This is exactly what I've been looking for. There's plenty of cheap RTSP and ONVIF compliant cameras coming out of china, but I trust them exactly 0%. I also don't trust us-based companies with remote access via their services. So I'm learning how to partition my home network to not allow the cameras on a vlan to not access the outside world.
But then I need to figure out how to access the video streams.. from the network my computer is on that does have access to the outside world.
I'm a firmware engineer, so I haven't touched networking since my IT job in college.
Here's a setup that works. Get POE cameras. Get a powered switch with sufficient power to power the cameras. The cameras and the switch form their own subnet. Get a PC with two Ethernet jacks (or an Ethernet and a WIFI). Install NVR software, Blue Iris, iSpy, ZoneMinder, etc, on the PC to record and process the videos from the cameras. These softwares are all good with RTSP and ONVIF, with easy camera detection via port scanning. Connect the PC to the switch on one Ehternet jack and connect it to your general network with the other one (or WIFI). The cameras are running in their little isolated subnet. The NVR PC sits between the camera subnet and the general subnet. Access from outside reaches the NVR PC only, not the cameras. You can even open the WAN firewall to reach the PC's WIFI side to access the videos from Internet. Some of these NVR software can stream videos to outside phone apps or web apps.
Sorry if I came off negatively. I was responding to OP. Your products look good. Here's a bit of my experience on using NVR if that helps in better product design.
Most NVR's are PC + powered switch built into one. I found them to be running very hot most of the times since they need a fairly beefy power supply to power the cameras and the PC itself. The WIFI only NVR's are much better and the only power drawn is video processing on the PC. Blink Module is a good example.
Another problem is the tight integration of hardware. When I have more cameras than the PoE jacks on the NVR, it becomes obsolete. When some hardware fails on the NVR, the whole thing fails. My last integrated NVR developed a problem in the disk controller and the whole thing couldn't be salvaged.
In the next round of setting the system up, I decided to de-couple all the pieces for better maintenance and upgradibility. The sweet spot I found is: cameras + powered switch + PC + NVR software + external USB storage. It has work great so far. The old PC was underpowered and I swapped it out without impacting the other pieces. I added more disks as needed with minimum fuss. I replaced some of the cameras without much problem.
You're right in that ordinary customers probably won't do all those. For a customer product, a NVR that works with WIFI cameras makes the easiest sales. It has much lower hardware requirement thus keeping the cost down. WIFI cameras are easier to set up and thus plentiful. If it has an Ethernet jack, you can sell a separate powered switch to make it work with the PoE cameras. Basically it's a souped up Blink Module that works with other cameras, with storage, and can stream to apps and web.
I mean you can sell a whole package of the pieces, plus phone apps and cloud storage, to offer a complete solution. Most of the pieces are off the shelf, but you can still offer a complete solution with some critical proprietary pieces like your NVR software. Of course you can offer piece by piece as needed, as long as all the pieces can fit together. There're a lot of cross selling opportunities.
I appreciate this. This will definitely help with product decisions.
Btw, our video security hub (aka Spartan) has NVR capabilities built in - but it's more selective about what it's recording (based on the rules you've set). It can coexist with an NVR on the same network, or it can replace it entirely. And it can work with WiFi cameras, today (we just recommend wired for security).
> Also, this feels like my Dropbox moment (the infamous comment below) :)
Isn't that just the whole cloud (and also a gazillion other services)? I think the argument of "Why pay DropBox when you can just FTP" also applies to why pay AWS when I can manage my own servers? And then to further extend, why pay the supermarket when I can just grow vegetables at home?
Mine are ONVIF-discoverable and will expose RTSP (H264 and H265) URLs and a snapshot URL. As I mentioned, they are 'dumb' (video and snapshots are their main purpose), and it's the security hub that makes them smart. No cloud-based remote access, your data stays on your device.
If you decide to check it out, and feel free to ping me (email in profile). I am proud of these things, for the reasons you mentioned :)
If your cameras are PoE, you can use an NVR that doubles as a PoE switch and can create a separate network for the cameras. Some NVRs will also relay RTSP from them so it will be accessible on your LAN. Alternatively, adding static routes to devices will allow them to see the cameras locally.
Unfortunately, the NVR will probably have the same type of vulnerabilities as the cameras in question (they come from same manufacturers).
But then I need to figure out how to access the video streams.. from the network my computer is on that does have access to the outside world.
I'm a firmware engineer, so I haven't touched networking since my IT job in college.