Managing the process to reap IP rewards

May 2008 Information Security

IP-based solutions have gradually come to prominence since technologies such as voice over IP (VoIP), virtual private networks (VPNs), storage area networks (SANs) and CCTV-based security solutions have moved to centre stage.

Both IT and other senior managers need to get involved if they want to reap the rewards that IP solutions can deliver, as IP technology is a strategic investment affecting all aspects of the business. This investment should be regarded as continuous.

Consequently, both current and anticipated future requirements need to be considered if the full benefits are to be realised. Because future requirements can never be identified with precision, the focus should be on continuous development of applications that are fast and effective within a clear business framework.

For an effective start, the following points should be taken into account:

* Listen to the views of those involved in and affected by the implementation so that it will be fully accepted and/or effectively operated by the users.

* Take the opportunity to simplify the business processes before applying IP technology.

* Get supplier and customer input regarding your plans. They may well have some valuable insight from their perspective.

Here are some of the most salient points to consider about some of the 'hottest' IP solutions:

IP-based CCTV: get the big picture

* Existing network infrastructure can be used and no extra long distance cables required.

* Cameras can be moved with minimum time and effort, and cabling does not need to be replaced.

* Cameras can be installed at any location, no matter the distance, as long as it is within range of the Ethernet infrastructure.

* Control rooms can be anywhere on the network and there could be many.

* The same camera could be viewed or recorded simultaneously at multiple locations, and controlled by multiple security levels

* Recording can take place on any available device on the network, and even an existing PC or Server could be used for a few cameras.

* Optionally, recording can take place at each camera, and no recordings would be lost if the network infrastructure goes down for any reason. Automatic recording replenishment would then take place as soon as the network becomes available again.

* Any amount of recordings per camera, can take place simultaneously and at multiple locations, for redundancy purposes, or offsite storage.

* Bandwidth can be controlled differently for each camera. Different streams at different bandwidths can be available for viewing across different networks. WANs use low bandwidth for instance and LANs require high bandwidth.

* Hard drive space for storage of video recording or data can be shared across many systems.

* Audio or alarms can be connected to the same encoders that transmit the video. Outputs can be used to control any device with alarm contacts. Relays can be used to power up any device.

* As the encoders already use Ethernet, wireless LAN radios can be used to transmit and receive video, audio or alarms from remote locations.

* Existing alarm system could be monitored from remote locations.

* IP-based systems have finally reached the point where they are not only cheaper in the long run, but even start-up capital costs are lower than conventional analogue systems. These savings become dramatic above the 64 camera level.

* Professional video walls are now available using IP, at a fraction of the cost of conventional video walls.

VoIP - loud and clear

* VoIP, which carries voice traffic on IP packet networks, is a more cost-effective alternative to circuit-switched telephones.

* While standards supporting the technology have matured considerably, compliance among vendor equipment has not so check this carefully.

* Quality of Service (QoS) is a big issue as this is required across the system to avoid choppy or incomplete transmissions.

A good way to work around adhering to recognised standards across the entire network is to use Virtual LANs to segregate voice (run in a homogenous setup) and data (on heterogeneous systems) traffic.

* Ensure you have technical assistance on hand to troubleshoot teething problems because it is not likely that your previous voice provider is going to want to help.

VPN - crunching all the numbers

* VPN technology, another datacom cost-cutter, is expanding from single-user remote-access configurations to site-to-site connections.

* Installation concerns have eased as the technology has matured but maintenance can still be a serious challenge. Fluctuations in Internet performance can, for instance, make traffic analysis an endless chore.

* The ability to independently monitor your ISP's performance, either with tools or through third-party vendors, can be the make-or-break point with these systems.

Wireless LANs - spreading the message

* Faster speeds on the latest wireless LANs are transforming this technology.

* Effective monitoring - with off-the-shelf software using network probes or generating synthetic transaction scenarios - is important for controlling budgets and generating performance data quickly.

* Performance concerns are easier to address through using a single ISP capable of servicing all remote offices.

* Remote users need to watch out for standards-compliance issues as with VoIP, so make sure all the elements can 'talk' to each other.

* A common distribution platform for all remote users will save a lot of problems.


Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

What are MFA fatigue attacks, and how can they be prevented?
Information Security
Multifactor authentication is a security measure that requires users to provide a second form of verification before they can log into a corporate network. It has long been considered essential for keeping fraudsters out. However, cybercriminals have been discovering clever ways to bypass it.

SA's cybersecurity risks to watch
Information Security
The persistent myth is that cybercrime only targets the biggest companies and economies, but cybercriminals are not bound by geography, and rapidly digitising economies lure them in large numbers.

Cyber insurance a key component in cyber defence strategies
Information Security
[Sponsored] Cyber insurance has become a key part of South African organisations’ risk reduction strategies, driven by the need for additional financial protection and contingency plans in the event of a cyber incident.

Deception technology crucial to unmasking data theft
Information Security Security Services & Risk Management
The ‘silent theft’ of data is an increasingly prevalent cyber threat to businesses, driving the ongoing leakage of personal information in the public domain through undetected attacks that cannot even be policed by data privacy legislation.

Data security and privacy in global mobility
Security Services & Risk Management Information Security
Data security and privacy in today’s interconnected world is of paramount importance. In the realm of global mobility, where individuals and organisations traverse borders for various reasons, safeguarding sensitive information becomes an even more critical imperative.

Sophos celebrates partners and cybersecurity innovation at annual conference
News & Events Information Security
[Sponsored] Sun City hosted Sophos' annual partner event this year, which took place from 12 to 14 March. Sophos’ South African cybersecurity distributors and resellers gathered for an engaging two-day conference.

The CIPC hack has potentially serious consequences
Editor's Choice Information Security
A cyber breach at the South African Companies and Intellectual Property Commission (CIPC) has put millions of companies at risk. The organisation holds a vast database of registration details, including sensitive data like ID numbers, addresses, and contact information.

Navigating South Africa's cybersecurity regulations
Sophos Information Security Infrastructure
[Sponsored] Data privacy and compliance are not just buzzwords; they are essential components of a robust cybersecurity strategy that cannot be ignored. Understanding and adhering to local data protection laws and regulations becomes paramount.

AI augmentation in security software and the resistance to IT
Security Services & Risk Management Information Security
The integration of AI technology into security software has been met with resistance. In this, the first in a series of two articles, Paul Meyer explores the challenges and obstacles that must be overcome to empower AI-enabled, human-centric decision-making.

Milestone Systems joins CVE programme
Milestone Systems News & Events Information Security
Milestone Systems has partnered with the Common Vulnerability and Exposures (CVE) Programme as a CVE Numbering Authority (CNA), to assist the programme to find, describe, and catalogue known cybersecurity issues.