Convergence Q&A

Oct. 27, 2008

Responses to this column’s questions about challenges relating to technology convergence indicate that Power over Ethernet (PoE) warrants special attention. Many companies are updating their network infrastructures with PoE capability for IP telephones, providing an infrastructure that is compatible with IP cameras, also known as network cameras, that are PoE-enabled. This is good news for security in such companies, but to benefit (and to avoid unnecessary expenditures) Security must collaborate with IT early in the network upgrade planning.
Wikipedia (the free online encyclopedia) provides a good article on Power over Ethernet that begins with a good descriptive definition: The Security Industry Association (SIA) made PoE the subject of one of its Quarterly Technical Updates. The update from Koffel Associates is co-authored by Shayne Bates, principal, Security Consulting at Koffel. It is available at
The current PoE specification (802.3af) limits PoE supplied power to 15 watts at 48 volts. An update to the specification (802.3at) is almost complete and will double the power to 30 watts at 24 volts. This will allow support for devices such as PTZ cameras, which require more than 15 watts of power.
IP Telephones combine Voice over IP (VoIP) and PoE technologies, and use a single PoE-enabled network connection for both power and data, which can be used for voice data alone or for voice plus video data (IP video phones are already here).
Early collaboration with IT is important if your company is upgrading for IP telephones, and you’d like to take advantage of the network for IP video. Such newly upgraded network infrastructure will be compatible with PoE-enabled network cameras, but that doesn’t mean that the network’s PoE power capacity will be sufficient to support an array of network cameras. Arranging that capacity in advance is generally much less expensive and troublesome than arranging it after IT’s network upgrade is done.
For example, the price difference between a network switch configured to support only the planned IP telephones, and one that supports the phones plus 25 cameras, would be in the neighborhood of $500 at the time of original planning — and the procurement and deployment costs would be part of the existing IT budget. However, the full cost to upgrade afterwards (i.e. after the IT project is complete) could be $3,000 to $5,000 per switch, with security having to foot the bill for the after-the-fact upgrade to power the cameras.
Here are two of the answers on this topic that shed light on some current and future aspects of placing PoE-enabled security devices onto a corporate network.

Q: What kinds of technical issues have you encountered in placing security systems onto the corporate network?
 A: Be sure that a PoE-capable network switch is 802.3af compatible. A pre-standards version to PoE is Cisco’s inline power, which only delivers a maximum of about 9 watts to an inline power compatible device. This may not be enough for a video camera. There are still some switches in service that use inline power only such as the Catalyst 3524XL 24PWR.
It is also important to test that devices negotiate power with the switch correctly. For example, I’ve seen a timecard reader (time and attendance) fail to draw power from a switch even though the vendor claimed it was 802.3af compatible. I’ve seen the same thing when mixing networking vendor equipment, for example, Avaya IP phones on Cisco switches or Cisco wireless access points on Foundry switches. There may be extra configuration work required to get the devices to work together.
—Network specialist, high-tech company

A: In addition to the technical aspects of PoE, other aspects are emerging that will require attention, especially as card readers and alarm devices move onto the network. For example, there are life safety code compliance considerations, and the relationship of the interface between fire alarm system and the access control system.
— Shayne Bates, principal - Security Consulting, Koffel Associates

New Question
Q: What lessons have you learned in your network camera deployment, and what advice would you share?
If you have experience that relates to this question, e-mail your answer to [email protected].

Ray Bernard, PSP, CHS-III is the principal consultant for Ray Bernard Consulting Services (RBCS), a firm that provides security consulting services for public and private facilities. Mr. Bernard has also provided strategic and technical advice in the security and building automation industries for 20-plus years. He is founder and publisher of The Security Minute free 60-second newsletter ( More information: or 949-831-6788.