Looking for USA made cameras

[Curlyp]

I'm not arguing that point at all. There's no such thing as absolute trust under any circumstances. But if the OP doesn't trust a good VLAN and firewall arrangement to keep his cameras isolated from the web, then buying a camera that says "Made in U.S.A." won't necessarily make him any safer.

I do trust my network setup, I just need to make sure I am not using cameras from certain countries due to specific reasons.

Yep, if you want true ability to not phone home or be hacked, make it what CCTV really is or was - zero ability to be seen outside of the building - no VLANs or dual NIC and not a single component of the system is connected to the internet at all.

Short of that closed of a system, one has to take the necessary precautions to minimize the risk. Isolate cameras from the internet via VLANs or dual NIC, strong firewall, no P2P or port-forwarding, etc.

Correct me if I am wrong, but isn't CCTV more for corporations or do they have consumer products? The other think I need to look into is RJ45 (CAT6A) vs RG59 (COAX cable) to setup my security system. I am moving to a new house with acreage, barns, etc, and not sure what is the best route to take. Do I want to run Point to Point (PTP) from my main house to the barns, or run RJ45 or RG59 unground to the barn? First time trying to secure something of a bigger foot print.

a VLAN that is implemented in the router or switch depends on the software. Do you really trust that software ? I sure as hell do not !

The best solution is to use a dual NIC. But you are trusting windows 10 to not forward the information. It minimizes your risk but does not eliminate it.

Right now, I am using UniFi for my network. Do you recommended using pfSense or Untangle over UniFi?

You mentioned a dual NIC as the best solution. What does the dual NIC allow (besides accepting two network cables and using different IPs)?

Other than maybe some networking techie forum, you will not find another group of more security conscious folks here and if folks here are comfortable with these cameras and configuring them to not phone home, then it is about as close as you can get.

Many here trust the cameras @EMPIRETECANDY sells and even he would tell folks not to use UPnP or P2P or port forwarding...

Thank you very much. Yes, I have read may threads on here and @EMPIRETECANDY comes highly recommended.

Agree with @SouthernYankee nothing beats true HW isolation either via multi homed / dual mic setups or separation through other areas of the infrastructure deployed

Is there a guide for HW isolation/products/setup?

 

[Curlyp]

The OP is asking about cams made in the USA for a specific reason other than assumed security. Obviously it is a contractual issue. The brands that @wtimothyholman @holiday and @Mike A. mentioned are not from China, but the OP specifically stated made in USA. I personally do not know of any.

That being said, I doubt that any cam that is 'Made in the USA' is made totally of parts constructed in the USA. I do not think that there are CMOS and other chip parts that are made in the USA. Yes, TI makes some chips here but are they used in cams?

Correct, it is more than just a security reason, but I am not allowed to talk about it. It seems 100% USA made might be hard to get or will be very costly. I can use products from Canada, France, and some other countries, but there are several countries I cannot (I am sure you can think of which ones!).

 

[Curlyp]

And therein lies the problem that our government doesn't realize with these mandates LOL - what good is it if the outer shell, bracket, support, etc. is made in the USA but the actual chip parts and inner workings, you know the parts that can actually be coded to phone home, is not made in the USA...

lol couldn't agree more!

 

[Bitslizer]

lol couldn't agree more!

Government have the NDAA requirement, even the chips cannot come from certain Chinese companies. There are cameras specific for NDAA compliant

NDAA Compliance Guide: Which Security Cameras Can You Install on Government Properties?

As with any job taking place on government property, security professionals must approach government surveillance system installations with great sensitivity. In the United States, there are steps that must be followed to ensure compliance with U.S. law. Not every security camera can be installed on

www.nellyssecurity.com

 

[SpacemanSpiff]

You mentioned a dual NIC as the best solution. What does the dual NIC allow (besides accepting two network cables and using different IPs)?

Is there a guide for HW isolation/products/setup?

Dual NIC will keep your camera traffic off your regular network, and still allow you to monitor BI from your phone, laptop, desktop. Among the many things, this will also keep network congestion to a minimum, prevent folks from getting into cameras and prevent cameras from phoning home.

IPCT wiki for securing network: How to Secure Your Network (Don't Get Hacked!)

 

[looney2ns]

I would contact Nelly's security, and ask them. They've been around the block multiple times

Security Cameras, Surveillance Systems, and Hi-Def IP Systems | Nelly's Security

The web's top source for New Security Cameras, Surveillance Systems, and Hi-Def IP Systems.

www.nellyssecurity.com

 

[sebastiantombs]

If you're already using Ubiquity gear have a look at their wireless bridge products to link your out buildings. Range is not problem at all. Using wireless will provide electrical isolation, surges from lightning as an example, without trenching, conduit and fiber.

 

[Wildcat_1]

If you're already using Ubiquity gear have a look at their wireless bridge products to link your out buildings. Range is not problem at all. Using wireless will provide electrical isolation, surges from lightning as an example, without trenching, conduit and fiber.

+1 on Ubiquiti

 

[SpacemanSpiff]

...

Right now, I am using UniFi for my network. Do you recommended using pfSense or Untangle over UniFi?

I am a fan of pfsense. There's plenty of good hardware & software options fit for the job. Can't got wrong sticking with the one(s) you're comfortable and most familiar with.

 

[Mike A.]

The OP is asking about cams made in the USA for a specific reason other than assumed security. Obviously it is a contractual issue. The brands that @wtimothyholman @holiday and @Mike A. mentioned are not from China, but the OP specifically stated made in USA. I personally do not know of any.

That being said, I doubt that any cam that is 'Made in the USA' is made totally of parts constructed in the USA. I do not think that there are CMOS and other chip parts that are made in the USA. Yes, TI makes some chips here but are they used in cams?

Yes, very unlikely these days. The supply chain for various components just doesn't work that way anymore.

I think I remember that some years back Axis had (with some foresight) stopped sourcing any cameras/components made in China other than for use in products for the Chinese market. But as you say that doesn't mean made in the US (e.g., Taiwan, Korea, and elsewhere).

They say that their entire line of products are NDAA compliant:

Technical and procurement compliance | Axis Communications

There are many technical and procurement compliance regulations and requirements needed when doing business with the federal government. Axis offers a variety of products and solutions that comply with these federal requirements. Keep reading to learn more about Axis compliance.

www.axis.com

Which satisfies that requirement where it may be applicable but that doesn't mean nothing made in China in other cases. Only excludes certain specific Chinese manufacturer's products (Dahua, Hikvision, etc.) as critical components.

 

[samplenhold]

IP cams are basically run on ethernet cable (cat5e, cat6 with RJ45 connectors. Analog cams are run on coax (RG59, etc. with BNC connections). There are adapters to run IP cams over coax and vice versa. IP cams are what most are using these days and analog cams are not as wide spread as they once were.

A dual NIC setup is used to isolate your cams from your other network, much like using VLANs. Only VLANs are software solutions and a dual NIC is a hardware solution that physically isolates that network from other networks/subnets and the internet. I use the dual NIC option rather than VLANs as I found it easier to understand and set up. But many here have used VLANs with great success. I am using Blue Iris on a WIN 10 computer as my cam software rather than an NVR. I am not sure how one would set up a dual NIC with an NVR. See the diagram below for a simple setup.

@SpacemanSpiff linked you to the thread that describes how to set up a dual NIC.

 

[cd36]

IP cams are basically run on ethernet cable (cat5e, cat6 with RJ45 connectors. Analog cams are run on coax (RG59, etc. with BNC connections). There are adapters to run IP cams over coax and vice versa. IP cams are what most are using these days and analog cams are not as wide spread as they once were.

A dual NIC setup is used to isolate your cams from your other network, much like using VLANs. Only VLANs are software solutions and a dual NIC is a hardware solution that physically isolates that network from other networks/subnets and the internet. I use the dual NIC option rather than VLANs as I found it easier to understand and set up. But many here have used VLANs with great success. I am using Blue Iris on a WIN 10 computer as my cam software rather than an NVR. I am not sure how one would set up a dual NIC with an NVR. See the diagram below for a simple setup.

@SpacemanSpiff linked you to the thread that describes how to set up a dual NIC.View attachment 90250

The advantage of vlans being that you can reuse hardware. So the same infrastructure of switches, cabling, bridges, etc can be used for your cameras and general network connectivity.

 

[Curlyp]

Thank you all for the information. This has helped and now I just need to find the right camera types to place all over the house and barn.

 

[The Automation Guy]

I am moving to a new house with acreage, barns, etc, and not sure what is the best route to take. Do I want to run Point to Point (PTP) from my main house to the barns, or run RJ45 or RG59 unground to the barn? First time trying to secure something of a bigger foot print.

First, the biggest problem with running wire a outside or buried, is the risk of an electrical spike (usually from lightning) piggybacking on the wiring which can destroy a lot of attached equipment. The wire acts like a giant antenna for surges. To get around this you have two choices. One, run fiber instead of wire. Because fiber is glass, it cannot conduct electricity and therefore reduced the chance of this happening to zero. Second, you can attempt to ground the wiring at each end (in the house and the barn). This takes special equipment and it is not a guarantee that a strike won't get through.

Right now, I am using UniFi for my network. Do you recommended using pfSense or Untangle over UniFi?

I use Unify APs, but run pfSense for the firewall. I highly recommend it. It is inexpensive to set up (easily runs on a thinclient that can be purchased used for $150 or less) and is a robust solution that is mature enough that lots of businesses use it. Lots of times that "robustness" means the system is hard to set up, but there are so many guides and Youtube videos out there that just about anyone can set up a system and add all the features they want.

Honestly I didn't know anything when I first started with pfSense and I slowly built it out. I now run pfSense with pfBlockering blocking ads, a VPN server set up to allow me to remotely connect to my network, a full time VPN tunnel set up between my network and my parent's network that we both use for offsite backups of important data, and 6 VLANs that separate my network into different segments that allow me to make sure devices only get appropriate access to/from the network. It didn't all happen overnight, but that is the beauty of the firewall. You can get a basic system down that protects your network, and then slowly add the "icing on the cake" as you have time to learn about them.

 

[Curlyp]

First, the biggest problem with running wire a outside or buried, is the risk of an electrical spike (usually from lightning) piggybacking on the wiring which can destroy a lot of attached equipment. The wire acts like a giant antenna for surges. To get around this you have two choices. One, run fiber instead of wire. Because fiber is glass, it cannot conduct electricity and therefore reduced the chance of this happening to zero. Second, you can attempt to ground the wiring at each end (in the house and the barn). This takes special equipment and it is not a guarantee that a strike won't get through.

Thank you very much. I had no idea about this. Would the best solution be to run the fiber in a conduit underground to the barn? What about using PTP devices to shoot the signal to the barn? Would this still be susceptible to lightning strikes?

I use Unify APs, but run pfSense for the firewall. I highly recommend it. It is inexpensive to set up (easily runs on a thinclient that can be purchased used for $150 or less) and is a robust solution that is mature enough that lots of businesses use it. Lots of times that "robustness" means the system is hard to set up, but there are so many guides and Youtube videos out there that just about anyone can set up a system and add all the features they want.

Honestly I didn't know anything when I first started with pfSense and I slowly built it out. I now run pfSense with pfBlockering blocking ads, a VPN server set up to allow me to remotely connect to my network, a full time VPN tunnel set up between my network and my parent's network that we both use for offsite backups of important data, and 6 VLANs that separate my network into different segments that allow me to make sure devices only get appropriate access to/from the network. It didn't all happen overnight, but that is the beauty of the firewall. You can get a basic system down that protects your network, and then slowly add the "icing on the cake" as you have time to learn about them.

Very nice! I use the Unify APs as well. I currently have the UDM, but when I get too the new place, I am setting up a whole server rack in the basement. I will have much more house sqft to cover than what I currently have. I may switch to pfSense for my main network and then setup a hardware VLAN to the UDM and POE servers to manage my cameras. I will could use one of my older gaming/server pc's (i7 or i9), to run Blue Iris and have all the cameras feed through that PC. I would have the hardware VLAN to the dedicated camera equipment. Then if need be, I could setup VLANs to further isolate cameras in groups, i.e., front house, left side, right side, back house, barn, etc. Based on everyones advice, using VLANs is the way to go.

 

[sebastiantombs]

As I mentioned earlier, since you have Ubiquity equipment already definitely look at the Nano Station series. I use a Loco to link to our outbuildings, short hop, but they will go kilometers and won't be effected by surges.

 

[Curlyp]

As I mentioned earlier, since you have Ubiquity equipment already definitely look at the Nano Station series. I use a Loco to link to our outbuildings, short hop, but they will go kilometers and won't be effected by surges.

Okay. Are you talking about these? Ubiquiti - NanoStation® M

 

[sebastiantombs]

In your case, assuming clear line of sight, I'd look at the 5GHz models.

 

[Curlyp]

In your case, assuming clear line of sight, I'd look at the 5GHz models.

Sounds good. Thank you for the advice.

 

[cd36]

I wouldn't bother with the M Series at this point, they are an older line and only capable of 100Mbps.

Look at a Nanostation 5AC Loco. They are newer, capable of 450Mbps, and are the line that are actively being developed for. In some cases to they are cheaper than the M series.