Two routers are the suggested hook up in this networking schematic.
Photo credit: Diagram courtesy IBC
We have all seen rooms with hundreds of computer screens and people monitoring moving graphs and streams of data in the movies. There are examples of real life practical situations for different types of command centers and they are becoming more prevalent every day in order to match physical and digital security. In real-life situations, you do not need hundreds of monitors and a staff of 30 people to set up a basic but fully functional command center. This can be done with relatively limited resources.
There are a million different combinations for hardware but the basis is a good reliable machine. What hardware you need will depend on what exactly your goal is but some of the things you might need are: computers, monitors, DVRs or other storage devices, cameras, access control devices and router(s) (or some type of network). Less then you expected right? In this article we’re going to be covering a few types of monitoring such as: network monitoring, physical access monitoring, system monitoring and camera monitoring.
Setting up your network
For the ideal setup, use two routers as diagramed in the illustration on page 40 to set up a stable network to transmit all information through. These days, this can be done very inexpensively with almost any router. Even home routers provide the basic requirements. The first router will be the one connected directly to the Internet or outside world. This is where employee’s computers will be safely contained away from secured systems. The second router will be hooked into the first router creating a sub-network. This network can still access the outside world and receive information from the first network while being more secure. All cameras, monitoring computers and storage servers would be hooked into the second router.
Every packet transmitted to the computers in your network has the potential to be a virus or infection that has the ability to reduce a productive work flow or produce a security flaw. Using network packet monitoring you can gradually set up filters to notice unwanted network activity, stop viruses before they can spread, stop hackers in their tracks, or just notice an employee surfing the net on the company dime. It is great to have this information but you must also make sure people regularly monitor the data and make updates to filter the rules to keep your system running efficiently. As you build the network monitoring part of your system, it is essential to add filters. If filters are not created a mountain of useless data will have to be sorted through in order to find useful information. In the long run, filters will save time and money when setting up software.
Network Monitoring Software Choices:
WireShark and WinPCAP—This software is free and open source. It scores big in the price department but the remote capture functionally is still in beta. Although no major bugs have been found, beta products are not the best for a production environment.
Snort—Another free piece of software. This program has a very stable history with lots of functions. It also serves as a fully functional IDS system. The down side is it can be cumbersome to set up.
Building a custom solution would be the most effective way to tackle the problem but not everyone has a team of developers on standby ready to start their next task. More solutions can be found online as long as they are able to transmit data from your network card to the remote internal monitoring systems. The software, mentioned above, has worked reliably as long as it is set up correctly and the time has been taken to read the documentation provided by the software distributors.
Monitoring physical access
Additional monitoring can be accessed to see a video a few seconds before and a few seconds after someone successfully authenticates with an access control device to see if buddy punching occurred or unauthorized admission has been given. This can also be used to easily show access video from a few minutes before and a few minutes after any alarms have gone off. Most DVRs found online offer some form of API access that allow you to grab sections of video based on time stamps and save them to a specified location or play back locally.
Having access to a few developers or the right equipment, one can obtain a small sample program created in a few hours to interface the access control system (in this case the Suprema BioLite Net) and a DVR, such as a Honeywell device. A diverse amount of companies will be able to offer you some assistance or a push in the right direction when creating your own version. The two products used for this example offered extremely friendly APIs that were easy to develop. Most DVRs also offer an online interface where a cameras can be viewed remotely from almost any web-capable device.
Once a program is in place to gather the video data and store it with the access control data, alerts can be emailed or sent to a smartphone so the video clips can be reviewed from any location. This can come in handy when a business is closed for the holidays, employees are not staying as long as they should or break-ins are occurring in the area. A similar program can be created to tie an alarm system to the cameras so video documentation can easily be shown to police officers responding to a theft or illegal activity. Be sure to select high-definition cameras for clear video and pictures.
Monitoring the monitoring center
When talking about advanced monitoring centers I often get asked: “But what happens if something crashes?” There is a simple solution to that. We set up software to monitor the hardware and software. You can find lots of solutions out there but I’ve found the most stable and reliable to be Nagios. It has been free since day one and continues to be updated frequently. It allows you to monitor a broad spectrum of critical components even outside of your command center. You can also use Nagios to send an alert if your Web server crashes or even if your phone server goes down. Key features to look for include: monitoring of network services, operating systems, network protocols, smart data visualization, ability to notify multiple people on events and the ability to provide multiple contact methods in case of critical events.
Once you have decided on a software package, set it up to monitor all the key elements of the infrastructure. You must also have processes in place to bring these key elements back up in the case they go down or are compromised. Important aspects to monitor:
DVR Web Interface – If the Web interface goes down the DVR is down, this means you are not recording any video data in the event there is a break in.
Storage Computers – Without a place for your information to be stored the setup may as well be a giant piece of scrap metal. Data is the key to any command center; keep it backed up often and perform regular maintenance and cleanings of the systems.
Monitoring Computers – This is not a critical component, but if a machine is always supposed to be on and it all of a sudden turns off, that’s usually a sign of foul play.
Access Control Systems – Most access control systems provide some type of Web interface; much like the DVR you can monitor this to see if it goes off line. The most common reasons for the interface going offline are due to a power outage or being smashed off the wall.
By monitoring all elements of business security, both network and physical, you can provide your customers and staff the peace of mind of a secure work environment while protecting yourself from everyday threats. Once you have the basic setup the sky is the limit. Continue to upgrade your command center until you have something similar to the movies and become the envy of every computer crazy tech guy out there.
Andrew Burton is the access control expert, Web developer and technician for Intelligent Biometric Controls Inc., www.ibcbiometrics.com. He can be reached at firstname.lastname@example.org.