Archiver: Extensions tab - Security Center 5.12

Security Center Administrator Guide 5.12

Product
Security Center
Content type
Guides > Administrator guides
Version
5.12
Language
English
Last updated
2024-09-13

You can use the Extensions page to configure the common connection parameters shared by the video units that are controlled by the Archiver. The extensions are automatically created when you add a unit to the Archiver.

Click the Extensions tab to view or configure the following settings:
Transaction timeout
Time that is spent waiting for a response before re-sending a command to the unit.
Command port
(Bosch only) Port used by the Archiver to send commands to the Bosch units. This field has default values that get reset every time the Protocol field is modified.
Protocol
(Bosch only) Transport protocol used by the Archiver to send commands to the Bosch units.
The accepted values are:
RCP
Use RCP+ over TCP (default). The command port must be set to 1756.
HTTP
Use HTTP or HTTPS (RCP+ over CGI).
IMPORTANT: To enroll a Bosch unit using either HTTP or HTTPS, you must manually create the Bosch extension, or modify an existing one.
  • To use HTTP, set Command port to match the value of HTTP browser port configured on the Bosch unit.
  • To use HTTPS, set Use HTTPS to On under the Default logon group, and set Port to match the value of HTTPS browser port configured on the Bosch unit.
NOTE: The command ports configured in the Bosch extension are default values. The values configured on the Bosch units might be different. The Discovery port must match the values configured on the Bosch units.
RSTP port
RTSP (Real Time Streaming Protocol) port used by the Archiver to request video from the units that support this protocol.

The RTSP port is used to listen for RTSP (Real Time Streaming Protocol) requests. When multiple archiving roles are hosted on the same server, this value must be unique for each one. The configured value cannot be the same as any value used for the Media Router role, its redirector agent, or any Auxiliary Archiver hosted on the same server.

VSIP port
(Verint only) Port used for automatic discovery. All units that are controlled through the same Verint extension must be configured with the same VSIP port. All Verint extensions configured for the same Archiver must have different discovery ports.
Refuse basic authentication
Use this switch to enable and disable basic authentication for an extension. This is useful if you turned off basic authentication in the Security Center InstallShield, but need to turn it on again to use a camera that only supports basic authentication. To turn basic authentication on again, you must switch Refuse basic authentication to Off.
Discovery port
Automatic discovery port. If multiple instances of the same type of extension are configured for the same Archiver, they must all use a different discovery port.
  • (ACTi) Corresponds to the Search server port 1 in the ACTi video server settings.
  • (Bosch) All units that are controlled through the same Bosch extension must be configured with the same discovery port.
NOTE: If you decide to change the Discovery port after the units are discovered, you must create a new extension with the new discovery port and delete the old one. If the units are not automatically discovered, you must add them manually.
Discovery reply port
(ACTi and Interlogix) Corresponds to the Search server port 2 in the ACTi video server settings.
Unicast period
Time period in which the extension repeats its connection tests using unicast to determine whether each unit is still active in the system.
Multicast period
Time period in which the extension attempts to discover new units using multicast. This option can be disabled.
The IP address that follows is the standard multicast IP address used by Omnicast™. Change the standard multicast IP address only if it is already used for something else.
Broadcast period
Time period in which the extension attempts to discover new units using broadcast. This option can be disabled.
Default logon
Certain types of units can be protected by a username and a password against illegal access. The logon credentials can be defined individually for each unit or for all units using the same extension.
Username
Certain types of units (such as Axis) require a username.
Password
Certain types of units (such as Bosch) require only a password.
Use HTTPS
Select this option to use Secure Hypertext Transfer Protocol for added security.
NOTE: For Bosch units, this setting only appears when Protocol is set to HTTP. When Use HTTPS is set to On, the Port set here supercedes the Command port.
TCP notification port
(Panasonic and Interlogix) Port used by the Archiver role to receive notifications from the units. When an event occurs, such as Signal lost or Signal recovered, the unit initiates a TCP connection with the Archiver and sends the notification through this port.
NOTE: (Panasonic) When multiple Archiver roles are running on the same server or are configured to listen to the same units, each Archiver role must be associated to a unique TCP notification port.
Notification channel
(Interlogix only) When you configure multiple Archiver roles to listen to the same units, such as in a failover list, each Archiver must be identified with a different notification channel (1 to 8). You can ignore this parameter if you are using only one Archiver.
For multiple Archiver roles, you must follow these rules:
  • All Archiver roles that control the same units must be configured with the same TCP notification port.
  • All Archiver roles must use a different notification channel.
Bosch VRM settings
The VRM settings are exclusive to Bosch VRM (Video Recording Manager). You can use these settings to query and play back video from Bosch cameras that are managed by a Bosch VRM. Multiple Bosch extensions can use the same VRM.
VRMs serve as failovers if one VRM goes offline or is unreachable. If all listed VRMs on an extension are not configured correctly, archived video might not be found by the Archiver. You can add more than one VRM to a Bosch extension and use the move up () and move down () buttons to move a VRM up or down on the list. The Archiver uses the first VRM on the list for queries and archived video. If the first VRM is not available, the Archiver uses the next VRM on the list.
NOTE: For the Bosch VRM to work properly in Security Center, you must configure the CHAP password on the device. See the Bosch documentation for information on configuring the CHAP password.
Verint specific settings
The following settings are found only on Verint units.
Show all available video streams as separate cameras
(Verint only) Omnicast™ supports encoders that generate multiple video streams from the same video source. When these encoders are discovered, the Archiver creates a video encoder with multiple streaming alternatives.
Select this option to represent every video stream as a separate camera.
NOTE: This option requires a camera connection license for each stream.
SSL settings
SSL (Secure Sockets Layer) is a protocol used to protect applications that need to communicate over a network. Security Center supports SSL on all message transmissions between the Archiver and the units, except for video streams because the volume of data is too high. The purpose for using SSL in Security Center is to prevent attacks, not to stop eavesdropping.
Select Enforce SSL only if SSL must be enforced on all units controlled by this Archiver. If this option is cleared, the Archiver will use SSL only to communicate with the units on which SSL is enabled.
Advanced security settings
Depending on the certificate used on the camera, you might need to configure some advanced security settings.
Allow unknown certificate authority
Set this option to ON for the Archiver to accept self-signed certificates.
Allow non-server certificates
Set this option to ON for the Archiver to accept non-server certificates.
Allow certificates with invalid subject name
Set this option to ON for the Archiver to accept certificates that do not have the IP address or hostname of the unit entered as the Subject name and Alternative name.
Allow certificates with invalid date
Set the option to ON for the Archiver to accept expired certificates.
Advanced settings
The advanced settings are reserved for use by Genetec™ Technical Assistance Center.
NTP settings
Synchronizes the time between the units that support NTP (Network Time Protocol), and the NTP server. Keeping the units’ time synchronized is particularly important for units that handle video archiving.
NOTE: This feature may not apply to all extensions. Currently, only the following extensions are supported: Acti, Axis, Bosch, Generic Plus, Genetec Protocol, and Sony.
You must set the following parameters:
NTP server
Specify the NTP server name.
NTP port
Specify the NTP server port number.
Poll timeout
Specify how often you want the time on the units to be checked to ensure that they are properly synchronized with the NTP server. For example, if 60 seconds is entered, the time is verified every 60 seconds.