Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Note

Video Reader Intercom Pro cloud calling currently can only be made from the following regions because of the availability of cloud servers:
North America, South America, Southeast Asia, East Asia, and Europe

Panel
panelIconIdatlassian-info
panelIcon:info:
bgColor#FFBDAD

Important:

  • Avoid using DNS-based content filtering on networks that host Avigilon Alta, as it can negatively affect performance, causing video and audio latency or connection problems.

  • If DNS-based filtering is required, configure your network firewall to exclude the Intercom and any connected user devices from the filtering.

Ethernet Connection and Firewall

...

Configuration

Connecting to LAN

Use an Ethernet connection with DHCP must be used to connect the Smart Hub (ACU) or Single Door Controller (SDC) to the Local Area Network (LAN). You must also configure

Firewall Settings

Configure firewall settings to communicate with the Avigilon Alta system. Avigilon Alta uses the following

Required outbound ports:

  • TCP port 443

  • UDP port 123

...

Video and Audio Quality for Video Reader Pro and Video Intercom Reader Pro

...

To ensure optimal video and audio quality, allow access to the following outbound UDP ports listed below. Additionally, please ensure ports and enable UDP hole-punching is enabled (or disable symmetric NAT).:

  • TCP port 443

  • UDP port 123

  • UDP port 3478 - (TURN/UDP servers that assist in establishing for connectivity)

  • UDP ports 50000-60000 - UDP connection for (WebRTC)

...

Additional Firewall Considerations

...

  • Fortinet

...

  • firewalls have antivirus software

...

  • that blocks AWS traffic by default. AWS

...

  • must be whitelisted.

...

  • If using an external DNS server, outbound UDP port 53 must

...

  • be open.

...

Wi-Fi

...

Unlocking from

...

Mobile App

  • Ensure the ACU/SDC's inbound TCP port 443

...

  • is available

...

  • within the LAN.

  • Inbound port forwarding on the router, firewall, or NAT device is unnecessary.

...

  • HTTPS certificate rewriting or

...

  • TLS/SSL inspection is not allowed.

IP Address

...

and Network Segregation

  • Avigilon Alta does not provide an IP range or FQDN list of

...

  • hostnames for Basic and Premium licenses. Most hostnames resolve to dynamic IPs and

...

  • change during provisioning and configuration

...

  • updates.

  • To segregate traffic from

...

  • Avigilon controllers,

...

  • enable a DMZ for the controllers

...

  • .

Static Cloud IP

...

for Enterprise Licenses

...

...

  • for organizations with strict network firewall policies

...

  • . This simplifies opening a few IP addresses to allow

...

  • ACU/SDC

...

  • to connect to the cloud.

...

  • The latest version of the

...

  • Alta Access app supports provisioning ACU/SDC devices behind

...

  • restricted

...

  • firewalls.

Network Security Best Practices for Video Reader / Video Intercom Reader

...

Protecting

...

Edge Devices

  • Install PoE access control readers, like the Video Reader Pro / and Video Intercom Reader Pro, require a wired network connection installed on the unsecured side of a door. To remove the risk of an attacker gaining access to

  • To prevent attackers from accessing the local network via the network connection if they’re able to remove the reader from the wall, Avigilon Alta recommends that your IT team place the exposed Ethernet port, place it on a demilitarized zone ( DMZ ) or perimeter network.

Improving

...

Network Reliability

  • Set static IPs on both the Video Reader Pro and its Remote ACU(s) to improve reliability during network outages (e.g., router outages).

Information: Recommended upload speeds for 1 Video Reader Pro or Video Intercom Reader Pro.

(Double for each added Video Reader, Video Intercom reader)

Quality:

Low: 1Mb

Medium: 2Mb

High: 8Mb

We recommend more for the Video Intercom Reader Pro because Live streaming and Video Calls require more bandwidth since they can be used simultaneously.