– GENETEC HEALTH CHECK · HANS STUDY · ONTARIO, CANADA
Genetec Health Check
A Security Center environment can look healthy and still be carrying risk you cannot see. It passes commissioning. The video plays. The doors unlock. And underneath, an Archiver is fighting the Directory for I/O, a Media Router is still pointed at an address that stopped existing two migrations ago, SQL is quietly eating the box, and a hardening baseline nobody ever applied. None of it shows up until the system is under load, or until someone asks for footage that was never recorded.
What the Health Check covers
The assessment looks across the whole stack, because Genetec problems do not stay in one layer. A streaming complaint can be a NIC buffer, a QoS gap, a Media Router redirect, a saturated archive volume, or a throttled CPU, and chasing it in only one of those places is how systems stay broken for months.
The review spans:
Architecture and roles
Role placement, Directory and Archiver separation, sizing against actual camera load and headroom, federation versus distributed design, and the architectural decisions that pass commissioning and fail later.
Servers and tuning
Power plan, SQL Server memory, NIC buffers, TempDB placement, and the configuration gaps that throttle hardware that looks adequate on paper.
Storage and archives
Array design for sustained write performance, RAID protection, allocation unit sizing, indexing and short-name overhead, retention against real bitrate, and failover paths.
Network and connectivity
Traffic separation, QoS, Media Router redirect addresses, and the streaming mismatches that get misdiagnosed as camera faults.
Health monitoring
Whether the Health Monitor role is deployed, whether System status and health history are used operationally, and whether anyone actually gets told when something breaks.
Security and hardening
RBAC, Active Directory integration, certificate management, encrypted communications, and the gap between the install defaults and a defensible baseline.
Cameras and field devices
Default credentials, codec and stream configuration, recording strategy, and standard profiles.
Lifecycle and ownership
Upgrade discipline, backup and rollback, and whether anyone owns the system end to end or whether it lives in the seams between teams.
Common issues identified
Across government, law enforcement, airports, healthcare, and enterprise environments, the same problems repeat. Overloaded roles on undersized servers. Storage sized for capacity with no thought to write performance. Built-in health monitoring switched off or ignored. Cameras left at factory defaults, credentials included. Thin hardening on a system that is supposed to be a security control, not a liability. Federation designed wrong at the architecture phase. Upgrade habits that swing between frozen-three-versions-back and first-week-of-a-.0-release.
Most environments I assess are running five or six of these at once, under a system that technically works. The point of the Health Check is to surface them while they are still cheap to fix.
For the full pattern, see the 10 most common Genetec Security Center issues.
Who this is for
This is for organizations that depend on Security Center and cannot afford to find out about its weak points during an incident. Public sector and critical infrastructure. Law enforcement. Airports. Healthcare. Enterprise security teams running multi-server or multi-site estates.
It is most useful when the system has grown past its original design assumptions, when it changed hands between integrators, when performance has started to drift, or when an audit, an upgrade, or an expansion is coming and you want to walk in knowing where you actually stand.
What you receive
The deliverable is a prioritized remediation plan, not a pile of observations you have to triage yourself.
- A findings report organized by severity and by system layer, in plain language your security team and your IT team can both act on.
- Specific, configuration-level recommendations tied to Genetec's published guidance and real operational practice, not generic advice.
- A prioritized action list that separates what to fix now, what to schedule, and what to design around.
- A working session to walk through the findings and answer the questions the report raises.
Recommendations do not change based on who is selling. There is no product I am steering you toward at the end of this.
Checklist preview
The Health Check follows a structured checklist across ten areas: environment overview, servers and roles, storage and archives, network and connectivity, health monitoring and alerts, security and access control, cameras and field devices, integrations and federation, backups, DR, and upgrades, and roles, processes, and ownership.
You can work through the same checklist yourself before we ever talk. It prints cleanly as a leave-behind for your team.
Genetec Health Check Checklist →
Interactive 10-section checklist. Mark progress, take notes, save as PDF. Browser-only, no sign-in, no telemetry.
Genetec Health Audit (in-depth) →
Long-form audit utility with severity weighting, field notes per question, and PDF export. The same source material the Health Check engagement is built on.
Related advisory areas
Genetec Security Center Consulting →
Architecture review, sizing, federation, deployment oversight, and post-deployment troubleshooting beyond the focused Health Check engagement.
CCTV and Access Control →
Vendor-agnostic CCTV and access control advisory across Genetec, C-CURE, Milestone, Avigilon, Axis, Bosch.
Enterprise Network Architecture →
The network underneath Genetec. Most Genetec performance problems are network problems.
Windows Hardening for Genetec →
Practitioner course covering the Windows side: accounts, attack surface reduction, Defender, audit logging, and Sysmon for Genetec roles.
Common questions
What is a Genetec Health Check?
A focused, independent assessment of a Genetec Security Center environment across architecture, servers, storage, network, health monitoring, security, cameras, integrations, and lifecycle. It finds the issues that pass commissioning and surface later under load, and turns them into a prioritized remediation plan.
What does the Health Check cover?
The whole stack, because Genetec problems do not stay in one layer. Role architecture and sizing, server tuning, storage and archive design, network and Media Router configuration, health monitoring, security hardening and RBAC, camera and stream configuration, federation and integrations, and backup, DR, and upgrade discipline.
Who is the Genetec Health Check for?
Organizations that depend on Security Center and cannot afford to discover its weak points during an incident: public sector and critical infrastructure, law enforcement, airports, healthcare, and enterprise security teams running multi-server or multi-site estates. It is most useful when a system has grown past its original design, changed hands, started to drift, or has an audit, upgrade, or expansion coming.
Will you recommend products or hardware to buy?
No. The work is independent and vendor-agnostic with no reseller agreements. Recommendations do not change based on who is selling, and there is no product being steered toward at the end of the assessment.
What do I receive at the end?
A findings report organized by severity and by system layer, in plain language a security team and an IT team can both act on, specific configuration-level recommendations tied to Genetec guidance and real practice, a prioritized action list separating what to fix now from what to schedule, and a working session to walk through it.
How is this different from a vendor or reseller system review?
A vendor review is scoped to what the vendor sells. This assessment is independent and spans the full stack, including the network, servers, and storage that a Genetec-only review tends to skip, and it is the layer where most real problems live.
Start a conversation
If your Security Center environment has grown beyond its original design, changed hands, or simply never had a second set of eyes across the whole stack, that is exactly what this is for.