The cloud is also very useful for video surveillance applications: creating a copy of the recordings acquired locally from multiple cameras and keeping them safe on remote servers.
The cloud can be used for diverse purposes and fulfill the most diverse needs, from large companies to small businesses to professionals and private users.
In our other articles, we have seen how the cloud helps to manage one or more highly scalable virtual machines, to add or remove resources as needed without ever personally getting their hands on the hardware and without the technicians doing it. Investments can thus move “from iron” to what matters: software and services.
The Aruba Cloud platform allows any Linux and Windows server to be connected to the network and made immediately accessible on a public IP (automatically assigned), also using the many templates made available by the provider (there are also those for configuring firewalls, VPN servers, and load balancers…).
By combining the available cloud resources, it is also possible to create one’s own personal data center, capable of relying on a virtually unlimited number of servers, tools for balancing workloads, systems for unified data storage, cloud-based network protection, and virtual switches.
We have already seen that with little effort, it is possible to install WordPress ( How to install WordPress in the cloud ), any CMS, or set up an ecommerce site on the cloud while enjoying redundant and guaranteed resources tailored exactly to the needs of users.
Use The Cloud For Video Surveillance And Secure Recording Storage
There is no limit to cloud services other than your imagination. A common need among both professionals and private individuals is to set up an effective video surveillance system free from safety gaps. Many video surveillance systems have a significant defect: the audio/video recordings are saved locally, for example, on a DVR or a NAS server, without making a remote copy.
What would happen if an attacker, once entering a company, office, or home, stole the devices on which the recordings are automatically saved? In this case, the cloud is of great help because you can ask your equipment to create a copy of the audio and video streams, even on a remote server. This simple but ingenious precaution ensures that the recordings produced by the camera system are always available on the cloud, even in the event of theft of the local server (traditional server, PC, NAS, or DVR).
By now, many video cameras allow them to be managed via the cloud by connecting with a platform made available by the manufacturer. In the article How to connect to an IP camera remotely, we saw how it is possible to connect remotely to a video surveillance camera.
Our advice is, first of all, to choose products capable of offering excellent guarantees in terms of security and, above all, compatible with ONVIF ( Open Network Video Interface Forum ): in this way, you will be certain that the product can not be controlled only using applications provided by the manufacturer but also third-party solutions.
In the article Video surveillance cameras: how to choose them, we have seen how to choose the best products by drawing on a vast and varied market offer. Many may prefer to avoid transferring data to web servers which, in the best case scenario, are physically located on the other side of the ocean, if not in Far Eastern countries.
There is a cloud service and a cloud service: the cases of companies, even quite famous ones, which transfer video streams from customers’ cameras using protocols that do not involve any encryption algorithm are not uncommon.
How To Safely Save Recordings From The Video Surveillance System On Aruba Cloud Servers
If you prefer to avoid relying on the cloud services of suppliers that you don’t even know in which country they operate, if you want to enjoy a guarantee of “privacy by design ” in perfect compliance with the provisions of the GDPR ( Aruba, the request for cloud services grows a lot in Italy and transforms year after year ), we suggest then to configure a cloud server so that it receives the recordings from the video surveillance systems in a secure way or to have the cloud server acquire them remotely.
Two possible strategies, in our opinion:
- Without opening any incoming port on the router installed at your business or home, you can configure the individual IP cameras or the entire video surveillance system to upload data to an FTPS server (on FTP protocol with the added Transport Layer Security (TLS) encryption setup on an Aruba Cloud server.
- Have the Aruba Cloud virtual machine access the local server and remotely download a copy of the latest recordings. In the first case, the advantage is that without opening incoming ports on the router, it will be possible to establish an encrypted tunnel between the client and server by continuously uploading the video recordings.
Many NAS and DVRs allow you to rotate the stored video sequences: in practice, to make room for the new ones and avoid running out of space for data storage, the oldest recordings are automatically removed, as established by the user. Some NAS, however, and various video surveillance kits allow you to set up a remote server (also SFTP) to transfer data.
On the Aruba Cloud side, it will be enough to configure the SFTP server on a Linux or Windows machine and, preferably, if a static IP is used in the company or at home, allow remote connections only from this public address. In most cases, there is no need to install solutions such as pfSense, Endian, or similar on the cloud: just properly set iptables in the case of Linux or the Windows firewall.
In the second case, avoid opening incoming ports on the router, configure a local OpenVPN server and install a client on the Aruba cloud server capable of remotely connecting to the home or office network. Once the Aruba Cloud server establishes an OpenVPN connection with your office or home network, you can set up a simple script with the Linux or Windows system commands (simple cp or robocop, for example) to create a copy of the data.
Video recordings will always travel in encrypted form thanks to the encrypted tunnel established thanks to the OpenVPN protocol. You can also use the versatile rsync utility, which allows you to minimize the amount of data to be moved from one memory location to another during backup and synchronization tasks. Thanks to the cloud, an approach that once seemed complex to apply or expensive to manage becomes much easier, within reach of all those with minimal technical knowledge.