Advanced steps – Network

Use secure wireless protocols

If you use wireless networks, Milestone recommends that you use a secure wireless protocol to prevent unauthorized access to devices and computers. For example, use standardized configurations. The NIST guidance on wireless local area networks provides specific details on network management and configuration. For more information, see SP 800-48 revision 1, Guide to Securing Legacy IEEE 802.11 Wireless Networks (https://csrc.nist.gov/publications/detail/sp/800-48/rev-1/archive/2008-07-25).

Additionally, Milestone recommends that you do not use wireless cameras in mission-critical locations. Wireless cameras are easy to jam, which can lead to loss of video.

Learn more

The following control(s) provide additional guidance:

  • NIST SP 800-53 AC-18 Wireless Access
  • NIST SP 800-53 SC-40 Wireless Link Protection

Use port-based access control

Use port-based access control to prevent unauthorized access to the camera network. If an unauthorized device connects to a switch or router port, the port should become blocked. Information about how to configure switches and routers is available from the manufacturers. See SP 800-128, Guide for Security-Focused Configuration Management of Information Systems (https://csrc.nist.gov/publications/detail/sp/800-128/final), for information about configuration management of information systems.

Learn more

The following control(s) provide additional guidance:

  • NIST 800-53 CM-1 Configuration Management Policy and Procedures
  • NIST 800-53 CM-2 Baseline Configuration
  • NIST 800-53 AC-4 Least Privilege
  • NIST 800-53 CM-6 Configuration Settings
  • NIST 800-53 CM-7 Least Functionality

Run the VMS on a dedicated network

Milestone recommends that, whenever possible, you separate the network where the VMS is running from networks with other purposes. For example, a shared network such as the printer network should be isolated from the VMS network. In addition, XProtect VMS deployments should follow a general set of best practices for system interconnections.

Learn more

The following control(s) provide additional guidance:

  • NIST SP 800-53 CA-3 System Interconnections