Remote access: relay a device security concern

So i’m still on UI5 and have a camera device that i can access using the given:
http://ip_address:3480/data_request?id=relay&device=devNumber
or externally/remotely by passing my vera-credentials. This works fine- i can access the device remotely from any external IP address for the following 15 minutes. (not as secure as i’d like)
returns me something like:
http://someserver:20211/video.mpeg where i can then access the device remotely.

so using:
http://ip_address:3480/data_request?externalip=1.2.3.4&id=relay&device=devNumber
i understood that only my chosen ip address (1.2.3.4 in this case) is the only one that can access remotely.

However, it seems to me that the access-window time is much more that 15mins (stayed open for ages) and that supplying the IP address does not limit access to that IP address.

i know its an older system but all the comments i’ve read about newer versions being problematic i’ve stuck with “if it aint broke dont fix it”

any advice on how to secure my connection or close the connection on demand, please?
thanks