The breach stops at the camera.
Cheaply manufactured PoE IP cameras are a well-documented breach vector. They ship with hardcoded backdoors, telnet vulnerabilities, and undocumented outbound telemetry.
OpenNVR is built so the camera's flaws stop at the camera. Strict network isolation and encrypted-at-rest storage mean that even a fully compromised camera has no route to your network and no path to your video data.
Dual-NIC Network Isolation
OpenNVR is built to sit between two physically isolated networks. The primary Corporate LAN (`eth0`) handles inbound user traffic, while the PoE Camera LAN (`eth1`) is structurally isolated. The host Linux kernel's IPv4 forwarding rules are explicitly rejected. IP cameras literally lack a physical routing path to dial out to the public internet, neutralizing botnet infections immediately.
Read Network Topology →Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 100 0 0 eth0 # Secure Corporate Internet
10.0.4.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 # Isolated Camera Switch
root@opennvr:~# iptables -L FORWARD
Chain FORWARD (policy DROP)
target prot opt source destination
REJECT all -- 10.0.4.0/24 anywhere
Cryptographic BYOK
If a malicious actor physically rips the NVMe drives out of your server, the data is entirely useless. OpenNVR implements Bring Your Own Key (BYOK) database encryption at the PostgreSQL filesystem layer. Without the user-supplied cryptographic hash, the schema cannot be mounted.
- ✓ No hardcoded master passwords.
- ✓ Zero system "phone-home" recovery.
- ✓ Lose the key and the data is unrecoverable — by design.
Active Packet Inspection
OpenNVR ships with native integration hooks for the Suricata Intrusion Detection System. It passively analyzes all raw packet traffic transitioning between your isolated Camera VLAN and the central OpenNVR Server, dropping connections that match known CVE exploits.
Stateless AI Isolation
AI supply-chain attacks are real. By downloading external weights from Hugging Face or third-party tensor repos, you inherit a vector of compromise. OpenNVR mitigates this by completely decoupling the AI pipeline from the Core NVR into stateless, unprivileged Docker containers containing zero outbound routing logic.
Automated OTA Patching
Maintaining underlying Linux operating system hygiene against zero-day CVEs is critical to maintaining a zero-trust architecture. OpenNVR utilizes native UI mechanisms that hook into the host Docker socket, allowing administrators to safely stage and pull digitally-signed system patches directly without ever exposing an SSH port.