Eye on the Networks
Because of the mission-critical nature of their data, public safety organizations require additional eyes on their network functionality and security
- By Marty Lamb
- Mar 01, 2017
Fast, resilient wireless networks are ideal for public
safety operations requiring real-time data, like surveillance
video streams—but as with any technology used
for mission-critical applications, there must be a way to
ensure the network always functions.
In any network, changes in performance can creep up over time
without detection, until one day a threshold is crossed and suddenly
the network is not functioning properly. Manually tracking down
an issue can be complicated; sometimes the cause of the problem is
something that happened a long time ago, or is an aggregate of smaller
problems that individually are innocuous, but create performance
issues when combined.
Wireless Network Challenges
A wireless network may start to behave differently if a new device
or piece of equipment joins the network and creates extra traffic.
Another source of excessive traffic is traffic “leakage” from a wired
network, where packets not meant to be on the wireless network end
up there anyway.
Additionally, a user may be unaware that adding a certain application
to a network would affect it, and so would not think to “unplug”
it or adjust settings to set things straight. RFID readers and video
equipment are examples of benign tools that can create radio frequency
interference on a network without even joining the network.
So that is where a monitoring and diagnostic system can help: By
providing a running baseline of how a network is functioning currently,
as well as how it has been functioning over time, these types
of tools can detect—and head off—any issues with a public safety
organization’s wireless network.
If a network starts having issues (for example, if surveillance videos
are pixelated, voice traffic is choppy, or data transfers take longer),
a user can pull up the monitoring tool’s graphical interface, determine
the time something changed and begin to troubleshoot why
it changed. This is much easier than having to go through each part
of the network individually to find problem areas.
In addition to network performance issues, there are security risks
associated with wireless networks that monitoring tools can help to
detect.
Security Threats to a
Wireless Network
Wireless networks as a whole are naturally
more vulnerable to attack than wired networks
due to connectivity through the air,
including:
“Man-in-the-middle” Attacks. A hostile
adversary takes control of a communication
link between legitimate parties and makes
them believe they are communicating with
one another, when in fact the hacker controls
the link.
“Denial-of-service” Attacks. Even
though hackers cannot spy on the network
or inject their own data, they can put up
enough interference that authorized users
are unable to access their own network.
Packet injection Attacks. A hacker inserts
data packets into a network, often impersonating
another device.
Replay Attacks. Attackers can sniff
packets (even encrypted ones) and replay
them into the air, even if they have not defeated
the encryption and have no idea what
the packet contents are.
These types of security threats are particularly
unsettling in a public safety context,
where robust, reliable and secure communications
are essential for crime detection and
prevention. While monitoring and diagnostic
tools cannot prevent these types of attacks,
they do help ensure networks are not tampered
with and that all applications are running
smoothly—but not all monitoring systems
are created equal.
Monitoring Tool Challenges
Public safety networks sometimes run highbandwidth
operations such as surveillance
video or identification software (for faces
or license plates, for example) on the same
network as their monitoring tools—meaning
there is a large amount of data constantly
coming and going on the same network.
On wired networks, this is not an issue,
but some wireless networks do not have the
capability to send or receive information on
a single radio in full duplex; data cannot be
coming in while it also is going out.
If a network is using an active monitoring
system, in which the system has to
individually poll every single radio on the
network and receive separate confirmation
from each one that it is working, important
data streams could be interrupted. Video is
the most affected data in public safety networks;
if wireless networks and/or monitoring
tools are not engineered correctly, an
organization risks missed or lost frames due
to these interruptions.
Because of these concerns, public safety
officials need to be savvy about how what
they use to monitor their network.
What to Look For
A monitoring and diagnostic tool will provide
the maximum benefit to a public safety
operation if it has the following attributes:
Low bandwidth. The bandwidth in a
wireless network is precious, and administration
tools should not significantly add to or
overwhelm it. A tool should be able provide
real-time monitoring information while not
impacting the network itself by adding too
much traffic.
Passive. In a passive monitoring system,
monitored devices tell the monitoring system
when something of interest happens or
changescompared with an active monitoring
system, in which nodes each wait to be asked
(polled) whether anything has changed, creating
possible delays if data is flowing in and out at the same time.
Customizable. No public safety operation is exactly the same,
meaning each organization should be able to choose what information
a monitoring and diagnostic tool looks for. For example, a monitoring
and diagnostic tool can be used to measure the internal temperatures
of each individual radio to ensure they are not overheating
or freezing. This is important information for radios in a desert or
arctic climate, but not for those in temperate climates.
Each individual operation should be able to choose what to monitor,
so that the tool focuses on only what is most important. More
importantly, the amounts and types of traffic on the network that
are “normal” will vary greatly between environments. One network’s
“perfect” is another’s “overloaded” or “suspicious.”
Intuitive. While an organization should not need a dedicated IT
professional assigned solely to monitoring, monitoring tools still require
IT and RF knowledge as well as training on the tool itself.
However, with the right tool, even a non-technically inclined
employee can recognize when a network is having issues. For example,
on a police force, a dispatcher might perform his or her
standard job duties while also keeping an eye on a monitoring and
diagnostic graphical interface on a display. If something on the
interface lights up red, the dispatcher easily see that there is an issue
with the network, and can alert the trained IT experts, who can
begin to troubleshoot.
Web based. Related to the last point is the need for a tool that
runs on a web-based server. IT departments may be stationed in a
different area than a headquarters to ensure server redundancy, or
because one IT department services several units. If a monitoring
tool is web based, an IT engineer can view the interface over a secure
web portal and begin troubleshooting any problems without having
to physically be in the same room as the tool, and without having
specialized software installed locally.
Data inclusive. A monitoring tool must keep an eye on what is
happening in real time—no doubt about that—but it should also
keep track of a network’s historical performance, allowing admins
to go back in time to figure out when a problem began occurring
and what might have triggered it. This helps find and diagnose any
problems that have been building up over time on the network, letting
admins solve issues before they impact critical operations like video
surveillance.
Comprehensive. A monitoring and diagnostic tool must provide
reporting on all types of network data traffic and RF interference.
An Eye on the Future of Public Safety
Public safety organizations strive to keep their citizens safe, aided by
mission-critical data flowing through their networks. A monitoring
and diagnostic tool can achieve this goal by ensuring that all applications
stay up and running, creating a safer future for a municipality’s
most important asset: its people.
This article originally appeared in the March 2017 issue of Security Today.