ONVIF to End Support for Profile S, Recommends Profile T as Replacement
ONVIF, the leading global standardization initiative for IP-based physical security products, announces that it will end support for ONVIF Profile S, and is recommending the use of its successor, Profile T.
Profile S, the first-ever profile ONVIF introduced in 2011, provides a standardized set of specifications that enable basic video streaming capabilities between conformant devices (like IP cameras) and clients (like video management software) from different vendors. Profile S, however, specifies authentication mechanisms that are no longer consistent with current cybersecurity recommendations.
“After 14 years, Profile S has served its purpose of enabling basic video streaming interoperability for more than 33,000 conformant devices and clients from different vendors,” said Leo Levit, Chairman of the ONVIF Steering Committee. “As ONVIF profiles do not change to preserve the interoperability of conformant products, we recognize the need to phase it out in line with today’s security recommendations. We encourage instead the use of Profile T, which better supports the needs of video surveillance applications.”
Although the deprecation of Profile S has no effect on the operation of deployed Profile S-based systems, ONVIF strongly encourages, if possible, the discontinuation of the use of the username token authentication in Profile S. ONVIF also recommends the adoption of more secure authentication methods, such as using TLS (Transport Layer Security)/HTTPS, or Profile T. The majority of ONVIF conformant devices and clients available on the market today support both ONVIF Profile S and Profile T. Introduced in 2018, Profile T contains virtually all the features of Profile S, in addition to other advanced features for video surveillance.
ONVIF recommends that system integrators and end users follow manufacturers’ product hardening guides, industry best practices, and local regulations, and stay informed about technology changes in the market. The ONVIF Network Interface Specifications have defined network protocols that include security elements such as TLS, which allows ONVIF devices with that feature to communicate with clients across a network in a way that protects against eavesdropping and tampering. ONVIF specifications also cover the ONVIF Default Access Policy, which specifies that there should be different access classes to services based on different user roles. Manufacturers can implement these ONVIF specifications regardless of whether the specifications are included in a profile or not.
The June 2026 version of the ONVIF conformance test tools, which have a 9-month validity period, will be the last test tool version that enables manufacturers to claim product conformance to Profile S.
As ONVIF adapts to new cybersecurity requirements, the specifications of the current ONVIF TLS Configuration Add-on will also be upgraded at the end of 2026. Unlike profiles, add-ons are adaptable to changing technology/specification requirements due to version handling.
Founded in 2008, ONVIF is a leading and well-recognized industry forum driving interoperability for IP-based physical security products. The organization has a global member base of established camera, video management system, and access control companies, and more than 33,000 profile conformant products. Besides Profile S and Profile T, ONVIF offers Profile G for video recording and storage; Profile C for physical access control; Profile A for broader access control configuration; Profile M for metadata and events for analytics applications, and Profile D for access control peripherals. ONVIF continues to work with its members to expand the number of IP interoperability solutions that ONVIF conformant products can provide.