It is important to know about Security Center 5.12.0.0 features that change how you interact with the system after an upgrade.
- Genetec Web App or Security Center Web Client - Which one is right for you?
- Genetec™ Web App and the Security Center Web Client are both available in Security
Center 5.12.0.0. Consider the following when deciding which one to use:
Feature gap in the Genetec Web App
Certain features are not yet supported in the current version of the Genetec Web App but will be added soon:- Access rules
- Cardholder groups
- Credentials
- Visitor management
- Report filters
If you require these features:- Upgraded system: Continue using the Security Center Web Client until the features are added to the Genetec Web App.
- New system: Genetec Web App will be your default web application, but you can enable Security Center Web Client manually by creating a Web Client Server role. For more information, see [KBA-79170] Feature gap between Security Center Web Client and Genetec Web App.
NOTE: The legacy Web Server role is now called Web Client Server. The role for the Genetec Web App is called Web App Server.
- Omnicast Federation disabled
- In Security Center 5.12.0.0 and later, Omnicast™ Federation™ is disabled and no longer supported. Remove all Omnicast Federation roles before upgrading your system. For more information, see Removing Omnicast Federation before upgrading Security Center.
- New .NET Framework requirements for Genetec Web App
- Starting with Security Center 5.11.1.0, .NET Framework 6 is included in Security Center. The minimum Windows 10 version supported is 1607 (Windows 10 Anniversary Update). The Security Center installation fails with older versions of Windows 10.
- Microsoft Visual C++ 2010 Redistributable removed from installation package
- Microsoft Visual C++ 2010 RTM Redistributable 10.0.30319.415 and Microsoft Visual C++
2010 SP1 Redistributable Package (x64) have been removed from the Security Center
installation package. As a result, the following video features are no longer supported:
- Dewarping Dahua cameras in Security Desk or in the web player.
- Ampleye decoder units. Decoding of previously recorded archives are unplayable with a No decoder error message and cameras can no longer record or play live video.
NOTE: Upgrading to Security Center 5.10.4.0 does not remove Microsoft Visual C++ 2010 Redistributable from your system because it might be required for existing software. If there are no dependencies, uninstall manually.
- Federated visitors in the Visitor management task
- Starting with Security Center 5.10.2.0, you see all federated visitors that have not been checked out in the Visitor management task. If you do not want to these federated visitors in the Visitor management task, you can move the visitors to partitions that are not synchronized through Federation™.
- Updating Newtonsoft
- Updating Newtonsoft from v12.0.2 to v12.0.3 might cause compatibility failures in your SDK environment.
- End of support for Windows 7 and Windows Server 2008
- Microsoft Windows 7 Pro/Enterprise/Ultimate SP1 and Microsoft Windows Server 2008 R2 SP1 are no longer supported because they are no longer supported by Microsoft.
- New .NET Framework requirements
- Starting with Security Center 5.8 GA, .NET Framework 4.8 is included in Security Center. The minimum Windows 10 version supported is 1607 (Windows 10 Anniversary Update). The Security Center installation fails with older versions of Windows 10.
- Enhanced complexity requirements for main server password
- Starting with Security Center 5.8 GA, when you update the main server password used by
Server Admin, the new password must meet following criteria:
- At least 8 characters
- 1 or more uppercase letters
- 1 or more lowercase letters
- 1 or more numerical characters
- 1 or more special characters
- No spaces or double quotation marks
- Changed default port for redirectors
- Starting with Security Center 5.8 GA, TCP port 960 replaces TCP port 5004 as the
initial default port for stream requests.
If you are upgrading from Security Center 5.6 or 5.7, your redirectors continue to use TCP port 5004 and no action is needed.
If you are upgrading from Security Center 5.5 or earlier, your redirectors will use TCP port 960. Ensure that port 960 is open in addition to port 560 for firewall and network address translation purposes. Otherwise, you might not be able to view live video streams from remote sites.
- Changed Logon dialog box
- Starting with Security Center 5.7 SR2, you can no longer leave the Directory field blank in the Logon dialog box. You must enter the name or IP address of the main server you want to connect to. If your client application runs on the main server, you can also enter Localhost as the Directory name.
- Deprecated custom temporary access rules based on custom fields
- Temporary access rules are supported natively in Security Center 5.7 SR1 and later. Because custom and native temporary access rules cannot be used together, we recommend that you use our native solution. If you are currently using the custom solution in Security Center 5.6, and want to upgrade to Security Center 5.7 SR1 or later, contact the Genetec Technical Assistance Center (GTAC) for help.
- Deprecated events in Area activities and Monitoring tasks
- Starting with Security Center 5.9.0.0, the following events are depreciated and not
visible in Area activities or Monitoring tasks:
- Anti-passback disabled: Unit is offline
- People counting disabled: Unit is offline
- An interlock cannot have perimeter floors
- Anti-passback disabled: Elevator on area perimeter
- Enhanced security in the Map Manager role
- Starting with Security Center 5.9, Map Manager requires all clients that request image
maps to pass authentication. To ensure that clients can view image maps after upgrading
the server, Map Manager roles upgraded from 5.8 and earlier run in backward
compatibility mode by default.
When in backward compatibility mode, Map Manager grants access to image maps without authentication. This mode is intended to temporarily maintain map functionality during a staged upgrade where some clients remain at an older version for a limited time. For more information on Map Manager backward compatibility, see Configuring the Map Manager role.
Best Practice: Turn off Backward compatibility after all client applications have been upgraded for enhanced security. - Introduced ECDSA certificates for Directory communication
- Starting in Security Center 5.9.3.0, you can use Elliptic Curve Digital Signature
Algorithm (ECDSA) certificates to secure the communication between Security Center
servers.
If you are planning to use an ECDSA certificate with Security Center, one or more of the following compatibility restrictions might apply:
- All servers running Security Center 5.9.3.0 or later with an ECDSA certificate are not compatible with servers running Security Center 5.9.2.0 or earlier.
- Security Center systems using an ECDSA certificate are not compatible with third-party authentication using SAML 2.0.
- Federation hosts using an ECDSA certificate can only stream video from federated sites that also use an ECDSA certificate.
- Introduced EdDSA for digital signatures
- Starting in Security Center 5.8.1.1, video digital signatures are now signed with the
more secure Edwards-curve Digital Signature Algorithm (Ed25519).
No action is required for video files that were signed in earlier versions of Security Center. Untampered files still pass validation, but are reported as authenticated with an obsolete algorithm.
- Introduced native double-badge events
- If you have event-to-actions configured for double-swipe in Security Center 5.7, you must reset your event-to-actions to use the Double badge on and Double badge off events in Security Center 5.8 GA or later.
- Introduced new port for Archiver roles
- Starting with Security Center 5.6 GA, Archivers require two ports: one port for live and playback stream requests (TCP 555) and one port for edge playback stream requests (TCP 605). If you are upgrading from Security Center 5.5 or earlier, make sure that port 605 is open in addition to port 555 for firewall and network address translation purposes, or you might not be able to view playback video streams from edge devices.
- Recommendations for running the Global Cardholder Synchronizer (GCS) role
- If your system is a sharing guest, make sure of the following:
- The sharing host system is running the same version, or a later version of Security Center.
- You have recorded a list of the global partitions that you want to synchronize, in case you must apply them after the upgrade.
- If the GCS role is running on an expansion server, perform one of the following
two options:
- Move the GCS role to the main server hosting the Directory role.
- Keep the GCS role on the expansion server, but deactivate the role until both the main and expansion servers are running the same version of Security Center.
- Renamed video watermarks to digital signatures
- Starting in Security Center 5.9.0.0, all references to anti-tampering watermarks in
the user interface and the associated documentation have been renamed to digital
signatures.
A video watermark now refers to an optional text overlay that can be permanently added to exported video files. It is a deterrent to prevent users from leaking video recordings. For more information on video watermarking, see About video watermarking.
- RTSP stream usage
- Starting in Security Center 5.9.0.0, you can only use RTSP over HTTP or TCP when combined with SDK access.
- Supported integrated software
- Plugin users might need to upgrade their integrated software to a version supported by Security Center 5.12.0.0. For more information, see to Supported plugins in Security Center.