Since its launch in 2016, the MV smart camera has been making the deployment of security cameras hassle-free for network administrators and security camera specialists. With onboard storage and management through the Meraki dashboard, from anywhere, the MV camera is essentially plug-and-play. However, for larger deployments with different coverage scenarios and target use cases, one can spend a lot of time and a lot of clicks customizing settings across all cameras and networks.
With the new quality and retention profiles and APIs, you can now deploy your cameras faster than ever before.
Bulk configure using profiles on the dashboard
Each camera deployment faces unique requirements. Some cameras, like the ones facing entrances, or monitoring important assets, may need to record with the highest resolution, frame rate and bitrate, for the most amount of detail when identifying faces. Some sites have strict retention requirements and may require scheduled recording, motion-based retention and the lowest resolution and quality. With profiles, everything under the camera’s “Quality and retention” tab can be combined together and applied in one go.
After creating quality and retention profiles on the dashboard, you can then easily select multiple cameras within a network and bulk-assign them the same settings.
More information on using the quality and retention profiles can be found on the Meraki Documentation site.
Work even smarter using APIs
On top of being able to use profiles to quickly apply settings to multiple cameras, you can work even faster by using a number of APIs that provide more freedom and automation.
You can perform the following actions using APIs:
Quality and retention profiles (for a given network)
List the quality retention profiles
Create new quality retention profile
Retrieve a single quality retention profile
Update an existing quality retention profile
Delete an existing quality retention profile
Individual quality and retention settings (for a given camera)
Return a list of all camera recording schedules
Return quality and retention settings
Update quality and retention settings (individually, or using a profile)
With locations all across the city of Reading, Pennsylvania, the Reading School District is one of the largest in the region. The hallways in the high school alone span an impressive five miles. This sheer physical size, coupled with over 18,000 students and 2,000 faculty and staff across the district, make apparent how challenging — and crucial — it is to ensure the safety of these individuals.
“The goal for us is… to make sure that every individual in this building feels safe… And they know that we’re on top of every situation that could arise in the building.” – Eric Turman, Reading High School Principal
CTO Jeff Haas and his colleagues knew precisely what their security objectives were, but they found the challenges were mounting. Their existing camera system was highly failure-prone, often lost footage, and was so cumbersome that training new team members was hugely time consuming. With a 15-person security team and a lean IT squad to manage all of this, the district knew it was time to evaluate alternative solutions.
Ensure the necessary infrastructure was in place for just 15 guards to secure all 18,000 students and 2,000 faculty members, making them feel safe and comfortable while in the schools.
With their traditional security camera solution, all camera footage was stored on an NVR. If one hard drive failed, it would crash a unit of 20+ cameras, with no way to alert them that cameras had gone down.
With no way to identify that cameras were offline, it was often only discovered that they hadn’t been recording when footage was requested to review an important incident.
When cameras went down, they relied on their installer to come on site and assist with the repair process, delaying fixes and keeping their cameras offline longer.
Due to the complexity of the video management software, members of their security team could not easily access feeds or footage, and training new team members was complicated and time consuming.
“Typically, when one hard drive would die, it would take the whole unit down — that was about 20 cameras we would lose. And that’s just not appropriate.” – CR Hiestand, Network and Systems Administrator
The Meraki Camera Deployment:
~400 cameras were deployed across five sites, with standardization across the district planned.
A combination of MV12, MV21, and MV71 cameras were used to provide coverage both indoors and outdoors.
Just one team member — CR Hiestand, Network and Systems Administrator at Reading School District — was initially trained to use the camera tools in dashboard, he was then able to train other members of the IT and Security teams.
Security and administrative users were assigned particular camera-permissions, based on the requirements of their role.
Without having to rely on NVRs, Meraki cameras were deployed and online extremely quickly.
“Now that we’re on the MV platform, training has been a lot simpler than what it needed to be previously. We’ve done one training session, and I was able to cover all the features.” – CR Hiestand, Network and Systems Administrator
The small security team at Reading School District provides a more secure and safe learning environment for the district.
Security team members can more effectively monitor different sites in case of a crucial event.
Rather than having multiple cameras crash at a time, failure is always limited to a single camera, and the IT team is alerted when a camera goes down so there is never a loss in coverage.
Everyone at Reading School District who required camera access was trained in just a few minutes to access video streams, historical feeds, and camera analytics — a dramatic drop in the time and resources required to onboard users.
The district’s IT team is able to govern camera access for different users more effectively.
With the success they’ve had at the deployed locations, Reading School District is planning to triple the number of cameras they have deployed in the next few years.
Have a story you’d like to share with us about how you’ve used MV cameras? We’d love to hear it on the Meraki Community!
IP cameras undoubtedly represent a huge leap over the analog security camera setups of yesteryear: newer cameras bring significant ongoing cost savings and simpler operation to the table. But one area where traditional IP cameras don’t improve on their analog predecessors is in the way they store camera footage.
Where analog cameras transfer footage to VCR-based solutions, traditional IP cameras usually store footage on NVRs (network video recorders). The need for an NVR in typical IP camera setups presents some critical downsides in terms of costs, reliability, and complexity.
Here are four reasons to say “no thanks” to your NVR and adopt a camera solution with a modern cloud-managed architecture:
1. High hardware costs
The more components in a system, the more expensive that system is to maintain and update over time. As organizations deploy additional cameras, more video footage is captured, necessitating greater amounts of space to store that footage. Though NVRs may not introduce too many costs for smaller deployments, the one-NVR-per-location model quickly breaks down when organizations have to deploy cameras across many different sites — a common scenario for customers in verticals like retail and hospitality. Storage requirements can also balloon with IP camera systems that don’t automatically delete footage that isn’t useful, like video in which there is no motion.
The need to augment cameras with NVRs doesn’t just add another line item to the BOM; it also makes it more difficult to scale because organizations need to determine in advance how much storage they’ll need per location. The result is often inadequate storage, a less cost-effective deployment, or both.
2. Restrictive remote access to video footage
Organizations with old-school CCTV setups typically don’t think twice about remotely viewing video footage; they’re all too used to the idea of someone having to be physically present in a control room on-site to watch video (after all, the first two letters in “CCTV” stand for “closed-circuit”). But one of the promises of Internet-connected cameras was that video footage would be easier to access from anywhere.
Alas, the requirement for video to be transmitted to and stored on an NVR in typical IP camera deployments limits the possibilities for remote viewing. That’s because accessing videos stored on an NVR from outside the network requires cumbersome and complex VPN configuration. Plus, all computers will need to download a separate, often unintuitive VMS (video management service) — yet another thing to install, configure, and learn how to use. It’s no wonder that most organizations using typical IP camera systems have adjusted their interaction style such that they are only using cameras locally. Unfortunately, this means there’s often a frustratingly long gap between when video is captured and when it’s been retrieved, converted, and ready to view — not an ideal scenario.
3. Potential data loss risks
A chain is only as strong as its weakest link, and the same holds true for security camera deployments: if one piece of the system fails, the entire system is at risk. If for some reason camera footage can’t be sent to the NVR from the cameras (due to a network outage, for instance), footage is lost forever. Even worse, network administrators frequently don’t realize that part of the system has failed until they try to watch footage that was never properly transmitted to the NVR. The risk of losing critical footage due to a network issue is a basic failure of NVR-reliant camera systems.
4. Security vulnerabilities
Since NVRs are often nothing more than old computers running outdated software and collecting dust in the back of a closet, keeping them up-to-date with the latest security updates is a difficult and oft-forgotten task. This means NVRs can serve as an entry point for cyber threats looking to find their way into a network. Once they’ve infiltrated the network, cybercriminals can do anything from stealing corporate data and holding a business hostage to compromising sensitive financial information.
These aren’t just theoretical threats: in October 2016, thousands of cameras and video recorders were infected by malware and initiated a DDoS (Distributed Denial-of-Service) attack against services like Amazon, Spotify, and Reddit. Unfortunately, even a single weak point in the network could open a company up to significant security issues.
By removing the NVR from the equation, organizations stand to gain a more efficient, reliable, and secure camera system. That’s only possible with a ground-up reinvention of the traditional IP camera architecture.
Cisco Meraki MV eliminates the NVR by introducing a unique cloud management model. With MV, there’s no single point of failure; footage is stored and encrypted on the cameras themselves, creating a distributed system (and consequently distributing the risk). Video is streamed securely to the Meraki dashboard for monitoring, where the cameras can also be configured and managed. And all system components stay protected from security vulnerabilities, thanks to standard end-to-end encryption and regular, automatic firmware updates. The result: a streamlined, simplified security camera solution.
The Meraki MV camera eliminates many of the underlying costs and complexity of owning and operating video surveillance systems. The elimination of all physical components, other than the camera, is highly attractive to a wide range of organizations. This broad appeal leads to users with a diverse set of problems, often beyond the scope of the products current feature set.
Beyond the cross-product APIs available for the Meraki dashboard, there are currently no APIs or raw video feeds available for Meraki MV users. Camera configuration, video streaming, and analytics data are only available inside the Meraki dashboard.
By having a closed end-to-end system, we can ensure an exceptionally easy, enjoyable, and secure user experience. At its core, Meraki provides ease of use and simplicity. This is underpinned with a focus on solving customer problems first and building features second.
With these principles in mind, we need to work out what customers want to do with APIs. Collating these problems into categories we end up with the following:
Off camera storage, providing:
The first category covers the need for bulk storage or off-camera recording. We see two important uses for this type of functionality: The desire to retain video longer than is possible with edge storage, and instances where an off-camera or off-site backup is a mandatory requirement for compliance purposes.
MV’s architecture is designed for distributed storage and compute at the edge of the network, with centralized management and control in the cloud. Allowing customers to use an API to store video outside of this architecture eliminates the simplicity and cost reduction at the heart of the product. Once video leaves the platform, it is no longer associated with its metadata. This dissociation of context would leave customers with petabytes of unsorted raw video and a significant problem.
Meraki is already evaluating how to solve these two problems. Although the functionality is not yet available, its eventual design will ensure customers are not forced to become data scientists in order to manage their video. It will keep video within the Meraki ecosystem to ensure associated metadata is not lost.
The other category of problem that drives MV API requests is systems integration: integration with business systems such as Electronic Point of Sale (EPOS), physical security access control systems such as badge readers, and 3rd party video analytics.
By blending data sources together, further context can be provided to an event. When that can of soda from the EPOS transaction turns out to be a high value bottle of wine in the video footage, you know there is a problem. We are actively working with customers to define how we integrate with these systems and what a future API should look like.
Finally, it’s a simple reality that Meraki will not provide every variation of video analytics customers would want. Niche but high value problems are an area where third party analytics could be of great value. As with presence analytics on the Meraki MR wireless platform, in the future, we will offer out-the-box functionality beneficial to a wide range of customers, and when this is not sufficient, accesses for third party analytics such as with the location analytics API.
Meraki’s MV camera portfolio is still young, and as with our other products, we will release API access as it matures. This approach ensures we solve for simplicity first, and do not offload the hard work of feature development to our customers.
In the enterprise technology industry it is often common practice for important customers, partners, and industry analysts to be presented a roadmap. This long established tradition communicates the vendor’s goals and aspirations for their product, while setting the expectations for the recipient.
In a rapidly changing world this traditional approach can hamper the productivity of small, highly agile teams like those at Meraki. It can artificially force a focus on feature delivery, not on solving customer problems. To ensure the MV team can respond quickly to market changes and customer needs, the team follows a set of goals that help communicate the intent and vision for the future of the product.
The goals underpinning the development plans are split into three areas. These drive our internal discussions and allow parties external to the organisation to determine our priorities, taking the place of a feature by feature roadmap.
Cost reduction through architectural simplification
Firstly we must deliver immediate value. This must be simple to understand and easy to achieve. In the context of MV this is our architecture: centralized cloud control with video stored at the edge. Eliminating the Network Video Recorder (NVR) and Video Management Server (VMS) has immediate up front savings and continued operational savings.
Operational simplification through automation
Next we must ensure that customers benefit during day-to-day operations. An example of this goal is Motion Search’s elimination of the dull and highly time consuming process of reviewing video. MV processes all video on the camera and lets users quickly find the footage of interest.
Business value through intelligence
Finally, we look at how security cameras can offer value beyond their primary purpose. 90+% of recorded video is never viewed, but what if the camera can analyze what it sees without human intervention? Can a camera be seen as a sensor in the context of marketing or occupational safety? MV has not yet delivered in this area, but it is an area of intense interest that will shape the future capability of the product.
The recent launch of Meraki MV security cameras is just the first step on the road. As has been the case with the development of other Meraki products, early adopters of cloud managed technology continue to benefit from ongoing feature development. As Meraki continues to deliver solutions to challenging problems, so existing customers investment in Meraki continues to improve.
Providing up-to-date information to the right people at the right time has always been a fundamental driver of telecommunications technology. With Meraki MV security cameras it is exceptionally easy to provide situational awareness to first responders in emergency situations.
Due to its cloud architecture and browser-based interface, the MV system allows any number of police officers or firefighters access to video from any device with a modern web browser. This ability to gain situational awareness in just a few minutes can have a big impact on public safety when a crisis occurs.
Four major attributes of MV’s functionality enable this capability. The first is the automatic delivery of video to remote viewers through the cloud. This automatic cloud stream is dynamically created when the Meraki dashboard detects the user’s device can’t connect directly to the camera for instance, from outside of the building. This secure encrypted video delivery eliminates the need for a VPN and the associated complex configuration.
The Meraki cloud will automatically detect whether the viewing computer is in the same network as the cameras, sending video directly or proxying through the cloud.
The second is that because the cloud acts as a proxy for the video coming from the MV cameras, video is only streamed once from the camera to the cloud but many times from the cloud to the clients. This allows the system to scale in an emergency to allow for many first responders to have access to video simultaneously. This happens automatically and dynamically with no pre-planning or configuration required.
Video streams once from the cameras to the cloud, but can stream to multiple remote computers simultaneously.
Thirdly, the implementation of HLS for video transport means video can stream to any device with a modern web browser. In an emergency situation all you need is access to an Internet-connected device and a web browser: no special computer, no software to install, and no wasted time.
Finally, comprehensive access controls allow for login and video viewing privileges to only be assigned to those who should have them. These privileges can be integrated with existing user databases with Meraki’s support for SAML, or new access can be provisioned directly within a couple of minutes with just a user’s email address.
Combined, Meraki MV’s features offer a new level of capability and customizability when it comes to public safety. When making the right decision is paramount, the value of having rapid access to the right information cannot be overestimated. Contact us today to find out more about MV and to arrange a trial to test the technology for yourself.
The last couple of weeks have shown how vulnerable our connected world can be. Reports of a new wave of Distributed Denial of Service (DDoS) attacks at a scale beyond what has been seen before are attracting worldwide headlines. With traffic floods now reaching the terabyte scale, only those with global resources and deep pockets can withstand such an onslaught.
“The attack began around 8 p.m. ET on Sept. 20, and initial reports put it at approximately 665 Gigabits of traffic per second.”
KrebsOnSecurity Hit with Record DDoS – KrebsOnSecurity – September 21st 2016
Powering this new wave of cyber weaponry is the Internet of Things (IoT). A nascent breed of devices taking their steps into the world at a time where the value of something is dramatically amplified by its integration into the network. Unfortunately this rapid push to connect everything has not always been balanced with the rapid push to secure the underlying technology architecture.
“That cyberattack was powered by something the internet had never seen before: an army made of more than one million hacked Internet of Things devices.”
How 1.5 Million Connected Cameras Were Hijacked to Make an Unprecedented Botnet Motherboard – September 29th 2016
One of the unwilling device types in these recent attacks are IP enabled security cameras. These cameras and recording systems are typically well connected and remotely accessed. When this is combined with poorly implemented web interfaces, default passwords, and a lack of cyber security oversight, systems are effectively waiting to be exploited.
“Attackers used an army of hijacked security cameras and video recorders to launch several massive internet attacks last week, prompting fresh concern about the vulnerability of millions of “smart” devices”
The Meraki MV Security Camera delivers on the promise of simple connected devices without security compromise. At the heart of MV is the same core software powering other Meraki devices like wireless access points and security appliances. This code has been honed over the last 10 years, battle tested in the most demanding of locations, and it provides the most secure control infrastructure of any security camera available.
All MV management traffic and video transport is encrypted by default: it’s not even possible to configure MV to operate without encrypted communications. Administrative access to the cameras is only available through the Meraki dashboard, an interface that can be secured with advanced technologies such as two factor authentication.
Beyond the individual devices, the Meraki infrastructure is housed in SSAE16 / SAS70 Type II certified data centres, undergoes daily penetration testing, and is covered by our security rewards program. These policies and processes allow us to meet the most rigorous of customer requirements, including the need to be PCI compliant.
The initial savings of a low cost or consumer grade security camera system may prove expensive later on. If it is trivial for cameras to be used to attack legitimate businesses and other organisations, how much extra effort would it take for someone to start snooping through those same cameras?
With the advent of National Cyber Security Awareness Month, the MV team will be posting more information on MV’s security architecture to highlight our commitment to a safe world of connected devices. Until then, for further information please contact us to find out more.