Skip to content

MN.2024.1.0 Software and Firmware Release

We are pleased to announce the general availability of the major software release MN.2024.1.0, which includes both software and firmware updates with key new features listed below. For further information, please refer to the Release Notes.

Command Enterprise

HTTP connections are disabled by default

By default, on a fresh install Command Enterprise now disables all HTTP connections to itself, including to all its managed recorders and services. If you upgrade from an existing installation, HTTP is not automatically disabled, but you can disable it manually.

Configurable CA for HTTPS certificates

Command Enterprise now allows you to configure an intermediate certificate authority (CA). The intermediate CA is used to sign its own HTTPS certificate. It is also distributed to recorders and services to sign their own HTTPS certificates. This allows organizations to use an intermediate CA created from a certification authority owned by their own IT department, if desired.

Optionally enforce HSTS

Command Enterprise now allows you to enforce HSTS (HTTP Strict Transport Security) on all HTTPS connections to itself, including to all its managed recorders and services. This option is disabled by default, since it requires the distribution of a trusted certificate authority to all clients, used to sign the HTTPS certificates.

TLS hardening options

Command Enterprise now has two additional options for TLS: enforce TLS 1.2 with forward encryption, and TLS 1.2 with forward encryption strong. Both options enforce TLS 1.2 and are restricted to use only key exchanges with elliptic ciphers. The strong version is further restricted to forbid AES cipher block chaining.

Configurable end-to-end encryption keys for Command Recording Software and R6 embedded recorders

Command Enterprise now allows you to manage the keys used by Command Recording Server and R6 embedded recorders for end-to-end encryption. These keys implement encryption at rest and in transmission at the application layer (in addition to the encryption in transmission available in HTTPS and WebRTC transport layers).

Feature licensing for Command Recording Software and R6 embedded recorders

Command Enterprise can now load and distribute feature licenses to Command Recording Software and R6 embedded recorders, enabling licensed functions on whole recorders or on a configurable number of channels on each recorder.

SSO improvements

Added support for local user authentication even when SSO with SAML 2.0 is configured, including the option to bind a SAML 2.0 group to a profile in Command Enterprise, without requiring LDAP.

LDAP improvements

A user belonging to an LDAP group can now share cases and tags. A local group for sharing can now contain users belonging to an LDAP group.

Logs and configuration history viewer

From the Command Enterprise Console, it is now possible to access and review all its logs, with options to select the verbosity level, filters, pause and export. In addition, a configuration history viewer displays the history of the configuration changes made in the Command Enterprise Console, allowing you to revert the configuration to a previous one, or to reset it.

Prometheus system monitoring

From the Command Enterprise Console, it is now possible to directly access a Prometheus tab, which offers system data monitoring, refresh rate, and history configuration, a dashboard that reports different system metrics, and memory and thread dump functions to facilitate troubleshooting.

.NET framework upgrade to 4.8.0

The .NET minimum supported version has been updated to 4.8.0 in the Command Media Archiver.

Command Applications

New applications and integrations are available in the Command solution.

HTTPS Certificate Monitoring

Provides the capability to monitor and automatically renew HTTPS certificates from Command Enterprise, using an intermediate Certificate Authority configurable by IT managers. It prevents interruptions and downtime due to out-of-date and expired certificates, which can pose a significant security vulnerability. Part Number:42105 Description: SW LIC CES HTTPS CERT MON / NVR

802.1x Certificate Management

Provides the capability to issue, monitor, and automatically renew 802.1x certificates from Command Enterprise, using an intermediate Certificate Authority configurable by IT managers. It prevents interruptions and downtime due to out-of-date and expired certificates, which can pose a significant security vulnerability. Part Number: 42106 Description: SW LIC CES 802.1X CERT MGT / NVR

Auror Integration

Auror is a file sharing cloud service, and this integration provides the capability to export MP4 files directly from Command Client to it. Administrators can set user profile permissions to enable/disable the right to use this application. Part Number: 42104 Description: SW LIC CES AUROR

Smart Rules

Smart Rules is a cloud service that provides customers with the ability to receive real-time email and push notifications about critical events, through the integration of multiple data points. Part Numbers: 41934 /42112 / 42113 Descriptions: SERV HOST SMART RULES INTEG / SITE – 1YR // SERV HOST SMART RULES BSC / SITE – 1YR // SERV HOST SMART RULES PREM / SITE – 1YR

Command Client

HTTPS certificate verification and pinning

On a connection to Command Enterprise, Command Recording Software, or any embedded recorder, the HTTPS certificate is now verified against those trusted by the operating system’s certificate store.

  • If the required certificate is not present in the operating system’s certificate store, a pinning option is presented to allow the user to install the certificate

Browser preference

You can now select whether the default operating system browser or Internet Explorer opens when connecting to an edge device. Internet Explorer is only available on operating systems that still support it.

Heatmap search

On Command Recording Server and R6 embedded recorders, it is now possible to perform a motion heatmap search from the Smart Search panel. This function greatly simplifies motion pattern analysis, generating a heatmap view using the motion masks sent by cameras. The heatmap shows the distribution of motion in the selected time interval, as an overlay on the camera view.

.NET framework upgrade to 4.8.0

The .NET minimum supported version has been updated to 4.8.0. For this reason, Windows 8 is no longer supported.

Web Client

Case Management

Case Management is now supported in the Web Client for Command Enterprise with Command Media Archiver support. Users can create, view, edit, share, and export case files.

Improved Notification for Alarms & Health Alerts

A notification dashboard has been added to the top of the Web Client, that informs users about the presence of new alarms and health alerts from Command Enterprise.

Topology Creation & Edit

Users are now able to edit the Command resource topology from the Web Client. This includes the System, Logical, and Personal resources, such as video channels, alarms, folders, views, and recording devices. Users can move, copy, add, edit, and/or remove resources, depending on their individual user rights.

End-to-End Video Encryption Support

Web Client supports end-to-end encryption for video playback from CES version 2.19 and the latest firmware of our next generation recorders.

Smart Deploy

The new Smart Deploy application replaces the existing Discovery Browser and Command Config applications. This new application combines the functionality of the replaced ones to simplify and accelerate the discovery, provisioning, and configuration of recorders and edge devices. Smart Deploy functions encompass:

  • Discovery on local networks, on multiple local interfaces, or on a defined and reachable IP range.
  • Camera and edge device discovery and provisioning.
  • Command Recording Software and R6 embedded recorder discovery, provisioning and configuration.
  • Camera and edge device mass provisioning at deploy, including:
    • Password and region provisioning
    • Network provisioning
    • Firmware upgrade
  • Command Recording Software and R6 embedded recorder mass provisioning at deploy, including:
    • Password and region provisioning
    • Network provisioning
    • Firmware upgrade
    • Registration to Command Enterprise
    • HTTPS and 802.1x certificate provisioning
    • Camera and edge device discovery on recorder networks, on multiple recorder interfaces, or on a defined and reachable IP range.
    • Camera and edge device mass provisioning, including password, region, networks, firmware upgrade, and default channel configuration.
  • Connection to Command Enterprise, supporting 2FA and SSO authentication like Command Client, to conveniently operate on the configuration of managed Command Recording Software and R6 embedded recorders.
  • HTTPS certificate verification and pinning, like in Command Client.
    • If the required certificate is not present in the operating system’s certificate store, a pinning option is presented to allow the user to install the certificate.
  • Access credential caching for connections to Command Enterprise, Command Recording Software, and R6 embedded recorders.

Command Recording Software and R6 Embedded Recorders

R6 embedded recorders include the X-Series, the EL-Series, and the RideSafe XT Series.

HTTP connections permanently disabled

On Command Recording Software and all R6 embedded recorders, HTTP connections to the main web service are now permanently disabled, regardless of the configuration setting on Command Enterprise. Only HTTPS is allowed.

The HTTP protocol is only used from the failsafe service, operating on a dedicated port. This service does not provide any useful information, and all its operations are protected at the application layer with elliptic cipher encryption, ephemeral keys, and one-time pad challenges that make man-in-the-middle exploits unfeasible.

Configurable CA for HTTPS certificates

Smart Deploy allows you to use an intermediate certificate authority (CA) to sign the HTTPS intermediate CA, which is distributed to recorders to sign their own HTTPS certificates. This allows organizations to use an intermediate CA created from a certification authority owned by their IT department, if desired.

Configurable CA for 802.1x certificates

Smart Deploy allows you to use an intermediate certification authority (CA) to sign the 802.1x certificate distributed to recorders. This allows organizations to use an intermediate CA created from a certification authority owned by their IT department, if desired.

HTTPS certificate verification for outbound registrations

On an outbound registration to Command Enterprise, it is now possible to configure a trusted HTTPS certificate to confirm the identity of the Command Enterprise that answers the outbound registration message. The registration fails if the identity is not confirmed.

Configurable end-to-end encryption keys

Command Recording Server and R6 embedded recorders allow you to configure the keys for the end-to-end encryption function, which implements encryption at rest and in transmission at the application layer (in addition to the encryption in transmission available at the HTTPS and WebRTC transport layers).

Feature licensing

Command Recording Software and R6 embedded recorders can now receive feature licenses from Command Enterprise. These feature licenses enable functions on whole recorders or on a configurable number of channels on each recorder.

Heatmap search

Command Recording Server and R6 embedded recorders aggregate, record, and support queries for the heatmap search function added in Command Client.

RTSP streaming support

Command Recording Software and all R6 embedder recorders now provide the ability to create an RTSP stream per encoder, to allow for real time streaming of video channels.

R6 Embedded Recorders

Hardware port enable/disable On all R6 embedded recorders the Smart Deploy tool can enable/disable the following hardware ports:

  • Ethernet ports
  • Wi-Fi connectivity
  • USB to Ethernet connectors
  • USB port

Investigation Station mode

X-Series and RideSafe XT recorders can be provisioned in Investigation Station mode. While in this mode, the unit is configured to allow you to review the contents of your hard drive. When configured as an Investigation Station, the unit does not record video, so you are free to examine the evidence without fear of interfering with your recordings or affecting the contents of the hard drive that you are reviewing.

Recorders provisioned in Investigation Station mode are currently not supported by Command Enterprise and can only be used as stand-alone units.

X-Series

Lobby loitering protection

X-Series recorders with 16 or more channels have a new AI analytic for lobby loitering protection, that can be enabled with optional renewable licenses:

  • Part Number: 42025-001 / Description: Software License to enable lobby loitering protection analytic. Supported on X12-Series and IPX-Series recorders. 1 year term.
  • Part number 42025-005 / Description: Software License to enable lobby loitering protection analytic. Supported on X12-Series and IPX-Series recorders. 5 years term.
  • X1216, X1224, X1232, X1248: support lobby loitering protection on up to 2 additional channels.
  • X32, X64: support lobby loitering protection on up to 5 additional channels.

EL Series

Licensable channels

The EL Series recorders can now support additional channels, after applying a license from Command Enterprise:

  • Part Number: 42033 / Description: Recorder software camera license for a single camera. Supported on EL Series recorders. Maximum number for licenses for a single EL08: 4, EL16: 8. Also requires 3-year Software Maintenance Agreement (p/n 24315-103).
  • EL16: can support up to 8 additional channels.
  • EL08: can support up to 4 additional channels.

Licensable features

Several features have been added to the EL Series recorders as options, licensable from Command Enterprise:

  • Part Number: 42026 / Description: Software License to enable heatmap search analytic. Supported on EL Series recorders. Requires 3-year Software Maintenance Agreement (p/n 24315-103).
  • Part Number: 42027 / Description: Software License to enable n+1 redundancy. Supported on EL Series recorders. Requires 3-year Software Maintenance Agreement (p/n 24315-103).
  • Part Number: 42028 / Description: Software License to enable recorder import of media. Supported on EL Series recorders. Requires 3-year Software Maintenance Agreement (p/n 24315-103).
  • Part Number: 42029 / Description: Software License to enable MP3 audio playout. Supported on EL Series recorders. Requires 3-year Software EL08 Maintenance Agreement (p/n 24315-103).
  • Part Number: 42030 / Description: Software License to enable Custom Conditions for event handling. Supported on EL Series recorders. Requires 3-year Software Maintenance Agreement (P/No 24315-103)
  • Part Number: 42031 / Description: Software License to increase alarm limit to 512 alarms. Supported on EL Series recorders. Requires 3-year Software Maintenance Agreement (p/n 24315-103).
  • Part Number: 42032 / Description: Software License to enable support for 3rd party alarm panels. Supported on EL Series recorders. Requires 3- year Software Maintenance Agreement (p/n 24315-103).

RideSafe XT Series

Hardware port enable/disable

In addition to the other hardware ports that can be enabled/disabled on all R6 embedded recorders, RideSafe XT Series recorders can also enable/disable the SD Card slot.

XT Investigation Station

March Networks has released the XT Investigation Station, a unit provisioned by default and permanently in Investigation Station mode, with a dedicated power supply that also allows using it on a desk. Part Number: 40712 / Description: AUX XTxx G1 INVESTIGATION STATION.

CanBus serial device support

The Ridesafe XT Series recorders support an optional CanBus serial device to take CanBus events and propagate them to the recorder as alarms. Part Number: 41868 / Description: KIT XTxx CAN-Bus J1939 ADPTR – GILLIG.

Cameras and Edge Devices

New cameras, edge devices, or new features supported on them.

AI Series Cameras – Metadata Attributes

On Command Recording Software, R6 and R5 embedded recorder support has been added for new AI series camera metadata attributes, to propagate them to Searchlight or Searchlight Cloud:

  • A person’s clothing color, gender, height, accessories (hat, bag)
  • A vehicle color
  • Alarms triggered by detected objects
Stay up-to-date on product and training news with our Certified Partner Communications.
Return to top