Ten Steps to a Successful IP Surveillance Installation: Step 7

Designing the network for a successful IP surveillance project

TCP/IP has two parts: TCP breaks data into packets that are transmitted over the Internet and reassembled at the destination. IP is the address that enables the packets to arrive at the correct destination. For identification and communication purposes, every device on the network needs a separate IP address.

Network Performance

After the network is set up, it is critical to consider how much information will pass over the network and the contingency plan if critical components fail.

The amount of bandwidth required is dictated by the amount of information passing through your network. In general, avoid loading a network to more than 50 percent capacity, or you risk of overloading the network. When building a new network or adding capacity to an existing network, build in 30 to 40 percent more capacity than calculated. This will provide flexibility for increasing use in the future. Bandwidth calculators-available free on the Internet-will analyze your bandwidth and recommend an appropriate capacity.

Security Considerations

With the success of the Internet, securing networks has become a mandate. Today there are several technologies available, such as virtual private networks (VPNs), SSL/TSL and firewalls.

A VPN creates a secure tunnel between points on the network, but it does not secure the data itself. Only devices with the correct access "key" will be able to work within the VPN, and network devices between the client and the server will not be able to access or view the data. With a VPN, different sites can be connected together over the Internet in a safe and secure way.

Another way to accomplish security is to apply encryption to the data itself. In this case there is no secure tunnel like the VPN, but the actual data sent is secured. There are several encryption techniques available, like SSL, WEP and WPA. (These latter two are used in wireless networks.) When using SSL, also known as HTTPS, a certificate will be installed in the device or computer that encrypts the data.

A firewall is designed to prevent unauthorized access to or from a private network. Firewalls can be hardware or software, or a combination of both. All data entering or leaving the intranet passes through the firewall, which examines it and blocks data that does not meet the specified security criteria. For example, using a firewall, one can make sure that video terminals are able to access the cameras while communication from other computers will be blocked. Some network cameras have built-in IP address filtering, a basic form of firewall that only allows communication with computers that have pre-approved IP addresses.

Network video systems can take a number of different forms depending on the requirements of the individual installation. No matter what form your network takes or what elements you choose to deploy, it is important to work with a well recognized and reliable vendor to ensure all components work well together and you have maximized the system's functionality.

About the author: As the general manager for Axis Communications, Fredrik Nilsson oversees the company's operations in North America . In this role, he manages all aspects of the business, including sales, marketing, business expansion and finance. He can be reached via email at Fredrik.Nilsson@axis.com.