MetalEarth
Member
- Messages
- 15
- Points
- 3
Hi, I have been looking into Hik-Connect and other remote access options.
Hik-Connect has been billed as a "more secure" method to access devices. Perhaps I am getting the "more secure" impression from Hik's marketing. Either way, I am wondering if this is simply not true, or I don't understand how it works. It appears the port 80 (http) and 8000 (server) still need to be forwarded and open to the outside world. You can turn on UPnP or set it manually. As a general rule I do not run UPnP routers. So it must be done manually in my case. I suppose if you just want to use the Hik-Connect app to view the cameras you do not need to forward 80 - only 8000.
I understand that in the setup you need to add the SN of the NVR to the account and create a verification code to be used when you add a device. I think this simply means other people using Hik-Connect can't access your devices. While nice - that is not really security from a port standpoint. More of an accounting/management tool right?
Is this just a glorified dynamic DNS service? I don't understand how this is any different that any other traditional port-forward that exposes ports to exploits. I can understand that it perhaps simplifies the ways users with multiple Hik can see all there devices and potentially connect to them, but I do not see how that is more secure.
If I am failing to understand this hik-connect service please let me know what I am missing. It is clear to me that a VPN is more secure option than that this. Perhaps the verification code necessary to enable the stream is a added layer of security, but if they can gain access to your devices via a port exploit the stream is secondary in my opinion. Others may disagree. VPN has its own issues, chief among them complexity and performance, but it is certainly more secure than open ports.
Also - is there a consensus which app is simpler for end users? iVMS 4500 or Hik-Connect for mobile users?
Thanks in advance for any/all help.
Hik-Connect has been billed as a "more secure" method to access devices. Perhaps I am getting the "more secure" impression from Hik's marketing. Either way, I am wondering if this is simply not true, or I don't understand how it works. It appears the port 80 (http) and 8000 (server) still need to be forwarded and open to the outside world. You can turn on UPnP or set it manually. As a general rule I do not run UPnP routers. So it must be done manually in my case. I suppose if you just want to use the Hik-Connect app to view the cameras you do not need to forward 80 - only 8000.
I understand that in the setup you need to add the SN of the NVR to the account and create a verification code to be used when you add a device. I think this simply means other people using Hik-Connect can't access your devices. While nice - that is not really security from a port standpoint. More of an accounting/management tool right?
Is this just a glorified dynamic DNS service? I don't understand how this is any different that any other traditional port-forward that exposes ports to exploits. I can understand that it perhaps simplifies the ways users with multiple Hik can see all there devices and potentially connect to them, but I do not see how that is more secure.
If I am failing to understand this hik-connect service please let me know what I am missing. It is clear to me that a VPN is more secure option than that this. Perhaps the verification code necessary to enable the stream is a added layer of security, but if they can gain access to your devices via a port exploit the stream is secondary in my opinion. Others may disagree. VPN has its own issues, chief among them complexity and performance, but it is certainly more secure than open ports.
Also - is there a consensus which app is simpler for end users? iVMS 4500 or Hik-Connect for mobile users?
Thanks in advance for any/all help.
