Network Security 

PIXERA by AV Stumpfl is a professional media server system designed specifically for high-performance video playback and real-time visualizations. This section covers recommended security measures and procedures when using PIXERA in protected IT environments such as corporate networks. The goal is to balance modern network security requirements with reliable system functionality.

Introduction

PIXERA servers are delivered out of factory with a carefully tuned system configuration that is optimized for maximum stability and performance. Changes to this basic configuration, such as extensive system modifications or unauthorized software, can compromise operational reliability and lead to unexpected behavior. To enable reliable error analysis in the event of performance issues, it may therefore be necessary to reset the server to its original delivery state. This ensures that all components are running under the intended conditions and that support requests can be processed efficiently.

PIXERA Software General

AV Stumpfl PIXERA is a high-performance media server platform built for real-time playback and precise synchronization of complex visual content. Its architecture is optimized for low-latency operation and maximum system responsiveness—requirements that are essential in demanding live and immersive environments.

In contrast, corporate IT environments are typically focused on data integrity, access control, and system security. These environments rely on strict protocols such as antivirus monitoring, automated software patching, and restricted network communications to protect against vulnerabilities and data breaches.

The operational needs of a system like PIXERA often stand in direct opposition to these conventional IT practices. Real-time media playback systems are highly sensitive to background processes and system interventions that can compromise performance. As a result, some standard IT security measures must be adjusted, limited, or entirely disabled to ensure stable playback and optimal system behavior during shows or installations.

PIXERA is NOT a typical IT workstation, it is a dedicated media system, and its integration into secure networks must be approached with careful balance between performance and protection. The following sections highlight key technical considerations and recommendations when incorporating PIXERA into controlled or security-sensitive environments.

Windows Updates

AV Stumpfl media servers operate on a specially prepared Windows operating system that has been fine-tuned for media playback performance and long-term reliability. Rather than relying on standard consumer or enterprise update cycles, we provide a custom system image that includes a fully tested combination of operating system version, driver sets, and performance-critical configurations.

These OS builds are chosen based on how well they perform under real-time media workloads; not simply on how current or up-to-date they are. In fact, the latest Windows updates or driver releases are often not used, as they can introduce changes that interfere with stability, compatibility, or playback timing.

To protect this carefully balanced environment, automatic updates via Windows Update and similar services are disabled on all systems by default. The reason for this choice is to prevent background changes from modifying the system in ways that haven’t been tested or validated by our engineering team.

We ask that users treat the installed operating system as a fixed platform, much like firmware on a hardware device. It is not intended to be modified or patched independently. Unless specifically instructed by AV Stumpfl support, you should avoid applying system updates, driver changes, or third-party optimizations.

This controlled approach ensures predictable system behavior and allows us to deliver consistent performance across all deployments, whether in fixed installations, live events, or time-critical productions.

Drivers

AV Stumpfl does not recommend or support the manual installation or updating of any hardware component drivers on PIXERA servers. All drivers included in our systems are carefully selected, tested, and validated by our development and quality assurance teams as part of a fully integrated and optimized system image. This process ensures that all drivers, including those for GPU, audio, networking, storage, and other peripherals, are fully compatible with one another and with the PIXERA software environment.

Rather than using the latest driver versions available from hardware vendors, we intentionally select specific versions that have proven stable and reliable within our test environments. In some cases, newer driver releases may introduce unexpected changes, remove critical features, or create compatibility issues that can negatively impact system behavior, real-time playback performance, or overall reliability. For this reason, driver updates are only implemented after thorough evaluation across various hardware configurations and use-case scenarios.

Manually installing or updating drivers outside of this controlled process can lead to instability, degraded performance, or unintended behavior that is difficult to troubleshoot and falls outside the scope of our support coverage. Unless explicitly directed by AV Stumpfl’s support or engineering teams, no driver should be manually added, modified, or updated on a PIXERA system.

This strict approach ensures that the server maintains the performance, consistency, and reliability expected in professional media environments. It also allows our support teams to provide effective and efficient assistance, knowing that all system components are operating within a validated and standardized framework.

When we have thoroughly tested and confirmed stability of a new driver in our system, it will be included in future operating system images, as well as listed on our PIXERA Server - Drivers Guide.

Firewall

AV Stumpfl media servers are often used in controlled network environments. Although Windows Firewall is typically disabled by default, it’s important to understand the system’s network behavior and which ports are required to ensure proper configuration and effective troubleshooting.

While firewalls can help enhance the security of your AV Stumpfl setup, they must be correctly configured to prevent negative effects on system performance. Incorrect firewall settings can disrupt communication between components and reduce overall stability.

For comprehensive information on port usage and expected network communication, please consult our Network Ports and Activity documentation. This guide is designed to support IT professionals and network administrators in maintaining both secure and reliable system operation.

Before applying any firewall rules in a live environment, make sure they are fully tested in a staging setup. Misconfigured firewall rules can interfere with the real-time performance of AV Stumpfl systems. Please also keep in mind that firewall configurations may need to be updated following software updates, as network requirements can change over time.

IPMI

AV Stumpfl media servers include IPMI (Intelligent Platform Management Interface) functionality, which allows remote management of the system at a hardware level, even when the operating system is not running. This can be an essential tool for IT administrators, particularly in large or distributed installations.However, because IPMI operates at a low level and provides powerful access to the system, it also introduces potential security risks if not properly configured.

Default Credentials and Access Control

For security reasons, it is strongly recommended to immediately change the default IPMI login credentials after initial setup. Leaving default credentials in place can expose your system to unauthorized access and compromise.

Additionally, ensure that IPMI is not accessible from public or unsecured networks. Ideally, IPMI should only be available via a separate, secured management VLAN or physically isolated network. Access should be limited to trusted administrators and protected by network firewalls and IP whitelisting where possible.

Configuration Guidance

For detailed instructions on how to access, configure, and secure IPMI on your AV Stumpfl media server, please refer to our official IPMI Guide which contains:

• Standard Usernames and Passwords
• Steps to change login credentials 

Never expose IPMI directly to the internet. Doing so can make your system vulnerable to known exploits.

Proper IPMI setup is essential for maintaining the security and reliability of your AV Stumpfl media server environment. Always test your configuration changes in a controlled environment before deploying them in production.

Network Isolation Recommendations 

To ensure optimal performance and protect system integrity, AV Stumpfl media servers should only be connected to a dedicated local area network (LAN) that is fully isolated from the broader corporate or internet-connected IT infrastructure. This network should be physically or logically separated (air-gapped) to minimize the risk of external interference or exposure.

If there is a need to exchange data between the secure AV Stumpfl LAN and your main IT network, it is strongly advised to implement a demilitarized zone (DMZ) to manage and control that interaction. This architecture helps maintain the high-performance demands of AV playback systems while aligning with IT security best practices.

Important Notice

20. August 2025 | R.F