Convergence Q&A: Detecting the Gradual Loss of Video Bandwidth

May 15, 2013
Remote surveillance monitoring poses IT challenges

The arrival of gigabit networks made megapixel security camera deployments much more feasible; however, in spite of network improvements, the bandwidth available for security video has been shrinking in some companies.

Q:    Recently we had a safety incident and when managers and executives tried viewing the video from their offices or in the field, most video displays were corrupted or would fail. How can this be when nothing changed about the video system?

A:    Remote viewing of video — the viewing of video from outside the security monitoring center — typically uses shared network paths. The problem could be that that the business network has less bandwidth available for video than it used to.

Most network video systems are installed with the cameras and recording video servers on dedicated local area networks (LANs) that provide high-bandwidth connections between cameras and video servers. Security monitoring centers usually have high-bandwidth connections to the video servers, or use low-bandwidth video streams for live monitoring consistent with the level of network bandwidth available.

A few video management systems (VMS) automatically adjust the resolution and frame rate of the viewing video stream based on the size of the image at the viewing end and the available network bandwidth. For most video systems, remote view video streams must be configured to match the low levels of bandwidth based on the capacity of network connections.

How Security Video Bandwidth Shrinks

When high-bandwidth networks are first installed or upgraded, there is usually ample network bandwidth to go around; however, once the upgraded network infrastructure is in place, its use is not static. Over time, the business use of the enterprise network expands, and network traffic increases.

Where initially plenty of bandwidth was available to view a few video streams from anywhere on the network, as business network use increases, there may be less available bandwidth for video. Two things can happen: video viewing can degrade, or video traffic can interfere with business network traffic — either condition can result in complaints to the IT department.

When IT Shuts Down Video Networking

Sometimes when video traffic starts causing a problem, video LANs are disconnected from the enterprise network. This may not be Security’s fault — IT can make network changes that do not take security video into account. For example, one entire school district was disconnected from its department of education’s network, because a router at the district offices was misconfigured and allowed video traffic to travel up into the department of education’s network, creating a significant disruption there. In such a situation, IT can block video traffic as the first move in getting the business traffic flowing again.

Network configuration or usage changes can unintentionally block video traffic or restrict bandwidth for video without anyone initially noticing; then, when a security incident occurs and the use of security video ramps up, suddenly the problem is discovered at the worst possible moment.

A significant contributing factor is that the use of remote video viewing is often infrequent, has no regular pattern, and so is not as “visible” to IT as normal network traffic. Sometimes network security software will block a flood of video traffic that suddenly appears out of nowhere because it looks like a network attack.

Keeping Video Bandwidth Intact

It is not hard to keep video network bandwidth intact across the network infrastructure. Here’s how:

     1. Document the network requirements. One video system deployment required more than 25 specific requirements for network protocols and network switch port configurations. Make sure you get this information as well as calculate the bandwidth requirements for each network path video will travel on, including redundant paths.
     2. Configure remote views appropriately. If you respect the business by not being wasteful of network bandwidth (and document your approach), IT will respect the network requirements that you provide.
     3. Test and document video network traffic. Many IT departments use Wireshark or similar free network monitoring software to capture and examine 5 minutes of video network traffic from a newly deployed security video system. They examine the traffic log to verify and document the acceptable state of the new system. Video-savvy IT departments or security integrators repeat this exercise annually, from a good sampling of locations where video viewing is desired. This is information to be shared and evaluated by Security and IT.
     4. Document and register the video high availability requirement with IT Security. Maintaining the integrity of security video traffic a standard part of network security, whose job it is to maintain the confidentiality, integrity and availability of critical systems.

Write to Ray about this column at [email protected]. Ray Bernard, PSP, CHS-III is the principal consultant for Ray Bernard Consulting Services (RBCS), a firm that provides security consulting services for public and private facilities. For more information about Ray Bernard and RBCS go to www.go-rbcs.com or call 949-831-6788. Mr. Bernard is also a member of the Content Expert Faculty of the Security Executive Council (www.SecurityExecutiveCouncil.com). Follow Ray on Twitter: @RayBernardRBCS