Hello thank you very much.
At the NVR I don't have such settings. At the CMS (Herospeed) from the cameras I don't have anything like this, too.
But I have tried to stream the video via RTSP with VLC, whiteout password. It doesn't work. I have to log in first or put the username & password in the stream-address. (rtsp://user:pw@x.x.x.137:80)
So I think there is no problem with the security of the rtsp stream.
(For the RTP Stream it didn't work with or whiteout password with the same port. - I don't have different port settings at the CMS from the camera. So if RTP works with a different port I can try this, too.)
Password for the camera is no standard password.
So the questions are: How it is possible that Xeoma still gets access to the camera? Are there other ways to view a stream of network cameras? An even more important what can I do, that no one else can view the stream if I want to open my network to view the streams via mobile phone?