[SOLVED] FTP or NAS for Redundant DVR

[Hexa Fox]

Hey guys so this topic might be a little complicated. First I have started a small surveillance business. I have experience running cables and setting up the hardware and software that is included with many surveillance systems. However, most of the products I want to install are ones that are DVR boxes only. Which means if the device is damaged during a storm or stolen during a burglary the footage will be a complete loss.

I have tried setting up cloud applications with little or no success. Additionally, I notice a lot of them only offer a very small amount for free, which is probably not going to work for my clients. So I thought about setting up a FTP server or something similar and using the software on the DVR boxes to connect and stream to it. Thus making them truly redundant. I realize I might have to back them up on my end as well with some kind of RAID setup later. However, I think the chances of their DVR box getting stolen or damaged and one of my HDD's failing simultaneously failing are slim. I have some concerns though.

1.) Is there a way I could setup something like this and offer my customers privacy, even though the storage medium is in my office? Like could I have them login with a user name and password and encrypt the drive so even though I have physical access I could not view their footage?

2.) I have never actually setup a FTP, NAS or anything of that nature. When I am typing it in through the DVR box software could I designate it so each customer had their own drive? Like by the number at the end of the IP address or something like that? Could I separate the drives into sectors? I would like each client to have at least 3-5 days of recordings so they have time to contact me in the event something happening.

I could charge them a small fee to basically make myself a small cloud provider. I was thinking most of them will be fine with $10.00 a month. It would pay for the electricity that is no doubt going to pull from my office and the drives themselves.

Also if I understand it right a FTP is basically a full fledged computer with all resources? I would just download like File Zilla to it or something? Then a NAS only connects to your network and must be controlled another way? Like a computer on the same LAN?

 

[USAFRet]

FTP is a service. Can sit on any system.
A "NAS box" can be a full fledged (small) PC. Mine is (QNAP), and has dedicated functionality for surveillance cameras.

Additionally, bandwidth. Uploading video from the client house to your service, 24/7, will suck up huge amounts of the customers household bandwidth.
If they are on some service with a bandwidth cap, that will quickly run out.

Also, many many other considerations come into play.
Privacy. If they have a camera inside the house...a semi-naked family member walking past the camera is now on your system.
Accessibility. Unless you really really have this locked down, you are open to any hacks. If your customer can access, maybe I can as well.

I have a 4 camera system with DVR. If I wanted, setting it up to email is trivially easy. And hard at the same time.
When should it email something? On motion detection? Every rabbit, passing car at night, cloud...all triggers it.

Can you set up such a system? Sure.
Would I use it? Not a chance.
Should you do this? Almost certainly not. Not without a LOT of planning and assistance. From where you're at now, you cannot do this by yourself.

If you have problems setting up a system with a cloud service, hosting this yourself is magnitudes harder.

What can you offer that Ring doesn't?

 

[Hexa Fox]

FTP is a service. Can sit on any system.
A "NAS box" can be a full fledged (small) PC. Mine is (QNAP), and has dedicated functionality for surveillance cameras.

Additionally, bandwidth. Uploading video from the client house to your service, 24/7, will suck up huge amounts of the customers household bandwidth.
If they are on some service with a bandwidth cap, that will quickly run out.

Also, many many other considerations come into play.
Privacy. If they have a camera inside the house...a semi-naked family member walking past the camera is now on your system.
Accessibility. Unless you really really have this locked down, you are open to any hacks. If your customer can access, maybe I can as well.

I have a 4 camera system with DVR. If I wanted, setting it up to email is trivially easy. And hard at the same time.
When should it email something? On motion detection? Every rabbit, passing car at night, cloud...all triggers it.

Can you set up such a system? Sure.
Would I use it? Not a chance.
Should you do this? Almost certainly not. Not without a LOT of planning and assistance. From where you're at now, you cannot do this by yourself.

If you have problems setting up a system with a cloud service, hosting this yourself is magnitudes harder.

What can you offer that Ring doesn't?

So I do not want to start an argument, but Ring is one of the first things I looked at. I thought I could possibly install them in conjunction with my cameras. Obviously it was something I wanted to just install and not backup or worry about beyond the install. However, after I looked into them ran a Fake Spot search on reviews you find that they are a nightmare for most people. There are all kinds of complaints about them, so I just decided to drop my personal interest right there. I personally think Ring is a great idea and has done a great job advertising, but not much beyond that. My focus is on my surveillance systems.

So I really do not want to explain all the ins and outs of my business, but that is why you get insurance. With the way that laws are nowadays you can point a surveillance camera just about anywhere you can argue there is no expectation of privacy and be okay. I would be okay with streaming these cameras to my personal server. If that is a possibility. However, when you start talking about cameras inside the clients home or looking directly into their neighbors window you have a problem.

So I have not been tasked with installing surveillance cameras inside a clients home. I would probably do the install for the customer but decline backing up the data and explain the reasoning to them. There are too many liability/privacy issues when discussing those topics. It is why other security businesses will not install them inside a clients home either, because many of them would obviously monitor them. If I was tasked with it I will install them, set them up and that would be where my services end.

So I have been working the 'issues' out of my systems for a awhile now. I find that I can run four high definition cameras continuously for approximately six days before a 1 TB HDD has to begin overwriting. I have already thought about trying to constantly stream my systems and thought about the problems it would run into. Therefore, I figured I would set up motion detection to record short video clips or even video stills. Obviously it would not be the desired video footage but you would have plenty of shots/short recordings of burglars breaking into a home or a tree falling onto your home. This would be enough to provide to authorities or insurance agencies.

As I mentioned my real issue comes into play when I am trying to figure out how to backup client footage. It is a huge disadvantage to sell a customer a nice surveillance system and it have a single point of failure. Many clients are going to want their footage backed up in some manner in case previously mentioned events occur. Is there a reasonable way I could achieve this?

 

[USAFRet]

And I don't want to start an argument either.

The upload bandwidth from the clients connection is going to be a possible issue.

The overall security on your end is another problem. If your service is exposed to the outside world (and it must be for this to work) it WILL get hammered by access attempts. Not necessarily targeted, but random driveby. It happens. All the time.
Your systems needs to be hardened against that.
AND you'll need a huge data pipe ($$$) for all this incoming traffic.

Possibly set up just incoming email of individual jpg, rather than actual motion.

(I don't like the Ring concept either. My Ring is exactly where it needs to be...on the warehouse shelf, unpurchased... Right next to the Alexa and Echo Dot)

 

[Hexa Fox]

And I don't want to start an argument either.

The upload bandwidth from the clients connection is going to be a possible issue.

The overall security on your end is another problem. If your service is exposed to the outside world (and it must be for this to work) it WILL get hammered by access attempts. Not necessarily targeted, but random driveby. It happens. All the time.
Your systems needs to be hardened against that.
AND you'll need a huge data pipe ($$$) for all this incoming traffic.

Possibly set up just incoming email of individual jpg, rather than actual motion.

(I don't like the Ring concept either. My Ring is exactly where it needs to be...on the warehouse shelf, unpurchased... Right next to the Alexa and Echo Dot)

To be honest I think the concept of Ring sucks since I know how you feel. Like I said they have done a good job advertising. Someone that is a little more savvy might be able to make them work. However, it is not plausible for me to install one knowing what I know about them. I can see myself back at the customers house constantly to troubleshoot them etc. Most of my customer base is respectfully elderly people and I can see them hating the Ring concept, even if they have a Smartphone. I want an Echo Dot or similar device so badly, but I like to keep what happens in my home and my identity to myself.

Just saying, I recently graduated with a Bachelors in Information Systems Security. So I know the importance of security. To be honest I have no real experience securing a cloud based system running in my house. Would it be complicated to encrypt everything installed on a NAS or FTP? How about a firewall?

I thought about the bandwidth and I have the starter business class from Comcast now. I probably figured I would have to upgrade it further if I wanted to do something like this. I never thought about the bandwidth on the clients end though. I just figured it would not be an issue. I guess constantly streaming 4+ HD cameras constantly could have an impact on their network.

Most modern surveillance systems have a configuration to remove motion detection from sectors. So if there is a tree, swing set or something you can remove those to reduce false positives. Since you have your own you are probably aware. My only concern is if I choose image stills, which is basically the same thing as video just a whole lot less frames, is it going to be good enough? Like if burglars break into one of my clients homes are the video stills going to provide enough evidence for authorities and insurance agencies?

 

[Hexa Fox]

Possibly set up just incoming email of individual jpg, rather than actual motion.

I think I just realized what you meant. As in set up the system to email them the video stills as a backup. From what I know I do not think this is an option for my needs. It sounds like you already know about how many false positives you are going to get. Like trees blowing, cars driving by, nocturnal critters and the like.

The system I have now says it is only compatible with drop box, which a lot are. However, I do not think this one was ever meant to be used like that. For instance, the section in the manual is much different than what is actually on mine. Plus like I said before I do not think it is ever going to be enough. They give you like 10 GB or less most of the time right? I think drop box is actually 2 GB for free.

 

[USAFRet]

Yes, false positives.
4 hours of this little lady spinning her web:

Yes, still frames are not nearly as good as actual video, but video consumes much more bandwidth on both ends...you and the client.

And yes, my camera system lets you block off sectors of the image.
And passing clouds or cars still trigger what is left.



My basic thought on this is...the security for this, on your end, will be difficult.
Allow users to access their data, but no one else.
Billion dollar companies can't get it right. Google, Amazon, Sony...all have had large data breaches.

 

[Hexa Fox]

Yes, false positives.
4 hours of this little lady spinning her web:

Yes, still frames are not nearly as good as actual video, but video consumes much more bandwidth on both ends...you and the client.

And yes, my camera system lets you block off sectors of the image.
And passing clouds or cars still trigger what is left.



My basic thought on this is...the security for this, on your end, will be difficult.
Allow users to access their data, but no one else.
Billion dollar companies can't get it right. Google, Amazon, Sony...all have had large data breaches.

That is definitely true, but hopefully I will not be a target for criminals. Certainly that does not mean that I can put security off, but hopefully I will not have thousands of people gunning for my small network like say Home Depot does.

 

[USAFRet]

That is definitely true, but hopefully I will not be a target for criminals. Certainly that does not mean that I can put security off, but hopefully I will not have thousands of people gunning for my small network like say Home Depot does.

It's not that you are a specified target, rather it is that hackers stroll through every single IP address, looking for a vulnerability.

When I had my NAS box open for outside access, it would get access attempts every day, from all over the planet. Russia, China, Ohio, Portugal, etc, etc.
I could show you the logs if you wish.

They're just knocking on the door, to see if anything answers.
"Anyone home?"
'Hi, this is a QNAP'.
"Oh, OK...let me try the default QNAP username/password"
Log in fail.
"hmm...let me try something else"
Again, fail.

Getting no answer, they move on to the next IP address.
No answer, because I had specifically disabled the default account.

But those attempts were there.
Currently, your router gets those same attempts and just throws them away. If you have a port open to the outside, they know something is there and get one step in the door.

Can it be done? Yes.
You just have to be really really careful and diligent on your config.

 

[Hexa Fox]

It's not that you are a specified target, rather it is that hackers stroll through every single IP address, looking for a vulnerability.

When I had my NAS box open for outside access, it would get access attempts every day, from all over the planet. Russia, China, Ohio, Portugal, etc, etc.
I could show you the logs if you wish.

They're just knocking on the door, to see if anything answers.
"Anyone home?"
'Hi, this is a QNAP'.
"Oh, OK...let me try the default QNAP username/password"
Log in fail.
"hmm...let me try something else"
Again, fail.

Getting no answer, they move on to the next IP address.
No answer, because I had specifically disabled the default account.

But those attempts were there.
Currently, your router gets those same attempts and just throws them away. If you have a port open to the outside, they know something is there and get one step in the door.

Can it be done? Yes.
You just have to be really really careful and diligent on your config.

This brings back memories, I wrote an entire research paper in Information Systems Security and aced the class with a professor that was known to be difficult. I discussed how most home owners and even businesses could thwart attacks by just being more inconvenient than their neighbor. Just because someone could break in, does not mean they want to go through the trouble. If they see you have setup basic things and went through the trouble they usually move onto the next possible target, hoping they failed to do so. It is sad but true, and they usually run into targets that have done just that, failed to erect even the most basic of security protocols.

Also thanks for all the input thus far USAFRet, I appreciate it.

You have a point about streaming bandwidth too. I love the thought of have thirty+ customers using my FTP server to store data on motion detection but even storing a minute of video when the motion sensor is tripped might be unrealistic. Certainly it is something I thought about, but I did not actually think about it. I might still be able to consider the video stills though. That might be a much more viable and workable route.

I have solved many other issues that I have ran into and this is the only one that stands in my way and it sucks. A reputable business like mine needs to be able to offer a customer peace of mind in the event that something does happen to their DVR. My business seems a lot less reputable when I say, "no sorry we do not currently have any options for backup sir, you are on your own for that".

 

[Hexa Fox]

So are we no longer allowed to upload photos locally from our computers onto this site? They need to be uploaded elsewhere to a image hosting site before we can post them? I am still trying to figure out the cloud system they have setup. It looks ridiculously simple as compared to the manual and what I have seen online. So it looks like our system may have never been designed with that in mind. The FTP menu looks identical to what is in the manual though. Meaning it could work?

All I know is if I get into this business I am going to have to offer some way, either through me or a third party, a method which to backup my customers recordings.

 

[popatim]

We've never been able to directly load images to this site.

 

[Hexa Fox]

We've never been able to directly load images to this site.