The neighborhood has a bunch of security cameras which a company monitors. If we wanted to add a cameras from someone’s house but take it off their network and onto a different independent network, What hardware do we require? for reference, the owner of the network it is on now doesn’t want it to be on his network and have port forwarding activated to be shared with the security company, for his own network security protection in his view.
Some say a vpn, but from what I read that only encrypts data from whatever is on the vpn, but it is still a part of that network, others say a vlan.
Once you have told me which option suits this, then what is needed to create one?
A vlan is not really a separate network, but rather a sub-network of a larger network. It does however allow for firewalling off that vlans for both inbound and outbound access.
So the question is, do the owner also still want access to this camera?
I think I have an idea where this is going. Our NHW is also working on starting a network of cameras that goes to another company which have written software. They call it something along the liens of virtual patrol. So instead of the NHW patrollers driving around in cars, they sit in the comfort of their home and do a virtual patrol, by viewing the cameras around the neighborhood looking for activity. It is made easier when the cameras support AI object detection.
Anyways, we also going to have this issue if we want to add residents who have cameras, to the virtual patrol network. The installer says, yes yes vpn bla bla, but on my own network, I most definitely want to isolate that access to a specific camera that is pointing to the street, and the rest of the cameras is only for myself.
So I understand what you are working with.
I assume, at this point, the owner has agreed at least in part to make the camera access available, but it is now down to the details? If so, definitely need to understand what the owner will allow and perhaps what type of isolation they want or will find acceptable.
Also, what kind of network equipment is in place already to understand limitations.
So all I know is the person has a network throughout the suburb of properties he owns and doesn’t want the service provider to have access to his network at all. So at each house is a dish that receives the internet, into a router that generates WiFi and then a mikrotik VPN after that that masks the traffic coming from those connected devices.
He didn’t want omnivision to have access to his network, so even if the cameras are on a VPN, it is still part of his network and not separate from everything else.
Where? Johannesburg? If so I can understand the owner’s reluctance, because he will be wary of the new legislation that requires registration of CCTV cameras and restricts how the footage may be shared.
If you use a router like a Microtec, you can create separation.
We have one where it us essentially one router with one internet connection, however the confidential network with all the drives is separate to the other and the two basically can’t interact.
Look up microtec, masquerade, firewall and NAT.