It is important to know about Security Center 126.96.36.199 features that will change how you interact with the system after an upgrade.
- Updating Newtonsoft
- Updating Newtonsoft from v12.0.2 to v12.0.3 might cause compatibility failures in your SDK environment.
- End of support for Windows 7 and Windows Server 2008
- Microsoft® Windows 7 Pro/Enterprise/Ultimate SP1 and Microsoft® Windows Server 2008 R2 SP1 are no longer supported because they are no longer supported by Microsoft.
- New .NET Framework requirements
- Starting with Security Center 5.8 GA, .NET Framework 4.7.1 is included in Security Center. The minimum Windows 10 version supported is 1607 (Windows 10 Anniversary Update). The Security Center installation will fail with older versions of Windows 10.
- Enhanced complexity requirements for main server password
- Starting with Security Center 5.8
GA, when you update the main server password used by Server
Admin, the new password must meet all of
the following criteria:
- At least 8 characters long
- 1 or more upper case letters
- 1 or more lower case letters
- 1 or more numerical characters
- 1 or more special characters
- No spaces or double quotation marks.
- Changed default port for redirectors
- Starting with Security Center 5.8
GA, TCP port 960 replaces TCP port 5004 as the initial default port for stream requests.
If you are upgrading from Security Center 5.6 or 5.7, your redirectors will continue to use TCP port 5004 and no action is needed.
If you are upgrading from Security Center 5.5 or earlier, your redirectors will use TCP port 960. Ensure that port 960 is open in addition to port 560 for firewall and network address translation purposes, or you might not be able to view live video streams from remote sites.
- Changed Logon dialog box
- Starting with Security Center 5.7 SR2, you can no longer leave the Directory field blank in the Logon dialog box. You must enter the name or IP address of the main server you want to connect to. If your client application is running on the main server, you can also enter Localhost as the Directory name.
- Deprecated custom temporary access rules based on custom fields
- Temporary access rules are supported natively in Security Center 5.7 SR1 and later. Because custom and native temporary access rules cannot be used together, we recommend that you use our native solution. If you are currently using the custom solution in Security Center 5.6, and want to upgrade to Security Center 5.7 SR1 or later, contact our Technical Assistance Center (GTAC) for help.
- Deprecated events in Area activities and Monitoring tasks
- Starting with Security Center
188.8.131.52, the following events are depreciated and not visible in Area activities or
- Antipassback disabled: Unit is offline
- People counting disabled: Unit is offline
- An interlock cannot have perimeter floors
- Antipassback disabled: Elevator on area perimeter
- Enhanced security in the Map Manager role
- Starting with Security Center 5.9,
Map Manager requires all clients that request image maps to pass authentication. To
ensure legacy clients can view image maps after upgrading the server, Map Manager roles
upgraded from 5.8 and earlier run in backward compatibility mode by default.
When in backward compatibility mode, Map Manager grants access to image maps without authentication. This mode is intended to temporarily maintain map functionality during a staged upgrade where some clients remain at an older version for a limited time. For more information on Map Manager backward compatibility, see Configuring the Map Manager role.Best Practice: Switch Backward compatibility OFF after all client applications have been upgraded for enhanced security.
- Introduced ECDSA certificates for Directory communication
- Starting in Security Center 184.108.40.206, you can
use Elliptic Curve Digital Signature Algorithm (ECDSA) certificates to secure the
communication between Security Center
If you are planning to use an ECDSA certificate with Security Center, one or more of the following compatibility restrictions might apply:
- All servers running Security Center 220.127.116.11 or later with an ECDSA certificate, are not compatible with servers running Security Center 18.104.22.168 or earlier.
- Security Center systems using an ECDSA certificate are not compatible with third-party authentication using SAML 2.0.
- Federation™ hosts using an ECDSA certificate can only stream video from federated sites that also use an ECDSA certificate.
- Introduced EdDSA for digital signatures
- Starting in Security Center 22.214.171.124, video
digital signatures are now signed with the more secure Edwards-curve Digital Signature
No action is required for video files that were signed in earlier versions of Security Center. Untampered files still pass validation, but are reported as authenticated with an obsolete algorithm.
- Introduced native double-badge events
- If you have event-to-actions configured for double-swipe in Security Center 5.7, you must reset your event-to-actions to use the Double badge on and Double badge off events in Security Center 5.8 GA or later.
- Introduced new port for Archiver roles
- Starting with Security Center 5.6 GA, Archivers require two ports: one port for live and playback stream requests (TCP 555) and one port for edge playback stream requests (TCP 605). If you are upgrading from Security Center 5.5 or earlier, make sure that port 605 is open in addition to port 555 for firewall and network address translation purposes, or you might not be able to view playback video streams from edge devices.
- Recommendations for running the Global Cardholder Synchronizer (GCS) role
- If your system is a sharing guest, make sure of the following:
- The sharing host system is running the same version, or a later version of Security Center.
- You have recorded a list of the global partitions you want to synchronize, in case you must apply them after the upgrade.
- If the GCS role is running on an expansion server, perform one of the following
- Move the GCS role to the main server hosting the Directory role.
- Keep the GCS role on the expansion server, but deactivate the role until both the main and expansion servers are running the same version of Security Center.
- Renamed video watermarks to digital signatures
- Starting in Security Center 126.96.36.199, all
references to anti-tampering watermarks in the user interface and the associated
documentation have been renamed to digital signatures.
A video watermark now refers to an optional text overlay that can be permanently added to exported video files. It is a deterrent to prevent users from leaking video recordings. For more information on video watermarking, see About video watermarking.
- RTSP stream usage
- Starting in Security Center 188.8.131.52, you can only use RTSP over HTTP or TCP when combined with SDK access.
- Supported integrated software
- Plugin users might need to upgrade their integrated software to a version supported by Security Center 184.108.40.206. For more information, refer to Supported plugins in Security Center.