Central Management Station (CMS) Introduction

中央控制架構 (CMS)

Please Note: Not all editions of software license has this feature enabled. Check with feature matrix for more details.

請注意:並非所有版本皆具有此功能,詳情請參閱相關說明文件。

Overview

概要

In the past, NVR client (console) can connect to only one remote server. All operation are restricted to single remote server. With the new CMS architecture, users are allowed to connect to multiple NVR servers simultaneously. Users are also allowed to perform live, playback, map, configuration across multiple servers at the same time.

在過去,NVR client (console)僅能連線到一台遠端server, 所有操作侷限於單一台遠端server。有了新的CMS架構後,使用者終於可以同時連線並管理多台NVR server, 亦可對這些server進行各種操作如播放即時影像、錄影回放、地圖、設定等等,都可以針對多台NVR server同時操作。

 

Example of CMS tree view CMS樹狀圖範例

 

To understand how it works, just think of a NVR connection as a IP camera channel, with the difference that a NVR connection expands to one or more IP cameras. Illustrated in the following diagram:

要了解這運作的原理,只要想像一個連線到遠端的NVR server,就好像連線到一個IP camera 一般,只是這個NVR遠端連線可以再度展開並連線至其他的IP camera。如下圖:

Original architecture原來的架構 CMS architectureCMS架構

 

With the new CMS architecture and careful project designing & planning, a fairly scalable system can be constructed, as illustrated below:

有了CMS架構,加上審慎的專案規劃,即有可能建構出一個大型可擴充之系統如下圖:

Mid-scale Surveillance System Diagram 中型監視系統架構圖

 

Primary NVR server

主要NVR server

For the CMS architecture to work, there need to exist a primary NVR server, which holds the information of other NVR servers (like the diagram above). This server will be the server to connect when client is connected from a remote site.

要建構CMS架構,必須存在一台「主要NVR server」,這server紀錄了CMS需要連線到哪些其他的NVR(就像上圖一般),這個主要NVR server,就是當遠端需要連線到CMS所必須連到的server。

This primary NVR server is sometimes referred to as the "CMS server".

這主要的NVR server有時便稱為"CMS server".

 

Synchronizing User/Group Information

同步帳號/權限資訊

For middle to large scale system, managing user accounts and their passwords could also be a challanging task. Therefore our CMS architecture offers "integrated security", meaning that the administrator could opt to synchronize all account information to the primary server. This spares administrator the effort to manage different user names of different servers.  

對於一個中大型大系統來說,管理多台server間的帳號很可能是一件令人頭痛的事,因此本公司CMS產品特提供「整合式安全控管」 ,這代表管理者可選擇自動將所有server上的帳號資訊進行同步,如此一來,管理者便只需要管理一套帳號,而不需要每台伺服器單獨設定。

How-tos

如何進行...

Here's a of list quick questions that might help you to find the information you need:

這裡有一些您可能會問的問題及所提供的答案:

How to add a NVR connection?如何建立NVR連線?

Click "New Obj." and select "New NVR".

按"New Obj."後選擇"New NVR".

 

 

Following dialog will appear. Each field is described as following paragraph.

如下圖的對話框將出現,說明如下文:

Field欄位 Description說明
Channel name

The channel name of the NVR connection. Please note this name shares the same name-space of IP camera channel names. It has to be unique from all existing channel names.

此NVR連線的「頻道名稱」,請注意這個名稱與IP camera的名稱道理是相同的,他必須跟其他所有IP camera以及NVR連線名稱都不同,換言之,這名稱在整個網域中必須是唯一的。

Description

Description of this connection.

這個連線的說明文字。

Domain name

Optionally supply the domain name of the host address.

可選用網域名稱來找到對應IP。(可不填)
IP address

IP address of the host address.

NVR主機的IP位址。
Port

TCP port of the server. Default is 3557 if not otherwisely changed.

NVR連線的TCP port,若沒有更改設定則預設應該為3557。
Login information

Login credentials to the NVR server.

登入帳號密碼。
Disabled checkbox

Check to disable the connection.

選擇是否要停用此連線。
Integrated security checkbox

Check to enable integrated security, which will synchronize all account information to the primary server.

選擇是否啟用「整合式安全控管」,勾選此項將會把所有的帳號權限資訊與主要NVR server同步。
Use primary credential checkbox

Check this to use the same client-supplied password to connect to this NVR connection, rather than the connection-supplied password. Checking this box is generally considered more secure than non-checking.

勾選此項代表使用client所提供的帳號密碼,而非NVR連線所賦予的帳號密碼。一般來說勾選此項是比較安全的設定。

(See What are the credentials used for a client to login to child NVR servers?當連線到子NVR時,client程式是哪一組帳號安全資訊登入的?)

See also

How to view live and playback video in CMS system?如何在CMS播放即時或觀看錄影回放?

Viewing live and playback video on CMS is no different than using it on NVR. Please refer to following links for more details.

在CMS內觀看即時影像或播放錄影回放與在NVR內的操作並無不同,請參閱以下連結:

How to use map on the CMS system?如何在CMS架構上使用地圖?

Using map on CMS is no different than using map on NVR. Please refer to Creating maps for more details.

在CMS架構上使用地圖,與在NVR上使用地圖操作並無不同,請參閱Creating maps 以取得更多資訊。

How to use integrated security, that synchronizes account information on all servers?如何使用「整合式安全控管」達到自動同步所有server上的帳號權限資訊?

In the NVR connectivity configuration dialog, you must check the "Integrated Security" checkbox. Enabling this checkbox will cause all account information be synchronized.

在NVR connectivity設定視窗內,您必須勾選「Integrated Security」,勾選後此連線所指的NVR內的帳戶權限資訊將會與CMS server自動同步。

 

Do I need additional license to use CMS?使用CMS需要購買額外的授權嗎?

Yes.

需要的。

 

Each NVR connection is similar to one IP camera connection. Therefore for each NVR connection you need additional one channel license. Only professional edition and intelligent edition qualifies the use of CMS.

一個NVR的連線就好比一個IP camera的連線一般,需要一個監看頻道的授權。並且只有專業版及智慧專業版適用CMS架構。

 

Let's use an example scenario in the following diagram. A primary NVR server connects to 2 child NVR servers, which individually has two IP cameras connected. The small blue box highlights the license requirements. This example requires 6-channel license installed in a way that Primary NVR server has two channels, NVR server 1 has two channels, and NVR server 2 also has two channels.

以下圖為例說名,一個CMS server連接至二台子NVR server,此二NVR各自又連接到2台IP camera, 小藍框內標示著須要監看頻道授權的編號。在這個例子中,總共需要6個監看頻道的授權,且必須以如下方式安裝:CMS server安裝2個,每台NVR各安裝兩個。

Can I connect to CMS server from a remote location?我可以從遠端電腦連線到CMS進行操作嗎?

Yes.

可以的。

 

Genius Vision CMS server is no different than the NVR server.  Genius Vision CMS client is also the same as the NVR client. All operations, including maps, alarm processing, live & playback, permission control, can all be performed from a remote location. 

由於Genius Vision CMS server與原本的NVR server架構上並無不同,Genius Vision CMS client亦與原本的NVR client相似,所有的作業,包含地圖、警報處理、即時影像、錄影回放等操作都像NVR一般可以從遠端執行。

 

This offer great flexibility when planning a complex project. For more information, please refer to What are the benefits of having a primary NVR server?.

這可遠端連線的特性在複雜的專案中提供了極佳的彈性。請參考「這CMS架構必須存在一台「主要NVR server」的好處是什麼?」取得更多資訊.

Do I need a special client or server program to enable use CMS?我需要安裝特別的軟體才能使用CMS功能嗎??

No.

不需要的。

 

CMS feature is tightly integrated into original NVR client/server architecture. No special software is required to enable this feature.

CMS的所有功能與原本的NVR client/server架構是緊密整合在一起的,您並不需要安裝特別的軟體,只需要安裝NVR即可使用CMS功能。

 

You do, however, need to use a sufficiently new version of software that comes with the CMS feature, both for client and server.

當然,您必須使用夠新版的NVR軟體,因為CMS是一個新增功能,且client/server版本都必須夠新才可正常使用CMS功能。

我可以連線到其他類型(廠牌)的NVR嗎?

No.

不行的。

 

For the time being, only Genius Vision NVR Professional Edition or above is supported in CMS architecture. 

目前CMS架構僅有支援Genius Vision NVR的專業版及智慧型專業版。

How to configure user accounts in CMS?如何在CMS中設定使用者帳號及權限?

In the main console left panel, click "Cfg. System", like the following picture:

在主畫面的左邊控制版上,按"Cfg. System",如下圖:

 

Following system configuration window will appear.

如下圖的對話窗將出現:

 

Click on the "Users" node as highlighted in the picture above. All users and groups will expand immediately.

點選"Users" 節點,如下圖所標示之處,點選後使用者及群組將自動展開。

You may then click on the specific user or group to modify their information. Or you can click "New User" or "New User Group" to create new users or new groups. For more detailed information about permission control, please follow links below:

接著您就可點選欲修改的使用者或群組進行修改。或您可按"New User"或"New User Group"建立新的使用者或群組。關於權限控管的進一步訊息,請參閱以下連結:

Can I connect to two NVRs that contains channels with the same name?我可以將CMS同時連接到兩台具有重複監看頻道名稱的NVR嗎?

Yes but not recommended.

可以的,但我們不建議您這樣設定。

 

As the channel name must be unique throughout the domain (the entire domain that is reachable from the primary NVR server), connecting two NVRs with some channels having the same name causes name conflicts.

根據本公司的系統定義,監看頻道名稱必須是全網域唯一的(網域指從CMS開始所有可以關聯到的監看頻道之範圍),同時連接到兩台具有重複監看頻道名稱的NVR必然會導致所謂的名稱衝突問題。

Our system has a way to automatically resolve name conflicts, in order to make the system to continue functioning properly. However, such conflicts will render only one of the channels with the same name usable. Thus all accessible channels keeps their names unique throughout the domain. (This is how we call that one channel is obsecured by another, rendering it inaccessible, due to duplicated names).

本公司系統有一自動解決名稱衝突的策略,因此此種衝突並不會導致系統運作異常,但這樣的設定卻會讓所有名稱重複的監看頻道中僅有一支可使用,其他支則會被隱藏而不致系統產生混亂。這樣的情形便是我們稱為一個頻道被另一個頻道所遮蓋(obsecured)的現象,被遮蓋的頻道雖存在也在運轉中,但從介面無法存取。.

Though the system is equipped with automatic resolution of name conflicts, configuring your system with duplicated channel names is highly unrecommended. Such configuration could easily causes user misunderstanding.

因此雖本系統可自動解決名稱衝突,但如此的設定實務上應該適當避免之,以免讓使用者產生不必要的誤解。

 

This can be illustrated in the following diagram. In this example there are two cameras both named "Cam001". As a result of name conflict, the CMS will only be able to access one of them, the "Cam001" inside "NVR server 1".  The "Cam001" inside "NVR server 2" will not be accessible (hidden) from user. (Unless the first Cam001 is removed from "NVR server 1", or the "NVR server 1" is removed from the CMS)

以上所指的問題,可用下圖說明。下圖的範例中,有兩支IP Camera都命名為Cam001,所導致的名稱衝突自然使CMS的用戶端只能存取到第一支名為Cam001的IP Camera而無法存取另一支,因此第二支名為Cam001的頻道對使用者來說就像是隱藏起來一般。若要存取第二支Cam001,則必須將Cam001從NVR server 1中移除,或將NVR server 1連線整個移除。

Obsecured channel

Can I connect to yet another CMS (nestable CMS configuration)?我可以在CMS內再連線到另一台具有NVR連線的CMS嗎(巢狀CMS設定)?

Yes but not recommended.

可以的,但我們不建議如此設定。

 

Our CMS architecture fully support nested configuration. (as illustrated below)

本公司CMS架構完全支援巢狀設定,如下圖:

Nested CMS configuration

巢狀CMS設定示意圖

 

However such configuration is not recommended. As it would easily cause user misunderstanding.

但這樣的設定因可能導致使用者的誤解,因此不建議這麼設定。

 

From previous Q&A, we know that each channel name must be unique throughout the domain. Configuring nested CMS structure could potentially extend the domain without the inner domain knowing. 

且從上一個Q&A條目來引伸,監看頻道的名稱唯一性可能因為巢狀設定的緣故,而其網域的範圍在使用者未查時擴大了,而導致設定上的誤解。 

Does the network traffic of the child NVR go through the primary NVR server?用戶端存取子NVR的網路流量會經過主要NVR嗎?

No.

不會的。

 

Network traffic, such as live or playback video, goes directly from child NVR into the client. They do not consume any primary NVR server bandwidth.

網路流量,如即時影像或錄影回放,是由該NVR直接將資料串流提供的用戶端,並不經過主要NVR server,亦不佔其頻寬。

 

From this point of understanding, the child NVR must be in a network domain that is directly accessible by the client console, otherwise video could not be viewed.

從這個觀點進一步推論,所有子NVR的網路位址(即IP位址),都必須是可讓用戶端直接存取的位址才行。

How to configure child NVR channels?Chinese translation is missing.

Follow the instruction below:

 

Firstly, invoke "Cfg. System" dialog and switch to the "NVR Connections" node.

 

Select the target child NVR (in this example, the child NVR called ALEE), and click "Edit".

 

 

After clicking "Edit" in previous screen, a second configuration dialog pops-up. This is the child NVR configuration window. Now click to the "Channels" node. You are now able to perform all channel configuration operations in this child NVR.

 

What are the credentials used for a client to login to child NVR servers?當連線到子NVR時,client程式是哪一組帳號安全資訊登入的?

There are two types of NVR connection, in the sense of the credentials used. To illustrate this, let's suppose we have a CMS structure as follows:

 

 

The two child NVR connection is configured to connect as "admin", which usually has the highest privillege. This kind of configuration is usually a necessary scenario because the primary NVR server needs to have enough access to the child NVR to perform management tasks.

 

However when a user logon, there could be two kinds of scenarios, described in the following table (notice the yellow highlighted differences) :

 

Diagram Pros Cons
Scenario 1: Use user supplied credentials
 Higher security More difficult to configure.
Scenario 2: Use connection supplied credentials
 Lower security Easier to configure

 

Because of the existence of the two possibilities, an option exist to let the administrator to choose the type of connection when setting up a child NVR connection, the "Use primary credential" checkbox in the NVR connectivity dialog:

 

 

When the checkbox is checked, the connection uses "Scenario 1: Use user supplied credentials", when it's unchecked, "Scenario 2: Use connection supplied credentials" is used.

How should I configure my child NVRs if I want to connect from public Internet?Chinese translation is missing.

This is an advanced topic. Audience should have moderate network configuration experience.

 

Please read the two Q&A before continuing this topic.

 

If you would like to configure your system to be publicly accessible, then all NVR nodes in your system should have public IP addresses. This is because a client connects to child NVR directly, rather than passing-through the primary NVR:

Configuration

 

Note that IP cameras connected to child NVRs are allowed to configured to private IP, while still accessible by remote client. This is because client accesses IP camera (live/playback, etc) through NVR. This is what happens when client actually connects to the system:

 

Following is an incorrect configuration example:

 

Note in this example, NVR server 1 and 2 are configured as private IP address. This will make client have trouble connecting to the IP camera inside:

However if a client is connecting from inside the private network, then this configuration is workable:

What are the benefits of having a primary NVR server?這CMS架構必須存在一台「主要NVR server」的好處是什麼?

Genius Vision defines CMS architecture by requiring a primary NVR server. This architecture has some advantages over those that does not require one:

Genius Vision所定義CMS架構必須存在一台「主要NVR server」,這樣的架構比起其他廠牌不需要這台server的CMS架構有以下優勢: