Network provisioning for surveillance

September 2018 Editor's Choice, CCTV, Surveillance & Remote Monitoring, IT infrastructure

The extreme video resolutions modern surveillance cameras are capable of are increasingly important in the overall security context, as it allows them to go beyond just allowing an operator to see what’s going on by serving as key tools for identification and ultimately prosecution of perpetrators. These eye-watering resolutions come at a cost though.

While high-speed data networks make it easier than ever to pull video feeds into a central location (or anywhere in the world for that matter), depending on the number of cameras the bandwidth requirements can far exceed what would be expected of a typical office IT network. We asked Teresa Huysamen, business unit manager at Duxbury Networking, and Jacques Taylor, senior project engineer at Hikvision South Africa, how best to plan and implement a network capable of standing up to the rigors of today’s, and tomorrow’s, video surveillance systems.

Plan for present and future

Teresa Huysamen
Teresa Huysamen

Huysamen: A surveillance network should be well suited to the user’s security needs and the facility itself. Factors such as transmission methods and bandwidth, IP addressing and scalability should be considered in order to ensure that the network not only works seamlessly today, but can be easily augmented and upgraded in the future.

There are numerous aspects to consider before designing a surveillance network. These include the number of cameras being implemented, whether the cameras will be recording continuously or event-based, and how many hours per day the cameras will be recording. Other important considerations are the frame rate and resolution at which the cameras will be configured, and which compression medium will be employed (for instance JPEG, MPEG-4 or H.264). The complexity of the scenery – for example, buildings, trees and plants – and changing lighting conditions must also be considered, along with the periods required for recording.

Specific formulas are used to determine the requirements based on these factors, however most products provide design tools to assist in calculating the requirements. Using these tools, one would be able to set the times of day, different lighting conditions, different scenes and then include compression technology to observe the savings that would come from the camera level and onto the network layer and then onto the storage layer.

A rule of thumb is to always build a network with greater capacity than is currently required. To future-proof a network, it is a good idea to design it such that only 30% of its capacity is used. Since more applications are running over networks today, higher network performance is required. While network switches are easy to upgrade after a few years, cabling is normally more difficult to replace.

It is advisable to use star or redundant star network topologies, since they provide a minimised network load on each switch, a reduced load on the server and a high level of redundancy. A daisy chain infrastructure should not be used, as this is a vulnerable setup, with potential bottleneck issues and low redundancy.

Jacques Taylor
Jacques Taylor

Taylor: We have a free bandwidth calculator available to all clients to estimate the required network bandwidth we will use for projects. This helps us to supply the correct network switches as well as the correct NVRs. Different NVRs only allow for a certain amount of bandwidth for incoming and outgoing traffic. So it is very important to know which NVR to use for the amount of cameras and the recording resolution of the cameras recommended.

Hardware requirements

Huysamen: Video surveillance based on digital IP technology is revolutionising the physical security industry. The network is a crucial element in any surveillance installation because it enables all the other surveillance functions – transmitting video streams so they can be viewed and stored, and carrying power to the cameras themselves using Power over Ethernet (PoE).

An IP surveillance system always includes one or more of the following components: IP cameras; video servers to record, aggregate, process and broadcast video streams; clients (monitoring stations), which are typically PCs equipped with dedicated surveillance software to enable real-time viewing and review of stored video images; Network Attached Storage (NAS) devices to store the video images; switches with the appropriate feature set and bandwidth capacity to manage network traffic – required for the entire surveillance network to function properly; CAT5E or better cabling, for adequate performance (fibre cabling allows for further distances, higher capacity and mitigates interference).

Operation involves transmission (streaming) of video information from the cameras to a video server, where it is aggregated, processed, stored and distributed to the monitoring stations and storage devices. Factors such as transmission modes and video compression modes can have a significant effect on bandwidth requirements, storage requirements and cost.

An important aspect of a video surveillance system is managing video. If the system consists of only one or a few cameras, viewing and some basic video recording can be managed via the built-in web interface of the network cameras and video encoders. When the system consists of more than a few cameras, using a network video management system is recommended.

Today’s video surveillance systems require storage that can scale to larger capacities, record higher frame rates without dropping frames, be cost-effective for longer retention periods, handle higher resolution video from megapixel and multi-megapixel cameras, store and manage videos centrally from a distributed implementation, and scale to accommodate future growth.

Most fixed network cameras can receive power via PoE using the IEEE 802.3af standard and are normally identified as Class 1, 2 or 3 devices. A video surveillance system with PoE can be powered from the server room, which is often backed by a UPS (uninterruptible power supply). This means that the video surveillance system can be operational even during a power outage.

When PoE will be utilised, a calculation of the total power consumption will be required for all the equipment. From this calculation the appropriate network switches need to be used to ensure that the total wattage requirement is less than the switch’s PoE budget.

A separate, but extremely important consideration is network security in an IP network. Obviously, any network should be protected through access control – support for role-based access with authentication and passwords. In addition, IP networks have a physical vulnerability. The fact that cameras are often located in the remote corners of warehouses and similar locations means that an attacker could easily disconnect a camera and put a PC in its place, thus obtaining unauthorised access to the network.

There are a number of monitoring tools that can be deployed to help ensure that the network layer, as well as the switches providing power to the cameras, are running. Should a failure occur, these tools can initiate a failover recording and then pass the captured data back to the VMS once connectivity has been restored.

Taylor: Hikvision offers managed and unmanaged network switches and the managed switches can be utilised where specific bandwidth needs to be allocated. Our professional VMS platform (HikCentral) can also be used to monitor our network usage and send out notifications once products are offline.

Managing bandwidth

Huysamen: Most networked video surveillance systems today are limited by bandwidth and storage for the recorded video. With the continual development and enhancements in technology, various compression methods assist in the reduction of bandwidth and storage requirements. Important details and motion are preserved with high video quality, while compression enhancement can filter the rest of the image information more aggressively to make optimal use of the available bandwidth.

While compression technologies can assist in boosting network capacity when adding cameras to an existing infrastructure, there are other ways to deploy a network for the larger camera installations. For example, multicasting (Multicast IP) can be used. It is a mode of data transmission that is optimised for the simultaneous delivery of a data stream to multiple destinations. The switches and routers duplicate the data stream only at the points where it needs to branch. In this way, the data stream is delivered to multiple destinations, while maintaining optimal usage of network bandwidth.

During network congestion periods, Quality of Service (QoS) capabilities in network switches prioritise and reserve network capacity for mission-critical video. Assigning a high priority to video traffic guarantees its timely delivery.

Taylor: We have various ways of adjusting the amount of bandwidth we use on the network. Adjusting the resolution and frame rate of each camera individually is an option, but our H.265+ compression is probably the best option to ensure the highest quality and frame rate can still be used, while reducing the network usage.

Cabled or wireless infrastructure

Huysamen: A key consideration for network video systems is the choice of using an existing network infrastructure, enhancing the existing network or running an independent parallel network specifically for the CCTV system (which would need a network segmentation solution to be designed and deployed). Only when the location of the equipment and the volume of data communicated between all devices is clearly understood can a clear choice be made.

When using copper cabling it is important to ensure that the cabling meets the requirements of the equipment. The distance of a network cable cannot exceed 100 metres and even shorter lengths would be recommended for PoE implementation. Network cabling shouldn’t be run next to electrical mains cabling, as there is a potential for interference.

The primary function of a Wi-Fi network is to provide connectivity for workstations usually situated in an indoor home or office environment to the central server usually located on the premises. This is standards-based and vendor or manufacturer agnostic, and generally provides coverage over a relatively small area from each AP (access point). Repeaters and mesh technology can extend this range, usually at the expense of bandwidth.

Unless this is a controller-based system, the bandwidth available is shared by all those who connect to the AP. These devices almost always use omnidirectional antennas to achieve the goal of serving as many connections as possible in the immediate vicinity. Any noise or interference at the same frequency will cause a drop in connectivity speed and re-transmissions of data. The client devices which connect to the AP normally have a low antenna gain. Devices such as PCs, notebooks, tablets or mobile phones, with small antennas, limit the effective range from the AP. They also receive signals from any device in the area and not only the required AP signal.

The ideal network for a surveillance application where the requirement is to wirelessly connect cameras to a guard house or control room, would be a point-to-multipoint wireless network. Such a network can be small or large, and capable of expanding to the full capacity of the base station. In the case where only a few cameras are required (or are perhaps isolated from other cameras) dedicated point-to-point links can be set up using the same hardware as that used for the point-to-multipoint system.

A point-to-multipoint network is dedicated to providing the subscriber modules with connectivity to the base station and it is designed for short, medium and long-range outdoor applications. Interference mitigation techniques like active filtering and beam-forming are used to counter interference from other nearby wireless devices in the unlicensed band.

A sector antenna would be used on the base station which would provide much higher EIRP (effective isotropic radiated power) focused usually in an azimuth of 90 to 120 degrees. The advantage of a sector antenna is that the vertical beam width is much wider than that of an omnidirectional antenna, and it would normally be mounted on a high point and tilted down to cover the subscriber modules, thus achieving a much higher signal strength than an omnidirectional antenna. The other advantage is that subscriber units have directional antennas directed toward the base station only and not ‘listening’ to all the other devices in the area.

The protocols used are not Wi-Fi standards-based even though they use the same frequency, so they cannot communicate with devices from multiple vendors. This is a dedicated network which will provide the most suitable connection for a video application. Keep in mind that with a video application, most of the data will be in the ‘up’ direction from the camera to the server, with very little data going toward the cameras. The base station can be set in various up/down steps where the amount of data in each direction is controlled as desired to most effectively utilise the available bandwidth.

Taylor: By utilising our Hikvision network switches (in Extended mode), Cat6 cable and our IP cameras, you can have cable runs of up to 250 metres per camera, reducing the number of switches required on site and thus reducing the costs for the client. For connecting a system to the Internet we also offer UPnP to assist clients with the port forwarding when they have limited IT knowledge on site.

We also offer Wi-Fi equipment in cases where long cable runs are not an option. Line of sight is very important between the two links and a distance of up to 3 km can be achieved. We also offer Wi-Fi solutions for inside lifts to eliminate the problems involved in installing cable in a moving environment.

For more information contact:

• Duxbury Networking, +27 11 351 9800, info@duxnet.co.za, www.duxbury.co.za

• Hikvision South Africa, +27 10 035 1172, support.africa@hikvision.com, www.hikvision.com



Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

The same security assessment for different reasons
Issue 7 2020, Alwinco , Editor's Choice
Like everything else in life, a security risk assessment also has two sides: one is the proactive approach, and the other is the approach taken ‘after the fact’.

Read more...
A contact-free hotel experience
Issue 7 2020, Technews Publishing , Access Control & Identity Management
Check-in and go straight to your room without stopping at the reception desk at Hotel Sky in Sandton and Cape Town.

Read more...
Risk intelligence the key to a sustainable future
Issue 7 2020 , Editor's Choice
Only by building risk intelligent organisations will leaders be able to overcome six distinct global threats identified by the Institute of Risk Management South Africa (IRMSA).

Read more...
Profile D for access control peripherals
Issue 7 2020 , Editor's Choice
Profile D provides interoperability for devices such as locks, credential/biometric readers, PIN pads, LPR cameras, door phones, sensors and displays.

Read more...
Security investments and culture
Issue 7 2020 , Editor's Choice
Organisations must embed security into the culture of the company and approach security investments with this culture in mind.

Read more...
Elastic storage pricing
Issue 7 2020 , Editor's Choice
With elastic pricing, users can switch from one storage model to another without having to pay a premium or a penalty, and without having to physically move any data.

Read more...
Use technology as a differentiator
Issue 7 2020 , Editor's Choice
Juni Yan, director of Transport, Logistics and Automotive at BT, shares her insights on how logistics companies can leverage digital transformation to become a real market differentiator – no matter the state of the pandemic.

Read more...
Management of PPE allocation made simple
Issue 7 2020, Powell Tronics, Technews Publishing , Editor's Choice
Of all the roadblocks and challenges COVID-19 has introduced us to over the past few months, one of the tasks organisations have to manage is the issuing of PPE to staff.

Read more...
No downtime for transport security
Issue 7 2020, Secure Logistics, Technews Publishing , Logistics (Industry)
After a brief downturn in crime due to the COVID-19 lockdown, the transport sector is once again at the centre of a crime spree.

Read more...
Warehouse security and the pandemic
Issue 7 2020, Technews Publishing , Logistics (Industry)
The warehousing industry is under intense attack from organised, armed criminal syndicates following the lockdown.

Read more...