Features that impact an upgrade to Security Center 5.12.0.0 - Security Center 5.12.0.0

Security Center Release Notes 5.12.0.0

Product
Security Center
Content type
Release notes
Version
5.12
Release
5.12.0.0
Language
English
Last updated
2024-07-02

It is important to know about Security Center 5.12.0.0 features that change how you interact with the system after an upgrade.

Note the following when upgrading to Security Center 5.12.0.0:
Genetec Web App or Security Center Web Client - Which one is right for you?
Genetec™ Web App and the Security Center Web Client are both available in Security Center 5.12.0.0. Consider the following when deciding which one to use:

Feature gap in the Genetec Web App

Certain features are not yet supported in the current version of the Genetec Web App but will be added soon:
  • Access rules
  • Cardholder groups
  • Credentials
  • Visitor management
  • Report filters
If you require these features: If you do not require these features, we recommend using the Genetec Web App.
NOTE: The legacy Web Server role is now called Web Client Server. The role for the Genetec Web App is called Web App Server.
Omnicast Federation disabled
In Security Center 5.12.0.0 and later, Omnicast™ Federation™ is disabled and no longer supported. Remove all Omnicast Federation roles before upgrading your system. For more information, see Removing Omnicast Federation before upgrading Security Center.
New .NET Framework requirements for Genetec Web App
Starting with Security Center 5.11.1.0, .NET Framework 6 is included in Security Center. The minimum Windows 10 version supported is 1607 (Windows 10 Anniversary Update). The Security Center installation fails with older versions of Windows 10.
Microsoft Visual C++ 2010 Redistributable removed from installation package
Microsoft Visual C++ 2010 RTM Redistributable 10.0.30319.415 and Microsoft Visual C++ 2010 SP1 Redistributable Package (x64) have been removed from the Security Center installation package. As a result, the following video features are no longer supported:
  • Dewarping Dahua cameras in Security Desk or in the web player.
  • Ampleye decoder units. Decoding of previously recorded archives are unplayable with a No decoder error message and cameras can no longer record or play live video.
NOTE: Upgrading to Security Center 5.10.4.0 does not remove Microsoft Visual C++ 2010 Redistributable from your system because it might be required for existing software. If there are no dependencies, uninstall manually.
Federated visitors in the Visitor management task
Starting with Security Center 5.10.2.0, you see all federated visitors that have not been checked out in the Visitor management task. If you do not want to these federated visitors in the Visitor management task, you can move the visitors to partitions that are not synchronized through Federation™.
Updating Newtonsoft
Updating Newtonsoft from v12.0.2 to v12.0.3 might cause compatibility failures in your SDK environment.
End of support for Windows 7 and Windows Server 2008
Microsoft Windows 7 Pro/Enterprise/Ultimate SP1 and Microsoft Windows Server 2008 R2 SP1 are no longer supported because they are no longer supported by Microsoft.
New .NET Framework requirements
Starting with Security Center 5.8 GA, .NET Framework 4.8 is included in Security Center. The minimum Windows 10 version supported is 1607 (Windows 10 Anniversary Update). The Security Center installation fails with older versions of Windows 10.
Enhanced complexity requirements for main server password
Starting with Security Center 5.8 GA, when you update the main server password used by Server Admin, the new password must meet following criteria:
  • At least 8 characters
  • 1 or more uppercase letters
  • 1 or more lowercase letters
  • 1 or more numerical characters
  • 1 or more special characters
  • No spaces or double quotation marks
Changed default port for redirectors
Starting with Security Center 5.8 GA, TCP port 960 replaces TCP port 5004 as the initial default port for stream requests.

If you are upgrading from Security Center 5.6 or 5.7, your redirectors continue to use TCP port 5004 and no action is needed.

If you are upgrading from Security Center 5.5 or earlier, your redirectors will use TCP port 960. Ensure that port 960 is open in addition to port 560 for firewall and network address translation purposes. Otherwise, you might not be able to view live video streams from remote sites.

Changed Logon dialog box
Starting with Security Center 5.7 SR2, you can no longer leave the Directory field blank in the Logon dialog box. You must enter the name or IP address of the main server you want to connect to. If your client application runs on the main server, you can also enter Localhost as the Directory name.
Deprecated custom temporary access rules based on custom fields
Temporary access rules are supported natively in Security Center 5.7 SR1 and later. Because custom and native temporary access rules cannot be used together, we recommend that you use our native solution. If you are currently using the custom solution in Security Center 5.6, and want to upgrade to Security Center 5.7 SR1 or later, contact the Genetec Technical Assistance Center (GTAC) for help.
Deprecated events in Area activities and Monitoring tasks
Starting with Security Center 5.9.0.0, the following events are depreciated and not visible in Area activities or Monitoring tasks:
  • Anti-passback disabled: Unit is offline
  • People counting disabled: Unit is offline
  • An interlock cannot have perimeter floors
  • Anti-passback disabled: Elevator on area perimeter
Enhanced security in the Map Manager role
Starting with Security Center 5.9, Map Manager requires all clients that request image maps to pass authentication. To ensure that clients can view image maps after upgrading the server, Map Manager roles upgraded from 5.8 and earlier run in backward compatibility mode by default.

When in backward compatibility mode, Map Manager grants access to image maps without authentication. This mode is intended to temporarily maintain map functionality during a staged upgrade where some clients remain at an older version for a limited time. For more information on Map Manager backward compatibility, see Configuring the Map Manager role.

Best Practice: Turn off Backward compatibility after all client applications have been upgraded for enhanced security.
Introduced ECDSA certificates for Directory communication
Starting in Security Center 5.9.3.0, you can use Elliptic Curve Digital Signature Algorithm (ECDSA) certificates to secure the communication between Security Center servers.

If you are planning to use an ECDSA certificate with Security Center, one or more of the following compatibility restrictions might apply:

  • All servers running Security Center 5.9.3.0 or later with an ECDSA certificate are not compatible with servers running Security Center 5.9.2.0 or earlier.
  • Security Center systems using an ECDSA certificate are not compatible with third-party authentication using SAML 2.0.
  • Federation hosts using an ECDSA certificate can only stream video from federated sites that also use an ECDSA certificate.
Introduced EdDSA for digital signatures
Starting in Security Center 5.8.1.1, video digital signatures are now signed with the more secure Edwards-curve Digital Signature Algorithm (Ed25519).

No action is required for video files that were signed in earlier versions of Security Center. Untampered files still pass validation, but are reported as authenticated with an obsolete algorithm.

Introduced native double-badge events
If you have event-to-actions configured for double-swipe in Security Center 5.7, you must reset your event-to-actions to use the Double badge on and Double badge off events in Security Center 5.8 GA or later.
Introduced new port for Archiver roles
Starting with Security Center 5.6 GA, Archivers require two ports: one port for live and playback stream requests (TCP 555) and one port for edge playback stream requests (TCP 605). If you are upgrading from Security Center 5.5 or earlier, make sure that port 605 is open in addition to port 555 for firewall and network address translation purposes, or you might not be able to view playback video streams from edge devices.
Recommendations for running the Global Cardholder Synchronizer (GCS) role
If your system is a sharing guest, make sure of the following:
  • The sharing host system is running the same version, or a later version of Security Center.
  • You have recorded a list of the global partitions that you want to synchronize, in case you must apply them after the upgrade.
  • If the GCS role is running on an expansion server, perform one of the following two options:
    • Move the GCS role to the main server hosting the Directory role.
    • Keep the GCS role on the expansion server, but deactivate the role until both the main and expansion servers are running the same version of Security Center.
Renamed video watermarks to digital signatures
Starting in Security Center 5.9.0.0, all references to anti-tampering watermarks in the user interface and the associated documentation have been renamed to digital signatures.

A video watermark now refers to an optional text overlay that can be permanently added to exported video files. It is a deterrent to prevent users from leaking video recordings. For more information on video watermarking, see About video watermarking.

RTSP stream usage
Starting in Security Center 5.9.0.0, you can only use RTSP over HTTP or TCP when combined with SDK access.
Supported integrated software
Plugin users might need to upgrade their integrated software to a version supported by Security Center 5.12.0.0. For more information, see to Supported plugins in Security Center.
For instructions about how to upgrade Security Center, see Installing Security Center.