IP Camera Hardening and Cybersecurity Guide |
Secure Configuration and Operation
10 |
14
Data subject to change without notice | August 22
Security Systems / Video Systems
Operational Environment
Bosch IP cameras can be used in a wide range of scenarios, either in a closed CCTV style network or connected to the
cloud as IoT device. Here are some recommendations for the operational environment to provide maximum security to the
device.
Physical Security
For the installation of cameras, a secure installation location and mounting orientation should be chosen. Ideally, this is a
location where the device cannot be interfered with, either intentionally or accidentally.
Network Separation
If possible, the camera should be operated in a separate network (e.g. using VLANs) with access restrictions to limit
broadcast traffic and protect the cameras from network attacks.
Network Authentication
The network in which the cameras are operated should support network authentication with 802.1x to allow only valid
devices and actors on the network.
Central configuration
The cameras can not only be configured locally via web-based interface, but there are several possibilities to centralize
management.
4.4.1
Configuration Manager
The Configuration Manager offers the possibility to manage one or multiple cameras at once, deploy configurations,
discover new devices, or deploy certificates via integrated MicroCA.
4.4.2
Project Assistant
The Project Assistant offers an easy solution to plan the installation and deployment of larger camera installations where
the configuration of the cameras can be designed in an office and then written to the local devices during installation.
4.4.3
Bosch Cloud Solution
All cameras can be integrated with the Bosch Cloud Solution to allow central configuration and management of devices via
the cloud.
4.4.4
BVMS
The Video Management System from Bosch offers centralized configurations for all attached devices and system
components.
