On this page

The stakes
Compliance rules across major jurisdictions
The migration plan
Compliant camera brands
NDAA FAQ
THE STAKES

One camera. Whole contract.

Section 889 doesn't care which contract the equipment sits on - if any part of the contractor's estate uses covered kit, the federal relationship is at risk. Other governments are heading the same way. The UK (2022 Cabinet Office statement) and Australia (2023 Defence removal) already have their own restrictions; India, the Netherlands and Taiwan are following. State and local authorities receiving federal money tend to inherit whatever Washington decides.

Federal agencies

FBI, Coast Guard, military, VA, National Park Service, every federal executive agency. No exemptions, no transitional grace.

Federal prime contractors

The blacklist clause covers any contractor that uses covered equipment - on the federal job or elsewhere. Foreign offices count.

Federal-funding recipients

State and local agencies receiving federal dollars (schools, transit, utilities, courts) inherit the restriction.

Country-level expansion

UK (Cabinet Office, 2022) and Australia (Defence, 2023) have introduced their own Hikvision / Dahua restrictions, with India, the Netherlands and Taiwan following. The trend is one-way.

COMPLIANCE RULES ACROSS MAJOR JURISDICTIONS

Different governments. Same problem.

Most Western governments have written their own version of the NDAA Section 889 rule for Hikvision, Dahua and related Chinese-state surveillance vendors. The wording is different in each country, but the buyer's job is the same - and so is the TetherX migration path.

πŸ‡ΊπŸ‡Έ

United States

Policy. NDAA Section 889 of the 2019 National Defense Authorization Act. Procurement ban effective August 2019; broader blacklist on use of covered equipment effective August 2020.

Scope. Every federal executive agency, every federal prime contractor and every federal-funding recipient. No geographic carve-outs - a foreign office using a single Hikvision camera puts the parent contract at risk. State and local authorities receiving federal dollars (schools, transit, utilities) inherit the restriction.

Brands. Hikvision, Dahua, Huawei, Hytera and ZTE - plus any subsidiary, affiliate or OEM-rebadged variant.

Microsoft Learn - NDAA Section 889

πŸ‡¬πŸ‡§

United Kingdom

Policy. Cabinet Office written statement HCWS386 (Oliver Dowden, 24 November 2022).

Scope. Departments instructed to stop deploying surveillance equipment from companies subject to China's National Intelligence Law on sensitive government sites, to disconnect existing kit from departmental core networks, and to consider extending the same controls beyond sensitive sites.

Brands. Not named in the statement, but the National Intelligence Law trigger captures Hikvision and Dahua. NPSA guidance operationalises against those vendors.

parliament.uk - HCWS386

πŸ‡ͺπŸ‡Ί

European Union

Policy. European Parliament 2023 motion to remove Hikvision cameras from its premises. NIS2 directive (transposed October 2024) requires essential and important entities to manage supply-chain risk from high-risk suppliers. Czech Republic NUKIB cybersecurity warning on Hikvision and Dahua (2024).

Scope. No single EU-wide statute equivalent to Section 889 - a patchwork of EU-institution policy, NIS2 supply-chain duty-of-care and national-level bans (Lithuania, Estonia, Czech Republic). Procurement teams treat the stack as functionally equivalent.

Brands. Hikvision named in the European Parliament debate; Dahua under the same NIS2 supply-chain risk umbrella.

IPVM - Where Dahua and Hikvision Are Banned

πŸ‡¦πŸ‡Ί

Australia

Policy. Defence Minister Richard Marles, 9 February 2023, following the Paterson audit (913 devices across 250+ federal premises).

Scope. Defence Department ordered to remove Chinese-made cameras from buildings; broader removal commitments across Attorney-General's, Climate Change & Energy, Social Services and other federal departments. Ministerial direction rather than statute. The Australian War Memorial began removal in parallel.

Brands. Hikvision and Dahua explicitly named.

The Guardian

πŸ‡¨πŸ‡¦

Canada

Policy. Federal procurement ban official 2025 - Treasury Board Secretariat and Public Services and Procurement Canada delisting of Hikvision. Canadian Centre for Cyber Security (CCCS) advisories on Chinese-state surveillance vendors.

Scope. Federal procurement and federally-funded provincial / municipal projects. Mirrors US Section 889 in spirit. CCCS supply-chain guidance applies to broader critical-infrastructure deployments.

Brands. Hikvision delisted from federal procurement; Dahua under the same supply-chain risk umbrella.

IPVM - Where Dahua and Hikvision Are Banned

India (MeitY "Essential Requirements for CCTV cameras" 2024 + STQC certification regime mandatory from April 2026), the Netherlands (2023 parliamentary motion to phase out Hikvision and Dahua at sensitive sites) and Taiwan (long-standing ban on Chinese-state vendors in government procurement) have their own equivalents. The migration playbook below applies to all of them.

THE MIGRATION PLAN

Compliant in months, not years.

Camera replacement is the slow and expensive part. The trick is to sequence it - get the management software off the covered list straight away, then phase the cameras over time.

01

Audit the estate

TetherX dashboard inventories every connected camera with manufacturer, model, firmware. Use it to answer the Section 889 "reasonable inquiry" requirement instead of spreadsheets and site visits.

02

Replace the VMS layer

Install a TetherBox at each site (TetherBox software on an existing server or PC, or a dedicated unit from the range - see the range). The existing Hikvision / Dahua cameras stay on the site network behind it - the TetherBox is the only path to the cloud, the cameras have no direct Internet access. Decommission HikCentral Pro / DSS Pro servers. The management layer is now NDAA-friendly.

03

Phase cameras 12-36 months

As warranty, end-of-life and budget allow, swap cameras for Hanwha, Axis, Avigilon, Pelco or Bosch. From the operator's seat nothing changes - same dashboard, same workflows, new compliant hardware underneath.

04

Evidence compliance

Export the camera-by-camera manifest at any time. ISO 27001 / SOC 2 certified cloud infrastructure, audit log, certificate-based encryption. Document the migration end to end.

COMPLIANT CAMERA BRANDS

TetherX works with every NDAA-friendly brand worth installing.

Pick the camera that fits each site. Specify NDAA-compliant where you must, mix in your preferred hardware elsewhere. TetherX is the constant.

Hanwha Vision

Wisenet line, deep TetherX integration, Korean-built NDAA replacement of choice.

Axis Communications

Swedish, ONVIF-native, the most-installed enterprise camera brand outside Hikvision.

Avigilon (Motorola)

Mercury controllers, non-proprietary, multi-vertical US enterprise install base.

Pelco

Long-standing US brand, public-sector and transport-vertical heritage.

Bosch

European enterprise, on-camera Intelligent Video Analytics, deep BVMS heritage.

i-PRO (formerly Panasonic)

Japanese, low-light specialist, broad ONVIF compatibility.

NDAA FAQ

Section 889 questions answered

Compliance is shared. TetherX provides the platform tooling (regional storage, encryption, role-based access, audit logging, ringfencing and an NDAA-friendly camera path). The operator and integrator are responsible for selecting approved cameras for every position, setting retention, limiting admin access and running the policy. See the shared-responsibility FAQ.

Section 889 of the 2019 US National Defense Authorization Act bans federal agencies and federal contractors from buying, using or maintaining video surveillance equipment from Hikvision, Dahua, Huawei, Hytera, ZTE, or any subsidiary, affiliate, or OEM-rebadged variant. Procurement ban took effect August 2019; the broader blacklist ("an entity that uses" covered equipment, even outside the federal contract) took effect August 2020. It applies to every federal executive agency, every prime contractor doing business with the federal government, every federal-funding recipient, and there are no geographic carve-outs - a foreign office using a single Hikvision camera puts the parent contract at risk.

No. GSA has confirmed "maintenance is covered" - even servicing an existing HikCentral or iVMS-4200 deployment counts as use. Legacy systems must be migrated, not just left alone.

Yes. The TetherX platform supports all major NDAA-compliant brands - Hanwha Vision, Axis Communications, Avigilon (Motorola), Pelco, Bosch, plus 200+ other manufacturers and any ONVIF device. The integrator picks the right camera for each site; TetherX is the management layer that survives every brand swap.

Camera replacement is the slow and expensive part of NDAA migration. TetherX lets the integrator migrate the management layer first - the existing Hikvision / Dahua cameras stay on the site network behind a TetherBox gateway (TetherBox software on an existing server or PC, or a dedicated unit from the range - compact in-vehicle through to rackmount), the TetherBox is the only thing that talks to the cloud, the HikCentral / DSS Pro server is decommissioned, and camera swaps phase over 12-36 months as warranty, end-of-life and budget allow. The customer is compliant from a management-software perspective immediately and on a clear path to camera compliance.

The UK, Australia, Netherlands, Taiwan and others have introduced their own Hikvision / Dahua restrictions, particularly for government-adjacent sites (schools, councils, transport, utilities). TetherX is UK-built, hosts in regional data centres in the UK, US, Canada, India and Australia, and supports the same NDAA-compliant camera ecosystem worldwide. New local clouds can be spun up on demand where a customer needs data residency in a region we do not yet host in - including private clouds dedicated to a single customer.

Section 889 mandates "reasonable inquiry" per offer and requires reporting of covered equipment use within one business day of discovery. TetherX gives you a single dashboard listing every connected camera at every site with manufacturer and model, so an inquiry can be answered in minutes instead of weeks of site visits. Audit trail, user permissions and certificate-based encryption are documented in our security architecture whitepaper.

No. TetherX is UK-designed, channel-only, with no Chinese ownership, board representation, or supply-chain dependency on the Section 889 covered entities. TetherBox hardware uses Intel / AMD compute, not HiSilicon.
ALSO COMPARED

See TetherX against another VMS

Researching options? Read the side-by-side for each VMS the channel asks about most.

YourSix

Axis-only PSaaS bundling monitoring vs multi-brand, channel-only.

Cisco Meraki

Tied to Cisco networking stack vs network-agnostic.

Avigilon Alta

Motorola ecosystem pull vs genuinely brand-agnostic.

Immix

Established enterprise ARC workflow standard for video-heavy receiving centres - TetherX is the modern cloud-VMS alternative for centres that want leaner, more intuitive tooling.
See all comparisons

Still have questions about compliance, supported cameras or the migration timeline?

Read the full FAQ

Get on the NDAA migration path

Run TetherX next to your existing Hikvision / Dahua install. Compliant management layer on day one, camera replacement on your schedule.

Start Free Trial

[1] About this comparison. Information about other vendors is drawn from their public product pages, datasheets, integrator forums (Reddit, vendor user groups), public CVE databases (NVD, CISA), publicly-listed LinkedIn company pages (headcount, headquarters, founding year, leadership transitions and corporate ownership signals) and customer conversations - accurate to the best of our knowledge as of Q2 2026. Pricing, features, security posture and policies change. A vendor may have shipped a fix, dropped a price, added a region or changed an architecture since this page was last reviewed.

If you believe anything here is inaccurate or out of date, please contact us and we will review and correct it. Trademarks and product names belong to their respective owners and are referenced here for identification only.