What is the decoding performance of BVMS? How many cameras can I open on the screen before the systems is overloaded (and frames are being dropped)?
The BVMS client performance overview is attached to this article and shows, based on several workstation configurations and a specific BVMS version, how many cameras can be opened before the workstation is overloaded.
The attached document aims to provide concerned parties, such as customers, users, operators or consultants, with an overview of data privacy and protection related features of BVMS Person Identification. Moreover, this document describes how data, as processed during the Person Identification steps, can be classified. Finally, this document lists technical measures for data protection in the context of BVMS Person Identification.
BVMS Mobile Video Service - Creating a Self-Signed Certificate to establish a trusted connection
Some sites may request or require that the connection to the Mobile Video Service is a trusted connection. The following procedure will allow you to create a self signed certificate to allow a trusted connection between a web browser and MVS.
-Navigate to the Microsoft Management Console
Run command mmc.exe
Go to File ---> Add/Remove Snap-in…
Highlight Certificates and Add for Computer Account
You should see certificates listed for Local Computer
Save a copy of this console to the Desktop
-Run Windows PowerShell ‘as administrator’ on the MVS Server
Run the following commands in Windows Power Shell to create the self-signed certificate including the IP address of the MVS and the DNS name so both will work when accessing from a web browser.
$todaydt = Get-Date
$20years = $todaydt.AddYears(20)
New-SelfSignedCertificate -DnsName "mvsIPaddress",”DNSname” -notafter $20years
If creation was successful, you will see a thumbprint with a hash as well as the subject CN=ipaddress
-Navigate back to your saved MMC console
Find the newly created certificate under the Personal ---> Certificates directory
Copy the Certificate to Trusted Root Certification Authorities ---> Certificates directory
-Navigate to the IIS Manager
Highlight the server machine name on the top-left and then double-click Server Certificates
Double-click the created certificate and verify that a private key corresponds to the certificate and that the certificate is OK under the Certification Path
Expand the server machine name on the left to reveal the Sites
Select Bindings… on the far right-hand side
Edit the Binding for 443
Select the newly created certificate under the SSL certificate dropdown
Click Yes that you want to change the binding
Add… new binding
Choose BoschVms in the SSL certificate dropdown
-Navigate to the BVMS Config Client to edit the MVS URL
Change the MVS URL to reflect port 444
Red X should go away
Save/Activate (BVMS will be bound on the new port and still be able to communicate with the MVS server
-Open Internet Explorer (as administrator) and navigate to the MVS URL using the IP address or the DNS Name
Continue to the site with the certificate error
Click on the certificate error in the navigation bar
Click View Certificates and then Install Certificate
Install for the Local Machine
Place certificate in the Trusted Root Certification Authorities store
Click Finish and close out the browser
Open IE again and navigate back to the MVS. There should be no more error.
*The reason behind changing the port to 444 is to make browser access for basic users easier. This way basic users only have to enter the IP address or DNS name and do not have to enter a special port in the URL.
BVMS customers can download camera updates free of charge, in order to integrate approved, third-party cameras. BVMS scans for third-party cameras, automatically configuring motion and other key events; it also enables installers to configure the most important settings for third-party cameras from a single user interface, without the hassle of having to access the websites of other camera manufacturers.
The attached files include a list of compatible cameras and the ONVIF mapping files for each specific BVMS version.
How can I protect my security system, from an IT security perspective?
The attached document explains how the security system can be hardened. Additionally the BVMS - Network Design Guide includes best practices for desgning a secure network.
When using the BVMS 9.0 installer on a Windows 10 "October 2018 update" machine (Build 1809) the SNMP services cannot be installed.
Microsoft has changed the way the SNMP services are installed in Windows 10 "October 2018 update".
The SNMP services need to be installed manually.
This can be done by opening the new "Settings App“:
Manage optional Features
It can also be done using Powershell:
DISM /online /Add-Capability /CapabilityName:SNMP.Client~~~~0.0.1.0
BVMS Lite and BVMS Viewer are BVMS editions that you can download and activate free-of-charge.
How can I set-up a basic (live and recorded video) BVMS system?
First, you need to download the software package, active the BVMS Lite license and install the software. This is described in this article: BVMS - Activating a license.
Second, you need to prepare an iSCSI environment which is suitable for recording video. Any Windows Server based operating system will do. This is described in this article: BVMS - Configuring a Microsoft iSCSI target.
Last, you need to add cameras to the system and start the recording. This is described in this youtube video: How to add a new camera using Configuration Client (BVMS).
Now, have a look at the Operator Client quick guide and you're ready to go!
Where can I get more information on advanced functionality?
Once the software (configuration client or operator client) is running you can press F1 at any time to open the embedded software help! All of the advanced functionality BVMS offers is explained in the help files.
The entire BVMS installation package, available on the downloadstore, contains the client as well as the server components. When a BVMS client needs to be deployed, all of this data (over 2.5GB) needs to be copied to the target workstation, which can be quite a challenge in some environments.
Once the BVMS Management Server is set-up, it creates a client installation package (mainly used for the auto-upgrade functionality). This client installation package is a lot smaller compared to the full installation package and is located on the BVMS Management Server (assuming the default installation directory is used):
In order to use the client installation package: copy all the files in this directory from the management server to the new workstation and start BVMS.msi (please note Setup.exe will trigger the auto update mechanism, which will not work as there are no existing components to be updated). The MSI will start the installation process and will allow you to select Operator Client, Configuration client and/or SDK. Please note:
The correct version of the .NET framework will need to be installed manually before this procedure is used. This can be found in the zip file available in the product catalogue: “zip file extraction location”\ISSetupPrerequisites\Microsoft .NET Framework x.x.
How can I migrate the full configuration (including server configuration and user settings) of a BVMS system from one server to another?
(please note that, currently, the export mechanisms provided in the BVMS Configuration Client do not export the userdata. This is a known problem and being worked on. Until then this work-around should be applied).
Stop the BVMS Central Server service on the existing server from the Windows task manager or Services overview.
Stop the BVMS Central Server service on the new server from the Windows task manager or Services overview.
Copy the contents of the directory C:\programdata\Bosch\VMS\UserData on the existing server to the same directory on the new server (via the network or other media).
Copy the "elements.bvms" file located in the directory C:\programdata\Bosch\VMS\ on the existing server to the same location on the new server (via the network or other media).
Start the BVMS Central Server service on the new server from the Windows task manager or Services overview.
Bosch software is distributed via the Bosch website, but can also be re-distributed by Bosch partners. It is important for the system-installer to check if the installation file he or she has received, matches exactly with the output of the engineering process. There are several risks that, in the distribution path, changes are made to the installation file. Keyloggers or other spyware could be added to the installation, or in theory video surveillance footage could be routed to external resources.
The attached document describes how the integrity of software can be checked.
As video surveillance use grows in commercial, government and private use cases, the need for low-cost storage at scale is growing rapidly. BVMS, Bosch cameras, HPE hardware and SUSE Enterprise Storage provide a platform that is an ideal target for recording these streams.
There are numerous difficulties around storing unstructured video surveillance data at massive scale. Video surveillance data tends to be written only once or become stagnant over time. This stale data takes up valuable space on expensive block and file storage, and yet needs to be available in seconds. With this massive scale, the difficulty of keeping all the data safe and available is also growing. Many existing storage solutions are a challenge to manage and control at such scale. Management silos and user interface limitations make it harder to deploy new storage into business infrastructure.
The solution is software-defined storage (SDS). This is a storage system that delivers a full suite of persistent storage services via an autonomous software stack that can run on an industry standard, commodity hardware platform. Bosch, Hewlett Packard Enterprise (HPE) and SUSE have partnered to deliver the benefits of SDS to the video surveillance industry. Using SUSE Enterprise Storage™ on HPE ProLiant DL and Apollo servers in a Bosch video surveillance environment simplifies the management of today’s volume of data, and provides the flexibility to scale for all enterprise storage needs.
The full description can be found in the attached whitepaper.
How can I combine a ISS SecureOS Auto system (providing ANPR functionality) with a BVMS system?
The attached document describes the steps how to configure BVMS and the ISS SecureOS Auto system for achieving watchlist ANPR alarms and recorded ANPR detections into the BVMS logbook.
Can I move the BVMS Logbook database to a separate Microsoft SQL Server to ease maintenance or increase the size of the Logbook?
The BVMS Logbook database can be moved to another SQL Server. The attched guide describes the steps that are necessary to migrate the database and describes how to confirm if the migration was successful.
During the introduction of BVMS 10.0 the BVMS Plus unmanaged site expansion licenses were not introduced, even though this functionality was announced to be available.
The LIF file attached to this article (in the zip archive) can be imported in BVMS Plus 10.0 installations using the license manager (the license manager can be found in the "Tools" menu of the BVMS Configuration Client). Once imported, the purchased licenses (MBV-XSITEPLU-100) can be activated.
The Activation Key provided from SLMS cannot be activated in BVMS.
During the introduction of BVMS 10.0 the BVMS Lite16, 32, and 64 base licenses were not introduced and succeeded by BVMS Lite 10.0 (8 channel base package). Existing BVMS Lite customers might still want to upgrade to BVMS 10.0.
The LIF file attached to this article (in the zip archive) can be imported in BVMS Lite 10.0 installations using the license manager (the license manager can be found in the "Tools" menu of the BVMS Configuration Client). Once imported, BVMS Lite 16, 32, 64 systems that are covered under SMA can be upgraded.
Compared to hardware, in which it is relatively easy to define an end-of-support concept based on the expected lifetime, software behaves totally different. In theory, when the environment does not change, software can still be running ten years after it has been installed. As new versions of the software are released regularly, it is important for customers to know what they can expect from Bosch Building Technologies when the software is purchased. This document describes how Bosch Building Technologies handles the life-cycle of the BVMS, BIS, AMS, and APE, and in which state a specific release can reside. Additionally this document lists the up-to-date situation for all of those software packages.
The BVMS Operator Cliet can be automatically logged in by using parameterized startup. For this, a new shortcut to the OperatorClient.exe needs to be created, and the target of the shortcut needs to be adjusted. The text between ** needs to be adjusted to the specific situation.
"*BVMS installation directory*\bin\OperatorClient.exe" /user="*username*" /password="*password*" /connection="*ip address*"
"C:\Program Files\BOSCH\VMS\bin\OperatorClient.exe" /user="Admin" /password="password123" /connection="192.168.20.120"
The connection parameter works with BVMS 9.0 and newer. The username and password parameters are working from BVMS 5.0 onwards.
The username and password are stored as cleartext in the target of the shortcut, which could be considered a security risk.