Windows 10 LAN different with April Update

By DevTech
in Microsoft (Windows)

 Share

Recommended Posts

Grand Master

DevTech

Posted
Posted

Networking a bunch of Windows computers via a nice cheap gigabit ethernet LAN has always been extremely useful, convenient and easy.

 

So it is something that has "Just worked" and I have not given it any recent (several years) attention and now The Future is here to byte us in the ....

 

I am hoping this topic can be a handy reference for people scratching their heads over "Network Neighborhood" oddities in their homes or small business.

 

The situation that makes this current and urgent is that Microsoft is making a vigorous effort to eliminate SMB 1.0 due to giant security risks with Ransomware etc.

 

If the update installer decides you don't need SMB 1.0, it will uninstall it after 15 days...

 

This would all be of little interest except that the comfy little Windows Explorer view of all the computers and devices in your home LAN depends on the LAN Browser which was never updated past SMB 1.0

 

Once you turn off the unsafe SMB 1.0 protocol everywhere, the local network vanishes in a poof of smoke!

 

I have found some solutions and work-arounds which I will detail in subsequent posts but I can't say there is any coherent Micosoft strategy to address this issue.

 

Grand Master

+Nik Louch Subscriber²

Posted
  • Subscriber²
Posted (edited)

SMB1 should have been irreverent for years, but unfortunately sloppy adoption of 2.0 (available in consumer Windows since 2006) and 3.0 (since 2011) is to blame here.  We moved away from it 2 years ago at work, as it was a large contributor towards the spread of ransomware throughout networks.

 

I applaud Microsoft for shutting this MASSIVE security issue down.  But should you need it - go to Control Panel, Programs & Features, Turn Windows Features On/Off, SMB 1.0 CIFS File Sharing Support and jobs a good'un.  But seriously - only do this if you have something that absolutely demands it.

 

Also, this isn't really a LAN issue, it's a protocol issue.  Your LAN is unchanged.

55 minutes ago, DevTech said:

 

Once you turn off the unsafe SMB 1.0 protocol everywhere, the local network vanishes in a poof of smoke!

Not true if using a newer protocol both ends.

  • goretsky and DConnell
  • Like 2
Grand Master

DevTech

Posted
  • Author
Posted

So if you go with the SMB 3 option and disable SMB 1, then you need to open services and set two Windows Services to "Automatic Delayed"

 

1.  Function Discovery Provider Host

 

2.  Function Discovery Resource Publication

 

 

You can also ignore the RDMA SMB 3 Windows Feature which provides SUPER FAST networking with network cards that support that feature. You simply won't have one of those cards. So leave that OFF

 

Doing this will allow you to see other Windows 10 computers on your network and vice-versa without using SMB 1 and a Master Browser which only works on SMB 1

 

There will be problems with older Windows versions, NAS devices and Linux (OTB) - I think Samba can be configured to work in this environment, still checking it out.

 

Another option I'm exploring is using a Linux computer or NAS running Linux and configuring Samba with SMB 1.0, WINS and making it the Master Browser to bridge the post-SMB 1 world with the previously universal language of SMB 1

 

Another option is Windows Server with Active Directory which sort of defeats the purpose of a workgroup.

 

  • Mando and DConnell
  • Like 2
Grand Master

DevTech

Posted
  • Author
Posted
2 minutes ago, NJL said:

SMB1 should have been irreverent for years, but unfortunately sloppy adoption of 2.0 (available in consumer Windows since 2006) and 3.0 (since 2011) is to blame here.  We moved away from it 2 years ago at work, as it was a large contributor towards the spread of ransomware throughout networks.

 

I applaud Microsoft for shutting this MASSIVE security issue down.  But should you need it - go to Control Panel, Programs & Features, Turn Windows Features On/Off, SMB 1.0 CIFS File Sharing Support and jobs a good'un.  But seriously - only do this if you have something that absolutely demands it.

 

Also, this isn't really a LAN issue, it's a protocol issue.  Your LAN is unchanged.

Not true if using a newer protocol both ends.

The network doesn't vanish, just your VIEW of it in Windows Explorer. Enabling "Function Discovery" gets it back.

 

I am trying to walk people through a non-Active Directory approach that also avoids the insecure SMB 1 - i.e. home network without a Ransomeware Hole in it...

 

  • DConnell and +Nik Louch
  • Like 2
Grand Master

DevTech

Posted
  • Author
Posted
1 minute ago, NJL said:

I don't run AD at home (kinda obviously LOL).  I still see all my servers.

If you have the April Update on Windows 10 and if you have SMB 1 turned off in Windows Features, you will NOT see any  other Windows 10 peer computers in your WORKGROUP.

 

This is "by design"

 

Turning on  "Function Discovery" mitigates some of this but leaves a long list of older computers and devices undiscoverable.

 

 

 

Grand Master

DevTech

Posted
  • Author
Posted
3 minutes ago, NJL said:

If you say so.  My experience sat right here says otherwise.  Anyhow, I've said my bit.

See Thread Title - this is a new issue with recent Windows 10 Updates since SMB 1 is NOW being actively disabled by Microsoft leading to a lot of mysterious results on home LANS.

 

Steps to reproduce:

 

1. Install Windows 10 on all computers on your home LAN.

 

2. Update to latest and disable SMB 1 in "Windows Features"

 

3. Open "Network" in Windows Explorer

 

4. You will see ZERO of your Windows 10 peer computers in your WORKGROUP.

 

5. The shares are still available by Mapping Network Drive, and if you recall the computer name, you can \\name in the explorer address bar, but you can't browse the network by clicking on the icons for other computers.

 

 

Grand Master

Mando

Posted
Posted
3 hours ago, DevTech said:

See Thread Title - this is a new issue with recent Windows 10 Updates since SMB 1 is NOW being actively disabled by Microsoft leading to a lot of mysterious results on home LANS.

 

Steps to reproduce:

 

1. Install Windows 10 on all computers on your home LAN.

 

2. Update to latest and disable SMB 1 in "Windows Features"

 

3. Open "Network" in Windows Explorer

 

4. You will see ZERO of your Windows 10 peer computers in your WORKGROUP.

 

5. The shares are still available by Mapping Network Drive, and if you recall the computer name, you can \\name in the explorer address bar, but you can't browse the network by clicking on the icons for other computers.

 

 

lol right enough, just double checked both my w10s Prog n features and SMB 1 was still enabled, not now ;) bingo! zero clients in network neighbourhood post disabling smb v1.

 

NAS supports SMB v2+ as does all my clients at home and i use smb (v2) paths always.

 

 

Grand Master

Mando

Posted
Posted
1 hour ago, NJL said:

I don't run AD at home (kinda obviously LOL).  I still see all my servers and clients.

in progs n features you probs still have SMB v1 client enabled mate, both my april update systems had it enabled still.

Grand Master

+InsaneNutter MVC

Posted
  • MVC
Posted

I need to have a look at totally getting rid of SMB v1 on our network again. Sadly our Konica Minolta Bizhub copiers have never liked scanning to anything other than SMB v1 shares.

Grand Master

DevTech

Posted
  • Author
Posted
26 minutes ago, Mando said:

in progs n features you probs still have SMB v1 client enabled mate, both my april update systems had it enabled still.

One thing that can make this situation extra confusing is that after the April Update, a 15 day timer starts ticking. If some algorithm thinks you don't need SMB 1 after monitoring your system for 15 days, it gets disabled.

 

Then people wonder what happened to their "Network Neighborhood" and then either can't figure it out or are faced with a decision they never knew they should be making about getting rid of SMB 1.

 

And if they get rid of it, the "Function Discovery" services are far from obvious...

 

 

 

Grand Master

Mando

Posted
Posted
Just now, DevTech said:

One thing that can make this situation extra confusing is that after the April Update, a 15 day timer starts ticking. If some algorithm thinks you don't need SMB 1 after monitoring your system for 15 days, it gets disabled.

 

Then people wonder what happened to their "Network Neighborhood" and then either can't figure it out or are faced with a decision they never knew they should be making about getting rid of SMB 1.

 

And if they get rid of it, the "Function Discovery" services are far from obvious...

 

 

 

yep my Buffalo nas has smb v2 enabled for the shares but W10 without smb 1, complains about it being unsecure, despite smb v2 being enabled in win & nas, suspect the buffalo aint presenting it correctly.

Grand Master

DevTech

Posted
  • Author
Posted
3 minutes ago, Mando said:

yep my Buffalo nas has smb v2 enabled for the shares but W10 without smb 1, complains about it being unsecure, despite smb v2 being enabled in win & nas, suspect the buffalo aint presenting it correctly.

It gets really tricky, I think. Microsoft only supports a Browser Client and a Master Browser on SMB 1. They never upgraded it and the only replacement is Active Directory. So one you dump SMB 1, the whole spirit of a WORKGROUP sort of unravels....

 

Microsoft is also dumping the HomeGroup stuff...

 

Samba can be configured to support a Master Browser and old stuff like WINS so there might be some point to having a Linux VM running SMB 1 to support various devices while at the same time using LDAP or something to bridge to Windows 10 without SMB 1. There is no security risk running SMB 1 on devices that have no landing zone for malware but I can't be sure of that and I don't know if this line of reasoning has any utility value either...

 

Grand Master

+Nik Louch Subscriber²

Posted
  • Subscriber²
Posted
1 hour ago, Mando said:

in progs n features you probs still have SMB v1 client enabled mate, both my april update systems had it enabled still.

Nah, I checked when I was typing up how to enable it.

 

Anyway, doesn't matter am en route to Germany now!

Grand Master

Mando

Posted
Posted
1 hour ago, farmeunit said:

 unpatched "SMB1" is how WannaCry/Petya and other variants was distributed.  Just sayin'.

 

There are reasons it is gone.

 

ftfy ;)

i get that totally, but not to have a working alternative for the now defunct master browser function in v2+ is comical. thats the point.

 

to be a bit more accurate, Wannacry/Petya used the exploits in unpatched SMB v1 protocol which had been patched previously by Ms but some didnt bother patching, our enterprise footprint had SMB v1 patched eons ago and in a estate of almost 300k global endpoints, not a single wannacry instance ;)

 

Jus saying` ;)

  • goretsky and DevTech
  • Like 2
Grand Master

farmeunit

Posted
Posted

There is a working alternative:

https://support.microsoft.com/en-us/help/4034314/smbv1-is-not-installed-by-default-in-windows

 

But I agree that it could be easier for the layperson.  I only have a few computers at home and have done mapped drives for several years.  I can't remember the last time I browsed for something.

Grand Master

DevTech

Posted
  • Author
Posted
4 hours ago, farmeunit said:

There is a working alternative:

https://support.microsoft.com/en-us/help/4034314/smbv1-is-not-installed-by-default-in-windows

 

But I agree that it could be easier for the layperson.  I only have a few computers at home and have done mapped drives for several years.  I can't remember the last time I browsed for something.

Explorer Network Browsing

 

The Computer Browser service relies on the SMBv1 protocol to populate the Windows Explorer Network node (also known as "Network Neighborhood"). This legacy protocol is long deprecated, doesn't route, and has limited security. Because the service cannot function without SMBv1, it is removed at the same time.

 

However, if you still have to use the Explorer Network in home and small business workgroup environments to locate Windows-based computers, you can follow these steps on your Windows-based computers that no longer use SMBv1:

 

Start the "Function Discovery Provider Host" and "Function Discovery Resource Publication" services, and then set them to Automatic (Delayed Start).

When you open Explorer Network, enable network discovery when you are prompted.

 

All Windows devices within that subnet that have these settings will now appear in Network for browsing. This uses the WS-DISCOVERY protocol. Contact your other vendors and manufacturers if their devices still don't appear in this browse list after the Windows devices appear. It is possible they have this protocol disabled or that they support only SMBv1.

 

Note We recommend that you map drives and printers instead of enabling this feature, which still requires searching and browsing for their devices. Mapped resources are easier to locate, require less training, and are safer to use. This is especially true if these resources are provided automatically through Group Policy. An administrator can configure printers for location by methods other than the legacy Computer Browser service by using IP addresses, Active Directory Domain Services (AD DS), Bonjour, mDNS, uPnP, and so on.

 

If you cannot use any of these workarounds, or if the application manufacturer cannot provide supported versions of SMB, you can re-enable SMBv1 manually by following the steps in KB 2696547.

 

Important We strongly recommend that you do not reinstall SMBv1. This is because this older protocol has known security issues regarding ransomware and other malware.

 

------------------------------------------------------

 

Translation: "Microsoft probably screwed up because we imagined a fake world where all our home users would install Windows Server and use Active Directory so we never bothered to hire a Google Summer Of Code student to upgrade the LAN Browsing code to work with SMB 3 and modern network environments. Also, one of our network techs said that home users like him would of course have totally static configs that they are dying to manage through Group Policy so the fantastically convenient Network Neighborhood that Just Works was too easy."

 

- "doesn't route" is a very misleading statement from Microsoft. They had ability for a Domain Master Browser to control Local Master Browsers. There is one Master Browser for every subnet. A typical home LAN has a single subnet and in special cases or small office usage, there might be another subnet which was handled.  Of course it isn't the same as routing, but it does the job and a few 576 byte UDP packets to coordinate the Master Browsers is insignificant network overhead.

 

- I freakin HATE mapping drives! I have at least 10 mostly Windows 10 computers on my LAN that I tinker with all the time and I move drives around and change network addresses and it's just a dynamic environment for which Microsoft originally understood and created a perfect solution for (evolving from "Windows for Workgroups") and now they want to unwind a great solution into an Awkward Mess (tm)

 

- There is just nothing more convenient than opening Network Neighborhood and poking around in there and to say otherwise is just double-speak snake-tongued garble to promote a very unclear agenda to remove a very useful function.

 

- I will spend some time studying "WS-DISCOVERY" and Apple's Bonjour and uPnP to see if they can help...

 

 

 

 

 

 

  • Mando and goretsky
  • Like 2
Grand Master

+BudMan MVC

Posted
  • MVC
Posted

You do not need SMBv1 to broadcast for a netbios name in your network.  Do you know the names of your machines?  Then simple \\nameofcomputer will get you a list of shares on it.. Zero need for SMBv1 for this to happen..

 

Network Neighborhood or computer browsing was a joke back when it was lanman in the windows 3.1 days, etc.

broadcast.thumb.png.6f70bd4ba217605c7da916b0a0efca80.png

 

I have SMBv1 disabled on all my machines.. Have zero problems resolving anything - most of the time its done via dns.. But I turned it off just for this sniff so could show it able to broadcast for the name..  Now if your machines are in different networks/vlans - this was always a problem with computer browse service.. So that was never a solution anyway - in that case dns should be used to resolve.. Or run a wins box if you want to have your netbios names listed.. Samba on linux can do that for you, etc.   Again not SMBv1

 

So at a loss to what your ranting about - Your mad because you don't have a list of names of your own computers that shows up as your "network" in some gui?

Grand Master

DevTech

Posted
  • Author
Posted
10 hours ago, BudMan said:

You do not need SMBv1 to broadcast for a netbios name in your network.  Do you know the names of your machines?  Then simple \\nameofcomputer will get you a list of shares on it.. Zero need for SMBv1 for this to happen..

 

Network Neighborhood or computer browsing was a joke back when it was lanman in the windows 3.1 days, etc.

broadcast.thumb.png.6f70bd4ba217605c7da916b0a0efca80.png

 

I have SMBv1 disabled on all my machines.. Have zero problems resolving anything - most of the time its done via dns.. But I turned it off just for this sniff so could show it able to broadcast for the name..  Now if your machines are in different networks/vlans - this was always a problem with computer browse service.. So that was never a solution anyway - in that case dns should be used to resolve.. Or run a wins box if you want to have your netbios names listed.. Samba on linux can do that for you, etc.   Again not SMBv1

 

So at a loss to what your ranting about - Your mad because you don't have a list of names of your own computers that shows up as your "network" in some gui?

"Your mad because you don't have a list of names of your own computers that shows up as your "network" in some gui?"

 

Yes.

 

1. You are BudMan. Everyone else is  not BudMan. I know from far too many attempts at explaining things that the average person has very real trouble understanding the idea of computers talking to each other in a home LAN and sharing data (once you get past the idea that "data" actually exists on a hard drive connected to various computers) and the number 1 tool in explaining all of that and making it useful is opening Network Neighborhood and being able to see that strangely difficult abstract concept as a visual reality.

 

2. Even for experts, it is a reasonable convenience, not just when visiting friends and family but even in your own network to not have to remember network names and type them in manually.

 

3. Nobody likes the reduction in value of something they have purchased. One way or another we have paid for every copy of Windows and removing a feature that is actually used by millions of people without providing something better is known as a "Rip-off" - Being told there is a work-around that requires more work and delivers less value is equivalent to "You're holding it wrong"

 

4. Many devices such as peripherals, NAS, TV casters, Cameras, etc have long hard-wired names that are awkward even if they resolved but should be showing up in Network Neighborhood.

 

5. Discovery is an increasing problem in general as things multiply and easy discovery and display of your own freakin equipment should get better, not worse.

 

6. I think in Windows Vista there used to be a nice Network Neighborhood option which made a Topological Display of the network which always got a few things wrong but was at least a nice starting point that I thought Microsoft would just improve in each generation, but instead it was removed.  One of the key features about Windows has always been making computers more powerful and flexible and adjustable as a "Power to the People" kind of thing from "A computer on every Desktop" to "Information at Your Fingertips" these Bill Gates era philosophies are being steadily eroded as all the large tech firms realize that money and value come from stealing power from the people and giving it to them.

 

"Rage, rage against the dying of the light. Do not go gentle into that Big Brother Night."

 

https://en.wikipedia.org/wiki/Do_not_go_gentle_into_that_good_night

https://biblio.wiki/wiki/Do_Not_Go_Gentle_into_that_Good_Night

 

(which is also the most famous villanelle)  

 

The world's first villanelle from 1606 channeling 410 years into the future of Windows 10, would also seem to describe the loss of  Network Neighborhood:

 

I have lost my turtledove:
Isn't that her gentle coo?
I will go and find my love.
 
Here you mourn your mated love;
Oh, God—I am mourning too:
I have lost my turtledove.

 

https://en.wikipedia.org/wiki/Villanelle

 

 

 

 

 

 

Grand Master

+BudMan MVC

Posted
  • MVC
Posted

SMBv1 is horrible - should of been disabled years and years and years ago.  If so then wannacry would of been a non issue.

 

Here I normally turn off all that discovery ###### because its just noise on the wire for zero use.. Atleast to me.. But I turned it on so you could see, here is my nas - and another box will show up sooner or later..  I just enabled it network discovery on it and re-enabled some nonsense services.  Its a not some sort of instantaneous listing of devices on your network.  It can take a while to populate, etc.

 

discovery.thumb.png.46f2a2e1665b08038361cd8ab1f4d26e.png

 

Change your listing so you can edit the columns - add the discovery method column..  See this was discovered using ws-discovery.

 

The amount of noise a windows box puts on the wire out the box is just maddening... Come find me - hey who is out there... Let me just flood the wire with nonsense both ipv4 and ipv6.. Oh and let me see if I can connect with isatap and teredo and 6to4, etc....

 

If you want to rant about something - I would rant about the crazy amount of broadcast and multicast traffic a windows box puts out just sitting there..  And all the elections they will hold trying to figure out who is going to be the master browser every time some windows box joins or leaves the network.  For what stupid reason to see who maintains the list so some user can "browse" to see who else is on their network.. By like you said some normally nonsense name ;)

 

Its a PITA to get it to be quiet ;)  And for gosh sake stop looking for WPAD every few seconds - hehehe... If I set the browser to not use a proxy then you shouldn't be broadcasting for freaking wpad..

 

As to friends or guest - I would never in a million years let them on my normal network.. Neither should you!!  More than likely they are infected with who knows what!!! If they come over they can use my "guest" vlan.. so there is going to be nothing for them to browse anyway.  If they want to hit my plex or something I will give them the name of it.  Or if they want to hit my printer, its on the guest network and they can find it via airprint. etc..

 

There is plenty wrong with windows to rant about that is for sure ;)  Them turning off smbv1 is not one of them.. Them finally getting rid of that joke they called homegroups.  Should be throwing a party not ranting ;)

 

 

Grand Master

George P Global Moderator

Posted
  • Global Moderator
Posted
On 5/11/2018 at 1:50 PM, DevTech said:

So if you go with the SMB 3 option and disable SMB 1, then you need to open services and set two Windows Services to "Automatic Delayed"

 

1.  Function Discovery Provider Host

 

2.  Function Discovery Resource Publication

 

 

You can also ignore the RDMA SMB 3 Windows Feature which provides SUPER FAST networking with network cards that support that feature. You simply won't have one of those cards. So leave that OFF

 

Doing this will allow you to see other Windows 10 computers on your network and vice-versa without using SMB 1 and a Master Browser which only works on SMB 1

 

There will be problems with older Windows versions, NAS devices and Linux (OTB) - I think Samba can be configured to work in this environment, still checking it out.

 

Another option I'm exploring is using a Linux computer or NAS running Linux and configuring Samba with SMB 1.0, WINS and making it the Master Browser to bridge the post-SMB 1 world with the previously universal language of SMB 1

 

Another option is Windows Server with Active Directory which sort of defeats the purpose of a workgroup.

 

Thanks for this man, starting both of those services show my systems to each other again.  I was wondering what the heck was going on for days.  

Grand Master

+BudMan MVC

Posted
  • MVC
Posted

You also might need SSDP and UPnP host running?  Like I said windows is a noisy beast..

 

Like I said the other machine would show up

 

showedup.thumb.png.bffbb7e84e8b1d6bf5b7ba578fdd3c3a.png

 

And that nas is linux based, running synology DSM 6.2 RC... To get it show up for windows machine using ws-discovery just need to enable that in the nas file services advanced section.  I think its on by default..  But I had turned it off.  I have a few linux boxes I can fire up in this L2 and turn on samba to get them discoverable..

 

But in the long run its just a bunch of noise that serves no real purpose to be honest.  I just hit \\nas when I need to see its shares ;)  Which you can create a shortcut too on your desktop.. But winkey+R and \\nas is pretty simple ;)

Grand Master

DevTech

Posted
  • Author
Posted
1 hour ago, BudMan said:

You also might need SSDP and UPnP host running?  Like I said windows is a noisy beast..

 

Like I said the other machine would show up

 

showedup.thumb.png.bffbb7e84e8b1d6bf5b7ba578fdd3c3a.png

 

And that nas is linux based, running synology DSM 6.2 RC... To get it show up for windows machine using ws-discovery just need to enable that in the nas file services advanced section.  I think its on by default..  But I had turned it off.  I have a few linux boxes I can fire up in this L2 and turn on samba to get them discoverable..

 

But in the long run its just a bunch of noise that serves no real purpose to be honest.  I just hit \\nas when I need to see its shares ;)  Which you can create a shortcut too on your desktop.. But winkey+R and \\nas is pretty simple ;)

Your argument makes no real world sense to average Windows users and it probably does not make sense either to tech users such as myself who can't wrap their heads around finding a positive spin on a pure RIP-OFF.

 

1. Just because the old Network Browser depended on SMB 1, does not mean a new  Network Neighborhood could not be updated to use a combination WS-DISCOVERY, uPnP, BonJour etc, along with the topological mapping protocols such as LLTM, LLTD etc. 

 

2. Microsoft had years to prepare for a switch-over they decided was overdue to be implemented in forcing the removal of SMB 1 and they could have done it in a way that did not inconvenience their customers.

 

3. Saying "Look at me and see how easy it is for a networking expert to have a work-around" no matter how easy you feel the solution to be is just a nerd form of hubris. Network Neighborhood is a natural discovery extension of Windows Explorer and no matter how easy you subjectively think it is to type \\whatever name into the address bar, it is a downgrade of functionality plain and simple.

 

 

I have lost my Network Neighborhood:
Isn't that her gentle coo of WS-DISCOVERY?
I will go and find my love.
 
Here we mourn our easy Network View;
Oh, God—I am mourning too:
I have lost my Network Neighborhood.

 

https://en.wikipedia.org/wiki/Villanelle

This topic is now closed to further replies.
 Share
Go to topic listing

  • Posts

    • Valve finally confirms Steam Machine prices, starts at $1049 for 512GB option

      By Snake Doc · Posted

      So size is the ONLY selling point????? People have been plugging in PC's to TV's in living rooms for 20+ years. I would take a bigger box for more peformance. Also lot and lots of SFF/Mini ITX build guides out there.
    • Valve finally confirms Steam Machine prices, starts at $1049 for 512GB option

      By Snake Doc · Posted

      My point is, if you buying this instead of a console for TV purposes, that you need to understand that you will not be able to play the most popular MP games with Steam OS. Now if you are not into those games, and into some of the perputual alpha/beta games on Steam then this is an option. I would argue a gaming PC would be the better route, more expensive but take the 1k -1.4k you are about to spend on this thing and build a better one. Because it is running Linux you can overide its 1080p settings. However The Verge complained about its 1080p cap and how you would have to get around it at the CLI, so someone buying this instead of a PS5 or Xbox might have a challege on their hands.
    • A review of Synology's BeeCamera software for the BeeStation Plus

      By Fezmid · Posted

      A review of Synology's BeeCamera software for the BeeStation Plus by Christopher White Synology is leaning into the BeeStation and the BeeStation Plus, and it's easy to understand why. While power users will want something more customizable, the BeeStation and its more powerful sibling, the BeeStation Plus, are great for those who want a device they can simply plug in, click a few buttons, and have it work as their own personal cloud. Until recently, the device was mostly used for the storage of files, photos, and videos, and with the Plus model, you could install and stream media through Plex. Synology recently released a new free application for the BeeStation Plus called BeeCamera, which is basically a stripped-down version of Surveillance Station. First, let's get the confusing naming out of the way. While you might initially think that BeeCamera is a physical device, perhaps a camera that Synology created specifically for the BeeStation Plus, that would be incorrect. BeeCamera is simply the name for the application that runs on the NAS and on your mobile device. I think the marketing team missed the mark here, but it does fit the other naming on the device, like BeePhotos and BeeFiles, I guess. Camera Support As of right now, only Synology-branded cameras are supported, which many will see as a callback to the drive locking the company implemented and then backtracked on. That said, while I 100% disagree on drive locking, I agree that camera locking for a device made to simply plug and play is the right decision. The whole point of the BeeStation line is simplicity. There are currently three camera model lines available, a wireless device for indoor use, and two PoE models for external use. CC400W (Wi-Fi): Plug it into power using the included power adapter, and connect it to your wireless network. This camera is rated only for indoor use and is the one I was provided to review the BeeCamera. $198.36, in line with the Unifi G6 Compact. BC510 (PoE): A bullet-style camera. Connect it to an Ethernet cable that is providing Power over Ethernet (PoE). This camera is rated for both indoor and outdoor use. $240. TC510 (PoE): A dome-style camera. Connect it to an Ethernet cable that is providing Power over Ethernet (PoE). This camera is rated for both indoor and outdoor use. $240. Although this isn't a review of the actual Synology camera, I did want to note that a positive for the Synology CC400W is that it uses a magnetic base. This means you can mount it on any magnetic surface, which is pretty handy. However, a downside to the camera is that it's powered by a built-in USB cable that's about six and a half feet (two meters) long. This means that the cable will probably be either too long or too short, but more importantly, if the cable is damaged at all, you'll likely need to buy an entirely new camera because there doesn't appear to be a way to replace it, unlike many competitors, like the Unifi G6 Instant. Hopefully, this is something Synology addresses in a future revision of the hardware. The BeeStation Plus supports up to four cameras. Setup The setup of BeeCamera is, like everything in the BeeStation family, very straightforward. Simply make sure you're on at least version 1.5 of the BeeStation OS, and BeeCamera is automatically installed on the device. BeeCamera Setup Screenshots Setting up the CC400W was just as easy. Plug it in, open up the BeeCamera app, and follow the on-screen steps to add the camera. During this process, you'll configure the camera name and how many days of retention you want to keep. The system will also automatically update the firmware for you. The whole thing took only a couple of minutes, excluding the time it took for the camera to update the firmware. Once the camera is connected to the BeeStation Plus, you can manage the various camera settings within the app, although there aren't many to choose from. You're able to configure whether the microphone will record audio (some privacy laws may preclude you from recording it), select what codec to use (H.264 or H.265), configure the color and exposure of the camera, and determine what data you want to overlay onto the video. Finally, you can set up AI detections so that BeeCamera will alert you if it sees certain things. These are all of the common detections you would expect in a camera system, such as people, pets, and vehicles. Under people and vehicles, you can also add extra monitoring for lingering and congestion detection, although pets are currently in "Lab" and therefore have no extra features yet. Recording in 4K using H.265 for 30 days will take roughly 300 GB of storage, which is very reasonable for most regular households, as the BeeStation Plus has 8TB of native storage. If you want to set up detection zones, you can. These are areas that BeeCamera will look at for the various detections, and are helpful if, for example, there's a tree in your frame and you don't want to be notified each time the wind makes the branches move around in the frame. Finally, you can also schedule when the camera should and should not be recording, which is a very useful feature. For example, you may want to record only at night when you're sleeping, but not during the day when you're up and about the house, so you can easily shut the camera off between 8 am and 10 pm. Each hour of each day can be configured to record continuously, only upon a detection event, or disabled completely. You can't fine-tune to record at a specific time, though, only hourly blocks on the hour. Daily Use The best part of BeeCamera is that it's easy and just works. If you only care about being notified when things happen, the mobile app sends those notifications and lets you click the button to bring up the video and see what's going on. For example, when I went out of town and had the camera pointed at the cat tower in our hallway, it was nice to be able to drop in and check that my furry friends were doing okay without me. Initiating the remote connection to the BeeStation Plus through the app is very responsive, but this will heavily depend on your ISP. In my case, using Xfinity, I'm able to go from starting the app to seeing live video in roughly three seconds, which is about the same amount of time it takes to connect to my Unifi UNVR system that costs much more. If you want to see footage from a specific day and time, you can do so using the calendar icon. You can also scroll through the timeline, looking for detections that are labeled in blue (vs. the normal gray when there's nothing of interest). There are buttons that let you go to the last/next detection on the timeline, which is helpful if you missed the notification on your mobile device. That's where the ease of use stops, though. While you can download clips that are flagged by detection, there's apparently no way to select generic time frames you're interested in, and the only place to download is to your phone. In addition, sharing a video shares the actual video, not just a link back to your BeeStation Plus. While that's good from a security and privacy perspective, it's a little awkward for sharing large videos. Limitations While the ease of implementation is great, there are some things that are lacking from BeeCamera. The most obvious is that there is no way to view the footage on the desktop. You can log in to the BeeStation Plus to see how much storage BeeCamera is using, but unlike BeePhotos and BeeFiles, there is no BeeCamera on the web console to manage or view footage. This means you'll be viewing all of your security footage on your mobile device, which is pretty limiting. In addition, there's no way to download the video to your PC without first using your phone as the intermediary. The one exception to this is that you can use BeeFiles to see the raw MP4 files. They're saved in 5-minute increments, and it's just raw data with no detection information or any other way to identify what any of them are. The lack of a way to interact with BeeCamera on the desktop also makes configuration of the cameras more difficult. For example, trying to set up detection zones using a tiny screen and your finger to draw boxes is more cumbersome than it needs to be. This reinforces the idea that BeeCamera is not made for power users. It's also missing some of the more advanced functionality of Surveillance Station. For example, I couldn't find a way to say, "Alert me if the thing in this zone is no longer there." Another major deficiency with BeeCamera, and a feature I suspect may come out in the future, is that while it can detect generic people, there is no specific facial recognition yet. This is an interesting omission, given the fact that other Synology tools can detect specific individuals, and competitors such as Unifi Protect also do it. This is probably a software limitation, so we will have to wait and see if this feature is added in the future. Conclusion If you need a security guard to monitor surveillance cameras to make sure your property is secure, then BeeCamera is not the solution for you. That said, you probably wouldn't be using a BeeStation Plus as the brains behind the system either. BeeCamera (and BeeStation in general) is clearly aimed at households that want to avoid sending personal data to Google and Amazon, and now want to add some cameras to keep an eye on their home and their pets while they're away. BeeCamera excels at doing this. The target market isn't interested in creating cases, tying multiple views together in a single pane of glass, or the like, and for the intended use case, the system works great. Where it starts to fall apart a bit is with more advanced features. Not being able to use a desktop app is a major compromise in my opinion, and having to do all of the configuration on a mobile device is annoying, but not impossible. If you don't want to have a full-fledged NAS device in your home, but still want control over your data (or maybe want an easy way to backup your data for World Backup Day), and want to add a couple of cameras to keep an eye on your house and your pets, this is a great, cheap, and easy way to go, and I suspect more functionality will come over time. If Synology releases a desktop app or at least a way to configure cameras and view footage on a desktop browser, this would be a near-perfect solution for a general home user. As an Amazon Associate, we earn from qualifying purchases.
    • AI is indeed eliminating jobs, and Oracle just proved it

      By macoman · Posted

      I forgot to add on my comment that when robots will take physical jobs, it's when they become more cheaper to manufacture and sell. That will be the starting point of the end to lanscaping, trash pickup, factory jobs, etc.
    • Valve finally confirms Steam Machine prices, starts at $1049 for 512GB option

      By Snake Doc · Posted

      How many people can actually use a 2.5gig ethernet port? Most people do not have more than a 1gig internet connection, heck most have less than that. Most people at home do not have a switch that has multiple 2.5gig ports either.

  • Recent Achievements

    • One Month Later
      timbobit earned a badge
      One Month Later
    • One Month Later
      nates earned a badge
      One Month Later
    • Week One Done
      Almohandis earned a badge
      Week One Done
    • Rookie
      dorf went up a rank
      Rookie
    • First Post
      mike_rumble earned a badge
      First Post

  • Popular Contributors

    1. 1
      +primortal
      477
    2. 2
      +Edouard
      172
    3. 3
      PsYcHoKiLLa
      104
    4. 4
      Michael Scrip
      88
    5. 5
      neufuse
      70
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!