What is the decoding performance of BVMS? How many cameras can I open on the screen before the systems is overloaded (and frames are being dropped)?
The BVMS client performance overview is attached to this article and shows, based on several workstation configurations and a specific BVMS version, how many cameras can be opened before the workstation is overloaded.
How can I protect my security system, from an IT security perspective?
The attached document explains how the security system can be hardened. Additionally the BVMS - Network Design Guide includes best practices for desgning a secure network.
What's new in version 1.4.1?
This is bug fix version that only applies to Windows users as it improves compatibility with Windows 10 Version 2004 and higher.
As usual, you can find the latest version in the Bosch Download Store or you use the (auto) update (check) functionality of the app.
Your Bosch Security App Team
BVMS Lite and BVMS Viewer are BVMS editions that you can download and activate free-of-charge.
How can I set-up a basic (live and recorded video) BVMS system?
First, you need to download the software package, active the BVMS Lite license and install the software. This is described in this article: BVMS - Activating a license.
Second, you need to prepare an iSCSI environment which is suitable for recording video. Any Windows Server based operating system will do. This is described in this article: BVMS - Configuring a Microsoft iSCSI target.
Last, you need to add cameras to the system and start the recording. This is described in this youtube video: How to add a new camera using Configuration Client (BVMS).
Now, have a look at the Operator Client quick guide and you're ready to go!
Where can I get more information on advanced functionality?
Once the software (configuration client or operator client) is running you can press F1 at any time to open the embedded software help! All of the advanced functionality BVMS offers is explained in the help files.
BVMS Mobile Video Service - Creating a Self-Signed Certificate to establish a trusted connection
Some sites may request or require that the connection to the Mobile Video Service is a trusted connection. The following procedure will allow you to create a self signed certificate to allow a trusted connection between a web browser and MVS.
-Navigate to the Microsoft Management Console
Run command mmc.exe
Go to File ---> Add/Remove Snap-in…
Highlight Certificates and Add for Computer Account
You should see certificates listed for Local Computer
Save a copy of this console to the Desktop
-Run Windows PowerShell ‘as administrator’ on the MVS Server
Run the following commands in Windows Power Shell to create the self-signed certificate including the IP address of the MVS and the DNS name so both will work when accessing from a web browser.
$todaydt = Get-Date
$20years = $todaydt.AddYears(20)
New-SelfSignedCertificate -DnsName "mvsIPaddress",”DNSname” -notafter $20years
If creation was successful, you will see a thumbprint with a hash as well as the subject CN=ipaddress
-Navigate back to your saved MMC console
Find the newly created certificate under the Personal ---> Certificates directory
Copy the Certificate to Trusted Root Certification Authorities ---> Certificates directory
-Navigate to the IIS Manager
Highlight the server machine name on the top-left and then double-click Server Certificates
Double-click the created certificate and verify that a private key corresponds to the certificate and that the certificate is OK under the Certification Path
Expand the server machine name on the left to reveal the Sites
Select Bindings… on the far right-hand side
Edit the Binding for 443
Select the newly created certificate under the SSL certificate dropdown
Click Yes that you want to change the binding
Add… new binding
Choose BoschVms in the SSL certificate dropdown
-Navigate to the BVMS Config Client to edit the MVS URL
Change the MVS URL to reflect port 444
Red X should go away
Save/Activate (BVMS will be bound on the new port and still be able to communicate with the MVS server
-Open Internet Explorer (as administrator) and navigate to the MVS URL using the IP address or the DNS Name
Continue to the site with the certificate error
Click on the certificate error in the navigation bar
Click View Certificates and then Install Certificate
Install for the Local Machine
Place certificate in the Trusted Root Certification Authorities store
Click Finish and close out the browser
Open IE again and navigate back to the MVS. There should be no more error.
*The reason behind changing the port to 444 is to make browser access for basic users easier. This way basic users only have to enter the IP address or DNS name and do not have to enter a special port in the URL.
When installing Configuration Manager v6.20.0102 on Windows 10 and error message is received during installation of .NET Framework v4.7.2 that states:
The .NET Framework 4.7.2 is not supported on this operating system.
Windows 10 requires frequent updates that must be installed to keep the system compatible with new software installations. Windows 10 periodically releases a features update package that provides new features and compatibility. These are required for version of .NET framework installation.
Windows 10 release Information
Feature updates for Windows 10 are released twice a year, around March and September, via the Semi-Annual Channel and will be serviced with monthly quality updates for 18 months from the date of the release.
We recommend that you begin deployment of each Semi-Annual Channel release immediately as a targeted deployment to devices selected for early adoption and ramp up to full deployment at your discretion. This will enable you to gain access to new features, experiences, and integrated security as soon as possible.
Above except from Microsoft's Windows 10 Release information document: https://docs.microsoft.com/en-us/windows/release-information/
Option 1 - This option will require an active internet connection.
Using the windows search function (Windows key+S), search for "Windows Update Setting"
Click "Check for Updates"
Install all available updates
Option 2 - This option will not require an internet connection. It will require multiple steps be performed per the Microsoft websites guidelines to create and burn a windows update DVD using a downloadable .ISO file provided directly from Microsoft.
You can find these instructions and links on Microsoft's website here: https://www.microsoft.com/en-au/software-download/windows10
Microsoft Event Logging, when an error occurs, the system administrator or Integrator must determine what caused the error. The operator can then use the event log to help determine what conditions caused the error and identify the context in which it occurred.
Starting Event Viewer
The procedure for starting Event Viewer depends on your starting point, e.g. windows key + R type in ”eventvwr.msc” hit enter.
With the decent administrative access, you can select any computer in your network to view that Microsoft system event logs.
To select computers in Event Viewer:
In the top of the console tree, right-click Event Viewer (local), and then click Connect to another computer.
Enter FQDN/NetBIOS name or browser to the regarding machine
Adjusting Event Viewer Settings
In the console tree, right-click the appropriate log file, and then click Properties. Click the General tab.
Saving Event Logs
In the console tree, right-click the appropriate log file, and then click Save Log File As. Navigate to the subfolder in which you want to save the file, type a name for the file, click the file type, and then click Save.
Clearing Event Logs
In the console tree, right-click the appropriate log file, and then click clear all Events. You are prompted for whether you want to save the log to a file before clearing it. Click “Yes” to save a log and clear all events. If you click No, the log is not saved, but all events are cleared from the selected Event log. If you click Cancel, the request to clear the log is canceled.
Viewing Event Details
In the console tree, right-click the appropriate log file. A list of events in the log file is displayed in the details pane of Event Viewer. Click a specific event in the details pane to display the Event Properties dialog box and details about the event.
In the console tree, right-click the appropriate log file, and then click Properties. Click the Filter tab. Type the appropriate information that you would like to filter.
In the console tree, right-click the appropriate log file. On the View menu, click Find. Type the appropriate information that you would like to find in the dialog box, and then click Find Next.
An event that indicates a significant problem such as loss of data or loss of functionality. For example, if a service fails to load during startup, an Error event is logged.
An event that is not necessarily significant, but may indicate a possible future problem. For example, when disk space is low, a Warning event is logged. If an application can recover from an event without loss of functionality or data, it can generally classify the event as a Warning event.
An event that describes the successful operation of an application, driver, or service. For example, when a network driver loads successfully, it may be appropriate to log an Information event. Note that it is generally inappropriate for a desktop application to log an event each time it starts.
An event that records an audited security access attempt that is successful. For example, a user's successful attempt to log on to the system is logged as a Success Audit event.
An event that records an audited security access attempt that fails. For example, if a user tries to access a network drive and fails, the attempt is logged as a Failure Audit event.
The events themselves are what we’re trying to see, of course, and their usefulness can range from really specific and obvious things that you can fix easily to the totally undefined messages that don’t make any sense and you can’t find any information on your preferred search engine. example:
The regular fields on the display contain:
Log Name – while in older versions of Windows everything got dumped into the Application or System log, in the more modern editions there are dozens or hundreds of different logs to choose from. Each Windows component will most likely have its own log.
Source – this is the name of the software that generates the log event. The name usually doesn’t directly match with a filename, of course, but it is a representation of which component did it.
Event ID – the all-important Event ID can actually be a little confusing. If you were to Google for “event ID 122” that you see in the next screenshot, you wouldn’t end up with very useful information unless you also include the Source, or application name. This is because every application can define their own unique Event IDs.
Level – This tells you how severe the event is – Information just tells you that something has changed or a component has started, or something has completed. Warning tells you that something might be going wrong, but it isn’t all that important yet. Error tells you that something happened that shouldn’t have happened, but isn’t always the end of the world. Critical, on the other hand, means something is broken somewhere, and the component that triggered this event has probably crashed.
User – this field tells you whether it was a system component or your user account that was running the process that caused the error. This can be helpful when looking through things.
OpCode – this field theoretically tells you what activity the application or component was doing when the event was triggered. In practice, however, it will almost always say “Info” and is pretty useless.
Computer – on your home desktop, this will usually just be your PC’s name, but in the IT world, you can actually forward events from one computer or server to another computer. You can also connect Event Viewer to another PC or server.
Task Category – this field is not always used, but it ends up basically being an informational field that tells you a bit more information about the event.
Keywords – this field is not usually used, and generally contains useless information.
As a rule of thumb (common way of doing), you should try searching by the general description, or the Event ID and the source, or a combination of those values. Just remember that the Event ID is unique for each application. So there is a lot of overlap and you can’t just search for “Event ID 122” only. This is because users might find the list is too large and too general, your specific search aspect might not fit your issue.
In all VRM installation packages the required .NET framework package is included in the VRM installation routine.
As Microsoft Operating Systems are expected to get and have the latest security updates applied before installing any new software component like VRM (Video Recording Manger) or VSG (Video Streaming Gateway), the installer will successfully finish the installation routine. The same is valid for BOSCH DIVAR IP product range: The DIVAR IP Appliance installer contains Microsoft update packages available from Microsoft at the time BOSCH creates the Appliance installer. But all Microsoft Updates release after the Appliance installer release date are not included in the BOSCH package. It is therefore recommended to check for Microsoft updates whenever a Bosch DIVAR IP Appliance installer is installed.
For VRM (Video Recording Manager) stand-alone Systems and Servers with VSG (Video Streaming Gateway) installed, it is also strongly recommended to check for Microsoft OS updates before the VRM Master Installer is installed/updated.
Note: In case an error code 5100 is shown during the VRM Software installation, please ensure that all Microsoft updates for the used Operating Systems are installed and run the BOSCH Software installer after that once again. For more details Microsoft provides more informaiton here: https://blogs.msdn.microsoft.com/astebner/2008/10/13/net-framework-setup-verification-tool-users-guide/
For older BVMS and VRM installations please also refer to the following previous article:
How can I migrate the full configuration (including server configuration and user settings) of a BVMS system from one server to another?
(please note that, currently, the export mechanisms provided in the BVMS Configuration Client do not export the userdata. This is a known problem and being worked on. Until then this work-around should be applied).
Stop the BVMS Central Server service on the existing server from the Windows task manager or Services overview.
Stop the BVMS Central Server service on the new server from the Windows task manager or Services overview.
Copy the contents of the directory C:\programdata\Bosch\VMS\UserData on the existing server to the same directory on the new server (via the network or other media).
Copy the "elements.bvms" file located in the directory C:\programdata\Bosch\VMS\ on the existing server to the same location on the new server (via the network or other media).
Start the BVMS Central Server service on the new server from the Windows task manager or Services overview.
How can I find the source (details of the workstation) and credentials that are used to attempt to login into BVMS (when the attempt has failed)?
The username that is used to login is saved into the BVMS logbook and can be found by searching the logbook from the Operator Client (username of login is "blabla").
The details of the workstation (mainly the IP address) is logged into the BVMS client log files. These can be found on the workstations in the directory: C:\ProgramData\Bosch\VMS\Log
(Hint: for log file analysis a lot of free / open source tools are available. Snaketail is one of these tools, and can be found here.)
Open the BVMSClientLog.txt (there could be multiple files which are all related to a different timeframe) and search for the phrase "InvalidCredentialException". If an user has tried to login to the system the following log lines should be present in the log file:
2019-03-17 18:31:53,668 75516 [GUI Thread] INFO Bosch.Vms.Frontend.OpClient.Wcf.DataAccessServiceClient ConnectAndAuthenticate - Call failed with InvalidCredentialException
2019-03-17 18:31:53,670 75518 [GUI Thread] INFO Bosch.Vms.Frontend.OpClient.ServerManagement.CentralServerManager AuthenticateAtMainServer - Main-Server 192.168.20.190: WCF online authentication result is WrongUserOrPassword
This needs to be checked for every workstation which runs the BVMS Operator Client.
Bosch software is distributed via the Bosch website, but can also be re-distributed by Bosch partners. It is important for the system-installer to check if the installation file he or she has received, matches exactly with the output of the engineering process. There are several risks that, in the distribution path, changes are made to the installation file. Keyloggers or other spyware could be added to the installation, or in theory video surveillance footage could be routed to external resources.
The attached document describes how the integrity of software can be checked.
Firmware The table below lists the firmware versions which are used in the BVMS 8.0 system test. Bosch Video Stitcher 184.108.40.206 VideoSDK 6.12.0078 Firmware MPEG-4 4.15.0002 Firmware CPP3 5.74.0004 Firmware CPP4 6.41.0037 Firmware CPP5 6.30.0047 Firmware CPP6 6.41.0037 Firmware CPP7 6.41.0037 Firmware CPP7.3 6.41.0037 Firmware CPP-ENC 5.53.0004 (for VIP X1600 XFM4) Firmware CPP-ENC 5.97.0005 (for VJT XF E family, VIDEOJETdecoder 3000) Firmware X1/X2 2.53.0005 VIP XD HD 1.8 VJD 7000 54.8.2 VJD 8000 9.00.0134 VRM 3.70.0056 VSG 6.42.0010 iOS 9.0.2 / 9.3.5 / 10.3.1 Web Client 11.0.96 Software The table below lists the software versions which are used in the BVMS 8.0 system test. BIS 4.3, 4.4, 4.5 DiBos 8.7 BRS 8.10/8.11 Allegiant MCS 2.94 / 2.95 Intuikey Keyboard 1.96 DVR FW Version 2.3.2 (DVR400 / 600) 3.61 (DIVAR 700) 2.5.0 (Divar AN 3000/5000) 1.2.1 (Divar Network/Hybrid) SQL Server 2014 Operating systems Operator Client Windows 8.1 64-bit; Windows 10 64-bit creators update (1703) Config Client Windows 8.1 64-bit; Windows 10 64-bit; Windows Server2012 R2 64-bit; Windows Server 2016 64-bit. Management Server, Mobile Video Service Windows Server 2008 R2 SP1 64-bit; Windows Server2012 R2 64-bit; Windows Server 2016 64-bit. Cameo SDK 220.127.116.11 BVMS SDK 18.104.22.168 RCPP 22.214.171.124 Hardware drivers NVIDIA Quadro Quadro Pro Driver for Microsoft Windows 7/8.1 (64-Bit) 385.08 (28.June 2017) Quadro Pro Driver for Microsoft Windows 10 (64-Bit) 385.69 (21.September 2017) AMD FirePro Unified Graphics Driver for Windows 8.1/10 (64- bit) 17.Q3 (27.July 2017) Bosch strongly urges customers to use the driver and software versions mentioned above. This ensures that the software can perform its task reliably.