Fortinet black logo

Administration Guide

Home FortiRecorder 6.0.0 Administration Guide
6.0.0
7.2.0
7.0.3
7.0.2
7.0.1
7.0.0
6.4.0
6.0.0
2.7.2
2.7.1
2.7.0
2.6.0

Deployment scenarios and camera discovery

Deployment scenarios and camera discovery

There are two basic deployment scenarios for cameras:

  • Local to the FortiRecorder
  • Remote to the FortiRecorder

FortiCamera deployments can combine both scenarios.

Note

Always place cameras in a separate subnet, isolated from outside to ensure only FortiRecorder can control access to and from the camera network. Use a dedicated FortiRecorder port or VPN.

Local camera deployment

Local camera deployment has two specific scenarios:

  1. Cameras are installed on the same network as the FortiRecorder
  2. Cameras are installed on a local network, but with one or more routers between the FortiRecorder and the cameras.

Installing the cameras on the same subnet as the FortiRecorder is the easiest deployment scenario, since the FortiRecorder automatically discovers the cameras.

The different FortiRecorder network interfaces can be used for different purposes:

  • a management port
  • a dedicated camera network
  • dedicated remote storage network.

The FortiCam cameras rely on a DHCP server to provide them with an initial unique IP address. If there is no DHCP server available on the network, the FortiRecorder can be configured to provide DHCP server functionality. The camera can also be configured to use a static IP address, but the camera would require a factory reset if moved to a different subnet.

Many third-party cameras also rely on the presence of a DHCP server. Some third-party cameras may use a default IP address and require the camera to be configured with the desired network settings.

Note

Reserve the IP address for cameras and avoid IP address changes.

A dedicated camera network provides many advantages:

  • restricted access to the cameras
  • video streams protected
  • increased quality of service
  • easier bandwidth management

FortiRecorder provides camera management in a dedicated camera network through a separate management interface. This secure gateway functionality is available for FortiCams and third party cameras.

Remote camera deployment

Remote camera deployment is for when there is a firewall between the FortiRecorder and the cameras. FortiRecorder will not be able to discover the cameras and so the cameras will need to be manually added to the FortiRecorder with the correct IP address.

The FortiRecorder can also manage cameras that are behind a firewall. As network address translation is typically used in such scenarios, a virtual IP address will be assigned to the camera by the firewall. Such a deployment is more elaborate. When possible, a secure tunnel should be used instead to strengthen security.

Previous
Next

Deployment scenarios and camera discovery

There are two basic deployment scenarios for cameras:

  • Local to the FortiRecorder
  • Remote to the FortiRecorder

FortiCamera deployments can combine both scenarios.

Note

Always place cameras in a separate subnet, isolated from outside to ensure only FortiRecorder can control access to and from the camera network. Use a dedicated FortiRecorder port or VPN.

Local camera deployment

Local camera deployment has two specific scenarios:

  1. Cameras are installed on the same network as the FortiRecorder
  2. Cameras are installed on a local network, but with one or more routers between the FortiRecorder and the cameras.

Installing the cameras on the same subnet as the FortiRecorder is the easiest deployment scenario, since the FortiRecorder automatically discovers the cameras.

The different FortiRecorder network interfaces can be used for different purposes:

  • a management port
  • a dedicated camera network
  • dedicated remote storage network.

The FortiCam cameras rely on a DHCP server to provide them with an initial unique IP address. If there is no DHCP server available on the network, the FortiRecorder can be configured to provide DHCP server functionality. The camera can also be configured to use a static IP address, but the camera would require a factory reset if moved to a different subnet.

Many third-party cameras also rely on the presence of a DHCP server. Some third-party cameras may use a default IP address and require the camera to be configured with the desired network settings.

Note

Reserve the IP address for cameras and avoid IP address changes.

A dedicated camera network provides many advantages:

  • restricted access to the cameras
  • video streams protected
  • increased quality of service
  • easier bandwidth management

FortiRecorder provides camera management in a dedicated camera network through a separate management interface. This secure gateway functionality is available for FortiCams and third party cameras.

Remote camera deployment

Remote camera deployment is for when there is a firewall between the FortiRecorder and the cameras. FortiRecorder will not be able to discover the cameras and so the cameras will need to be manually added to the FortiRecorder with the correct IP address.

The FortiRecorder can also manage cameras that are behind a firewall. As network address translation is typically used in such scenarios, a virtual IP address will be assigned to the camera by the firewall. Such a deployment is more elaborate. When possible, a secure tunnel should be used instead to strengthen security.

Previous
Next