base licenses were not introduced and succeeded by BVMS Lite 10.0 (8 channel base package). Existing BVMS Lite customers might still want to upgrade to BVMS 10.0.
The LIF file attached to this article (in the zip archive) can be imported in BVMS Lite 10.0 installations using the license manager (the license manager can be found in the "Tools" menu of the BVMS Configuration Client). Once imported, BVMS Lite 16, 32, 64 systems that are covered under SMA can be upgraded.
During the introduction of BVMS 10.0 the BVMS Plus unmanaged site expansion licenses were not introduced, even though this functionality was announced to be available.
The LIF file attached to this article (in the zip archive) can be imported in BVMS Plus 10.0 installations using the license manager (the license manager can be found in the "Tools" menu of the BVMS Configuration Client). Once imported, the purchased licenses (MBV-XSITEPLU-100) can be activated.
BVMS Installer - Windows Pending Restart Message
The pop-up dialog window message: "Setup has detected a pending restart. Please reboot the system and rerun the installation" appears when attempting to run the valid BVMS windows installer package.
BVMS Installer Pending Restart Message
This is a known Windows specific problem when another (non-BVMS) installer does not properly manage its creation and deletion of the “PendingFileRenameOperations” registry key. The most common user created way for this key value to be left resident in the system is when an installation prompts for a restart, yet the system is not expeditiously restarted.
A. Restart the affected workstation
B. If the issue still persists, delete the orphaned "PendingFileRenameOperations" registry key value
Open a registry editor, such as Regedit.exe or Regedt32.exe.
Navigate to "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\"
In the right navigation pane, right-click the "PendingFileRenameOperations" key value and select delete
Close Registry Editor.
Run the software Installer again as Administrator
Note: This message is not a Bosch product failure message. This is a problem within windows and it's registry clean-up handling. This is a Windows work around.
BVMS Mobile Video Service - Creating a Self-Signed Certificate to establish a trusted connection
Some sites may request or require that the connection to the Mobile Video Service is a trusted connection. The following procedure will allow you to create a self signed certificate to allow a trusted connection between a web browser and MVS.
-Navigate to the Microsoft Management Console
Run command mmc.exe
Go to File ---> Add/Remove Snap-in…
Highlight Certificates and Add for Computer Account
You should see certificates listed for Local Computer
Save a copy of this console to the Desktop
-Run Windows PowerShell ‘as administrator’ on the MVS Server
Run the following commands in Windows Power Shell to create the self-signed certificate including the IP address of the MVS and the DNS name so both will work when accessing from a web browser.
$todaydt = Get-Date
$20years = $todaydt.AddYears(20)
New-SelfSignedCertificate -DnsName "mvsIPaddress",”DNSname” -notafter $20years
If creation was successful, you will see a thumbprint with a hash as well as the subject CN=ipaddress
-Navigate back to your saved MMC console
Find the newly created certificate under the Personal ---> Certificates directory
Copy the Certificate to Trusted Root Certification Authorities ---> Certificates directory
-Navigate to the IIS Manager
Highlight the server machine name on the top-left and then double-click Server Certificates
Double-click the created certificate and verify that a private key corresponds to the certificate and that the certificate is OK under the Certification Path
Expand the server machine name on the left to reveal the Sites
Select Bindings… on the far right-hand side
Edit the Binding for 443
Select the newly created certificate under the SSL certificate dropdown
Click Yes that you want to change the binding
Add… new binding
Choose BoschVms in the SSL certificate dropdown
-Navigate to the BVMS Config Client to edit the MVS URL
Change the MVS URL to reflect port 444
Red X should go away
Save/Activate (BVMS will be bound on the new port and still be able to communicate with the MVS server
-Open Internet Explorer (as administrator) and navigate to the MVS URL using the IP address or the DNS Name
Continue to the site with the certificate error
Click on the certificate error in the navigation bar
Click View Certificates and then Install Certificate
Install for the Local Machine
Place certificate in the Trusted Root Certification Authorities store
Click Finish and close out the browser
Open IE again and navigate back to the MVS. There should be no more error.
*The reason behind changing the port to 444 is to make browser access for basic users easier. This way basic users only have to enter the IP address or DNS name and do not have to enter a special port in the URL.
Possible Communication Issue between BVMS 8.0 Central Server and Video Recording Manager (VRM) 3.7x with BVMS 8.0 installed on different Servers.
Communication can get interrupted and configuraiton might fail if the below desribed actions are not performed. If your system is affected or not is described here as follows:
There can be authentication issues between the BVMS Central Server and the Video Recording Manager in case they are installed on different Servers.
It is possible to see reports at the BVMS 8.x system alarms that VRM reports wrong version
Please check in the VRM debug logging if the following logline indications can be found
CONFIG;DEBUG;SENDING XPATH /SYSTEM/DEVICES/DEVICE as well as HAS NO CONFIGURED NODE, SET TO CONFIGURED
CONFIG;INTERNAL;/SYSTEM/DEVICES CHANGED IN CONFIG. DEVICEID= [DEVICE IP]\0;SYSINFO;INTERNAL;LINE 1 HAS NO CONFIGURED NODE, SET TO CONFIGURED
In general please keep in mind, that it is strongly recommended to use VRM 3.71.00xx with BVMS 8.0. Do not use any older VRM version like 03.71.0022. The 03.71.0029 and Releaseletter is available at the BOSCH DownloadStore (status update 2018-10-26). https://downloadstore.boschsecurity.com/FILES/Setup_VRM_03.71.0029_win32.zip Release Letter: https://downloadstore.boschsecurity.com/FILES/Bosch_Releaseletter_VRM_3.71.0029.pdf
At the VRM system / server, please check and ensure that the following Microsoft software packages are pre-installed:
.NET framework 4.6.2 or higher
Redistributables for Visual Studio 2015
In case one component is missing, please perform the following steps:
Download the missing Microsoft components. Note: When using BVMS 8.0 the VRM is typically a 32-Bit VRM software. Therefore the 32-Bit Microsoft packages are needed. Component that was seen as missing is the >> “Visual C++ Redistributable for Visual Studio 2015” https://www.microsoft.com/en-US/download/details.aspx?id=4814 Please choose the 32-Bit version of that when using with 32-Bit VRM and the >> .NET framework 4.6.2 or higher (NDP462-KB3151800-x86-x64-AllOS-ENU.exe) https://www.microsoft.com/en-US/download/details.aspx?id=53344
Stop the VRM (rms.exe) service in Windows services
Install those components with Administrator rights at the VRM server Reboot the server after installation of the Microsoft components
Check if the VRM service is running and if needed Re-Start the VRM (rms.exe) service
Check that the combination of messages are not longer seen in the VRM debug logging
The VRM package is enhanced and useres should no longer run into this issue with VRM 3.81 and newer versions. Please be aware that BVMS releases are tested with certain VRM verions. This still can offer to install a newer VRM than originally rolled-out in the BVMS overall installer. For all VRM versions 3.7x and below 3.81 it is needed to add this packages.
The attached document aims to provide concerned parties, such as customers, users, operators or consultants, with an overview of data privacy and protection related features of BVMS Person Identification. Moreover, this document describes how data, as processed during the Person Identification steps, can be classified. Finally, this document lists technical measures for data protection in the context of BVMS Person Identification.