Report CopyRight/DMCA Form For : System Architecture Guide For It Professionals
and provide references to more information on specific topics This white paper should enable the reader to understand the overall system architecture the primary system components and their functions as well as give guidelines to basic system design The primary audience for this white paper is system integrators and IT administrators
Table of Contents,Introduction 3,Purpose and target audience 3. Designed for network and IT systems 3,Overall system architecture 6. System components 6,Server components 7,Management server 7. Failover management server 8,Recording server 8,Failover recording server 9. Event server 9,Failover event server 10,Log server 10. Service channel 11,Mobile server 11,SQL server 11,Client components 12. Management Client 12,XProtect Smart Client 13,XProtect Web Client 13. Milestone Mobile 14,Additional products and components 14. XProtect Smart Wall 14,MIP SDK 15,Software Manager 15. System Implementation Guide 15,Standard system designs guide 16. Integration with standard IT technology 22,Benefits and summary 26. Page 2 of 27,Introduction, XProtect Corporate XProtect Expert and XProtect Professional are Milestone. video management software VMS designed for medium to large scale installations. Throughout this white paper XProtect Corporate XProtect Expert and XProtect. Professional are referred to as VMS products because they share the same. architecture and components,Purpose and target audience. The purpose of this whitepaper is to provide insight to the benefits and ease of using. Milestone XProtect Corporate XProtect Expert and XProtect Professional as the VMS. including introducing the system components and the system architecture. Furthermore this white paper will give recommendations for system layout designs. and provide references to more information on specific topics. This white paper should enable the reader to understand the overall system. architecture the primary system components and their functions as well as give. guidelines to basic system design, The primary audience for this white paper is system integrators and IT administrators. with limited experience using Milestone XProtect VMS products who are in the process. of selecting deploying administrating maintaining or expanding a VMS system. The reader is assumed to have a general understanding of administrating IT and. network installations General knowledge about video encoding standards like MJPEG. MPEG4 H 264 and H 265 as well as transmission of video over IP networks is. recommended but not required,Designed for network and IT systems. Milestone XProtect VMS products are from a technical standpoint designed as an IT. system and their general network and client server design overall system logic and. management principle should be very familiar for IT administrators used to working. with large networks and IT systems,Run on standard IT equipment. Standard servers of your choice, Standard storage and configuration of your choice like SATA SAS SSD DAS. SAN NAS iSCSI etc, Standard network equipment with configuration and layout of your choice. including support for VLAN VPN etc, Integrates with the standard Active Directory already present in most. installations, Use standard Microsoft SQL Server for storing the VMS configuration and logs. Support for port customization and port forwarding to support routed networks. and firewalls,Page 3 of 27, Wide choice of Microsoft Windows operating systems for instance. Microsoft Windows 7 Professional SP1 and up,Microsoft Windows 8 Pro and up. Microsoft Windows 8 1 Pro and up,Microsoft Windows 10 Pro and up. Microsoft Windows Server 2012 Standard and Datacenter. Microsoft Windows Server 2012 R2 Standard and Datacenter. Microsoft Windows Server 2016 Essentials Standard and Datacenter. for an updated list System Requirements,Support virtualization technology. Support for VMware,Support for Microsoft Hyper V, All other virtualization technologies supporting Microsoft Windows. Easy installation and upgrade, All XProtect VMS products are offered in trial versions that can be easily. upgraded to a paid version without having to redo the installation or. configuration, XProtect Professional and XProtect Expert can seamlessly be upgraded to a. more advanced XProtect product by applying a new license file there is no. need to reinstall or reconfigure the system, Installers for server components and clients are hosted on the management. server for easy download and distribution so there is no need to use CDs or. USB drives to distribute the software, Easy upgrade or addition of camera drivers on recording servers via dedicated. device packs This means there is no need to upgrade all VMS components and. clients to support new camera models or camera firmware. Flexible deployment that can be scaled over time, Scalable distributed system architecture with system components that can be. run on one or more dedicated servers or on shared servers depending on. system size and configuration This enables the choice of the most cost efficient. hardware solution for the particular installation whether it is a small or large. installation, Support for Milestone Federated Architecture to tie related systems together. o For more information,White paper Milestone Federated Architecture. Support for Milestone Interconnect to tie independent systems together. o For more information,White paper Milestone Interconnect. Central management and monitoring, All management is done through a single Management Client that can run on. your local workstation eliminating the need to use remote desktop to access. and configure the VMS, Strict control of access rights to control who can see cameras and other devices. as well as what functions users can access,Page 4 of 27. Built in server and system monitoring including email notification on events and. failures Alternatively use standard IT tools to monitor the servers storage. network etc,Secure and reliable architecture, Failover support on management and event servers via Microsoft Windows. Server Failover Clustering WSFC or similar third party software or hardware. solutions offering server and service failover functionality. Dedicated hot standby or cold standby failover recording servers. Camera and client networks can be separated to ensure reliable and secure. operation of the video system and prevent interference tampering or hacking. via the client network, Should cameras be connected via the Internet or used in high security. installations the camera to recording server communication can be secured by. using HTTPS, If web and mobile clients are used over the Internet the communication can be. secured by using HTTPS Furthermore the mobile server can be placed in a. DMZ demilitarized zone to protect the integrity of the VMS servers and. For more information and recommendations on securing and hardening the. servers network and VMS installation, o White paper Ensuring end to end protection of video integrity. o Hardening Guide for XProtect VMS,Predictable cost. Transparent and simple license structure, o Base license The base license unlocks all software functionality and can. be used on multiple sites when owned by the same legal entity. o Hardware device license per connected hardware device one hardware. license per device IP MAC address, o Milestone Care Plus is mandatory for XProtect Expert and XProtect. Corporate for the first year Milestone Care Plus gives access to new. product versions for free, o Milestone Care Plus is optional for XProtect Professional. No license cost on storage amount used,No license cost on number of clients used. Predictable maintenance cost as the system runs on standard IT equipment. Page 5 of 27,Overall system architecture, Milestone XProtect VMS products are state of the art products designed for advanced. high security large scale installations, To scale to thousands of cameras across multiple sites the VMS consists of several. components handling specific tasks All components can be installed on the same. server if the server can handle the combined load or the components can be installed. on separate dedicated servers to scale and distribute the load Smaller systems of. about 50 100 cameras depending on hardware and configuration can run on a single. server For larger systems it is recommended to use dedicated servers for some of. the components, Furthermore not all components are needed in all installations but can be installed if. the functionality they offer is needed For example failover recording servers and. mobile server for hosting and providing access to both the XProtect Web Client and. Milestone Mobile client,System components, XProtect Smart Wall is an add on product to XProtect Expert and not. supported on XProtect Professional, Failover recording servers are not supported on XProtect Professional. Page 6 of 27,Server components,Management server, The management server is the central component of the VMS and is responsible for. handling the system configuration distributing configuration to other system. components such as recording servers and for facilitating user authentication. The configuration data is stored in a standard Microsoft SQL server installed either on. the management server itself or on a separate dedicated server. System component and client repository, In addition to the management server s VMS function the management server also. hosts two download pages with installers for all other system components and clients. This makes it easy and convenient for administrators or integrators to download and. install system components and client applications on additional servers and. workstations without the need to copy the component installers on USB sticks and. hand carry them to the other servers, Client download page does not require user authentication. http management server address installation, Server component download page may require user authentication. http management server address installation admin,Page 7 of 27. When a system is upgraded to a new version the components on the download pages. are also upgraded so during the system upgrade the download page can also be used. as a distribution point for other server components that should be upgraded. Failover management server, Failover support on the management server is achieved by installing the management. server in a failover cluster using Microsoft Windows Server Failover Clustering WSFC. or similar third party software or hardware solutions offering server and service. failover functionality, Running the management server in a failover cluster will then ensure that another. server takes over the management server function should the active server fail. For more information on a configuring a failover cluster using WSFC. XProtect Advanced VMS Failover clustering quick guide. Recording server, The recording server is responsible for all communication with devices cameras. video and audio encoders input output I O modules metadata sources etc. recording and event handling for example, Retrieve video audio metadata and I O event streams from the devices. Record video audio and metadata, Provide access to live and recorded video audio and metadata. Provide access to device status, Trigger system and video events on device failures events etc. Perform motion detection and generate Smart Search metadata. Furthermore the recording server is responsible for communicating with other. Milestone products when using the Milestone Interconnect technology. For more information on Milestone Interconnect,White paper Milestone Interconnect. Device drivers, An essential part of the recording servers is device drivers These drivers work as the. interface between the recoding server and the devices cameras video and audio. encoders I O modules metadata sources etc A dedicated device driver is needed. for each individual device or series of devices from the same manufacturer In. addition to the dedicated device drivers the VMS also supports a generic ONVIF driver. so all ONVIF compliant devices can be used, The device drivers are by default installed as part of a device pack when the recording. server is installed but can later be updated by downloading and installing a newer. version of the device pack New device packs are typically released every other. For more information on supported devices,Supported hardware. Page 8 of 27,New device packs can be downloaded here. Download device packs,Media database, The retrieved video audio and metadata is stored in the dedicated Milestone. developed high performance media database which is optimized for recording and. storing video audio and metadata, The media database supports various unique VMS features like tiered multistage. archiving video grooming Scalable Video Quality Recording SVQR encryption and. adding a digital signature to the recordings Furthermore the tiered multistage. storage architecture enables the live recording database and the archives to be. distributed across different storage systems and technologies making it possible to. design and optimize the storage solution for both performance recording size. retention and cost,Failover recording server, The failover recording server is responsible for taking over the standard recording. server tasks should a recording server fail, The failover recording server can operate in two modes. Cold standby acting as failover for multiple recording servers. Hot standby acting as dedicated failover for a single recording server. The difference between cold standby and hot standby failover modes is that in cold. standby failover mode the failover recording server does not in advance know which. server to take over This means that it cannot preload the configuration and startup. its process until a recording server actually fails which adds time to the failover. startup time, In hot standby mode the failover time is significantly shorter because the failover. recording server already knows which recording server from which it should take over. recording and thus can preload the configuration and start up completely except for. the last step of connecting to the cameras, Note Failover recording server is not supported in XProtect Professional. Event server, The event server handles various tasks related to events alarms maps and third. party integrations via the Milestone Integration Platform Software Development Kit. MIP SDK Events and actions, All system events are consolidated in the event server so there is one place and. interface for partners to make plug ins and integrations that use system events. or introduce custom events and rule engine actions. Page 9 of 27, The event server hosts the alarm feature alarm logic alarm state as well as. handling the alarm database,Maps and Smart Maps, The event server hosts the classic maps and new Smart Map that are. configured and used in the XProtect Smart Client,Milestone XProtect Access. The event server hosts the XProtect Access add on product XProtect Access. enables integration of access control systems using standardized access control. plug ins When integrated both the video cameras and the access control. system can be controlled from one centralized interface. Milestone XProtect LPR, The event server hosts the XProtect LPR add on product XProtect LPR license. plate recognition enables detection and registration of license plate information. from vehicles and links the license plate information with video. Milestone XProtect Transact, The event server hosts the XProtect Transact add on product XProtect Transact. extracts transactional data from point of sale POS barcode scanning systems. and other data systems and pairs that data with video from the time of the. transaction, All data handled by the event server such as alarms maps and data from add on. products are stored in the same SQL server the management server uses. Failover event server, Failover support on the event server is achieved by installing the event server in a. failover cluster using Microsoft Windows Server Failover Clustering WSFC or similar. third party software or hardware solutions offering server and service failover. functionality, Running the event server in a failover cluster will then ensure that another server. takes over the event server function should the active server fail. For more information on a configuring a failover cluster using WSFC. XProtect Advanced VMS Failover clustering quick guide. Log server, The log server is responsible for storing all log messages for the entire system The. log server uses the same SQL server as the management server and is typically. installed on the same server as the management server but can be installed on a. separate server if the management or log server performance needs to be increased. The system can log three types of logs,System log,Page 10 of 27. The system administrator can choose to log errors warnings information. and combinations of these Default is logging errors only. The system administrator can choose in addition to log in and administration. logs to log user activity in the clients, The rule log can be used by the system administrator to create logs on. specific events,Service channel, The service channel is responsible for communicating various service and. configuration messages to the XProtect Smart Client and mobile server and third. party components listening to the service channel This could for example be. communicating updates to an XProtect Smart Wall monitor layout or communicating. that a failover server has now taken over for a recording server. Mobile server, The mobile server is responsible for hosting the XProtect Web Client and for providing. access to the VMS for the XProtect Web Client and Milestone Mobile client users. In addition to acting as a system gateway for the Milestone Mobile client and XProtect. Web Client the mobile server also transcodes video for the web and mobile clients. The reason video transcoding is needed is to ensure support for all video codecs and. resolutions like for instance H 264 H 265 and UHD 4K video which natively are not. supported by all web browsers and smart phones Secondly transcoding also may. reduce the video resolution and lower the bandwidth needed to send the video. Because the video streams to Milestone Mobile and XProtect Web Client always are. transcoded which is a resource demanding task it is highly recommended to install. the mobile server on a dedicated server preferably one that supports hardware. accelerated transcoding using Intel Quick Sync Video. SQL server, The management server event server and log server use an SQL server to store. configuration alarms events log messages etc, The XProtect VMS products installer includes a Microsoft SQL Server Express edition. that can be used freely, For larger systems with more than 300 cameras it is recommended to use Microsoft. SQL Server Standard or Enterprise edition on a dedicated server These editions can. handle larger databases have a better utilization of system resources and offer. automatic backup functionality, As with all other IT systems it is important to configure scheduled backup of the. database so that configuration is not lost in case of failures. Page 11 of 27,Client components,Management Client, The Management Client is the administration interface for all parts of the VMS. The VMS is designed for large scale operation and the Management Client is thus. designed to be run remotely from for example the administrator s computer. The Management Client has a Site Navigation tab 1 where nodes for various parts. or functions of the system can be selected for instance cameras. Selecting a node will show the settings for this node typically in a second tree. structure because there often are more sub items that can be managed 2 When an. item is selected the settings are displayed in the properties dialog shown in the right. side of the client 3 Items can have many settings and if so the different settings. are grouped on different tabs, Selecting cameras a preview of the selected group or camera are shown below the. settings 4,Page 12 of 27,XProtect Smart Client, The XProtect Smart Client is the main client for the VMS offering a full set of advanced. features It is designed for day to day use by dedicated operators. The XProtect Smart Client is designed to be run remotely on the operator s computer. and supports multi screen use in full screen mode as shown below or as floating. windows where the windows can be resized and moved freely. Furthermore the XProtect Smart Client has tabs dedicated to different tasks live. monitoring playback and investigation Sequence Explorer for investigation alarms. for alarm management and system monitor for monitoring the state of the system. servers cameras storage etc Add on products and third party integrations can add. additional tabs providing a dedicated user interface for their functions for instance for. XProtect Access XProtect LPR or XProtect Transact, For more information about the XProtect Smart Client visit the Milestone website. XProtect Web Client, The XProtect Web Client is the client designed for the occasional or remote user that. needs easy access to live monitoring playback investigation export and light alarm. management, For more information about the XProtect Web Client visit the Milestone website. Compatible browsers can be found here on the XProtect Web Client tab. System requirements and supported browsers,Page 13 of 27. Milestone Mobile, Milestone Mobile is the client designed for the user on the go It offers easy access to. live and playback of cameras as well as access to doing investigations and managing. Furthermore the Milestone Mobile client can be used as a remote recording camera. by using the device s built in camera and the Milestone Video Push feature When. activated the video from the device s camera is streamed back to the VMS and. recorded like a standard camera, Milestone Mobile is available for Apple Android and Windows Phone devices. For more information about Milestone Mobile visit the Milestone website. Compatible smartphone operating systems can be found here on the Milestone Mobile. tab System Requirements,Additional products and components. In addition to the Milestone XProtect VMS products Milestone has a suite of add on. products and utilities of which a few are highlighted below. XProtect Smart Wall, XProtect Smart Wall is Milestone s advanced video wall product designed to work as a. flexible canvas to increase operators situational awareness and improve response. times It displays relevant video cameras and other surveillance related content. giving operators a complete overview of large surveillance centers. XProtect Smart Wall is fully integrated with XProtect Smart Client allowing users to. control the XProtect Smart Wall in an easy and intuitive way and view shared content. from the XProtect Smart Wall in the users XProtect Smart Client. In extension to user control of content on the XProtect Smart Wall cameras and other. content can automatically be sent to the XProtect Smart Wall using the VMS rule. system on events and or time schedule or via MIP SDK integrations. Page 14 of 27, XProtect Smart Wall is included in XProtect Corporate and can be purchased as an. add on for XProtect Expert The XProtect Smart Wall is not support for XProtect. Professional, For more information about XProtect Smart Wall visit the Milestone website. The MIP SDK is a comprehensive tool that facilitates the integration of applications for. Milestone s VMS The MIP SDK provides flexible access to video audio events. metadata and configuration data as well as optimized functions for access control. integration The MIP SDK extends the software s functionality by allowing developers. to create new and powerful surveillance solutions optimized for a specific system and. To support the integration of different third party applications and systems the MIP. SDK has different integration methods including protocol integration component. integration and a unique plug in abstraction layer Using the plug in integration. solutions become a fully integrated part of the XProtect VMS user interface. For more information about the MIP SDK, Milestone Integration Platform Software Development Kit visit the Milestone website. Software Manager, The Software Manager is a tool that from a central point can be used to remotely. install and upgrade recording servers recording server device packs and XProtect. Smart Clients on servers or PCs in the network For larger installations the tool. makes it easy and fast to upgrade the components that are installed remotely and in. many places namely the recording servers and their device packs as well as all the. client PCs, For more information about Software Manager visit the Milestone website. System Implementation Guide,VMS design, In addition to the system designs presented in the below guide it is of course possible. to design the VMS in other customized ways to suit specific cases as well as to use. specialized or high performance equipment and technologies like virtualization. hardware and software redundancy etc,Number of cameras per recording servers. The guide and the designs do not consider the number of cameras you can run per. recording server but reflect a location physical or virtual in a network of the. recording server This means that the recording server symbol in the below designs. should not be taken literally as one single recording server but more as an indication. of the recording server functionality in the location which then could be covered by.