Target customers and deployment scenarios

The ability to run XProtect on AWS cloud infrastructure is an opportunity for a wide set of enterprises and organizations of any size and active in different vertical segments and industries and with different IT maturity levels. This includes private businesses and enterprises, educational institutions, as well as public and governmental bodies.

Figure 1. Typical deployment scenarios for XProtect VMS on AWS

Single site – cloud only deployment

The simplest deployment scenario is customers with only one location, where the XProtect video surveillance system is to cover cameras and other IoT devices commissioned in one specific location. In this scenario all XProtect VMS server functions are deployed on the end-customer’s service infrastructure in AWS. Using the various XProtect clients, users can access the XProtect VMS application from both on-premises users and remote users using the web or mobile clients.

The cloud only deployment is the default deployment scenario when deploying XProtect from AWS Marketplace, and it is suitable in regions with reliable high-speed internet connectivity. A customer with single site deployment would normally deploy XProtect in the AWS Region with closest proximity to the customer’s physical location. However, network connectivity and data privacy matters may influence the selection of deployment regions.

Single site – cloud and on-premises deployment

Like the previous scenario, this scenario covers one location only, but instead of deploying all XProtect server functions on AWS, this scenario will be a hybrid deployment. This means that some XProtect VMS service functions are in the cloud and some physically in the customer’s premises. In some deployments, it makes sense to outplace one or more XProtect recording servers on-premises. This would be the case when the size of the XProtect system measured in number of connected cameras and IoT deices is very large, or when it is difficult to obtain sufficient and reliable network connectivity to the AWS datacenter.

This deployment architecture is recommended in regions with lower penetration and availability of reliable high-speed internet connectivity. This architecture is also a natural steppingstone for migrating existing on-premises XProtect installations to AWS cloud infrastructure.

Multi-site deployment

Many companies and organizations operate across two or more geographically dispersed sites where the video surveillance system needs to seamlessly span across multiple sites. The advantages of cloud deployment video management solutions become evident for such types of customer deployments, as a cloud hosted VMS application not only provides a centrally managed video surveillance platform covering all sites uniformly, but the cloud architecture also allows the on-premises deployment to be simplified and lean. This not only optimizes the initial deployment time and cost, but it also significantly reduces the maintenance costs as less on-premises hardware immediately translates into less maintenance and less on-site visits.

Customers with multi-site deployment would normally deploy XProtect in an AWS Region located centrally to the customer’s geographically dispersed sites. If some sites are larger than others, it can be an advantage to deploy XProtect in the AWS Region in the closest proximity to the largest site. However, network connectivity and data privacy matters may influence the selection of deployment region.

Additionally, multi-site deployments can be realized with hybrid deployment on one or more sites, where XProtect recording servers are outplaced on the individual locations to provide local compute and storage capabilities or to mitigate capacity and reliability issues in the internet connectivity. Hybrid deployments are also a natural step on a cloud migration path, where some sites can continue to use existing hardware in good condition, while other sites can be served by a cloud only.

Global deployment

Some enterprises and organizations have a need to coordinate and align video security operation on a global level, spanning sites in multiple countries and across different continents. In these cases, AWS is the ideal cloud provider with true global presence and their global network infrastructure, where every data center, availability zone (AZ), and AWS Region is interconnected via a purpose-built, highly available, and low-latency private global network infrastructure.

This means that customers can utilize AWS globally, fully redundant, parallel 100 GbE fiber network to interlink different sites of operation. For more information about AWS global network infrastructure, please refer to: https://aws.amazon.com/about-aws/global-infrastructure/global_network/.

When designing a truly global XProtect deployment, there are several relevant principal design options:

• Single XProtect VMS system with regionally deployed XProtect recording servers

In this design, the main parts of the XProtect VMS system would be deployed in one primary AWS Region, while offices in remote countries and continents would be served by XProtect recording servers deployed in an AWS Region nearby the customer’s remote location. The remote XProtect recording servers would then be connected to the XProtect VMS system in the primary AWS Region using AWS global network infrastructure.

• Federated XProtect VMS regional systems

Individual complete XProtect VMS systems deployed in different AWS Regions can be federated across AWS global backbone to form a centrally managed video surveillance system with virtually no limits to how many cameras and other IoT devices that are connected to it. A federated system hierarchy can naturally be hybrid, where on-premises deployed XProtect systems can be federated into a cloud base XProtect Corporate deployment. For further details about Milestone Federated Architecture, please refer to Milestone Federated Architecture White Paper.

1 Please note that it is only XProtect Corporate that can be the head end system in a federated hierarchy, while the federated (child) systems can be XProtect Corporate or XProtect Expert.

• Interconnected XProtect VMS regional systems

Milestone Interconnect™ is a unique concept that allows all of Milestone’s video management software (VMS) products to be interconnected with a XProtect Corporate headend system. This allows for design of a large-scale and geographically dispersed video surveillance installations where each independent surveillance site can be designed with the required functionality and be deployed as traditional on-premises systems or cloud deployed, or any combination of the two, while still offering the benefits of a centralized surveillance installation.

Milestone Interconnect is in some respects similar to Milestone Federated Architecture. There is however difference in the intra-system communication and how much video information that is exchanged between the systems. Milestone Interconnect also supports a wider selection of Milestone’s VMS products versions that Milestone Federated Architecture. An elaborated description of these capabilities can be found in the Milestone Interconnect White Paper.

Cloud readiness

Milestone XProtect VMS is a compute and data intensive workload, which due to its real-time processing needs to be designed and deployed with professional considerations. Deployment of XProtect on an AWS is therefore particularly relevant for enterprises and organizations with a cloud first strategy, or a clear migration path to cloud. Organizations with high cloud readiness and established AWS IT competences are best destined to fully explore the synergies between Milestone’s open and scalable VMS solution and the elastic scaling, reliable operation offered by AWS infrastructure and platform services.