ONVIF to End Support for Profile Q

ONVIF, a global standardization initiative for IP-based physical security products, has announced that it will end its support for Profile Q early next year since it contains certain specifications that are no longer consistent with current cybersecurity best practices.

Profile Q was developed to provide easy setup of a conformant device on an IP network. It requires a Profile Q conformant device to allow anonymous access to all ONVIF commands during the setup process in the factory default state. This does not follow current cybersecurity best practices, which recommend, among other things, that a network device require users to set passwords and other access rights before the device can be used.

Since the specifications of a profile cannot be changed as it would impact interoperability between products that conform to a specific profile, Profile Q will be deprecated on March 31, 2022.

“ONVIF conformant products are used in a wide variety of industries and geographies, with different requirements when it comes to cybersecurity policies or best practices,” said Leo Levit, chairman of the ONVIF Steering Committee. “As these cyber threats evolve quickly, it’s important that users are aware of these best practices to ensure they are implementing cybersecurity measures that are appropriate for their organization.”

ONVIF recommends following industry best practices and local regulations and staying informed about technology changes from the market. The ONVIF Network Interface Specifications have defined network protocols that include security elements such as TLS (Transport Layer Security), which allows ONVIF devices with that feature to communicate with clients across a network in a way that protects against eavesdropping and tampering. ONVIF specifications also cover the ONVIF Default Access Policy, which specifies that there should be different access classes to services based on different user roles. Manufacturers can implement these ONVIF specifications regardless of whether the specifications are included in a profile or not.

Founded in 2008, ONVIF is a leading and well-recognized industry forum driving interoperability for IP-based physical security products. The organization has a global member base of established camera, video management system and access control companies and more than 20,000 profile conformant products. ONVIF offers Profile S for streaming video; Profile G for video recording and storage; Profile C for physical access control; Profile A for broader access control configuration; Profile T for advanced video streaming; Profile M for metadata and events for analytics applications and Profile D for access control peripherals. ONVIF continues to work with its members to expand the number of IP interoperability solutions ONVIF conformant products can provide.

Featured

New Products

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”