Home Security System
Contents
Description
This is an overview of a Home Security System using;
- A Synology NAS, to store recordings.
- Synology's Surveillance Station (SS), to manage cameras.
- IP-Camera's (IPC) with Power over Ethernet (PoE)
- A Doorbell with IPC and PoE
- A VPN, for secure remote control.
Costs
| Item | Average cost |
|---|---|
| Synology NAS | € 175 - € 2000 per NAS |
| NAS Camera License | after 2 cameras: € 50 per camera. |
| Switch (PoE) | € 40 - € 250 per switch |
| Camera's (PoE IPC) | € 50 - € 5000 per camera |
| Doorbell (PoE) | € 100 - € 500 |
| HDD/SSD Storage | € 30 - € 350 per TB |
| UTP RJ45 Cables | € 0,25 - € 1,25 per Meter |
NAS
NAS
A NAS is basically a device that enables disks to be accessible via the network.
Synology is a popular NAS manufacturer, and its OS DiskStation Manager (DSM) comes with "Surveillance Station" (SS), that enables you to also use your NAS as an NVR system.
This is a quite advanced security camera management system that you can use for free for up to 2 camera's. If you want more camera's, there's a one-time fee of about € 50 per 1 camera license.
You can also use this NAS to setup a VPN server, which is needed to be able to securely access this system remotely when we're outside of our home network.
The great advantage of this system is that we can also simultaneously use the NAS for it's original intent; using it as a network-drive, where we can store/share/backup folders and files.
Storage
For the camera footage storage I've gone for 2x 4 TB 3,5" SATA HDD's (NAS version). Only 50% (4 TB out of 8 TB) will be usable (for more info - read Backups).
When choosing an HDD or SSD for your NAS, it is recommended to use "NAS" specified versions of those disks. The cheaper versions will also work, but will have a higher failure rate for 24/7 usage.
The amount of storage we need depends on multiple factors (amount of cameras + recorded quality + recordings retention period).
My camera's (1080p, high quality settings) produce about 2 GB per hour, thats 50 GB per day, 350 GB per week, 1.5 TB per month. For 1 camera.
If you also wanna do a RAID-1 backup then you need to double the total amount of storage.
In SS, at the IP Camera's Recording settings, we can limit the storage per camera based on maximum space used or age.
Backups
There are a lot of different ways to do backuping, I've gone for a RAID-1 configuration on my NAS.
In a RAID-1 configuration a storage disk is mirrored to another one, so that in the event of a disk failure you can continue operation, plus everything that was saved is still there.
The downside to this configuration is that you will need to buy twice the amount of disks you want, and use more bays in your NAS.
In the event of a fire or sabotage for example, I have no backup. But you can keep your NAS synchronized to another NAS in another location if you want to buy and setup this level of backup.
You can also use cloud backup services that are being offered, or you can manually plug in an external disk and backup the NAS yourself every once in a while.
If you're willing to risk recording stop and data loss (which doesn't happen often, but is still possible), then you can skip this part.
Network
Router
The IP addresses of your NAS and camera's need to always stay the same, but by default your DHCP will give them a random one every day.
Go to your modem/router/firewall/server "DHCP" settings, and reserve the IP's of the NAS and all camera's.
While you're in your router, you can also add the port forwarding rule as described below in the topic "VPN".
VPN
A VPN connection to the Home Security System's network is needed when you want to securely access the system from outside the home network.
Within DSM you can also setup a VPN server on your NAS. For this download the "VPN Server" package in Package Center.
Official documentation: https://kb.synology.com/en-af/DSM/help/VPNCenter/vpn_setup
The VPN protocols PPTP, OpenVPN, and L2IP/IPSec are supported. Here I will be using OpenVPN.
From the VPN Server app on the NAS, I can get an overview and log of all VPN connections, from which IP and Username was logged at what time and date.
I can also select which DSM users I want to give VPN access, and some more advanced OpenVPN server settings.
When a device needs to connect remotely, it needs to connect via the OpenVPN-app first. Links to software can be found below.
Go to your routers "Port Forwarding" settings, and open port UDP 1194 (OpenVPN) to the IP of your NAS.
Camera's
I will be using IP Camera's (IPC) with Power over Ethernet (POE). This way I will be using only one cable per camera for both power and data.
There are wireless IPC's that connect via Wi-Fi but need a power cable. In my experience the distortion/digital snow is too annoying on the budget wireless cameras.
IPC's can be connected with a normal network cable (RJ45 connector) to a switch. Make sure these switch(es) have PoE support or else the IPC won't power on.
Take note that the maximum distance between a POE IPC and a switch is 100 meters. But chain linking with multiple switches is possible.
Within the IPC product range you can find multiple specifications such as dome or bullet, with or without PTZ, IR, wide-angle, etc. Choose per camera the specs based on its location and situation.
PTZ
PTZ stands for Pan Tilt Zoom, meaning that the camera can be remotely moved in direction.
Cheaper cameras often don't have PTZ, which means that you need to physically calibrate the view of the camera when mounting it.
SS has options to automatically change the PTZ values based on a timetable or events. PTZ can also be remotely live controlled.
Doorbell
A PoE Doorbell is essentially just an IPC with PoE and some extra doorbell hardware+software, so we can also use it as a regular camera.
I have the "Reolink Wired Video Doorbell PoE" for € 100, and it is compatible with SS.
The doorbell is still able to operate independently with the chimes box/plug you get with it, but it will also give you push notifications via the ReoLink-app.
After configuring it, I can now choose to record the doorbell footage 24/7 if I wanted to, or record based on events such as person detection or doorbell button pressed.
This means I don't have to pay for a subscription service to look at recorded footage, like most doorbell makers offer.
A doorbell press will register as an event in SS, so it can be easily found back.
Software
Phone/Tablet
App: OpenVPN - iOS / Android
App: DS Cam - iOS / Android
App: Reolink - iOS / Android
Computer
Software: OpenVPN - Windows / Linux / MacOS
Software: Surveillance Station Client - Windows / MacOS
Web Browser
DiskStation Manager (DSM): http://yournasip:yournasport (replace yournasip and yournasport)
Surveillance Station (SS): http://yournasip:yournasport/webman/3rdparty/SurveillanceStation (replace yournasip and yournasport)
