HARDWARE REQUIREMENTS COMPARISON | | | |
Storage Support | X | X | |
- Standard SMB Storage (Windows© Server or NAS Storage) | X | X | |
- WebDAV server (Windows© Server or NAS Storage) | X | X | |
- Requires IIS Service and WebDAV Service for Windows© | X | X | |
- Proprietary Storage | X | X | |
- DDN WOS Storage | X | X | |
- Microsoft Azure Blob Storage | X | X | |
Web Server | | | |
- Requires IIS Service and WebDAV Service for Windows© | X | X | |
Database Server | | | |
- Microsoft SQL© Server 2008 or higher Express or Standard | X | X | |
- PostgreSQL© Server | | | For OEM Partners Only |
Application Servers | | | |
- File Processing Management | X | X | |
- Retention Management | X | X | |
- Report Server | X | X | |
- Device Management Agent | X | X | |
- Redaction Server | X | X | |
- Live View/Tracking Stream Server | X | X | |
Mobile Client | | | |
- Upload directly from application (admin authorization configuration) | X | X | |
Intelligent Docking Stations (Requirement for using Mobile Client) | | | |
- Multiple models available for small and large deployment. Also can be designed to adopt with other 3rd Party camera docking station | X | X | For use with CITE and other 3rd Party Cameras. |
Windows Client (WPF) | X(Camera Settings Tool only) | X(Camera Settings Tool only) | |
WEB CLIENT | | | |
Support SSL 2048 for transport | X | X | |
Support AES 256 for encryption | X | X | |
All communications are on public and private network using HTTPS to transfer files | X | X | |
Two Factor Authentication | X | X | |
Multi-factor Authentication | X | X | |
Make this random or ask every time (via switch option) | X | X | |
SAML 2.0 support | X | X | Coming Soon |
WEB SERVER SERVICE | | | |
IIS Web server | X | X | |
Client Application Web Server | X | X | |
Encrypt Information | X | X | |
Alert based on security access. Provide ability to send alerts to administrators for unauthorized access attempts | X | X | |
Create Classifications profile for alert email | X | X | |
Create Camera profile and assign to group or users | X | X | |
Provide ability to limit concurrent sessions | X | X | |
Provide ability to lock out user or group by date or time | X | X | |
Report based on file activity | X | X | |
Ability to provide a security program and include items like privacy policies, accreditations, and notification procedures. | X | X | |
Provide authentication through use of complex passwords, password expiration, initial password reset, password length settings, multifactor authentication, and unsuccessful access attempt limit capabilities. | X | X | |
Enable automatic logoff of ID after a defined period of session inactivity, and perform subsequent re-log-on password authentication | X | X | |
Provide ability to automatically archive audit logs - Export to CSV | X | X | |
The Max Login Attempts setting range is from 1 - 10. Minimum is 1 failed login attempt - Maximum is 10 failed login attempts. Setting this to 1 failed login attempt is NOT recommended. The default is 3 failed login attempts before locking the User Account. Send alert to administrator on bad login attempts. | X | X | |
Grant access to User or Group for a specific file or case for a specified period of time | X | X | |
Substation accounts transfer - Easy way to transfer the user between substations | X | X | |
Storage Profiles | X | X | |
Based on files activity date: move files based on classification or date range or substation to near line storage | X | X | |
System provides, at a minimum, encryption in transit of Secure Socket Layer (SSL) 1024 bit key or better and at rest Advanced Encryption Standard (AES) 256 bit or better. | X | X | Requires a strong CPU with high frequency |
System Administrators the ability to grant access of specific files to specified persons/groups for a specific period of time. | X | X | |
System Administrators the ability to grant files sharing access permission for a specified persons or groups. | X | X | |
EMS should send System Administrators administrative notifications when users need their credentials reset due to failed log on attempts | X | X | |
EMS will offer optional IP access restriction and security challenge questions upon access from an unknown or previously used location. | X | X | |
EMS Authorized Public File Share | X | X | |
Firmware upgrade tool for cameras (depends on model) | X | X | |
Alert when Officer have not classified videos since upload | X | X | |
Alert when Officer have not logged in for over set date | X | X | |
PRODUCT FEATURES - FILE MANAGEMENT | | | |
Backend management system can be upplied as a hybrid cloud, managed/hosted, purchase outright solution. | | | |
- Desktop App | X | X | |
- Hybrid Cloud as a managed service | X | X | |
- Full Cloud | X | X | |
Utilize an industry standard Commercial Off The Shelf (COTS) products | X | X | |
- Utilize x86 based servers with Windows and Linux support | X | X | |
Users to transfer videos, photos and metadata (DATA) from the CAMERA into the EMS automatically with minimal or no user intervention. | X | X | |
The SYSTEM automatically import metadata associated with the CAMERA to the SYSTEM without further human intervention. This includes but not be limited to: unique camera ID, user ID of officer (Warrant No); date and time video was recorded, camera data, date and time video was imported, (location where available) etc. | X | X | |
The SYSTEM is able to store DATA that is collected from the DEVICE such that further processing and review of it can be carried out at a later date, which may be by individuals or a group of officers working together. The SYSTEM is capable of storing DATA such that only nominated officers, or groups of officers, can access it. The SYSTEM also support searching of product, and does not allow officers to review it if they do not hold the required access permissions | X | X | |
All video imported/uploaded/transferred to the SYSTEM shall be automatically assigned a Unique Reference Number (URN) and unique to the Officer that identifies it from all other videos held on the SYSTEM. | X | X | |
All DATA imported into the SYSTEM shall be a faithful reproduction of the DATA presented for import such that it could be used in evidence, i.e. the import process shall be lossless. | X | X | |
The SYSTEM creates and maintain a - Gold/Master' copy of all video product that is a perfect reproduction of the video submitted by the User for storage that cannot be changed or altered in any way. | X | X | |
A cryptographic hash to assure the integrity of the DATA is generated at the creation of the DATA or on completion of transfer to the SYSTEM. This hash will be stored within the associated metadata. | X | X | |
The SYSTEM provides automated Review, Retention and Deletion (RRD) workflow processes for all DATA held on the SYSTEM. | X | X | |
RRD workflow process is policy based - using Classification of each incident to set retention and deletion. | X | X | |
The same RRD workflow process can also be globally set on all DATA not used in a case (Non evidential) allowing for reduction in storage needs | X | X | |
The System is capable of storing all DATA in a way that ensures it is admissible as evidence if so required. | X | X | |
DATA marked as 'Non evidential' is retained for a minimum set by the Administrator based on days from the date of recording. | X | X | |
DATA marked as evidence is retained on system until the retention policy is implemented . Administrator can set retention policy base on the overall case or a classification like Felony, Murder, DUI, etc. | X | X | Administrator can set retention policy base on the overall case or a classification like Felony, Murder, DUI, etc. |
Once a case is marked as evidence, any user wanting to view must have authorization to view the case content (videos, photos, notes, etc.) | X | X | The system automatically logs and audit the user marking the videos as evidence and produce a case ID to track the data associated with the videos |
The User shall have the capability to declassify cases from 'evidence' to 'non evidence'. User must have authorization to do so. | X | X | |
DATA deleted from the SYSTEM shall be available for recovery and restored without loss. Including the associated metadata based on the Administrator set time frame | X | X | We move the file to a pending area which is deleted by the system once the retention policy is reached |
Metadata fields is User defined by the SYSTEM Administrator and can be add or delete as necessary | X | X | |
The SYSTEM supports the grouping and linking of multiple DATA against a single subject, event, operation etc. | X | X | |
Users should be able to link and/or group DATA, which have an association. This is a bi-directional link. | X | X | |
Users have the ability to search by any combination of metadata fields. | X | X | |
SYSTEM Graphical User Interface (GUI) is intuitive and User-friendly. | X | X | |
The SYSTEM enables Users to enter search criteria against which it will search the repository of DATA for matches and then notify the User if any matches were found or not. | X | X | |
The SYSTEM shall provide approved Users with the ability to export PRODUCT from the SYSTEM in an appropriate standard electronic file format. | X | X | |
The exported DATA shall be lossless, and shall export a perfectly accurate reproduction of the DATA held in the SYSTEM that the User selected for export. | X | X | |
The SYSTEM provides protection to prevent any single User from monopolizing SYSTEM processing resources at the expense of other Users, when there is more than one User using the SYSTEM. | X | X | |
The ability to delete product from the SYSTEM, or to export product from the SYSTEM shall be dependent on the Role Based Access Controls (RBAC). | X | X | |
The SYSTEM provides an intuitive application and interface to perform SYSTEM administration and management functions including workflow and evidential management. | X | X | |
The SYSTEM provides functionality to enable appropriately privileged Users to carry out SYSTEM Audit and Protective Monitoring tasks. | X | X | |
The SYSTEM allows for editing functionality of the DATA. The editing process DOES NOT permit changes to embedded metadata within video frames. | X | X | |
SYSTEM provides brief facilities for the ad-hoc and automatic generation and storage of management information and statistics data relating to the SYSTEM and its performance. | X | X | |
The SYSTEM provides Management Information Reports. For additional small fee VisioLogix agrees to work with the Authority to provide meaningful Holistic Graphs and reports on the use of the System. Example Information, either on it's own and/or in combination with other information include: | X | X | |
- Officer assigned to - Assigned at time, | X | X | |
- Returned to base time | X | X | |
- Number of individual recordings/activations | X | X | |
- Duration of recordings/activations, | X | X | |
- Amount of storage used - Errors encountered | X | X | |
- Download start time, - Download end time | X | X | |
- Battery condition on deployment, - Battery condition on return | X | X | |
- Number of videos total and marked as evident per officer | X | X | |
- Number of videos total and marked as evident per base | X | X | |
- Number of videos total and marked as evident per location | X | X | |
- Number of videos deleted during week | X | X | |
- Number of times a video is viewed | X | X | |
- Who viewed this information and the reason | X | X | |
- Amount of time spent viewing the video in all cases. | X | X | |
- Reasons for redaction | X | X | |
Automatically send notice before retention purges the file | X | X | |
- Admin should be able to set notifications based on days remaining | X | X | |
Create a video "montage", in chronological order, from different officers, etc. e.g., a montage of video from several officers who were on the scene of the same incident. | X | X | |
EMS can be supplied as a cloud, managed/hosted, purchase outright solution. | X | X | |
The BWC and EMS Software shall utilize an industry standard Commercial Off The Shelf (COTS) products | X | X | |
(SYSTEM) provides the ability for Users to transfer videos, photos and metadata (DATA) from the DEVICE into the Backend Management automatically with no user intervention. | X | X | |
Third Party - Non Body Worn Cameras | | | |
- Support spy glasses or covert cameras | X | X | |
- Support Android Smartphones | X | X | |
- Support Apple iPhone/iOS Smartphones | X | X | |
- Support standard point and shoot camera | X | X | |
- Set up camera profiles to accept non-standard cameras | X | X | |
Scanner support | | | |
- Scan forms or documents directory to backend management system | X | X | |
- Save forms or documents into JPEG or PDF format | X | X | |
Support other type of media such as In-car DVR | X | X | |
Support attaching or uploading non-media type files | X | X | |
Add unlimited Notes/Memos to any file (videos, photos, etc.) | X | X | |
Comprehensive edit file information | X | X | |
- Save Set ID | X | X | |
- Security Level | X | X | |
- System File Name | X | X | |
- Original File Name | X | X | |
- File Extension | X | X | |
- GPS | X | X | |
- File Owner | X | X | |
- Machine Name where file was created | X | X | |
- Machine Domain where file was created | X | X | |
- Domain Account creating the file | X | X | |
- Account Login ID | X | X | |
- Original Source Path of file | X | X | |
Search from multiple criteria | X | X | |
- Date/Time | X | X | |
- Star Rating | X | X | |
- Classifications | X | X | |
- Security Level | X | X | |
- File Type | X | X | |
- Video Sets | X | X | |
- Notes/Comments | X | X | |
- File name, etc. | X | X | |
Securely sharing files between users or groups | X | X | |
Original files are never editable. | X | X | |
User can perform deletion for files once the ID is authorized by the EMS R6 Administrator | X | X | |
All deletions are required to enter a reason for the action | X | X | |
All file access and/or deletions are logged by EMS R6 | X | X | |
Automated DATA retention
| X | X | |
- Non-used DATA - set the days for Removal | X | X | |
- Used or "Incident" DATA - set the days for Archive and Removal | X | X | |
Support video cropping without modifying the original file | X | X | |
User can create incident sets and attached videos and images to easily track each incident. User will also have the ability to add notes or flag significant events after uploading to server for ease of retrieval | X | X | |
Ability to efficiently upload recorded data to server via hard-wire, docking station or wireless capability. | X | X | |
Video from 3rd party in-car DVR or BWC can be able to integrate with our EMS R6 BWC Management software | X | X | |
Optional: Video will be downloaded and tagged so it can be coupled with the in car video at the substations. | X | X | |
Video will be able to be sent via the network to the court system for review and use with cases. | X | X | |
Video/Audio will stored in a secured format including the original Meta data and will have the capability to identify when the data has been altered. | X | X | |
All users accessing the back-end software for reviewing the video/audio are audited | X | X | |
Software Retrieval Process includes secured multi-users access levels. | X | X | |
BWC does contain a configurable option for the camera record resolution. | X | X | |
Playback Video Player | X | X | |
- View video with GPS Map (BWC must support GPS) | X | X | |
- Standard playback tools (Stop, Play, FF, FB, Pause, etc.) | X | X | |
- Go to Full Screen or Normal Screen | X | X | |
- Go Forward/Backward frame by frame | X | X | |
- Video time and frame count segment display | X | X | |
- Take a snapshot during video playback | X | X | |
- Create multiple Video tags and playback just the "Tags" | X | X | |
- Mark beginning and ending video to create new video segment | X | X | |
- Volume controls (mute) | X | X | |
- Thumbnail view (view multiple snapshots) | X | X | |
- Loop Playback | X | X | |
- Display map and compass | X | X | |
- Burn to DVD or USB devices | X | X | |
ACCESS CONTROL | | | |
Access Control General | | | |
- GPMS Support (OFFICIAL, SECRET and TOP SECRET) | X | X | R6 (Allow user define GPMS) |
- All levels of functionality of the SYSTEM shall be controlled in line based on the Customer's IT requirements | X | X | |
- User login/logout of the SYSTEM. | X | X | |
- The SYSTEM allows Access to different security functionality, i.e. administration, management, User access etc. Based on Role Based Access Controls (RBAC) | X | X | |
- The import and export of data shall be determined by RBACs on an individual or group basis. | X | X | |
- Access to video product based on single User or groups shall be determined on Role Based Access Controls (RBAC). | X | X | |
Passwords | | | |
- SYSTEM logons shall be based upon warrant number acting as User ID (6 numeric digits) and a User password comprising a minimum of 8 characters utilizing as at least, 1 x upper case, 1 x lower case, 1 x number and 1 x control character. | X | X | |
- The SYSTEM automatically allocated User passwords against the badge number and force the user to change the User password on first log in. | X | X | |
- The system will allow the administration and management of passwords, to provide for password life and resetting of forgotten passwords etc. dependent on RBAC of authorized users. | X | X | |
Access Control - SYSTEM Administrators | | | |
- The following activities is enabled for the SYSTEM administrator: | X | X | |
- Manage User Accounts: Manage authorized users; | X | X | |
- Manage Access Profiles: Create, modify and delete Permission Profiles; | X | X | |
- Manage Groups: Create, modify or delete User groups. | X | X | |
Manage User Accounts | | | |
- The Security processes shall enable SYSTEM administrators to: | X | X | |
- Create User accounts; | X | X | |
- Deactivate/reactivate User accounts; | X | X | |
- Close User accounts (delete without breaking any database relationships, or Audit details of closed user accounts); | X | X | |
- Define User properties for each authorized person; | X | X | |
- Securely manage passwords. | X | X | |
Permission Profile Management | | | |
- A Permission Profile can be set up to define the type of access rights available for each User. Each profile includes settings that allow or restrict access to specific entities, types of DATA in the SYSTEM. | X | X | |
Profile Assignment | | | |
- Each User is assigned to a predefined role profile by the SYSTEM administrator. | X | X | |
Manage Groups | | | |
The security processes enables the SYSTEM administrator to: | X | X | |
- Assign Users to groups | X | X | |
- Remove Users from groups | X | X | |
- Revoke access to a group | X | X | |
The SYSTEM administrators can nest groups within groups. | X | X | |
Access | | | |
- Access to DATA is restricted to Users and groups that have been specifically granted access. This includes the results returned from search functions i.e. Users are not be able to see anything without the appropriate access rights. | X | X | |
Restrictions | | | |
- Users are not be able to print, save, copy & paste or otherwise export data from any part of the SYSTEM unless specific permission has been granted by the Administrator. | X | X | |
SAML 2.0 Support | X | X | |
AUDIT (CHANGE ACTIVITY) | | | |
The SYSTEM incorporate built-in auditing facilities | X | X | |
The SYSTEM provides audit, event, security logs etc. for analysis. | X | X | |
All logs shall be accessible only to Users authorized the Administrator. | X | X | |
All audit logs and event logs can be exported from the SYSTEM on completion of the trial for Authority retention. | X | X | |
The creation of an audit log record is secure so that it cannot be impeded or diverted and the audit log(s) must be secure so that: (a) it cannot be tampered with, deleted or replaced; (b) it cannot be read except by authorized staff; (c) it cannot be purged or archived or weeded except by specific processes run by authorized Administrator; (d) all configuration settings relating to the audit logging are secured; (e) authorization of staff over the audit log processes is tightly controlled such that unauthorized abilities cannot be granted; and (f) actions on the audit log, configuration etc. are themselves audit logged; (g) The audit data is held in a secure location. | X | X | |
All User activity is recorded and stored in the Audit and Event logs. This information is retained. The Audit and Event logs is easily accessible for the SYSTEM administrator or independent party to view and filter the records based on User, actions, changes to meta data fields. The Audit and Event created by the SYSTEM covers the Master Copy and every Working Copy and includes but not limited to the following: | X | X | |
- Metadata | X | X | |
- Permissions | X | X | |
- Access | X | X | |
- Viewing | X | X | |
- Printing | X | X | |
- Copying | X | X | |
- Editing | X | X | |
- Processing | X | X | |
- Restoration | X | X | |
- Review, Retention and Deletion | X | X | |
- Times & dates | X | X | |
- Success and Failed Logons | X | X | |
It is possible to archive audit logs to external storage in a human readable format (CSV) | X | X | |
Stored video that is hierarchical in nature with a log/audit trail illustrating users who have viewed shared, copied or exported video to an external source. Audit trail should be specific to user ID and IP address and time-date stamp all activities. | X | X | |
Log all access (failures, attempts, etc.) - ID, IP Address, Date/Time, etc. | X | X | |
When exporting media files, file audit log also part of the Exporting | X | X | |
DATA RETENTION | | | |
Data Retention Services (DRS) - Intelligent monitor of data storage. By setting retention policy, data will be archived or remove based on the set policy. DRS provides a complete hands-off solutions satisfying most privacy concerns about data retention and removal. For BWC, Used and Non-Used DATA policy can be set easily. | X | X | |
Run as a Windows? services on the Server | X | X | |
Automate transfer of between primary and retention storage location | X | X | |
Initiate retention based on days | X | X | |
Initiate retention based on categories or classifications such as (felony, driving violation, murder, domestic violence, DUI, traffic stop, etc.) | X | X | |
Separate retention policy on used and non-used case videos, photos and metadata | X | X | |
Archive directory allows for final backup before retention deletion | X | X | |
Full erase base on set policy | X | X | |
Disk Space Monitor Service | X | X | |
Email Alert when storage is low | X | X | |
ARCHIVE SERVER/STORAGE (Coming Soon) | X | X | |
- Automate transfer of data from "Live" DATA storage to "Never Delete" DATA storage | X | X | |
- Monitor all access | X | X | |
- Complete History audits | X | X | |
Data Retention Report - by "Storage Profile" | X | X | |
- Summary of Total Files in Retention | X | X | |
- Total Files in Retention by Classifications | X | X | |
- Total Files to be Remove with total size reclaim | X | X | |
- Retention Files start date and remove date | X | X | |
- Total Storage used and available | X | X | |
ADDITIONAL ADMIN TOOLS | | | |
Enabled or disabled Non-admin access to delete button in non-essential user catalog (allow user to delete non-used files) | X | X | |
Enabled or disabled encrypt media files | X | X | |
Allow user permission to export to USB, CD/DVD, etc. | X | X | |
Allow user permission to access other user files | X | X | |
Create unlimited category, roles, and race | X | X | |
Setup multiple sub-stations or locations | X | X | |
Equipment Status (Depends on models) | X | X | |
BWC Status:
- Battery Status
- Storage availability
- Review battery status during camera checkout and return
- Review storage status during camera checkout and return | X | X | |
Monitor storage availability | X | X | |
Equipment FW update | X | X | |
Software controls
- Password resets
- Password changes
- Camera settings | X | X | |
Internal File Extension settings for default application launcher to override Windows default settings | X | X | |
DOCKING STATION UPLOAD TO EMS FEATURES | | | |
Secure Upload for all Cameras | X | X | |
USB Port Control | X | X | |
Transfer - Phase One | X | X | |
All transfer are on private network with access to the database and storage (UNC Paths) | X | X | |
- Agent should run on PC or Distribution Station (DS) | X | X | |
- Run as a Service | X | X | |
- Read specify folder and process files | X | X | |
- Optional Encrypt data | X | X | |
- Insert metadata into SQL database | X | X | |
- Copy files to storage based on User Account storage profile | X | X | |
Transfer - Phase Two | X | X | |
All transfer are on public and private network using HTTPS to transfer files | X | X | |
- Web server ? running Web Service | X | X | |
- Process incoming files into designated location | X | X | |
- Processing Server - Windows Service | X | X | |
- Read specify folder and process files on Web server temp storage | X | X | |
- Use single domain user account to access SQL DB and Storage | X | X | |
- Insert metadata into SQL DB | X | X | |
- Copy files into Primary storage based on user?s Storage Profile | X | X | |
- Clean up web server folders | X | X | |
Update Classification list on cameras | X | X | |
Ingest camera Classifications and Tags | X | X | |
Provide metric for upload from camera to docking station | X | X | |
Provide metric for upload from docking station to storage servers | X | X | |
REDACT | | | |
Free Windows application redact software | X | X | |
Optional: Web based redact hosted service | X | X | |
Manual frame by frame pixelation | X | X | |
Automated face detection/pixelation | X | X | |
PC process redact | | | |
Server processing redact service | X | X | |
Queue process | X | X | |
Export with or without audio | X | X | |
Remove audio in certain segment of the video | X | X | |