Video Storage

In physical security applications, the CCTV system is in the midst of a fundamental transition. This transition is taking the CCTV function within the integrated security system from one of passive observation to one of active detection. Coupled with advancing video analytic capabilities, it is likely that in the near fouture, the CCTV system will replace many of the detection subsystems that are currently considered essential.

However, the success of this transition is accompanied by ever-increasing video storage requirements. The ease of implementation of IP-addressable, Power over Ethernet (PoE)-enabled CCTV cameras has resulted in a rise in the number of cameras implemented for security applications. Video file retention periods have lengthened from an average of 30 days (common in the late ’90s), to as much as 12 months today. This has resulted in the video storage subsystem becoming a focus of potentially intense capital investment, ongoing data management and maintenance.

In current applications, video storage is typically seen in one or more configurations: on board the CCTV camera, in the digital video recorder/network video recorder (DVR/NVR), or in an external storage device. At the executive level, it is essential to recognize that all of these options may need to be exercised in order to obtain the functional performance needed from the integrated system.

Onboard Storage
CCTV cameras are currently available that contain onboard storage. This so-called edge storage has some attractive features. First, it enables the trend to push the video analytic activity away from one or more central processing servers and onto the actual camera. Edge processing — operated in the mode that only video of interest is stored and ultimately transmitted to archive — reduces average bandwidth consumption from the CCTV appliance. Second, onboard storage also offers some protection from communication infrastructure failure. These devices are particularly useful when bandwidth availability is limited, communication infrastructure reliability is questionable and the projected level of activity is low.

However, given a robust infrastructure, the trend is to retain all or a significant portion of the available video information for subsequent analysis. This generally leads to dedicated storage devices — either distributed and/or centrally located.

First-generation DVRs took analog CCTV inputs, converted them to a digital format, and wrote the now digital CCTV files to a captive, internal hard drive, referred to as direct attached storage (DAS). This, as well as hybrid versions that accept analog as well as direct IP inputs, are currently available. These devices, often referred to as hybrid DVR/NVRs, can be a lower-cost solution than a true NVR and can also serve as a transitional stage from an analog to IP system.

While the discussion continues over how to properly label the current breed of digital/network video recorders, it goes without saying that these devices constitute the majority of video storage devices currently specified and implemented. Common application practice with a DVR/Hybrid/NVR is to rely on these devices to provide the storage function for all or a portion of the CCTV system, depending on the size of the application. The internal hard drive storage capacity of these devices is generally specified to provide the period of retention desired by the end-user based on internal policy decisions. Actual sizing of the hard drive is a function of the frame rate of the recorded video, the compression algorithm used and the amount of activity in the recorded video scenes.

DVRs and their hybrid versions are offered by a wide variety of CCTV product vendors. Internal storage capacities can easily reach 2 terabytes (TB), and many vendors are also offering external storage directly connected to these devices with storage capacity ranging from 3-18 TB in a RAID 5 configuration.

These devices have been the storage product of choice for a number of enterprise configurations. For example, organizations with a large number of retail stores with camera counts averaging less than 16 have used these devices for local storage. In these environments, the hard drive is sized to provide the retention period needed; information is simply overwritten once the hard drive reaches its capacity. External storage is normally not used in these types of applications. Other application environments where the DVR and subsequent hybrids are used are campus environments, where CCTV systems are distributed throughout multiple buildings. Local storage with these devices can provide an intermediate aggregation point for the CCTV system centered on individual buildings.

One inefficiency of distributed recording devices is the aggregation of unused storage capacity. This unused capacity is the result of conservatism in the calculated capacity needed as well as allowance for some capacity contingency. For example, assume that to achieve a certain retention period on a specific recording device, only 70 percent of the available storage capacity is required. Multiplying this unused storage capacity by the number of local recording devices in the system could result in a significant amount of hard drive space that is not needed to achieve stated retention goals. This unused capacity, along with other factors, leads many larger organizations to move to centralized storage area networks (SAN) as opposed to simply increasing the DAS at each local recording device. Management of these extended storage networks is normally assigned to the software-based network video recorder (NVR).

Network Video Recorders
An NVR comes in different flavors. Probably the most common form of NVR in application today is an all-IP-based local storage device with DAS-sized storage. However, in larger enterprise applications, the NVR is often configured with a minimum of onboard DAS with a direct link to an SAN storage cluster centrally located and normally hosted by the IT department. This configuration reduces the aggregated unused storage space that is common with distributed local devices. It also places the bulk of the recorded video under active management archive and backup policies providing a higher degree of assurance of the historical maintainability of the video.
There are at least two options for centralized long-term storage video applications: network attached storage (NAS) and Internet protocol SANs (IP SANs). NAS systems operate in a file-based environment using the common internet file system (CIFS) for Windows platforms and the network file system (NFS) when operating in a Linux or UNIX environment. IP SANs access the storage devices directly at the block level over an existing IP network. Results from manufacturer's benchmark studies indicate that the IP SAN configuration tends to perform better during high loading conditions, resulting in less dropped frames and delayed write actions. Also, IP SAN does not need to go through the CIFS or the NFS, so bandwidth use tends to be lowered.

The IP SAN solutions remain largely the domain of larger, enterprise-level end-users with robust infrastructure and the organizational support for centralized data storage units. However, for security functions within these types of organizations with large video storage requirements, the centralized IP SAN type solution is generally considered necessary for long-term data availability, integrity and confidentiality.

While the majority of the investment in a current-technology CCTV system is in the cameras, a significant portion of the investment and ongoing operational costs reside in the storage media. As regulatory and potential forensic uses of historical video increase their organizational value, the need for reliable long-term storage becomes evident. In many cases, this can continue to be accomplished through localized storage devices; however, as security video applications continue to increase in size and the cost-per-unit of centralized storage applications continues to drop, long-term video storage will increasingly be provided by centralized solutions.

Randall R. Nason, PE, CPP, is a corporate vice president and manager of the Security Consulting Group at C.H. Guernsey & Co. He is currently developing electronic security system-related technical manuals, specifications and training courses for the U.S. Army.