Edge Devices on the Network

It has been close to two decades since security systems started to use networks to connect field devices — and yet as an industry, we always seem to be hesitant to take that next step forward. Why is it that we still think it is better to be using coax, RS-485 and wiegand? I ask that question a lot and the answers I get often reveal a deep misunderstanding of why networking makes sense for almost any device. Let’s look at the top 10 reasons why taking the network out to the edge of your security system makes a lot of sense.

1. Proprietary wiring costs more.
Let’s take an access control example first. Using a conventional reader, door contact, REX button and strike at a door will take 13 wires between the field panel and the door. Typically, that will be four separate cables. Because this wire is special and made in lower volumes than network wiring, the cost of the wire alone for a 100-foot run is close to $100 plus the labor to pull four cables. Now, if we move the intelligent field panel out close to the door, and we replace that special cable with a single standard CAT-5e network cable — the cost is less than $10 for the CAT-5e, plus install labor for a single cable. In video, the story is not much different. A conventional PTZ dome takes three cables with anywhere from six to eight conductors — all of which can be replaced by a single network cable.

Worse than the cost of the cable is the cost of terminations. With proprietary wiring, each panel and device has its own “pin out” or required connections; each wire must go to a certain connector and each device gets wired in its own way. If you change to a new reader or upgrade a panel or camera, every connection must typically be redone — that’s hours and hours of labor. Contrast that with the network world, where each cable is the same: same connector and same “pin out.” This leads to some real efficiencies. In the network world, an installer does not need to know what device is going to be connected. They even have standard testers that check and certify each cable is connected and installed properly. The cost savings are massive and almost always make up for any increased cost from buying network-ready devices.

2. The network is already paid for.
In most companies these days, the network hardware is purchased with extra capacity to allow for the rapid increase in network PCs and phones. Most installations have the extra ports needed to plug in the edge devices for a security system. If that is true for your network, it is good for your security project because the needed infrastructure is already paid for. It is also good for the network because it helps to justify the expense that someone in the company approved to install that network as a utility.

If, on the other hand, it turns out that your network does not have the ports available that would be needed for a security project, it is highly likely that the backbone of the network is fine and all that is needed is a few extra switches. Those switches will still be less expensive than installing a proprietary system.

3. Security is better on a network.
It is easy to understand why people think a network is insecure — hackers, viruses and a host of bad press have convinced most people that networks are not to be trusted. While it is true that the Internet has a certain Wild West flavor to it, there is a huge difference between the Internet and the secure environment found in a corporate network. Our networks in any medium or large company are heavily managed; networks only allow known devices to operate and then only allow access to certain other devices. If you are not allowed to “talk to” a camera on the network, for example, you will never be able to even see any traffic from that camera, much less hack into it. Attempts to go where you do not belong are monitored. There is a policeman on every corner.

The technology that it takes to do this control and monitoring is amazing, which brings us to a slightly different point. There is no way that any individual company developing a proprietary communications scheme of its own could ever come close to offering its customers this type of protection; they could never afford to develop it.

4. Proven technology.
How many systems are installed in the world that use that “AwesomeNet” RS-485 protocol that your access system uses: Hundreds? Thousands? What are the chances of your finding a bug that just has not been worked out yet? What are the chances of there being a security flaw that you do not know about? Now, how many people use Ethernet’s TCP/IP protocol every day?

There are huge advantages to using a proven technology. The bugs have been worked out. The capabilities and limits are known. The support infrastructure exists. The number of experts is larger. In all, unless your needs are bleeding edge, a standard technology is always a smarter choice.

5. Maintenance is easier.
Easier at a couple of levels. First, there are better tools. If a device is properly designed to work on a network, it offers services such as Simple Network Management Protocol (SNMP) which allow for the monitoring of status using standard network management software.

Second, if your devices are on the network, the IT department can help. End-users that have implemented network-based edge devices on their network are finding that they are getting calls from IT to let them know a device went offline but they have already fixed it. The savings from not having to call in a third party can be significant.

6. Speed is your friend.
Ethernet is fast — more than 5000 times faster than a normal RS-485 link. What can you do with all of that extra speed? It enables you to make the devices smarter. Cameras can store video or analyze it. Megapixel images enable you to replace multiple conventional cameras with one device — and with a better picture as well. Readers can have full databases of who is allowed through that door, and you can download those databases in the blink of an eye. Doors can have cameras and intercoms built into the reader. Readers can use cryptographics to ensure badges are genuine and unaltered.

You can also use standard encryption methods for all of your communications — methods that do not require going to each device with a laptop to load in the key. In short, speed lets system designers increase the number and size of the messages sent to edge devices. That opens up a world of functionality that could not be done before.

7. How many people in the world understand Wiegand?
How many companies in your community understand how to install and maintain the proprietary communications schemes used in your security system? A handful? Now how many understand how to install Ethernet? It should be clear which path will yield more competition and lower costs. It should also be clear which one will make it easier to hire people that already understand how to administer your system. Look at it this way: how many training courses are there to teach how to install Ethernet? Now how many are out there to teach how to properly install a Wiegand reader?

8. What else can it do?
Our edge devices should be able to talk to other systems. A camera seeing movement should be able to tell the HVAC system that a weekend visitor to the building needs air-conditioning. A reader should be able to tell the system that controls computer log-ins that an employee is now in the building. Today, these integrations can be done but they almost always require sending a message to the host, because the host is the only part of the system with an “open” interface to talk to other systems. This is true even if the host is located in another building or another state. Using network connected edge devices opens a world of integration and extra value that we just can not economically get to with conventional systems.

9. I thought you said you wanted open architecture?
For the last dozen years or so, this industry has talked a lot about “open architecture.” The common definition is a system defined by a true standard, where the data can be accessed by any authorized person or system without restriction or license to use. A lot of people simply define it as the ability to not get stuck with one vendor. How ever you define it, one thing is clear: open architecture requires a common, standard way of communicating between devices. Anything less, and you can not be “open.” Ethernet is open: fully standardized with tens of thousands of manufacturers across the globe that can communicate out of the box. It could be done, of course, by releasing the details of a manufacturer’s proprietary protocol, but how many examples of that can you name?

10. Invest in the future.
The final point is this. Where do you think the future is really going? Proprietary or open? Hardly anyone I meet answers that question with proprietary. There should be no doubt that proprietary systems that get installed today will have a shorter life than their open alternatives and provide fewer benefits along the way. When we talk about network-based systems, the discussion should reach the same conclusions. There are always cases, of course, where it makes sense to buy a little bit more of yesterday’s technology. But we should never lose sight of the fact that these systems are an investment in every sense of the word. Investments that do not take into account where the market is going, be they stocks, real estate, or systems, often turn out to be bad deals for all concerned.

Rich Anderson is the president of Phare Consulting, a firm providing technology and growth strategies for the security industry. A 25-year veteran of high tech electronics, Mr. Anderson previously served as the VP of Marketing for GE Security and the VP of Engineering for CASI-RUSCO. He can be reached at randerson@phareconsulting.com.