THE STAKES

One camera. Whole contract.

Section 889 does not care which contract the covered equipment is on - if any part of the contractor's estate uses covered kit, the federal relationship is at risk. The same logic is spreading: the UK (2022 Cabinet Office statement), Australia (2023 Defence removal), India (2024 MeitY rules, mandatory April 2026), the Netherlands and Taiwan have their own restrictions, and state / local authorities increasingly inherit the federal posture.

Federal agencies

FBI, Coast Guard, military, VA, National Park Service, every federal executive agency. No exemptions, no transitional grace.

Federal prime contractors

The blacklist clause covers any contractor that uses covered equipment - on the federal job or elsewhere. Foreign offices count.

Federal-funding recipients

State and local agencies receiving federal dollars (schools, transit, utilities, courts) inherit the restriction.

Country-level expansion

UK (Cabinet Office, 2022), Australia (Defence, 2023), India (MeitY, April 2026), Netherlands and Taiwan have all introduced varying Hikvision / Dahua restrictions. The trend is one-way.

EQUIVALENT RULES OUTSIDE THE US

Same logic, different jurisdictions.

Most western governments and India now have their own version of the NDAA 889 logic for Hikvision, Dahua and related Chinese-state surveillance vendors. The wording differs; the buyer-side answer is the same TetherX migration path.

🇬🇧

United Kingdom

Policy. Cabinet Office written statement HCWS386 (Oliver Dowden, 24 November 2022).

Scope. Departments instructed to stop deploying surveillance equipment from companies subject to China's National Intelligence Law on sensitive government sites, to disconnect existing kit from departmental core networks, and to consider extending the same controls beyond sensitive sites.

Brands. Not named in the statement, but the National Intelligence Law trigger captures Hikvision and Dahua. NPSA guidance operationalises against those vendors.

parliament.uk - HCWS386

🇦🇺

Australia

Policy. Defence Minister Richard Marles, 9 February 2023, following the Paterson audit (913 devices across 250+ federal premises).

Scope. Defence Department ordered to remove Chinese-made cameras from buildings; broader removal commitments across Attorney-General's, Climate Change & Energy, Social Services and other federal departments. Ministerial direction rather than statute. The Australian War Memorial began removal in parallel.

Brands. Hikvision and Dahua explicitly named.

The Guardian

🇮🇳

India

Policy. MeitY "Essential Requirements for CCTV cameras" (April 2024), STQC certification regime mandatory from 1 April 2026. Reinforced by post-Galwan (2020) Government e-Marketplace restrictions on Chinese-origin hardware and a Ministry of Home Affairs pan-India CCTV audit after the 2026 Ghaziabad espionage case.

Scope. Broader than NDAA 889: applies to all Internet-connected CCTV sold into the Indian market, not just government procurement. Manufacturers must disclose SoC and firmware origin and pass vulnerability testing - STQC labs are denying certification for non-compliant Chinese hardware.

Brands. Hikvision and Dahua named in reporting as primary targets; effect is to bar non-compliant Chinese OEMs market-wide.

MediaNama

The Netherlands (2023 parliamentary motion to phase out Hikvision and Dahua at sensitive sites) and Taiwan (long-standing ban on Chinese-state vendors in government procurement) have their own equivalents. The migration playbook below applies to all of them.

THE MIGRATION PLAN

Compliant in months, not years.

Camera replacement is the slow and expensive part. The fix is to sequence: take the management software off the covered list immediately, then phase cameras.

01

Audit the estate

TetherX dashboard inventories every connected camera with manufacturer, model, firmware. Use it to answer the Section 889 "reasonable inquiry" requirement instead of spreadsheets and site visits.

02

Replace the VMS layer

Install a TetherBox at each site (TetherBox software on an existing server or PC, or a dedicated unit from the range - see the range). The existing Hikvision / Dahua cameras stay on the site network behind it - the TetherBox is the only path to the cloud, the cameras have no direct Internet access. Decommission HikCentral Pro / DSS Pro servers. The management layer is now NDAA-friendly.

03

Phase cameras 12-36 months

As warranty, end-of-life and budget allow, swap cameras for Hanwha, Axis, Avigilon, Pelco or Bosch. TetherX never noticed - same dashboard, same workflows, new compliant hardware behind it.

04

Evidence compliance

Export the camera-by-camera manifest at any time. ISO 27001 / SOC 2 certified cloud infrastructure, audit log, certificate-based encryption. Document the migration end to end.

COMPLIANT CAMERA BRANDS

TetherX works with every NDAA-friendly brand worth installing.

Pick the camera that fits each site. Specify NDAA-compliant where you must, mix in your preferred hardware elsewhere. TetherX is the constant.

Hanwha Vision

Wisenet line, deep TetherX integration, Korean-built NDAA replacement of choice.

Axis Communications

Swedish, ONVIF-native, the most-installed enterprise camera brand outside Hikvision.

Avigilon (Motorola)

Mercury controllers, non-proprietary, multi-vertical US enterprise install base.

Pelco

Long-standing US brand, public-sector and transport-vertical heritage.

Bosch

European enterprise, on-camera Intelligent Video Analytics, deep BVMS heritage.

i-PRO (formerly Panasonic)

Japanese, low-light specialist, broad ONVIF compatibility.

NDAA FAQ

Section 889 questions answered

Compliance is shared. TetherX provides the platform tooling (regional storage, encryption, role-based access, audit logging, ringfencing and an NDAA-friendly camera path). The operator and integrator are responsible for selecting approved cameras for every position, setting retention, limiting admin access and running the policy. See the shared-responsibility FAQ.

Section 889 of the 2019 US National Defense Authorization Act bans federal agencies and federal contractors from buying, using or maintaining video surveillance equipment from Hikvision, Dahua, Huawei, Hytera, ZTE, or any subsidiary, affiliate, or OEM-rebadged variant. Procurement ban took effect August 2019; the broader blacklist ("an entity that uses" covered equipment, even outside the federal contract) took effect August 2020. It applies to every federal executive agency, every prime contractor doing business with the federal government, every federal-funding recipient, and there are no geographic carve-outs - a foreign office using a single Hikvision camera puts the parent contract at risk.

No. GSA has confirmed "maintenance is covered" - even servicing an existing HikCentral or iVMS-4200 deployment counts as use. Legacy systems must be migrated, not just left alone.

Yes. The TetherX platform supports all major NDAA-compliant brands - Hanwha Vision, Axis Communications, Avigilon (Motorola), Pelco, Bosch, plus 200+ other manufacturers and any ONVIF device. The integrator picks the right camera for each site; TetherX is the management layer that survives every brand swap.

Camera replacement is the slow and expensive part of NDAA migration. TetherX lets the integrator migrate the management layer first - the existing Hikvision / Dahua cameras stay on the site network behind a TetherBox gateway (TetherBox software on an existing server or PC, or a dedicated unit from the range - compact in-vehicle through to rackmount), the TetherBox is the only thing that talks to the cloud, the HikCentral / DSS Pro server is decommissioned, and camera swaps phase over 12-36 months as warranty, end-of-life and budget allow. The customer is compliant from a management-software perspective immediately and on a clear path to camera compliance.

The UK, Australia, Netherlands, Taiwan and others have introduced their own Hikvision / Dahua restrictions, particularly for government-adjacent sites (schools, councils, transport, utilities). TetherX is UK-built, hosts in regional data centres in the UK, US, Canada, India and Australia, and supports the same NDAA-compliant camera ecosystem worldwide. New local clouds can be spun up on demand where a customer needs data residency in a region we do not yet host in - including private clouds dedicated to a single customer.

Section 889 mandates "reasonable inquiry" per offer and requires reporting of covered equipment use within one business day of discovery. TetherX gives you a single dashboard listing every connected camera at every site with manufacturer and model, so an inquiry can be answered in minutes instead of weeks of site visits. Audit trail, user permissions and certificate-based encryption are documented in our security architecture whitepaper.

No. TetherX is UK-designed, channel-only, with no Chinese ownership, board representation, or supply-chain dependency on the Section 889 covered entities. TetherBox hardware uses Intel / AMD compute, not HiSilicon.
ALSO COMPARED

See TetherX against another VMS

Researching options? Read the side-by-side for each VMS the channel asks about most.

Verkada

Closed proprietary ecosystem vs open cameras, no lock-in.

Avigilon Alta

Motorola ecosystem pull vs genuinely brand-agnostic.

Milestone

Per-MAC perpetual licensing vs cloud subscription.

Cisco Meraki

Tied to Cisco networking stack vs network-agnostic.
See all comparisons

Still have questions about compliance, supported cameras or the migration timeline?

Read the full FAQ

Get on the NDAA migration path

Run TetherX next to your existing Hikvision / Dahua install. Compliant management layer on day one, camera replacement on your schedule.

Start Free Trial

About this comparison. Information about other vendors is drawn from their public product pages, datasheets, integrator forums (Reddit, vendor user groups), public CVE databases (NVD, CISA) and customer conversations - accurate to the best of our knowledge as of 21 May 2026. Pricing, features, security posture and policies change. A vendor may have shipped a fix, dropped a price, added a region or changed an architecture since this page was last reviewed.

If you believe anything here is inaccurate or out of date, please contact us and we will review and correct it. Trademarks and product names belong to their respective owners and are referenced here for identification only.