Integration with standard IT technology
Milestone XProtect VMS products integrate seamlessly with commonly used IT technology and tools, and use terms and technologies commonly known by IT administrators. This makes it easy for IT administrators to understand, design, deploy, administrate, and operate the VMS.
Milestone XProtect VMS products look like, and are managed much like an IT system - the data the VMS handles are just video, audio and metadata streams instead of files, transactions, business data, etc.
The following list show examples of how Milestone XProtect VMS products integrate with and use standard IT technology.
Microsoft Active Directory (AD)
Users and groups from the AD can be used in the security roles in the VMS. This makes it easy via the AD groups to administrate who can access the VMS and what they can access. New users to the system are simply added to the right AD group(s) and they have access to the VMS.
SQL server
For installations with less than 300 cameras, the included free SQL Server Express edition can be used. For larger systems, it is recommended to use the Microsoft SQL Server Standard or Enterprise edition, because they offer better performance and most importantly, they offer scheduled backup of the SQL database.
The whole system configuration is stored in the SQL database, so it is important to configure a scheduled backup of the SQL database and not just make a manual one-time backup through the Management Client. The reason why a scheduled backup is recommended over a manual backup is that the VMS administrators or system integrators who are managing the VMS may forget to make a manual backup each time the configuration of the VMS is changed.
Note:
If you use full recovery mode in the SQL, a regular transaction log backup should be scheduled. This is to avoid an ever-increasing SQL transaction log. If you do not require full recovery mode, we recommend changing to use simple recovery, which will prevent the transaction logs from filling.
Virtualization
All virtualization technologies and platforms that support running Microsoft Windows operating systems can be used with every Milestone XProtect product. The virtualization technology or platform could for instance be Microsoft Hyper-V, VMware, Citrix, or virtual servers in the cloud, such as Microsoft Azure and Amazon AWS.
While all XProtect servers and clients can run in virtualized machines (VM), running the mobile and recording servers in a VM may require some additional configuration of both the host and the VM’s. The reason for this is that by default the host GPU is not available in the VM and both the mobile and the recording servers need access to a GPU for optimal performance to transcode video to the web or mobile clients or to decode video to do motion detection.
Depending on the virtualization platform, enabling the host GPU to be available in the VM may require configuration of both the host and the VM. This is to make sure that the GPU(s) are assigned to the right VM. Furthermore, a GPU can typically only be used with a single VM. If more VM’s with GPU support are running on the same host, the host must typically have a dedicated GPU installed per VM.
VLAN
It is possible to use a virtual local area network (VLAN) with Milestone XProtect software to segment the network to separate business and VMS network traffic.
When doing this, it is important to take into account that, depending on the number of cameras and their stream configuration, the VMS traffic may place a very high and continuous load on the underlying network. This is because as video, audio and metadata is continuously streamed from the cameras to the recording servers, and from the recording serves to the clients.
A quick example: A recording server with 250 cameras configured with 1080p, 25/30 FPS, 4 Mbit/s, H.264/H.265 will put a continuous load of 1Gbit/s on the network into the recording server.
In addition to this, the network traffic from the recording server to the clients, which can also be substantial, must also be considered.
VPN
If clients or cameras are connected via the public internet, a virtual private network (VPN) can be used to provide secure encrypted access for a client connecting from the internet to the VMS site.
IPv4, IPv6 and multicast
Milestone XProtect VMS products support both IPv4 and IPv6, including multicast.
VMS, server, and network monitoring
The XProtect VMS runs on standard IT equipment such as servers, storage and network switches. Furthermore, standard IT monitoring products and software already known by IT administrators can be used to monitor the health and status of the equipment running the VMS. This makes it easy to integrate the XProtect VMS software in the existing IT infrastructure and work processes.
In extension to external system monitoring tools, XProtect Corporate and XProtect Expert support built-in monitoring functions with a dedicated user interface called System Monitor.
The System Monitor gives an overview of the load and use of the servers and their storage, as well as the network in general. In addition to this, it provides an overview of VMS-specific parameters such as storage and network use per camera.
Note: The System Monitor is not supported on XProtect Professional+
In addition to the technical monitoring previously mentioned, the XProtect VMS products can use email to send notifications of technical issues, security events or events from third-party integrations. Using email notifications, it is also possible to include still images and/or AVI’s of the event in the email notification.
SNMP
SNMP traps can be used to send notifications to a standard network monitoring product, for instance SolarWinds Kiwi Syslog.
NTP
When timestamps are enabled to be overlaid on the video from the cameras, when Edge Storage is used in the cameras, or when the cameras are interconnected to a central XProtect Corporate system, all cameras and VMS servers must use the exact same time.
If time synchronization is not ensured, the video overlaid timestamps will drift over time, and deviate from the VMS timestamps since the camera clocks are not very precise over a longer period. Furthermore, when using Edge Storage and Milestone Interconnect, the solution will stop working if the camera and/or interconnected system’s time is not synchronized with the central VMS site.
If VMS servers are joined to a domain, time synchronization of the servers is ensured by the domain controller. However, the cameras may not be joined to a domain. Instead, a Network Time Protocol (NTP) server must be installed and the cameras must be configured to synchronize their time with the rest of the VMS installation.
In case the VMS servers are not joined to a domain, they can be configured to synchronize the time with the same NTP server as the cameras.
Note: When using both a domain and NTP, it is important to ensure that the domain and the NTP are synchronized to the same time source. One way to do this is to install the NTP on one of the servers in the domain.
Windows reliability and Performance Monitor
Performance Monitor is a powerful tool that is built into Windows. It can be used to track various Windows counters over time, such as CPU, network, disk load and I/O. In addition to the standard Windows counters, it can monitor counters from other software services if they offer service-specific counters.
The XProtect VMS products support a wide range of VMS-specific performance counters that can be used in the Performance Monitor to monitor the VMS’ performance and pinpoint issues or bottlenecks within the VMS or its use of the server hardware.
The Performance Monitor can be started by typing “perfmon” in Windows start menu.