Note: This is the next in a series of technology and application blogs sponsored by Axis Communications. SecurityInfoWatch.com will host these periodic updates throughout the year. We welcome your feedback.
The testing and performance requirements for cameras used in real-time event surveillance, demand surveillance in response to events and forensic video review need to be developed in consideration of the devices producing digital multimedia content as well as how these devices capture content and perform with the devices’ network, storage and interoperability with other devices and systems.
Tool #1: Do your cameras need a checkup? Start with the latest firmware
AXIS Camera Management is a powerful and efficient installation and management tool specially designed to be used with Axis network video products. Using standard network protocols and methods, the tool can automatically find and configure devices, set IP addresses, show connection status, backup and restore camera configuration, manage firmware upgrades and camera applications for multiple devices.
AXIS Camera Management has an intuitive user interface with display of device name, address, model, firmware version and status. Device management operations are easily accessed from menus and direct access icons. Management operations status is always accessible. For efficient maintenance and administration, user-defined tags can be assigned to the devices in the system.
Tool #2: Network slowing down? Upgrade to Zipstream cameras
Situation: You’re running out of storage faster than what was estimated when your surveillance system was originally designed. Many think this is a negative; it is actually good and an opportunity for four reasons:
- You’re actually recording significant Digital Multimedia Content (video, audio and metadata) and potential evidence should an event occurs. Your system is working. It may not be recording efficiently, but it is at least doing its job
- You’ve got an opportunity to upgrade your system by selecting the cameras that are producing the highest volume of data
- This upgrade path works for both fixed and PTZ cameras
- With the saved storage, you’ve made room for additional cameras (see figure 4 in the image carousel above)
There are various methods to limit storage requirements by reducing the video bitrate, such as limiting the storage retention time, saving video in a lower resolution, constantly reducing the frame rate and increasing compression. In all these methods, information about something critical might be missing when really needed. Optimized for video surveillance, Axis’ Zipstream technology is a radically more efficient H.264 implementation, lowering bandwidth and storage requirements by an average 50 percent or more. Zipstream adds an application module inside the video compression engine of the network camera that ensures that important details in the image get enough attention in the video stream while unnecessary data can be removed. Every scene detail is analyzed, quickly with the use of high performance ARTPEC processors.
Zipstream also cuts the storage requirement without costly and complicated integration. Additionally, Zipstream contains the dynamic Frames Per Second (FPS) algorithm that is especially useful in use cases where there is an extra demand for storage reduction.
The following example represents a sequence of operations to highlight the behavior of Zipstream under different conditions, when Dynamic FPS is enabled.
- The camera produces data at 30 fps because there is motion in the scene.
- When the motion decreases, the frame rate drops substantially. The bitrate decreases when the frame rate is reduced since less data is transferred.
- During a period without any motion in a completely static scene, the frame rate decreases to almost zero between I-frames. Sparse, spread I-frame updates is the only bitrate source.
- The camera immediately returns to 30 fps when motion is detected.
The technology can also reduce bandwidth and storage for PTZ cameras. While a PTZ camera is not moving or zooming, Zipstream processes the video exactly as it would process video from any other Axis network camera, that is, with the same bitrate reduction results as described earlier in this article. The algorithm for PTZ cameras enables Zipstream to reduce bitrate even when the camera is panning, tilting, or zooming.
How does this work? The algorithm reduces bitrate in real-time by automatically updating the dynamic ROI that is used to preserve important image details. To further improve PTZ usability and reducing system requirement, a dynamic bitrate controller has been added to reduce the bitrate peaks caused by the PTZ camera moving.
Zipstream is relevant for all users that wish to reduce the cost of storage or network load. In any video surveillance system, reducing storage needs directly results in lower total cost independent of system size or storage solution. With Zipstream, less storage is needed per recorded minute. This enables increased retention time, resolution, or number of cameras without increased storage space.
The technology makes it possible to use higher resolution and increase forensic detail, while reducing storage cost and enabling longer recordings. Zipstream is available for H.264-based products but there is nothing in the technology that prevents the solution from migrating to H.265 encoders when that is technically possible.
Tool #3: SEIM: The intelligence inside your network
Do you really know your network users’ behavior? In 2004, Mike Fickes reported on the “Network Security – The Next Generation [1]” in a remarkable article identifying a forward thinking network security tool called QRadar. Twelve years later, this solution joins a new category of applications known as Security Information and Event Management (SIEM), the approach to comprehensive, event-based network security management.
With these two complementary solutions working together on a single GUI and platform, SIEM systems provide faster identification, analysis and recovery. Auditors and IT professionals can also confirm legal compliance requirements.
Recently, a SEIM platform at a major university detected a massive spike in the flow of data from a laboratory. Fearing an attack, the IT staff investigated, discovering a vulnerability in a network-based appliance that was “leaking” data out on the network. The SEIM identified the events in real-time and allowed the device to be quarantined.
The network administrator was ready to shut down possibly affected computers and resolve the problem before an assessment was made as to potential damage. The SEIM’s goal isn't to actively search out and destroy malware, but assure compliance, incident response and ultimately that network traffic flows freely. When a worm or virus threatens a system's traffic flow, it gets stepped on. When poor performing IoT devices find themselves on a network, better ones are used instead.
SEIM is a smart idea to consider, especially in this type of use case. The SEIM detects behavior associated with malware, a rogue user, distributed denial of service attacks (DDoS), Asymmetric DDoS or the most rapid global threat, ransomware. The figures (7, 8, 9 and 10) [2] included show the following four critical SEIM status indicators:
- Dashboard with threat summary, most suspicious users, events detected, risk score and detailed network access control events
- Rules, categories, risk types
- Risk change dashboard
- Detailed Offense log, user description, user description and magnitude of offense
Organizations know they need SEIM or more simply put, Security Intelligence, but choose business cases with regulatory compliance first, such as PCI DSS, HIPAA, NERC CIP, FISMA, NIST 800-53, GPG 13.[3]
What is happening at your business that may invite attacks? What are you and your executives most concerned about detecting or preventing? Define targeted use cases by examining your key business problems. Critical infrastructure facilities require both physical and virtual perimeter protection. Control systems and power sources all have network status connectivity as their protection against intrusion and exploits is critical. With healthcare, it may be customer PII, retail, credit card data, etc.
Being able to see network events before they even occur and prevent them upfront before they become a real problem is a huge benefit. But who are the market leaders in cyber intelligence activity? The 2015 Gartner Magic Quadrant for SEIM is shown is figure 11 in the image carousel above.
The skills IT pros will need to manage modern SIEM tools will the key to its success. For all its capabilities, SIEM is no "set it and forget it" technology people with statistical and math skills to make sense of the big data collected is vital.
Tool #4: Security is good; performance monitoring even better
After you’ve purchased the quality network cameras, video management system and infrastructure, is there any money left to monitor the network processes?
How do you receive continuous diagnostics from your network and devices? Can you cost-effectively receive alerts with actionable information directly on your smartphone or tablet via notification, not just “legacy” email? How can you predict Quality of Service (QoS) issues?
The answers to all these questions may well reside first in open source apps that have recently been getting a great deal of publicity as to their viability in corporate IT applications.
Recently, Mashable, the venerable technology and trends evangelist published the comprehensive list, “10 awesome server monitoring tools to help you run your website like a pro [4].”
What tool should be used for QoS, response time, availability, CPU usage, memory usage, disk space and uptime? Before entering the following list of wonderful apps, you must assess the size and complexity of your network.
The full list of tools is available here and here and also listed below.
Tool #5: What really is a SoC and why it is the most significant tool in network video
The most significant tool to network health may well lie inside of the network device itself – the multi-function processor or System on Chip (SoC).
Whether you are a healthcare facility, public safety agency, solutions provider or K-12 education institution, you’ll want content produced by or collected by network devices. Processing speed is a key factor, but the design of the network device for efficiency is paramount. Enter the System on Chip (SoC).
The Image processing subsystems on the AXIS Real Time Picture Encoding Chip (ARTPEC) and a receiving client integrate complex processes to a simple device having about four subsystems:
- MIO: Media Input/Output - handles capturing images and media from the different imaging sensors
- VIP: contains the Image Processing Pipeline (IPP). The VIP performs various tasks like applying advanced filters and performing digital noise reduction
- VPP: Video Post Processing - this unit performs transformations on the finished Image, like scaling, cropping and advanced visual acuity
- CDC: Compression and decompression - handles encoding and decoding like the hyper-efficient Zipstream
With those four general processes in place with the ARTPEC SoC, the client, in the form of a Video Management System or Business Intelligence Dashboard receives and renders the DMC.
For example, one solution provider, Prism Skylabs, specializing in business intelligence through video content analysis for the retail industry has rolled out a lightweight visual merchandising and activity mapping solution accessible directly on Axis cameras with ARTPEC processors. These new features, including Prism’s remote visual access, are made possible through the ARTPEC’s advanced processing and the AXIS Camera Application Platform (ACAP), which enables Application Development Partner (ADP) members to develop applications for these network devices. See the figure for an illustration of Prism’s activity mapping [5].
Even the Axis network video door stations have this processor and platform, enabling it to analyze objects and, when paired with an internal or external microphone, detect gunshots, vehicle crashes and aggressive vocal behavior.
The ability of the ARTPEC SoC to successfully execute all the above functions successfully represent the most critical, if not the best contributor to your healthy and high performance network.
About the Author:
With thirty years of security industry experience, Steve Surfaro is Axis Communications Industry Liaison and Chairman of the ASIS Security Applied Sciences Council. He is also Standards Team Leader for the DHS Video Quality in Public Safety Group. Steve is published in a wide range of security publications and delivers an average of 100 industry-accredited sessions each year. He is author and contributor of the Digital Video Handbook, a DHS S+T publication. Steve recently received the Roy N. Bordes Council Member Award of Excellence from ASIS International. He was also recently honored by BICSI by receiving the Harry J. Pfister Award for Excellence in the Telecommunications Industry recognizing lifetime achievement, sponsored by the University of South Florida, College of Engineering.
Attributions:
[1] CPM, 2004, Mike Fickes, with quote by the author, Steve Surfaro https://webcpm.com/articles/2004/07/01/network-security-the-next-generation.aspx
[2] SEIM figures courtesy Jose Bravo Youtube channel “QRadar User Behavior Analytics,” 7/2016, IBM QRadar Security Intelligence Application, https://www.youtube.com/watch?v=ARVsuQaSF9E
[3] “What Practical Steps Can I Take to Get Started with Security Intelligence?” and “Six Things You Always Wanted to Know About Security Intelligence but Were Afraid to Ask.” John Burnham, 12/2011 https://securityintelligence.com/7-practical-steps-to-get-started-with-security-intelligence/
[4]“10 awesome server monitoring tools to help you run your website like a pro,” 11/2015, http://mashable.com/2015/11/17/network-server-tools/#c3vHn7TVlgqu
1 CPM, 2004, Mike Fickes, with quote by the author, Steve Surfaro https://webcpm.com/articles/2004/07/01/network-security-the-next-generation.aspx
[5] “Prism's full suite of analytics to launch on Axis cameras,” 01/2014, https://prism.com/blog/2014/01/14/prisms-full-suite-of-analytics-to-launch-on-axis-cameras/
