jec6613
Getting the hang of it
It's irrelevant because I didn't ask for NDAA compliant cameras and never said it's a requirement. Those are trivial to find a database of.
Aside, saying that just shutting off the internet or using dual NICs is enough is disingenuous: it isn't, at least not for the last few years. To be somewhat secure, set up the NVR in a DMZ VLAN, poke the (stateful) firewall holes in and out so you can manage, patch, and access it, then put the cameras on different untrusted VLAN that can only route to your DMZ with only DHCP, NTP, and a local DNS table as services provided, add in switch-level L2 isolation on that VLAN so the cameras can't talk to each other, then poke the (again, stateful) firewall holes to the NVR.*
And since you're so curious, in my case it's an insurance company requirement, and it's not as uncommon as you may think. If you have an alarm discount+cyber rider, it's a pretty normal requirement, up there with a fire alarm being UL listed and your door lock meeting some arbitrary security level - read your own policy for details. I also know many people in the private sector who must meet various audit requirements on even their home networks, though they almost always just pay a third party company to take care of it.
My preference is not to use a cloud solution, and to just stick with I can set up easily to do exactly what I want, and don't have to teach anybody how to use. And as you might imagine given I read my insurance policy, I also read the TOS and PP of any cloud service I subscribe to, which is a whole other issue.
*Yes I have more than this, but that's at least a starting point that most L3 switches or VLAN capable routers can handle without choking.
Edit to add: the reason it's on the insurance, as well as many audit requirements, is it means there's a throat to grab if something goes wrong. The insurance company can't sic its lawyers on a PRC-owned company.
Last edited:
