• October 14, 2024, 07:19:21 AM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Pages: [1] 2

Author Topic: Clarification needed on how mydlink works  (Read 12681 times)

Blubber

  • Level 1 Member
  • *
  • Posts: 15
Clarification needed on how mydlink works
« on: August 01, 2016, 10:49:38 PM »

I am a recent purchaser of a DCS-960L camera and am trying to learn about the different options for remote viewing of the camera. I understand I can go through the mydlink site and have verified it works. I also understand the alternative is to use port forwarding with DDNS, which I will try soon.

Going the mydlink route worries me some in terms of security and I would like more information on how exactly it works.*

From my initial impression, it means that mydlink, or any website for that matter, can somehow see inside of my network and directly access a device that is behind my router, despite me never having port forwarded anything. Is the camera listening or publishing data on a port that is not documented? How does mydlink.com know how to get to the camera? What is stopping any other website from also getting to this camera?

Any information clarifying this would put my mind at ease.

Thank you.

*I scoured the numerous FAQ posts and saw nothing containing this information, so I figured it was appropriate to ask here.
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: Clarification needed on how mydlink works
« Reply #1 on: August 02, 2016, 07:31:15 AM »

No other web sites can access your camera or MDL account unless you give access. All access is controlled via the MDL web site and any camera, router or NAS device that supports the cloud feature and is associated with the MDL site can only be accessed by you the user and no body else. Should this happen may violate the privacy policy put forth by D-Link: https://www.mydlink.com/privacyPolicy

I recommend that you phone contact your regional D-Link support office and ask for help and information regarding this. We find that phone contact has better immediate results over using email.
Let us know how it goes please.

Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

Blubber

  • Level 1 Member
  • *
  • Posts: 15
Re: Clarification needed on how mydlink works
« Reply #2 on: August 02, 2016, 07:36:34 AM »

I was more interested in *how* an external website can access a device behind my router. Everything I know and understand about routers should make such access impossible. The last 20+ years of internet security disasters on every device, OS and program under the sun has shown why such a thing would be a bad idea.

I will try the phone support, but I was hoping someone from the engineering team could answer here.
Logged

Blubber

  • Level 1 Member
  • *
  • Posts: 15
Re: Clarification needed on how mydlink works
« Reply #3 on: August 02, 2016, 04:37:07 PM »

I contacted support and they told me to try the forums. Is there another subforum here that would be more appropriate for this question?
Logged

Kakashi::.

  • Level 3 Member
  • ***
  • Posts: 270
Re: Clarification needed on how mydlink works
« Reply #4 on: August 03, 2016, 09:05:00 AM »

Blubber,

It is great that you have taken an interest in knowing the interworking of our mydlink® service, but as you have already have found out,  this isn't something we put out there for everyone's reference.
The system has various parts, the products, the cloud service and the two common ways to access the service: mydlink Portal and mydlink Apps. Starting with the product. At the factory, devices are Geo Tag using what is called a  (mydlink No.), meaning these products are built for the specific regions that will be sold. Devices from one region are not allowed registration on a separate region server. The service is a worldwide service and has been broken down in regional section for various reasons.  Accessibility, stability, and safety are just some of those.  An account holder can reach its regional server from anywhere in the world, once an account has been setup and devices are attached, but the setup is still only allowed from the proper regional service. 
The product's firmware also contains what is called a mydlink agent. This program allows for proper authentication of the device to the Service by providing the S/N, MAC address, and mydlink No. once a secure connection has been established with the regional mydlink service. D-Link's main concern is always security, so periodic updates to the firmware of devices that are fully supported and at times even legacy devices, which are no longer supported, delivered updates to this program to ensure it's cloud service security.

The Cloud Service is run under the Amazon Cloud Services ensuring its stability and availability for millions of our customers worldwide. All communications to the cloud services are authenticated under strict security policies, and that is as far as I can go describing the service without having you sign an NDA. ;)
The portal and mobile Apps (Android, iOS, and Windows mobile compatible) are the easy way to access your devices once a mydlink  account has been created.

The beauty of this is that this service is completely free and if you are skeptical about it, you DO NOT have to use it. There are other solutions out there that will allow this remote functionality  with sometimes minimal configuration.  Properly researched deployments are as secured as this service is,  so no worries, this is not the only option. 
Hope this information helps you understand the service, even if it is a little bit.
Thanks for your interest.

Logged

Blubber

  • Level 1 Member
  • *
  • Posts: 15
Re: Clarification needed on how mydlink works
« Reply #5 on: August 03, 2016, 09:34:26 AM »

Thanks Kakashi, that helps a lot. You don't need to disclose any proprietary information.

My main question was how can the service see a device behind my router, since routers will only allow data from the WAN to pass through when the connection was first established by a device on the LAN. From what you stated, I assume the agent reaches out and establishes the connection with mydlink first, which then allows mydlink to communicate back to the device through the router.

Thanks, hopefully this information is useful to others who are also curious.

Logged

Kakashi::.

  • Level 3 Member
  • ***
  • Posts: 270
Re: Clarification needed on how mydlink works
« Reply #6 on: August 03, 2016, 10:55:14 AM »

Thanks Kakashi, that helps a lot. You don't need to disclose any proprietary information.

My main question was how can the service see a device behind my router, since routers will only allow data from the WAN to pass through when the connection was first established by a device on the LAN. From what you stated, I assume the agent reaches out and establishes the connection with mydlink first, which then allows mydlink to communicate back to the device through the router.

Thanks, hopefully this information is useful to others who are also curious.

Blubber,

     Yes, the correct camera behavior is that of any UPnP supporting device. Once connected to the local network it will  try to discover a UPnP gateway to use as its way out to the mydlink service. If no UPnP gateway is found (in the case UPnP is off or not supported by the router) the unit will try reaching the mydlink services using port 80 and 443. No communication is established with the service, it just a way to discover the path to it (more like a ping).
It will be up to the Installation Wizard or Mobile App to establish a secure connection  in order set up the account and link up a device once it is authorized by the Cloud Service to attached to that region's Service.

Hope this helps!

Logged

Blubber

  • Level 1 Member
  • *
  • Posts: 15
Re: Clarification needed on how mydlink works
« Reply #7 on: August 03, 2016, 10:58:11 AM »

Much appreciated, thanks!
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: Clarification needed on how mydlink works
« Reply #8 on: August 03, 2016, 11:07:36 AM »

Thank you Sir.

Enjoy.  ;)
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

BAMoh

  • Level 3 Member
  • ***
  • Posts: 307
Re: Clarification needed on how mydlink works
« Reply #9 on: August 04, 2016, 11:46:32 PM »

Blubber,

It is great that you have taken an interest in knowing the interworking of our mydlink® service, but as you have already have found out,  this isn't something we put out there for everyone's reference.
The system has various parts, the products, the cloud service and the two common ways to access the service: mydlink Portal and mydlink Apps. Starting with the product. At the factory, devices are Geo Tag using what is called a  (mydlink No.), meaning these products are built for the specific regions that will be sold. Devices from one region are not allowed registration on a separate region server. The service is a worldwide service and has been broken down in regional section for various reasons.  Accessibility, stability, and safety are just some of those.  An account holder can reach its regional server from anywhere in the world, once an account has been setup and devices are attached, but the setup is still only allowed from the proper regional service. 
The product's firmware also contains what is called a mydlink agent. This program allows for proper authentication of the device to the Service by providing the S/N, MAC address, and mydlink No. once a secure connection has been established with the regional mydlink service. D-Link's main concern is always security, so periodic updates to the firmware of devices that are fully supported and at times even legacy devices, which are no longer supported, delivered updates to this program to ensure it's cloud service security.

The Cloud Service is run under the Amazon Cloud Services ensuring its stability and availability for millions of our customers worldwide. All communications to the cloud services are authenticated under strict security policies, and that is as far as I can go describing the service without having you sign an NDA. ;)
The portal and mobile Apps (Android, iOS, and Windows mobile compatible) are the easy way to access your devices once a mydlink  account has been created.

The beauty of this is that this service is completely free and if you are skeptical about it, you DO NOT have to use it. There are other solutions out there that will allow this remote functionality  with sometimes minimal configuration.  Properly researched deployments are as secured as this service is,  so no worries, this is not the only option. 
Hope this information helps you understand the service, even if it is a little bit.
Thanks for your interest.

Does this mean if I buy a cam for a friend living  outside of North America, they can't use it? OR does it mean they would have to register it on the North American mydlink site?
Logged
"That's laughable...."  Impress me. Need COMPETENT help.

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: Clarification needed on how mydlink works
« Reply #10 on: August 05, 2016, 06:35:34 AM »

Products should be bought with in each users region, not only for mydlink services reasons also for D-Link support reasons. Regional D-Link support probably doesn't support products out side of there perspective region. i.e. UK wont support a product that is only sold here in the USA and vs versa.
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

RYAT3

  • Level 10 Member
  • *****
  • Posts: 2254
Re: Clarification needed on how mydlink works
« Reply #11 on: August 05, 2016, 08:28:07 AM »

There are also those differences in wifi specifications to deal with in Europe.
Logged

BAMoh

  • Level 3 Member
  • ***
  • Posts: 307
Re: Clarification needed on how mydlink works
« Reply #12 on: August 06, 2016, 02:06:06 PM »

Products should be bought with in each users region, not only for mydlink services reasons also for D-Link support reasons. Regional D-Link support probably doesn't support products out side of there perspective region. i.e. UK wont support a product that is only sold here in the USA and vs versa.

OK ignoring the support as frankly its not necessary, there is a cost factor. Cams usually cost 2x as much elsewhere as they do in the US. My question again is can a cam purchased here work properly abroad if its hooked up to the US mydlink site? If you don't know then say you don't know. I don't about the corporate answer regarding DLINK support this or that, its irrelevant. I want to purchase some as a gift for friends abroad.
Logged
"That's laughable...."  Impress me. Need COMPETENT help.

RYAT3

  • Level 10 Member
  • *****
  • Posts: 2254
Re: Clarification needed on how mydlink works
« Reply #13 on: August 06, 2016, 04:17:14 PM »

Any customs import duties /taxes? (Assuming shipping).
and some items might fall under export restrictions.
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: Clarification needed on how mydlink works
« Reply #14 on: August 07, 2016, 05:37:54 PM »

Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.
Pages: [1] 2