Planning for an IP Video Migration

ethoseca simple approach to responsible security

Planning for an IP Video Migration

www.ethosec.com

3

Table of contents

1. What is an IP video solution?

2. Why move to IP?

3. What’s driving the technology?

4. Multiple Use Cases

5. What types of skills are needed?

6. How do you design a system?

7. What components make up an IP video system?

8. Designing a system

9. Q&A

4

A collection of video specific software and hardware components built from the beginning to seamlessly be part of an IT network infrastructure

Deployed together to create an IP-based video security solution

System Components:

> Capture devices

– IP Cameras, Megapixel Cameras, Encoders, Decoders

> Storage Devices

– NVR, RAID, SAN, NAS, DVR

> Control Software

– Client Software, Management Software, Integration Software

> Network Infrastructure

– Switches, Routers, Hubs, Network Analyzers

What is an IP video solution?

5

LAN = Local Area Network

> Ethernet Switches, Routers, Firewalls, Network Security devices, Network policies (Active Directory) + Wireless LANs

WAN = Wide Area Network

> Ways to connect remote facilities - great for legacy environments, IP video can present challenges

MAN = Metropolitan Area Network

> Usually a leased fiber in Metro environments

> Can reach LAN speeds for the demanding IP video applications

Network InfrastructureNetwork Topologies and Speeds

6

0.056 Mbps WAN - Dial-up

0.128 - 1.3 Mbps WAN - Cable and DSL

1.544 Mbps WAN - T1

45 Mbps WAN - T3

10 Mbps LAN/MAN - 10 Mbps Ethernet

11 Mbps LAN - 802.11b Wireless (shared)

54 Mbps LAN - 802.11g Wireless (shared)

100 Mbps LAN/MAN - Fast Ethernet

1000 Mbps LAN/MAN- Gigabit Ethernet

10,000 Mbps LAN/MAN - 10 Gigabit Ethernet

155 Mbps MAN/ATM/SONET OC-3

622 Mbps MAN/ATM/SONET OC-12

9,953 Mbps MAN/ATM/SONET OC-192

Network InfrastructureSpeeds & Feeds

7

Why move to IP?

System Deployment> IP-based recording means instant transmittal/retrieval of images anywhere in the world

> IP-based systems “could” utilize existing cabling infrastructure,

> Multiple cameras can use the same cable, for both power and data

> Simpler camera placement—move form one network port to another

Scalability> Cameras can be placed almost anywhere, using cost-effective wired or wireless

technologies

> Video can be accessed using many different methods: PCs, Smart Phones, tablets

> From one to thousands of cameras in increments of a single camera

Future Proofing> Updates and add-ons are relatively inexpensive and increase the return on investment

Higher ROI, Lower TCO

8

Legacy 2008 2013

Architecture Closed circuit Emergence of Hybrid Systems

Analog + IP

Centralized processing, storage & control

Emerging Decentralization of processing

All digital Networks

Greater decentralization of data processing

Integrated multiple VCA

Mobile flexibility

“Better than analog” video quality

Platform Analog

Tapes

Matrix

Build around Digital storage (DVR)

Mostly stand-alone analytics

PC-based or embedded

Build around an Open Platform

Networked digital storage (NVR)

NAS/SAN

Cameras Analog Emergence of fully digital camera

Integrated IP

Limited Embedded Intelligence

Camera as an intelligent node

High Definition pictures

Embedded storage

Embedded VCAs

What’s driving the technology?From “Closed Circuits” to “Open Networks”

9

Mainstream

View, store and retrieve video from small number of remote locations. Affords single point of management and control

Examples:• Retail, small campus, construction sites, small airport • < 5 locations• < 250 cameras total

Benefits:• Single point of management• Multiple location live viewing, retrieval from any location• Easier to add devices

EnterpriseIntegrate large number of remote locations video – each with high camera counts – with other physical security systems

Examples:• Large retail, banking, education, transportation (city, subway, airport), utilities, courts • > 25 locations• > 250 cameras

Benefits:• (all standard benefits) +…• Leverages existing IT resources• Central mgmt of data, content policies• Integrate with other data systems

Multiple Use CasesOne shoe doesn't fit all

10

What types of skills are needed?How successful do you want to be?

New Skill-sets needed for success:

> Extensive knowledge of data network technologies– Structured Cabling Knowledge

> Deep understanding of how video surveillance could impact IT networks if not properly implemented

– Troubleshooting can be very involved

– Network Analysis Tools Experience (SNIFFERS)

> Experience implementing IT based hardware and software in enterprise implementations.

– Cisco Certified Network Associate

– CompTIA Network + (Level I), CompTIA Server + (Level II)

> Core strength in project management– Much of the success is depending on coordination

11

How do you design a system? Follow D A D

DetermineDetermine current infrastructure limitations, bottlenecks, and potential negative effects

Analyze

Analyze network capabilities to ensure the long-term success of implementing potentially hundreds, if not thousands of network nodes

Design

Design your solution around the network, don’t just implement an IP Video Surveillance solution and then expect the network to adjust to your design

12

Planning the migration

Involve IT early> Make sure they are part of the decision process, otherwise they will be resistant

> They own the network, separate or not

– Understand bandwidth ramifications, network security and physical vulnerabilities,

– Usually more affected by outages, than security

> The more you involve them , the less you will have to manage the IT backbone itself

Do it in phases> As demand grows and as budget allows

> “Chunks” of the system at a time

> Some older equipment can be repurposed

> If you run into problems, you can stop, and still have a working system

13

Network Components> From the network out, not from component in

Video Components> What are the characteristics of the video system?

Storage Components> Where are you storing and for how long?

System Control and Management> How much “management” does the system need?

> How big is it going to get?

What components make up the system?

14

All IP Video Systems Start With A network infrastructure

•Routers

•Switches

•Fiber Networks (OC)

•Copper Networks (T1, T3, etc)

What components make up the system?Network Components

15

What components make up the system?Video Components

The center point to the IP Video System are the video network nodes

• IP Cameras

• Megapixel

• Encoders (Video Servers)

• Decoders (IP to Analog)

• Hybrid DVR(s) Encoder/Recorder

16

What components make up the system?Storage Components

One major component is the ability to store recorded video on network storage devices

• Network Video Recorders (NVR)

• Storage Area Network (SAN) Devices

• Network Attached Storage (NAS)

• Direct Attached Storage (DAS)

• Hybrid DVR – Recorder/Encoder

17

What components make up the system?Control and Management

The ability to view video on network client PCs that are physically connected to the IT Network

• Live Viewing Workstations

• Video System Configuration

• Virtual Matrix

• Archive Retrieval Workstations

18

Remote Viewers are important to almost every IP Video Surveillance customer

• Typically browser based

• Same functions as local client

• No need to install additional software

What components make up the system?Control and Management

19

System Controllers are at the core of all IP Video Systems (Database Servers)

• System Database

• Configuration Control

• System Optimization

What components make up the system?Control and Management

20

Designing a system Four common scenarios – Three viable

New Installation: All IP

> All new IP devices, no-legacy, all IP infrastructure

New Installation: IP and Analog = Hybrid

> New IP & New Analog devices, mixed infrastructure

Migrating: From Analog All IP

> All new IP devices, no-legacy, all IP infrastructure

Migration: From Analog Analog + IP = Hybrid

> New IP & legacy analog devices, mixed infrastructure

21

Designing a systemPoE (Power over Ethernet Devices)

802.3af (PoE standard)

> Transmission of data, plus power using network cable– 48VDC, maximum current of 400 mA for a maximum load power of 15.4 W

– About 12.95 W are available after counting losses

Three Design Categories

> Power Supplying Equipment (PSEs)– What type of device is used to inject power in the cable?

• End-span devices: A PoE Switch, this device was built with PoE capabilities

• Mid-span device: Can be used after a non PoE switch to inject power to the cable

> Powering Device Classifications (PDs)– What type of device is a PSE powering up?

• 4 classifications depending on Watts

> Power Budgets– How much power does a PSE need to produce to power all PDs attached?

– Can be tricky – pay attention to manufacturer specs

22

Designing a systemTraffic Segmentation

Two basic ways to do it

> Physical – traffic from one segment is “physically” blocked from reaching the other segments

– Use if there are network management issues or opposing requirements

– Known as running parallel networks

– Potentially useful upgrade strategy• IP Video network first, then add other devices

> Virtual – traffic from one segment in “electronically” blocked from reaching the other segments.

– Segments multiple types of traffic on a single Ethernet switch

– Known as VLANs

– Can handle both traffic and security of data• All modern switches support VLANS

23

Designing a systemBandwidth Management

Unicast “servers” provide a stream to a single user at a time. With Unicasting, network components face a much heavier charge, in this case, 3 time the amount of data for only one camera!

Multicast “servers” can support a larger audience by serving content simultaneously to multiple users.

Unicast Multicast

24

Designing a system Best Practices

Remote accessibility considerations

> How are you planning to get to the data?– Thick Client over VPN

– Web, Smartphone, tablet

Storage solutions

> Where is the data going to be located?– Central? Distributed? Segmented?

• If you are going to record 24/7, do you have enough bandwidth for central recording?

– Are you planning to utilize existing storage (SAN, NAS, etc)?• Video is “heavy”, don’t underestimate it

25

Designing a system Best Practices

Ensuring network infrastructure will support migration

> Do you have the right switching gear in place?

– PoE : Do you have enough power?

> Can you utilize existing cabling infrastructure?

If you are migrating, can you re-use existing components?

> What legacy equipment should be retained?

– Existing analog cameras & DVRs , RAID storage, keypads…what else?

> Cabling – if the coax cable is working, don’t re-invent the wheel

> What is your ultimate goal for the system?

– What should the system be able to do, next year?

26

Q&A

Thank you