IT/Networking: Steps to Becoming the IP Video Go-To Guy

Networking basics for integrators

Rebutting counterarguments; So what happens if IT tells you that they don’t support VLANs and the switches don’t have gigabit uplinks, or they have not deployed 100Mbps to the desktop (edge)? Suggest that this is great time to upgrade their infrastructure to industry standards and that the security department will contribute to the budget. You might end up being their best friend.


Addressing the impact of storage options

Storage is another hot topic directly related to bandwidth consumption, from hard drives connected to PC servers to network attached storage (NAS) devices and SD cards embedded in network cameras and video encoders. Each represents a different cost per gigabyte of storage and a different level of scalability. The cost of server-based storage hovers around $.20 per gigabyte and can scale into terabytes, while SD cards run $.78 per gigabyte with a maximum capacity of 64GB for surveillance devices.

Determine how many cameras are needed to achieve the company’s security objective and then how long video should be stored. Server-based storage or network video recorders (NVRs) are typically the best options for systems with 16 or more cameras. In-camera SD card storage, NAS devices or cloud-based hosted video are best for small systems because it eliminates the cost of a DVR while upgrading the system from outdated analog to today’s digital quality. Edge storage can also be used in larger systems as emergency backup recording devices in case of network outages.


Determining computing requirements

The computing demand that the Video Management Software (VMS) is going to place on the system will fluctuate depending on whether you’re simply viewing and recording video or using video analytics. Check the manufacturer’s specifications for the recommended processor or CPU speed, RAM, graphics card, network interface card speed and operating system. Use manufacturers’ online design tools to factor the number of cameras, desired resolution and fps to generate a customized hardware configuration report that you can share with the IT department. This alone should help debunk bandwidth-hogging myths.

If the customer’s IT department has preferred hardware and software manufacturers, make sure your video server request dovetails with the systems already in place. For instance, if the company is standardized on IBM or HP or Dell, then IT probably has a service level agreement in place for uptime of those servers. Leverage those relationships for the physical security system as well.


Countering the fear of hacking

The IT department’s most visceral fear about adding new devices to the network is the increased opportunity for being hacked. You need to acknowledge the validity of their concerns and assure them that IP video surveillance components can be handled in the same manner as any other secure device on the network. The phrases “authentication protocols” and “data encryption” will be key to the discussion.

Authentication protocols Concede that some physical security devices—especially those deployed on building exteriors and in garages and parking lots—might increase the risk of an information security breach because they give adversaries an opportunity to unplug the cable from the camera and use it as a physical connection to the internal network. But this threat can be easily overcome using authentication protocols such as 802.1x that employ private and public shared keys to authenticate devices at the port level on a switch. If the camera is unplugged and another device is connected in its place, the switch automatically shuts down all traffic to that port. IT professionals have been using this protocol for decades to secure the more traditional devices on the network, like laptops and PCs.

Data encryption The most commonly deployed encryption standard is WPA2. It’s used predominantly in wireless infrastructures to block outsiders from grabbing a free ride on the company’s Internet connection as opposed to hacking the network and stealing company secrets. Of course, if you’re implementing a physical security system for a nuclear power plant or bank, this fear of hacking is a more prominent one. In both cases, encryption should always be used with wired and wireless networks. Make sure the security devices you select are professional-grade and employ all the same security protocols as standard networking gear.