Building an awesome home surveillance systemTue, 1st Apr '14, 12:10 am::

During the first year of moving into our house, we focused on function: fix what's broken, replace what can't be fixed, and make everything work as best as possible. The second year we focused on necessary furnishing and organization: bedroom sets, dining table, floor mats and so on. The third year we're splitting the upgrades - Juliet's in charge of paintings and decor and I'm geeking out on home automation and surveillance. I'm quite happy with the technical decisions I've made so far and would like to share what's worked for me:

Home Network: The cheapest, easiest, and most reliable way of controlling all the different systems in your home is over the good ol' LAN. Since every system in my house was going to be controlled via the LAN, the first thing I did was buy a powerful router: Netgear WNDR4500. In addition to having 4 Gigabit ports, the WNDR4500 supports dual band WiFi at 2.4ghz (usually 802.11g - good: long range, every WiFi device supports it; bad: all your neighbors use it, microwaves interfere with it) and 5ghz (usually 802.11n - good: better speed, less noise; bad: shorter range, only supported on latest devices). Connected to the router is my cable modem, couple of TP-LINK Gigabit switches and a TP-LINK Gigabit Power-Over-Ethernet (PoE) switch. If you want a solid home network, make sure all your core switches support 10/100/1000mbps and only use CAT5e or CAT6 cables. All my wired devices are connected to the TP-LINK Gigabit switches. The TP-LINK Gigabit PoE switch is connected to all of my wireless access points.

Wireless Access Points: Even though my router has very good WiFi connectivity, it does not cover my entire house and definitely not the yard. We installed four EnGenius EAP600 units around the house and porch so that almost every corner of my house gets blanketed with perfect signal strength. The EAP600 gets power from the Ethernet so mounting it on the ceiling is a very simple step if you have easy attic access. The best thing about EAP600 is that in addition to supporting dual-band WiFi at 2.4ghz and 5ghz, it supports band steering, "a technology that detects whether or not the wireless client is dual-band capable, and if it is, it will push the client to connect to the less congested 5GHz network." This means my iPad and laptops that support 5ghz automatically connect on that frequency while my older devices continue to work on 2.4ghz. The best part is that there is a single wireless network (SSID) to connect to. Having a good wireless network is necessary if you want to view the surveillance videos from anywhere in the house on any device.

Devices: Speaking of devices, I am absolutely in love with my iPad Mini Retina and highly recommend it as the remote control for your entire house. I find the regular iPad too bulky and the iPhone/iPod too small to operate. I can't speak for or against any Android or Windows tablets as I don't know if the software I use is available on those platforms. As for the hardware to record my 12 camera feeds, I went with something unconventional - an Acer Travelmate P6 laptop that was on sale! I set it up to never go to sleep, operate with the lid closed, and removed all unnecessary software since it was going to use a lot of CPU/RAM 24/7. Believe it or not, a modern laptop with Core i3 and Gigabit Ethernet is more than capable of recording 12+ cameras. Best part is I can hide the laptop somewhere inconspicuous for added security and not worry about it being a target itself. Only problem with a laptop is storage. While 500 GB ought to be enough for a week's worth of video for 4 cameras, it barely records two days worth from my 12 cameras.

Storage: I attached the Acer laptop to my Synology DS211J NAS. I cannot profess my love for the Synology brand enough. I've bought, setup, maintained, and troubleshooted probably 30 different brands of network-attached-storage devices in the last decade and absolutely NOTHING comes even close in performance, price, quality, and robustness to Synology - not even products 3-5x more expensive. Even the low-end DS211J version is very reliable and works great for home backups, media sharing, and in this case, recording video footage. Pop-in a couple of 2TB drives, create a shared folder, map the shared folder in Windows, and drive S: is now ready to store two weeks of videos!

Software: Before I arrived at the current laptop, storage, and software solution, I spent months trying out various software (both free and commercial) and hardware (plug PCs, mini PCs, even VMs). My requirements were pretty fixed from the start: (1) Must work on iPad and iPhone (2) Must work from inside and outside the house (3) Must support at least 12 cameras (4) Cost under $500 in software/device licenses (5) Must allow real-time video and easy playback of recorded footage. While I came across many different solutions, the one that worked best is the free-for-personal-use video monitoring software Genius Vision NVR. It only took minutes to install on the Acer laptop and barely 30 minutes to configure to record all footage from all 12 cameras. It has companion apps for the iPad and iPhone and has decent security to make sure nobody can access my cameras without the right credentials. When adding the cameras to Genius, make sure you name each camera channel properly because there's no way to change them later and the iOS apps automatically sort the cameras based on the channel name. Since you cannot rearrange the cameras on the iOS apps, you really want to get the order correct beforehand. I prefixed my camera channels with 01, 02 etc. to get my desired sort order. Once Genius was configured properly, I opened a random port on my WNDR4500 firewall and made it point to the laptop's IP and Genius port 3557. On the iPad and our iPhones, I added two NVRs (a) At Home (b) Away from Home. The At Home connection points to the internal LAN IP of the Acer and Away from Home points to my WAN IP. Since my ISP rarely changes that, it is not a big deal for me to update that if necessary. I could've used a dynamic DNS service but oddly enough, most of the popular ones are no longer free and the ones that are, I don't know well enough to trust.

Video Surveillance - IP Cameras: Having used many different IP cameras in the past, I knew this was going to be difficult. I wanted 12 identical cameras that worked perfectly in day and night, in full brightness and pitch dark. Nearly all of my cameras face East or West and so it was critical that as daylight fades away the infrared mode kick in automatically and vice versa at sunrise. Additionally I wanted outdoor PoE cameras that could handle moderate rain, high humidity and temperature changes. Weeks of research led me to try out Dahua IPC-HFW2100 (IP66) and I can honestly say that I am pleasantly surprised at how well they work and meet all of my requirements. I must add that configuring them was a pain times twelve and that without this Amazon review, I would not have been able to setup the RTSP stream necessary for Genius Vision NVR. Make sure you get an IP camera that supports NTP and point it to pool.ntp.org or another NTP server so that you never have to worry about the camera's internal clock, which is usually displayed on every stream. If you setup the camera to overlay the current time on the stream, you can immediately tell if any camera stream is frozen by just looking at the on-screen clock.

PoE Switch: I highly recommend getting PoE cameras so that you only need a single cable to the camera instead of power adapter and electric sockets everywhere. In terms of performance and reliability, PoE will always beat WiFi + power adapter. Problem with PoE is that the switches are usually expensive. Most PoE switches with 8 ports only have 4 PoE ports. I did not want to buy 3-4 PoE switches and instead got a BV Tech 16 port / 100Mb PoE switch. I was originally quiet worried about having just a single 100 Megabit cable connect all of my 12 cameras but believe it or not, it has worked quiet well. Even if all of my cameras are streaming at 4Mb/s, that is still under 50Mb/s, well below the theoretical capacity of a 100Mb switch. The best part is that since this device has individual switches to turn on/off the power to each port, I can use it to reboot any camera without unplugging the Ethernet cable.

It has taken me a good six months to plan, budget, purchase, test, and deploy all of the above and finally I feel content with it. I would like to setup Genius Vision NVR to record on motion detection instead of bulk 24/7 recording but that will take a lot of tweaking for each camera. Regardless, we now have a system that we can access from anywhere in the world and it works as well as any professionally installed solution that would cost 4x as much.

Other than the surveillance project, I've also replaced all of our regular A/C thermostats with CyberStat WiFi thermostats that Juliet and I can control from our phones. No more wondering if we left the bedroom heating on while we go on a weekend trip - we can check it and change it from anywhere with Internet access! Next up, I'm thinking of installing electric switches that can be controlled from the Internet and of course in person. And then some day, I plan on writing an algorithm to control colored LED lights in our living room based on a variety of factors.

Add a Comment

 < Mar 2014May 2014 >