The network is the camera
April 2018, IT infrastructure, Cyber Security
In the surveillance world, networking doesn’t get enough attention given the importance of communications to the success of your installation. A badly installed or configured network can cause nightmares for security operations when footage is lost or you lose connectivity to a camera or cameras because of a network problem.
When installed and configured correctly, an efficient network is a support to the surveillance operation and will enable the security function to perform at its peak. To find out how one company is not only making networks more suitable for the challenges of surveillance projects, including what options they offer to secure their networks, Hi-Tech Security Solutions spoke to Pieter Engelbrecht business unit manager for HPE Aruba about the solutions the company offers.
Starting with the quality of the network, Engelbrecht advises that quality-of-service (QoS) standards are set in place to ensure the reliable transportation of video data at all times. There are difference ways of doing this, including prioritising your video data so it won’t get caught up in a bottleneck with less important data. He adds that this can be done by allocating specific ports on your wireless access point (AP) dedicated to video with the relevant QoS configured.
Furthermore, you should always allow for redundancy in your network so that if a switch goes down for any reason, there are other routes the data can follow to its destination. This switchover should happen without any interference from network administrators. Aruba offers this ‘sticky wireless’ networking where there will be a seamless transfer to a new switch with no packet loss.
Wired or wireless, security is critical
Once you have your network running, you need to be sure it’s secure and that nobody can access it without the right authorisation and cause problems, whether it’s a wired or wireless network. Aruba’s ClearPass is designed to control what has access to your network and what privileges it has while on the network – both wired and wireless.
More than simply giving a device (a camera, for example) access, ClearPass also learns the profile of the device. A camera would send a lot of data to the control room (or server), but it should not be sending packets of data to external addresses or try to connect to other internal IP addresses. When the system notices the device doing something out of the ordinary, it can automatically block the device and alert the administrators. Similarly the data sent can be monitored and anything out of the ordinary detected, blocked and an alert sent.
While we focus on cameras in the CCTV Handbook 2018, the same principle applies to any devices you add to your network, whether in the building management market or newer Internet of Things (IoT) devices. In the security world, this applies to anything that is on your network, which can include fencing, turnstiles and other sensors.
Engelbrecht advises that having any electronic device connected to your network makes it imperative to secure that device and its access. There are examples of how unplugging a turnstile from the network and plugging the cable into a laptop provided an unauthorised user with full network access because the turnstile was not protected. It seems ridiculous that one has to protect a turnstile, but that’s the nature of the electronic world we live in.
We live in a connected world and a connection, no matter what it is or how simple the device itself is, needs to be protected from being used for unauthorised access. Once inside your network, there is no end of damage an intruder can cause.