New install sanity check, comments welcome

Discussion in 'Camera Installation Questions' started by WhorsePye2019, Feb 6, 2019.

Share This Page

  1. WhorsePye2019

    WhorsePye2019 n3wb

    Joined:
    Jan 21, 2019
    Messages:
    3
    Likes Received:
    6
    Location:
    CA
    So, as I said in my first/intro post, I am a long time lurker (>2 yrs) and a recent joiner.
    I have read tons of posts, studied key Wiki threads and am near to taking the plunge, to acquire 2 (to start) IP cameras and buy/use BI. I have 30+ years in hitech, both HW and SW and am comfortable with everything I have read so far but I hear this [not so faint] ticking sound. Lots of thought to cable routing, which POE switch to buy (was leaning towards Ubiquiti until I saw looney2ns post yesterday, sigh).
    Being somewhat thorough (some might say anal) I created a diagram showing what I think I want to create. Using it, I have some questions (below).
    In the diagram, the blue features have been working for a long time. The VPN is the most recent addition but has been up/stable for 6+ months. From miles away I can use my phone to access 2 RaspberryPi web pages I created/use inside my LAN. Woohoo.
    In the diagram, the red features are what I propose to add (i.e. things I need to buy, configure, etc.). Some questions below but please volunteer comments on the basic architecture too:
    Q1: My network knowledge is self taught thus somewhat limited. I want to keep the cameras off the WAN (i.e. ensure they cant call home, cant be hacked, etc.). I am considering buying a managed switch, so I can configure rules for each IP/MAC (each camera). I need to buy a new switch anyway (to get POE+) so why not make it a managed switch. Comments?
    Q2: I am not clear on how to treat the BI computer. I was hoping it could be headless (no local display). I would use VNC or remote desktop (RDP) to access it from the other desktops for routine use (I already have VNC working between a W7 desktop and 2 headless RaspberryPis so how hard could it be, right?). I also want to access the BI computer via the VPN. So, I could use some advice on how configure the managed switch to do this but also keep the cameras secure.
    Q3: I am hoping to use WiFi+HDMI to display (only) BI/UI3 on a 32" wall mounted TV. However, I am not sure whether this is possible or do I need a monitor? Where are the pitfalls given 2-4 2MP cameras, 15FPS, etc. Or, since this is video being displayed (right?), can I ignore the bandwidth of the data stream from the cameras? I will be building an adequate BI computer (i7/W10) so thats not the limiting factor. Note that I don't want/need to control BI from this display (I will login via desktop or phone/VPN to do that), I just want to echo the display of what BI/UI3 is currently displaying. As I think on this, this may not have anything to do with BI/UI3 but rather its just a computer display challenge, but comments welcome anyway. Anyone done this?
    Thanks guys.
    upload_2019-2-6_17-22-2.jpeg
     

    Attached Files:

    mat200 likes this.
  2. pal251

    pal251 Pulling my weight

    Joined:
    Mar 15, 2014
    Messages:
    974
    Likes Received:
    108
    What is wrong with Ubiquiti?
     
  3. WhorsePye2019

    WhorsePye2019 n3wb

    Joined:
    Jan 21, 2019
    Messages:
    3
    Likes Received:
    6
    Location:
    CA
    mat200 likes this.
  4. Bob Ebaugh

    Bob Ebaugh n3wb

    Joined:
    Jan 16, 2019
    Messages:
    2
    Likes Received:
    0
    Location:
    St. Petersburg, FL
    The Ubiquity problem was unfortunate. As I understand it, the Unifi products were not implicated. According to Ubiquity, it was limited to older WISP devices on out of date firmware. How many times has Windows been hacked? Nobody/nothing is immune.
     
  5. Walrus

    Walrus Pulling my weight

    Joined:
    Nov 19, 2018
    Messages:
    281
    Likes Received:
    180
    Location:
    Ontario
  6. Bob Ebaugh

    Bob Ebaugh n3wb

    Joined:
    Jan 16, 2019
    Messages:
    2
    Likes Received:
    0
    Location:
    St. Petersburg, FL
    It was a long time ago, but I once built a new PC, installed the OS using a public Internet address, and it got hacked before I could install all the windows OS updates minutes after completing the base install. Probably XP. Never made that mistake again.

    The point...there are vulnerabilities in many devices, especially running old versions of the OS or firmware. Look at "the moon" virus. I suspect additional research would find similar vulnerabilities in other branded hardware exposed to the internet and not kept current. Restricting product choice to those with a perfect record, may or may not be possible.

    YMMV....