H.264 IP-Camera Video Architecture is extending its video upload, storage and sharing solution to H.264 video streams. now works with a variety of devices that can transmit H.264 encoded video including off-the-shelf IP-Cams, WiFi Video cameras with “Sensr-inside” and iPhone and OSX apps. H.264 video can be viewed on supported browsers as well as apps for iOS and Android.

This article gives a brief overview of the H.264 video solution and architecture. It describes our “Push” architecture and how that solves a Firewall and security problem that faces users managing their home network. The streaming and archiving components of the cloud service are described as they relate to the viewing of live and archived video material.

The Problem with Firewalls

Most IP-cameras available today share the same basic architecture. They have a built-in web-server that permits device set up and that also streams video data from the camera for viewing. Connecting to the camera by its IP address provides access to the camera set up controls and its live feed. Standard web browsers can be used to configure and view the camera because of the presence of the built-in webserver.

The mechanism by which remote viewing works is that the app sends a request to the camera to provide a viewing stream. For this to happen, the viewer app needs to be able to find the camera, and it needs to be able to send a request to it. If the viewer app and the camera are both on the same Local Area Network (LAN), then this generally works well.

The general architecture of this two device client-server relationship was established a long time ago when video streams were shared within the enterprise, or perhaps on a dedicated video network managed by an IT team. Networking has evolved quickly over the last decade, however, and most homeowners are now their own IT managers.

These days, homeowners often install their own router and manage their own home network.  Many homes have over a dozen  devices connecting to the network. The basic camera architecture has not evolved, however, and what was appropriate for the enterprise is not necessarily appropriate for the home. It’s time to rethink how these cameras operate.

Viewing within the home is fine

Almost every home in the United States today is protected by a local firewall built into the router.  The job of the firewall is to reject foreign web traffic to protect devices within the home from attack from outside the home.

Recall that for a camera viewer app to access the image stream of a camera, it needs to send a viewing request to the camera. When the viewing app is outside of the home, it looks like foreign web traffice to the firewall. If the firewall is doing its job, it simply drops this request in the trashcan and refuses to pass it on to the camera.

Your home remains safe from foreign traffic, but it is also inaccessible to you.  So it’s not easy for you to view your camera.

Your firewall prevents viewing from outside

One way around the firewall limitation is to punch “holes” in your firewall. Most home routers have a management interface in which you can describe rules for internet traffic destined for particular devices on your network. These interfaces vary widely, are not that easy for people to set up, and if done wrong can leave your network open to a security problem.

Firewall holes are a security risk

The video architecture re-defines the camera as a “client” of the cloud, instead of an isolated “server” in the home. This re-thinking is possible because of the emergence of cloud services, and the fact that today’s home networks are always connected to the internet.

Instead of asking the camera to run a server that can fulfill requests for video feeds, the camera is operated as a client that pushes video clips up to the cloud. This is a fundamental re-thinking of the camera: instead of the camera needing to act in isolation, it can assume that web-services are available from the cloud … in the form of The basic service provided by the cloud is an upload account to Push video data to.  Firewalls are not a problem in this case, because devices inside the home can always initiate connections to outside of the home.

Once the video data is in the cloud, it can be viewed on different types of devices, from anywhere on the internet. viewers are clients of the cloud as well, and the cloud architecture ensures that the viewers do not encounter firewall problems.

Devices can securely "push" data out of the home


What is an Upload Account?

As a client of, your camera is granted an upload account when you sign it up. Most cameras can use FTP, so we create an FTP upload account for each new camera. The FTP account consists of three things:

  • an upload server,
  • a username,
  • and a password. creates FTP upload accounts for your cameras

You can use the FTP upload account with off-the-shelf cameras that can send video clips to an FTP server. Open up the admin interface on your camera to access its settings panel. On the page where you define video clips, set the upload server, username and password to the items in the FTP upload account for your camera.

Your camera is now a client of, and it can push video data to the cloud. can accept H.264 video data in a variety of container formats including .mp4 files, .avi files and .ts segments.

Program your camera to upload its data to Sensr

Push using HTTP also accepts video data using HTTP Push.  Off-the-shelf cameras do not usually offer an HTTP Push option, but for developers of video recording Apps this is a better option that offers enhanced security.  The FTP upload account information above becomes authentication and hostname information in the HTTP Upload URL.

The Cloud Architecture

The video cloud architecture consists of two main parts: a live streaming server, and an archiver. The live streaming server is responsible for receiving video clip uploads and streaming the received clips back out for viewing. The live streaming server is optimized for low-latency turnaround. The archiver works in the background, and it is responsible for storing the received video clips in the database.

A video upload stream consists of a series of movie clips that may or may not represent continuous time. If the camera is capable of it, it can continuously send video clips to record 24/7. Alternatively, a camera might be configured to send a video clip only upon a motion event, or intruder detection. In this case, video clips would be sent intermittantly, at irregular intervals. video processing separates the Live server and the Archive server

When renders the Live view for your camera, it is setting up a connection to the Live Streaming Server for your camera. Video clips received by are immediately transmitted to your viewer app as they are received. The latency from the time a scene is recorded until the time a scene can be viewed is generally on the order of 3 or 4 video clips. If your camera sends 3-second video clips, the observed latency will be around 9 to 12 seconds.

Sensr's Live view is a low-latency replay

When renders the Hour, Day or Month view for your camera, it is querying the Archive Server for your camera. The archive server processes the video data in the background before storing it in the database. Once archived, the video data is stored with very high reliability in Amazon AWS S3. There can be a delay of up to 2 minutes from the time a scene is recorded until the scene is available for viewing from the archive server. Archived video data is stored in a variety of formats for quick access and easy rendering.

The Archive view is delievered from our database

The API (Application Programming Interface) [ URL ] provides access to the video data for your camera from both the Live Streaming Server and the Archive Server. API calls allow you to list your cameras, access the various feeds of your camera, and allow you to change the more mundane properties of your camera, like its name. The API is the same one we build our own apps with. You can read more about it here:

Access your data using our APIs and your favorite Programming Language


This article introduces the H.264 Video storage architecture and gives some of the rationale for its design. Historically, IP-Cams have operated as self-contained web-servers. With the advent of cloud services, it makes sense to rethink these devices as clients. With this reversal of roles, a number of problems vanish: the Firewall is no longer an obstacle, and homeowners do not need to weigh the risks of opening a hole in their Firewall. partitions the roles of serving streaming content and archived content into two portions. For lower latency, the streaming server is optimized to copy video clip uploads out to viewers as soon as possible. The archiver is optimized for long-term reliability and ensures that received video clips remain available permanently.


Facebook Twitter Reddit Digg Stumbleupon Email

About Tom Sheffler

Chief Scientist,
This entry was posted in, Technology and tagged , , , . Bookmark the permalink.

Comments are closed.