Ask Slashdot: Security Monitoring Company That Accepts VPN Video Feeds? 136
mache writes: My cousin is finishing up a major remodel of his home in Houston and has installed video cameras for added security. At my suggestion, he wired up all the cameras to be on a separate VLAN that only uses wired Ethernet and has no WiFi access. Since the Houston police will only respond to security alarms if the monitoring company is viewing the crime in progress, he must arrange for the video feed to available to a security monitoring company. I told him that the feed should use VPN or some other encrypted tunneling technique as it travels the Internet to the monitoring company and we proceeded to try and find a company that supported those protocols. No one I have talked to understands the importance of securing a video feed and everyone so far blithely suggests that we just open a port on his home router. Its frustrating to see such willful ignorance about Internet security. Does anyone know of a security monitoring company that we can work with that has a clue?
No, you completely misunderstand. (Score:2, Informative)
No, he wants an encrypted tunnel to the security company. Not to a third-parrty proxy.
Re: (Score:3, Insightful)
Ah, got it. But then why not just find a security company that sends their camera video over https?
Re: (Score:2, Insightful)
You stop now or start posting as A.C.
The video surveillance monitoring agency is not providing an authenticated service. They want the video to be hosted and available for their monitoring server to download. The very best an HTTPS connection can offer in the scenario you describe is security through obscurity.
Re: (Score:1)
Re: (Score:2)
You stop now or start posting as A.C.
I am stealing that. LOL Thanks! Slashdot has now given me two, literally, out-loud laughs today. I am grateful or overtired, perhaps both.
"You're demonstrating that you're an idiot. Stop it or at least have the decency to show shame and hide your ignorance and learn something." That's how I interpreted it.
Okay, so it's overtired but that was still a brilliant reply and I shall be stealing it at some point. I'll send you a nickel every time I use it.
Re: (Score:2)
I think you're conflating HTTPS and CA infrastructure. (It's an understandable mistake.)
There's nothing in the HTTPS protocol that requires authentication. Most HTTPS instances do provide some degree of passive authentication, in that at least one side (generally the server) has a certificate signed by a verified root authority.
This does not, however, prevent someone from creating a self-signed (or even, technically, an un-signed) certificate and using that as their SSL enabler. In that case, there is ab
Re: (Score:2)
I was actually trying to be informative, not condescending. I'm sorry it came across that way.
Nowhere did I say TLS wasn't capable of authentication. I said it doesn't require authentication. And it doesn't.
I was responding to the parent post's assertion that "Https is exactly about authentication". This statement is false. For HTTPS, authentication is a non-central benefit, not a core requirement, or even necessarily in-scope. TLS doesn't provide adequate authentication service on its own in a lot of
Re: (Score:2)
Why does "over a VPN" mean "indeterminate location"?
I used to connect to work via a VPN and it never happened that I was going "like, what's all this shit?". Well, the one time...
Re: (Score:3, Interesting)
VPN in modern slang times is generally used by people in one country trying to access restricted content in another (say copyright restrictions not allowing AU to view US shows on Hulu or something) or to obfuscate the original of the data being transmitted (dissident materiel or perhaps illegal to some extent material). The practical application of a VPN (secure tunneling access to a remote network like work access) seems to be forgotten by those using it for other reasons or the other reasons are more pre
Re: (Score:2)
It's always amusing when someone tries to supplant a definition with the slang of it. Sorry, but VPN is already well known in 'modern times' regardless of what the new generation of kids try to appropriate slang as while not understanding any of the underlying technology. The VPN slang is still the same exact thing, you must not understand that it just routes traffic out to the internet differently based on different use cases.
Re: (Score:2)
I understand it quite well. The point was that people are more commonly using it to appear like their traffic has originated somewhere else which is why the parent poster didn't know what the GP was trying to say. The fault lays with the GP's lack of knowledge not mine.
Re: (Score:1)
That is what authentication is for. If you hack a VPN server, you can come from Elbonia... just like you can grab the gold out of Fort Knox, all that stands in your way is the post security.
I see two ways of solving this:
1: HTTPS with persistant certificates AND client certs. This way, both sides authenticate with each other.
2: A VPN/VPLS, or other way to set up and join two physically separate network segments. This is by far a solved problem.
As for the OP, this might be too expensive for a security m
Re: (Score:2)
Re: (Score:2)
It might seem like I'm being a pedant but that's not my goal. My goal is to learn something so, if I'm wrong, please do correct me (preferably with a whip, chains, and sexual gratification at the end).
Isn't there no such thing as a "VPN protocol?" Isn't VPN just what is created using any one of a few different protocols like PPTP, L2TP, and a couple others that I can't think of at the moment? Can't, with some work and however badly, VPN be done over quite a few protocols?
I am, by no means, an expert. I do h
Re: (Score:2)
Bored in your hotel, eh?
Re: (Score:2)
Actually, there is a Karma level higher than yours.... it's called Bennett Hasselton.
Re: (Score:2)
Imma get that. ;-)
IP matching (Score:4, Insightful)
Configure your firewall to allow their IP address range to port-translate to the NVR's IP and port(s). ACL-off your security VLAN from your user VLAN(s), and vice-versa, and allow only the correct ports through from your user network(s) to the NVR.
Re:IP matching (Score:5, Insightful)
Not at all, VPN does not mean NAT traversal, IPSec is perfectly capable of security on public IP to another hell that was a design goal.
Re: (Score:2)
Even if there wasn't a problem with IP address and network collisions though, it would still require lots of VPN clients to be installed on the secur
Re: (Score:2)
They could set it so that the security system in their client's locations opened a VPN to their network (one suitably firewalled so as to not give the client actual access to anything) rather than connecting via VPN to the client's network.
Re: (Score:2)
Consider that IPSec is the only commonly used open standard. Not anyconnect not they need a site to site for only a NAT IP on both ends. Cert based is pretty straight forward actually.
Mind you I do not realy thing this buys you much over SSL with a pined cert for both ends.
Re: (Score:3)
A big problem with "VPNs" is that there are a ton of incompatible, proprietary VPN tools out there, generally horrible and incompatible with each other, and/or expensive, so it's far from surprising that the security company doesn't want to deal with any of it.
If the goal of the OP is to make sure that nobody is watching his home's video other than the security company, I'd suggest using https streaming (which is what his system likely already does) with a certificate configured at the security company, ver
Re: (Score:3)
Thus why I said SSL with pined certs and went for IPSec site to site also with certs since that is a standard and goes between vendors every day.
Re:IP matching (Score:5, Informative)
If the goal of the OP is to make sure that nobody is watching his home's video other than the security company, I'd suggest using https streaming
The OP's cousin should probably just accept the risk that some unauthorized third party could in theory be watching the video data, Concentrate on making sure a third party can't Control or Disable the camera (What is really important!), understand that risk, and mitigate it by placing the cameras where they will meet security objectives without a huge risk to privacy objectives.
Legally speaking.... the OP's cousin will have already lost any legal expectation of privacy, the second they hired an outside company and shipped camera video out of their exclusive physical control, local law enforcement/FBI/etc can compel the disclosure of such video data in the hands of a 3rd party without needing a warrant or subpoena, and even bar the monitoring company from informing that footage has been provided; it's no different than requesting transaction records from a retailer.
The reality of the situation is; security monitoring companies are totally focused on physical security, the ones likely to offer affordable services are going to be local SMBs for the most part, and they are likely to have little knowledge of IT Security topics.
Unless you've found a highly exceptional security provider in the local area that promises privacy of your video footage, most companies will just not care , and might not fully understand these issues, the issue is so universally neglected, that you will need a contract requiring end-to-end encryption, AND the OP will have to pay the monitoring company enough money for them to care.
And then, unless you are paying a couple thousand a month, then it is probably a tall order to require a custom VPN solution "just to protect a home's ccTV feeds".
Re: (Score:2)
The OP's cousin should probably just accept the risk that some unauthorized third party could in theory be watching the video data, Concentrate on making sure a third party can't Control or Disable the camera (What is really important!), understand that risk, and mitigate it by placing the cameras where they will meet security objectives without a huge risk to privacy objectives.
This is great advice and is the approach that I took. I've tried very hard to design the system so that it can't be accessed by unauthorized parties, but there's no way that I'm going to operate as if the feeds are truly secure. To that end, there aren't cameras monitoring private spaces.
Not to mention the complete creep factor involved in having security cameras monitoring the living spaces of your home. The WAF of that idea is so low that I wouldn't think of proposing it, even if I wasn't totally creeped
Re: (Score:2)
The right tool for the right job.
VPN is an ideal solution when remote users need unfettered access to an unlimited range of devices and ports on a secure, firewalled network. In this use-case, the video feed is delivered from one single aggregation server respond
Re: (Score:2)
There is a degree of understanding for why a security company might not want to use your VPN solution; if they have to monitor a lot of customers' cameras then they'd have to have a lot of different VPN clients running that might cause problems when the networks overlap private IP addresses.
Configure your firewall to allow their IP address range to port-translate to the NVR's IP and port(s). ACL-off your security VLAN from your user VLAN(s), and vice-versa, and allow only the correct ports through from your user network(s) to the NVR.
Keeping in mind that whatever you're streaming to them is in the clear for anyone who can capture the packets (though the risk is no doubt low of that actually happening unless your daughter is super hot).
Can you lock the IP address? (Score:3, Informative)
If those companies want a port open on the router, can you lock the port to only the IP addresses that that company would be using?
That should be fairly standard on most of the firewall/routers available today.
Re: (Score:3)
How well does that withstand IP spoofing?
Re: (Score:3)
IP spoofing is only good in one direction, generally, seeing as how a sender using a falsified address would not be able to get ACK packets or other 2-way data back from the recipient (in this example, the IP camera system's video feed). In other words, spoofing is great for DOS attacks or injections of some sort, not so great for trying to view video. (Caveats for sending unauthenticated backdoor commands to alter firewall rules, etc., but that's an application layer problem, not an open port problem)
Re: (Score:1)
You're assuming that an attacker can't compromise any routers, NATs, firewalls, or other systems in between. In light of all the recent vulnerabilities in those sorts of devices, and the refusal of most vendors to deal with those vulnerabilities, that assumption doesn't seem to hold up to scrutiny.
Re: (Score:2)
Which is a very reasonable assumption for every scenario that is reasonable to consider for the vast majority of situations.
Frankly, if you are worried about an attacker with that level of both sophistication and personal interest in breaking your security, then your situation is solidly out of scope for this discussion.
Re: (Score:2)
Yeah, because the people who break into houses don't have those skills or they would be committing less-risky crime that doesn't involve broken glass, guns, dogs, pepper spray, and pawn shops.
Re: (Score:2)
That is usually what I do when using a VPN tunnel to my home system from a fixed location. I adjust my firewall which also protects access to my VPN server to only allow VPN access from my IP or IPs.
IPsec or simple ssh like tunneling (Score:4, Informative)
Re:IPsec or simple ssh like tunneling (Score:5, Informative)
If the camera is HTTP, just reverse-proxy it with something like nginx into HTTPS, and let it handle basic HTTP authentication. HTTPS should be as secure as most VPNs in practice, and the authentication at the proxy level stops pre-authentication exploits against the camera. Now that Let's Encrypt is a thing you can even get a real cert easily. The security company doesn't have to know that you're doing this; you give them HTTPS URL and off they go.
Re: (Score:1)
Great suggestion. I may try this on my next iteration of the home brew thing I've cooked up based on ssh (see below)
Re: (Score:2)
Please pardon my ignorance and be gentle in rendering a /. style re-education, but isn't this precisely what https transports are supposed to do?
I set up a similar thing for some family members but its purpose is only to monitor and document any intrusions (they already have a commercial security system, that apparently doesn't work all that well). The cameras aggregate to a single machine within their lan and my (remote) server periodically scp's all the video/picture data from all the cameras to my locat
Re: (Score:1)
Please pardon my ignorance and be gentle in rendering a /. style re-education, but isn't this precisely what https transports are supposed to do?
I set up a similar thing for some family members but its purpose is only to monitor and document any intrusions (they already have a commercial security system, that apparently doesn't work all that well). The cameras aggregate to a single machine within their lan and my (remote) server periodically scp's all the video/picture data from all the cameras to my location where it is further consolidated to a single video file per day, per camera.
I don't think its any more vulnerable than any other ssh connection using secure keys. It's been running flawlessly for 3 years, but if I had it to do over again, I'd probably stage the data on an https file server and skip the ssh stuff.
Yes, I should've included the https [to be fair.. the L7 secure TCP covers https :)].. the gist was to move from a heavy weight solution (VPN) to a much simpler one. Yes, https is probably more easier and simpler. I dont' think there is any reduction of any security compared to ssh. [ssh tunneling is something which can work on any application which is not security-aware.. so it may be more suitable in some use-cases where the necessary plumbing to connect apps can be easily done. I believe if A and B commu
Re: (Score:2)
but isn't this precisely what https transports are supposed to do?
I don't think the OP gets a choice in the matter. Most IP cameras and IP camera system transmit the video feed over a UDP-based protocol; it's generally RTP/RTSP; and support for SRTP/SRTCP is sparse and far between (Unless you spent mucho more $$$ to purchase high-end equipment that specifically supports it!). The only way you're going to be wrapping RTCP in HTTPS is with a SSL VPN that supports encapsulating arbitrary TCP protocols
Re: (Score:3)
Bluecherry (http://www.bluecherrydvr.
silly topic (Score:2, Informative)
You and your cousin need to get a life and stop worrying about highly optimizing the design of security systems that have almost no practical value. The reality is for most users, 99.9% of the security value of their system mostly comes from the visual appearance of the camera as a deterrent factor.
SubjectsInCommentsAreStupid (Score:1)
Wires can be cut.
Re: (Score:1)
Wires can be cut.
... and radio can be jammed....
Re: (Score:2)
Re: (Score:2)
Cellular goes down a LOT MORE OFTEN than hardlines get cut.
'common burglars' don't do either. The break in, grab some stuff, and take off before anyone can respond to an alarm.
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
It must suck to be able to read but unable to understand what you read.
Really? (Score:5, Interesting)
What's wrong with a port forward?
Get them to tell you THEIR static IP, and only apply port forwarding from their address to your internal VLAN.
Problem solved.
Have to do it all the time for telephony, CCTV, remote software support, etc. I let them have a port-forward but only if:
a) they give me their source IP (I get the asked the same when I set up VPN's etc. anyway, so everyone does this!)
b) they only get one set of port-fowards to the internal system
c) I reserve the right to cut that connection off for 99.9% of the time until they actually NEED to do something. They ring me up, I open up JUST THAT PORT to JUST THAT IP, then they have to tell me when they are finished.
It makes it much easier to manage, to log, and to control your devices.
Nobody sensible opens up any port to the world unless they have a public-facing service on that port and have secured it properly (e.g. email, web, vpn). But "port-forward" does not mean you let the world into it.
And if the attackers know and can spoof the IP of your remote support, then you're in bigger trouble anyway! That's not the kind of attacker that you're going to be able to easily defend against. But with a plain port-forward, all they'll get (if you've done it properly) is into the VLAN and the cameras, not your systems.
And, guess what. The only device that traverses several VLANs should really be your gateway anyway. There's no point VLANning off and then having everything sit on all the VLANs. So you might as well just have the gateway port-forward and then all the config is on one device.
(Not only that, VPN setup like you suggest is a pain in the arse for most people anyway. If you have a hundred customers, with a hundred VPN's, it quickly becomes stupendous to put them all on 24/7, because of IP subnets stomping over each other and all sorts of confusions. That's before you get into the million-and-one variations of VPN and VPN settings and managing certs and credentials).
Re: (Score:2, Insightful)
I would find two issues with your proposed solution.
The first is that there is no way to know how they manage their IP addresses, which presents at least two problems. The first being, what if they do not manage the addresses themselves and some other company gets control of the IP address. This would mean the feed can be viewed by unauthorized users. The second issue is that they may use a range of IP addresses, adding new ones, dropping old ones, and in the case of an emergency, a new address used may not
Re: (Score:2)
Well, not only that, but the camera system itself is somewhat exposed to the internet which means any weakness in the firmware or software running the https (or http) can possible be exposed and high tech criminals could actually use the system to know when the house is empty or where valuables are generally stored depending on where the cameras are placed.
Of course it is likely much easier to just watch the place a few nights and conclude when no one is home. But being able to avoid being on camera might p
Re: (Score:2)
The solution as presented is sufficient to stop your basic smash and grab / crime of opportunity attacks. At that level you don't have to worry about firmware hacks.
Re: (Score:3)
Just NO. Not everything needs to be encrypted. In lots of cases it jsut adds bloat to whatever it is you are trying to do. I absolutely believe companies should make better devices, but in the end its up to US to use the vast tool chest we have available to us to make up for these shortcomings. Dont force obfuscation where its not needed so that you dont have to think.
Re: (Score:2)
The political types of the internet disagree. The common view there is that absolutely everything should be encrypted - because it you only encrypt what you want kept secret, it stands out like a blinking neon 'something dodgy going on here' sign. The overhead of encryption is very slight with modern hardware, and getting more so all the time.
Re: (Score:2)
Re: (Score:2)
No, using decent encryption is not security through obscurity.
Security through obscurity is when you assume nobody will crack your system because they don't know some magic number or method of yours, or some fatal flaw in your software.
It doesn't mean using encryption to make the pile of encrypted data even larger for tho
Re: (Score:2)
Why? What are you trying to secure? That is the important question. IT does not matter to me if someone can see my IP camera signal on most of my public facing cameras. There is jsut no need for that most of the time. Im not saying there should be no encryption, im saying that requiring it by default is retarded.
Get a provider in the commercial space (Score:5, Informative)
You should have the Axis security suite or find one of their partners to install it for you, then some company might take you seriously. Once you get that contract, you can specify anything you want and pay accordingly. I've done IPSec lines for some of their customers, but you could be paying $10k/year easily to maintain a few camera recordings which are totally useless in actual protection or prosecution (unless the cops get extremely lucky with an extremely dumb criminal, they won't be looking for that one person or even recognize them when they get arrested on another charge).
But for home or small business, this is laughable, your camera's won't do anything, they will barely be able to see any silhouettes especially at night (unless you buy a $1000 camera, the 100' IR LED cameras all wash out the image due to reflection within the housing, and yes, I have tried a number of them). Your city doesn't require any camera for monitoring by police. You do need a permit and so does your alarm company. Perhaps your alarm company told you that but they are just trying to up sell you their camera system. https://www.houstonburglaralar... [houstonbur...ermits.org]
You can do a DIY alarm system with a cheap alarm monitoring service for ~$500 (Honeywell Vista with a few sensors and remotes) and $5-15/month for the monitoring service (wired or wireless). You could hook up ZoneMinder into your Honeywell as well with an RPi or whatever, but make sure you understand the false alarm fees your city levies. Some city codes also require you to hook up at least one wired CO and smoke detector if you do get a system so you should calculate all that in, other codes require wired CO and smoke detectors on every level during renovations.
Re: (Score:2)
Your city doesn't require any camera for monitoring by police. You do need a permit and so does your alarm company. Perhaps your alarm company told you that but they are just trying to up sell you their camera system.
The way it might be sort-of-true is that if all the police get is "alarm going off in X neighborhood", they're typically not going to treat it as an emergency, because about 99% of the time it's a false positive: alarm set off by homeowner who accidentally opened their door with the alarm set,
Re: (Score:2)
Alarm companies have to verify an alarm with the home owner. So homeowner setting off the alarm is not sent out to the cops. Too sensitive detectors happens only once, the second and further times, the city will give you rising fines or even revoke your permit until you fix it.
Cops will respond to alarms because they are easy, they are 'verified' better than your average 911 call wild goose chase and they bring in revenue (either in fines from not getting a permit or fines from repeat alarms).
Re: (Score:2)
Your city doesn't require any camera for monitoring by police. You do need a permit and so does your alarm company. Perhaps your alarm company told you that but they are just trying to up sell you their camera system. https://www.houstonburglaralar... [www.housto...laralar...]
In a lot of jurisdictions, video verified alarms are given a higher response priority by police.
Re: (Score:2)
The OP states the police will only respond if there is video. If that were a policy, not only would it be published but it would also open the police department up to a number of 'neglect of duty' lawsuits.
Re: (Score:1)
Police have duty? [wikipedia.org]
Re: (Score:2)
The OP states the police will only respond if there is video. If that were a policy, not only would it be published but it would also open the police department up to a number of 'neglect of duty' lawsuits.
It is in fact the policy in an increasing number of jurisdictions, including San Jose, Detroit, Las Vegas, Akron and Milwaukee that alarms be verified by video or eyewitness before police will respond. In other jurisdictions, such as Bakersfield, Saturday night response times can be up to three hours for non-verified alarms.
Re: (Score:2)
The OP states the police will only respond if there is video. If that were a policy, not only would it be published but it would also open the police department up to a number of 'neglect of duty' lawsuits.
It is in fact the policy in an increasing number of jurisdictions, including San Jose, Detroit, Las Vegas, Akron and Milwaukee that alarms be verified by video or eyewitness before police will respond. In other jurisdictions, such as Bakersfield, Saturday night response times can be up to three hours for non-verified alarms.
A quick check over at Wikipedia [wikipedia.org] says that they figure that between 2%-6% of home burglar alarms getting tripped are by actual burglars, so I think it's safe to say that there's a very good reason for a jurisdiction to require some type of verification. It's worth noting that apparently there's reports of such things as perfectly normal spiders successfully triggering motion detectors, and I've been through a round of a...self-testing fire alarm--thankfully we didn't have to fend off firefighters while atte
Re: (Score:2)
This is a good way to not end up with service.
Unsecure on alarm (Score:4, Insightful)
I certainly understand the need to secure the video, fully encrypted, of my home. But I'd be willing to have it unencrypted, and fully open in fact, during a break-in. It's a big call for help for anyone looking, and it really ought not be that often. And anyone whe'd stage a robbery to see the footage as recon for next time, well, that sounds foolish.
So, while not perfect, why not switch to unencrypted during alarm scenarios?
You need ENCRYPTION not VPN (Score:2, Insightful)
Others have pointed some of these things out but let me spell it out in big letters.
OP started out by telling the security company "I want a VPN." He then came to /. to say to us "where can I find someone that will do a VPN." /. world help you; don't state what you think the solution is and why nobody will do it. There's a good reason they won't -- it's the wrong answer.
The problem is that a VPN is the wrong tool. When you have a problem state the problem and let the
VPNs are used to link separate private
Build it ... Then ask someone to work around your (Score:3, Insightful)
Custom worthless crap?
Bwhahaha ... No security company wants to deal with some jackass that thinks they know all about it but was too fucking stupid to think about how it might interoperate before he started and now he's shocked that people have no interest in dealing with him when he walks in the door telling they run their business wrong?
You guys are a joke. You got all wrapped in vlans and no wifi that you forgot that protecting your home was the point ... I'm not sure if that was actually the point or if you guys just wanted to waste a fuckton of money. Your security system was a waste, deal with it
I-View Now and Protection One offers exactly this (Score:3, Informative)
A bit self-serving as the CTO of the company, but we provide this kind of service to commercial national account customers all of the time. Typically an IPSec VPN tunnel is established between the client site and I-View Now, and the DVR/NVR at the end of the tunnel is monitored for online status every 5 minutes (Which also helps keeps the tunnel alive). When an alarm is triggered, in under 5 seconds, the operator at the central station is viewing both a live feed from the camera associated with the zone that went into alarm, but also a 5-second pre-alarm clip of what actually tripped the alarm. This same video clip is delivered to the end users via a link sent in an SMS message so by the time they receive the call from the alarm company, they are seeing exactly what the operator is looking at as well. i-viewnow.com
Ademco Total Connect (Score:1)
You haven't thought this through. (Score:1)
One, Houston police do not require video verification for alarm response. They do, however, require that your alarm permit is up to date, so make sure of that.
And two, you really do NOT want to pay for alarm-company-monitored camers. There's a reason that's a commercial system feature and not a residential one: It really slows down the alarm operator's handling of alarms, and raises costs for the company, which they pass along to the customer.
Even most small businesses don't pay for that feature. Only if th
VPNs are not magic security sauce (Score:2)
You do not need a VPN.
Exposing a port is quite a reasonable option. Simply require HTTPs with username/password authentication.
If your server and the monitoring provider both support it, configure the server to require an X.509 client certificate and supply one to the provider. It's unfortunately unlikely that they will support this, though.
If your video server is a horrible insecure piece of garbage that doesn't do HTTPs, or that has a hardcoded secret key that's in 100,000 other servers around the world,
You are doing it wrong. (Score:2)
No company will help you to set up a solution specifically for you.
Do it the other way round: Specify that it must be encrypted, ask for offers, and let them suggest HW and SW. If you dont like it, look for another company.
Why not use SSH or OpenVpn, but before you ... (Score:1)
- view cameras
- control cameras
- control other house system
-> ssh and OpenVPN could help, you could have encryption and login control, tunneling, profile, have scripts, etc.
Its also good thing create an wifi me
CCTV Video Feeds (Score:1)
Re: (Score:2)