printer friendly version

Not your neighbour's WiFi

When looking at surveillance cameras being sold in a retail store, one may be persuaded that your home wireless connection (WiFi) is a perfectly acceptable networking solution for CCTV. In the average home environment it may very well be, you have a limited number of cameras that are unlikely to be monitored at all times and image quality is not critical.

However, many businesses (and, sad to say, some installers) seem to consider WiFi an acceptable option for ‘professional’ surveillance. In limited doses WiFi can be the answer, but for professional, multi-camera installations it generally doesn’t make the grade in terms of quality of service, bandwidth and security.

Of course, WiFi is not the only wireless option available and many companies and cities make use of wireless communications for surveillance solutions in harsh conditions and over distances of many kilo-metres. But don’t take our word for it. Hi-Tech Security Solutions asked two wireless experts for their take on the suitability of wireless networks for communications.

A viable option?

We first asked whether wireless networking was a realistic option for security projects in general, such as surveillance, building management, access control, etc. Andy Robb, chief technology officer for Duxbury Networking, says: “Wireless networking is not only a realistic option, but in many organisations it is a vital option as the alternative (cabling) is a far less secure data transport medium.”

He adds that cabling can easily be physically tampered with (a simple device attached to an Ethernet cable can pick up everything that’s being transmitted), while wireless networks regularly incorporate scrambled or encrypted data traffic which cannot be easily deciphered by those with malicious intent. “Likewise, wireless network routers and wireless access points regularly incorporate access control features (such as MAC address filtering) that deny requests from unwanted clients.”

Bertus van Jaarsveld, CEO of Miro distribution agrees, saying the wireless industry has developed to a point where the latest products enable wireless solutions that are as secure as wired infrastructure and in many cases faster than wired solutions. “What is a more realistic solution, digging up existing infrastructure to install cables or to install a wireless solution? Which is faster and cheaper?”

Van Jaarsveld adds that all three areas mentioned, surveillance, building management and access control tend to have one or two outlying points that create a headache for cable installations. “The entire system does not have to be wireless, but it can easily be added to a wired system to connect one or more distant or difficult to reach points.”

Securing your network

Everyone has heard of the dangers of wireless and how easy (supposedly) it is to hack into these systems, but what are the real issues users face?

Robb says many threats abound, particularly targeted at networks that enforce security. “These networks are central to the overall functioning of the corporation, so having secure network connections is of the utmost importance.”

He adds that common threats include data interception and theft, but those aimed at network-linked surveillance systems (for example) often include denial of service attacks which could render any poorly protected security network inoperable in seconds.

“Fortunately, today’s wireless technologies have a number of security parameters and protocols embedded ready for configuration. Unfortunately, a lack of appreciation of the seriousness of the threats often results in installers taking short cuts on implementation by ignoring them.”

Van Jaarsveld adds that any wireless network should be secured, unless your aim is to provide free public access. “The threat to wireless networks is no different to the threat to wired networks, as long as the proper security measures have been deployed. What is easier – breaking a wireless encryption protocol or cutting a cable?”

Layered security

The first step towards ensuring network security is to gain a thorough understanding of the processes involved, Robb explains. “An effective security implementation will consist of many layers of protection. Like the layers of an onion, they will reinforce one another to form a buttress against intrusions. Typically, the layers include data encryption, password protection, user profile analysis, and even seemingly innocuous precautions such as time-of-day schedule compatibility, designed to highlight log-on incongruities.

“Each security layer will support another, reinforcing control and rendering the complete system more effective by many orders of magnitude.”

Van Jaarsveld admits there are wireless security protocols that can be cracked. “This is clearly documented and installers know not to rely on WEP encryption to protect systems.

“There are much better wireless encryption systems and algorithms that have been developed that are secure against hackers. WPA2 encryption is secure, especially when deployed in conjunction with a radius server – it has not been compromised yet. If you have really sensitive details or are paranoid, deploy a VPN or SSH tunnel, we trust our banking over the Internet on this technology.”

Our final question to the two experts was if it is safe to integrate wireless security networks into your business communications infrastructure?

“It certainly is safe and even advisable to integrate wireless security into an overarching communications infrastructure,” says Robb. “However, it is prudent to follow accepted, time-proven principles and – with the onion-layer approach in mind – have a best practice guide on hand for assistance.

“Ensure that a policy-based, step-by-step approach is adopted towards all aspects of the integration process and be diligent in terms of its execution. If in doubt, consult with an experienced industry specialist.”

The challenge is not so much to integrate wireless security networks, but rather the challenge of integrating security networks onto your business network, says Van Jaarsveld.

“The main challenge is purely the huge volume of data that is created by IP video systems which can easily overwhelm your business network or lead to reduced performance on business systems. Network planning is very important to provide capacity, route traffic streams to different areas and provide quality of service (for example to protect VoIP performance) etc.

Wireless networks are then definitely suitable for security, including surveillance projects. The trick is correct planning, using the correct technology and configuring the systems to enable the level of security required. This means it’s not something your cousin who “knows computers” should do, but should be handled by experienced technicians who understand the technology as well as the security and business communications requirement of the company.

The growth of wireless continues

Hi-Tech Security Solutions also spoke to Neil Cameron, GM: Systems & Service Africa at Johnson Controls about the growth in demand for wireless products. Cameron says the popularity of wireless security solutions started in the intrusion industry where easier installations and maintenance made these products more popular. Over the last few years, the influence of wireless has expanded to other areas of security, including the surveillance market.

There are many benefits to wireless surveillance solutions, such as no trenching for cables and the ability to keep an eye on remote areas such as perimeter fences etc. However, Cameron warns that wireless is not the ultimate solution as wireless signals can be blocked, meaning mission-critical surveillance operations may prefer cabled solutions. And although the latest wireless solutions offer increased bandwidth and speed, bandwidth is a critical measurement to take into account in the design and planning phase.

When looking at what wireless products are selling well today for Johnson Controls, Cameron says that access control offerings have taken off recently. A few years ago, wireless access control systems were not well accepted, but today with smaller, more aesthetically pleasing offerings, they are becoming more popular. They offer the same functionality as wired solutions, but are easier and faster to install.

From a security perspective, they run on a dedicated network and exchange encrypted signals that only the locks can receive and send. This ensures security as only the access devices can communicate with each other.

And while there are still more wired than wireless products being sold, Cameron believes that in four or five years, wireless products will rule the roost, offering better performance at a lower cost than their wired counterparts.

Contact information

Miro distribution: +27 (0)12 657 0960, www.miro.co.za

Duxbury Networking: +27 (0)11 351 9800, www.duxbury.co.za

Share this article:

Further reading: