Security Camera Systems Remote Access for Mobile; Port Forwarding or set up a VPN?

Introduction
Security Camera Systems used to comprise of a Security Guard Viewing Station, a server and the cameras. It was all within the corporate LAN. Then came Mobile apps. When the mobile device is within the LAN access to the Security Camera System is simple. The difficulty arises when the user picks up the device and roams outside the LAN then the app cannot connect anymore and the user is left wondering why.

Open a Port
The reason the App won’t work when it is moved outside the area of the LAN is because remote access is not set up on the Security Camera System. To enable remote access the System Manager must set up port forwarding (http://portforward.com) to an externally addressable IP address. The external IP address port details can be saved in the Mobile App. This is fine and works very well up to a certain limit. If you need to open multiple ports to access more than one camera or more than one server system then opening ports seems more and more burdensome.

Try a VPN
A Virtual Private Network (VPN) (http://en.wikipedia.org/wiki/Virtual_private_network) extends a private network across the internet. It allows a computer to send and receive data across the internet as if it was connected directly to the private network and it benefits from the functionality, security and management features of the private network. A VPN is created by establishing a virtual point-to-point connection through the use of various virtual tunnelling protocols or traffic encryption.
A VPN set up with four Cameras using Router based VPN software

From a user perspective, accessing the data on a VPN is exactly the same as if they were connected directly to the private network. VPNs allow employees to connected securely to the companies intranet from outside of the office in order to access data.

Security advantages of a VPN
Public WiFi offers no encryption security to its users and your signals are broadcast for anyone tech savvy to eavesdrop. If you are connected to a public network via a VPN then all of the data that was once easy to intercept is now encrypted and no one else can see it. Much like a firewall protects the data on your computer, a VPN protects your data when you are online.

Downsides:
Speed of performance maybe slower. A VPN encrypts all data that is transferred through it. Encryption is a processor task. The speed of the transfer may be affected if the processor in the VPN device is slow.

VPN and AXIS Camera Companion and a VPN on a NAS box
We decided to try out the VPN software on a NAS box device with a view to using it with AXIS Camera Companion and corresponding Mobile App. Read the full PDF here [FREE]

3 types of connectivity set up for Network Cameras: Number 2: Camera Management System Connection

CMSconnection

Cameras within a LAN connect to a CMS (for example AXIS Camera Station). Custom built Mobile Apps are required to connect to specific CMS software. Mobile apps can connect to a CMS system via an open Port. These systems can be very large and suit installations up and above 100 cameras.

3 types of connectivity set up for Network Cameras:

Number 1: Direct Connection

Number 2: Camera Management System Connection

Number 3: CLOUD