Preface
Network Video Recorder
User Manual
ii
Issue V4.6 (2021-05-12)
Network Security Advice
Required measures to ensure basic network security of equipment:
Modify the password regularly and set a strong password.
Devices that do not change the password regularly or use a weak password are the easiest to be
hacked. Users are advised to modify the default password and use strong passwords whenever
possible (minimum of 6 characters, including uppercase, lowercase, number, and symbol).
Update firmware
According to the standard operating specifications of the technology industry, the firmware of
NVR, DVR and IP cameras should be updated to the latest version to ensure the latest features
and security of the device.
The following recommendations can enhance your device's network security:
1.
Change your password regularly
Regularly modifying the login credentials ensures that authorized users can log in to the device.
2. Modify the default HTTP and data ports
Modify the device's default HTTP and data ports, which are used for remote communication and
video browsing.
These two ports can be set to any number between 1025 and 65535. Changing the default port
reduces the risk of the intruder guessing which port you are using.
3. Use HTTPS/SSL encryption
Set up an SSL certificate to enable HTTPS encrypted transmission. The information transmission
between the front-end device and the recording device is fully encrypted.
4. Enable IP filtering
After IP filtering is enabled, only devices with the specified IP address can access the system.
5. Change the ONVIF password
Some old versions of the IP camera firmware, after the system's master password is changed, the
ONVIF password will not be automatically changed. You must update the camera's firmware or
manually update the ONIVF password.
6. Only forward the ports that must be used
Forward only the network ports that must be used. Avoid forwarding a long port area. Do not set
the device's IP to DMZ.
If the camera is connected locally to the NVR, you do not need to forward the port for each
camera. Only the ports of the NVR need to be forwarded.
7. Use a different username and password on the video surveillance system.
In the unlikely event that your social media account, bank, email, etc. account information is
leaked, the person who obtained the account information will not be able to invade your video
surveillance system.
8. Restrict the permissions of the ordinary account
If your system is serving multiple users, make sure that each user has permission to access only
its permissions.
UPNP
When the UPnP protocol is enabled, the router will automatically map the intranet ports.
Functionally, this is user-friendly, but it causes the system to automatically forward the data of
the corresponding port, causing the data that should be restricted to be stolen by others.