We’re covering three things you didn’t know you could do in Milestone XProtect. Continue reading to learn how to configure anti-virus software to work for and not against your VMS, how to enable the AXIS S3008 Recorder in Management client, and how you can logically combine events using AND/OR functionality in XProtect.
Best practices for safely configuring anti-virus software on XProtect systems
If you’re new[er] to managing Milestone XProtect, running anti-virus software on your system with Milestone XProtect may cause mild to serious side effects including, but not limited to, cold sweats, panic, anxiety, frustration, and, on occasion, boredom. These side effects occur when your AV is on incorrectly, causing the anti-virus software to scan ALL of your video for viruses. Instead of identifying problems and where they are rooted, it will just slow your system down.
Given the software is essentially a high-performance database with access to countless recordings and archives, it’s best to exclude specific file types and locations, as well as certain network traffic before you start scanning for viruses if you want to protect your VMS from harm or potential loss of data.
Failure to audit and adjust your included files could result in serious degrading of server performance, potential locking of files, and corruption of databases.
General Rule of Thumb Scanning and Exclusions
Do not scan XProtect Recording Server directories that contain recording databases, any subfolders within that location, and any archive storage directories.
Additional exclusions you should create
1. File types: .blk, .idx, .pic, .pqz, .sts, .ts
An aside on file types (08-Apr-2021):
- File types present in XProtect Enterprise (all old E-code products; now this line of products is called XProtect Professional VMS): .pic, .pqz, .sts, .ts
- File types present in XProtect Corporate (all C-code products; this line of products is now called XProtect VMS): .blk, .idx
- File types present in both XProtect Enterprise and Corporate: .blk, .idx, .pic, .pqz, .sts, .ts
C:\Program Files\Milestone\ (and all subdirectories)
C:\Program Files (x86)\Milestone\ (and all subdirectories), AND
C:\ProgramData\Milestone\ (and all subdirectories)
3. Milestone XProtect's core processes also require the following ports to be open.
Note: All the values below are default ones and you may need to open more ports depending on your particular setup, i.e. analytics, generic events, have extra ports that may need enabling.
XProtect Advanced/Plus Products(1):
- Management Server: 80, 443, 8080, 9993, 9000
- Event Server: 22331, 22334
- Recording Server: 7563, 9001
- Failover Server: 11000, 7563
XProtect Professional products(2): 80, 1237, 22331, 22334
- XProtect Mobile: 8081, 8082
- XProtect LPR: 22334
Or, alternatively, you can exclude network scanning of the following processes:
- XProtect Advanced and Plus products(1): VideoOS.Recorder.Service.exe, VideoOS.Server.Service.exe, VideoOS.Administration.exe, VideoOS.Event.Server.exe, VideoOS.Failover.Service.exe
- XProtect Professional products(2): RecordingServer.exe, ImageServer.exe, ManagementApplication.exe, ImageImportService.exe, RecordingServerManager.exe, VideoOS.ServiceControl.Service.exe, VideoOS.Event.Server.exe
- XProtect Mobile: VideoOS.MobileServer.Service.exe
- XProtect LPR: VideoOS.LPR.Server.exe
If your anti-virus software also checks inbound internet traffic, you should also exclude from scanning the cameras’ IP addresses and relevant Recording Server and/or Image Server processes.
Even if your company requires regular virus scanning, don’t go into it blindly! Making sure to note these exclusions every time you perform a scan will keep your VMS safe and performing optimally.
Find more information about this functionality in the Milestone support article here.
Integrating the Axis S3008 Recorder
For those small sites that only need a recorder and a POE switch, the Axis S3008 Recorder offers a solution.
The Axis S3008 Recorder functions as a POE switch and external storage for camera devices added into Milestone, though it itself isn’t added as a separate hardware device.
According to Milestone’s FAQ, to start setting up your Axis S3008, ensure all cameras are connected to your Axis Recorder and properly set up in Management Client to receive the recordings.
- Connect the Axis S3008 Recorder to your device network.
- Define username and password for the Recorder.
- Configure all camera devices that will use this recorder as external storage to use the same
- Add the camera devices in XProtect.
- For each device make the following settings in the Management Client*:
➔ Add the Axis Recorder IP address in Settings tab → General Settings → “Recorder Address”
➔ Select the preferred stream used for recording from the drop-down menu in Settings tab → Stream Number section → “Recorder stream index” field.
➔ Field “Recorder retention time (hours)” can be used to modify the desired retention time in hours, per channel.
Limitations worth mentioning
• The camera devices can use only the default ports (80 or 443).
• Error handling is still not fully implemented.
• If a device connected to the Axis Recorder is removed from the Management Client, the recordings from this device on Axis Recorder are not removed
How to logically combine events with AND/OR in XProtect
As a Milestone admin, setting up appropriate events and precautions in case of security threats is part of the job (duh). But what happens when you need a conditional event set-up? Meaning, one event that depends on another, then depends on another to trigger an eventual action?
Typically, using the Generic Event features doesn’t support grouping events in this way. The reason some events can’t be logically grouped is that they are only valid at the exact moment they occur. Or conversely, two events can’t be combined because they’re generated sequentially, and therefore cannot be valid at the same time.
As a workaround, you can use the Milestone Event Proxy to treat events like triggers that last for a period of time. These triggers can then be logically combined with generic events using AND/OR statements.
You can create input and output events, states, and rules within the Milestone Event Proxy allowing you to fully customize triggers, conditions, and consequences for events (tripwires activated, door sensors going off, etc.) that breach your company’s security.
Take at how best to use these Logical Operators from Milestone’s Event Proxy Administrator’s Guide
AND: event 1 AND event 2 AND…
Means that all events must be High at the same time before an event is sent to Milestone Xprotect
OR: event 1 OR event 2 AND…
Means that at least one of the events must be High before an event is sent to Milestone Xprotect
NOT: Indicates that the “true” state is low instead of normal high…
AKA the state NOT will in a rule be combined with the logical operators “AND” or “OR”
“(“ and “)”: Is used to group logical statements, e.g. (event 1 AND NOT event 2) OR event 3
Means that if either event 1 is High and event 2 is Low at the same time or event 3 is High an event is sent to Milestone Xprotect
➔ Meaning that if event is high and event 2 is Low an event is sent to Milestone Xprotect regardless of what state event 3 is in.
➔ Likewise if event 3 is High an event is sent to Milestone Xprotect regardless of the state of event 1 and event 2
Love learning new tips and tricks for your Milestone systems?
Sign up for our [NOT] Boring Newsletter to get a monthly dose of XProtect tips, security trends, and a touch of humor delivered directly to your inbox.