Infrastructure as a Service
How did we get here, and what does it mean for IP video surveillance?
- By Vince Ricco
- Aug 01, 2013
In the 1980s, a keynote
speaker at a Novell
Users Group meeting
said, “All things will
become IP.” It was almost
certain the industry
would adopt Asynchronous Transfer
Mode, or ATM, as a more secure and
deterministic networking technology.
We all know who the smarter person
was in the room that day.
Today, there are many terms used to
describe the state of IT, specifically about
application and application support. The
same can be said for terminology used to
describe tying legacy technology to IPbased,
networked applications. It’s been
that way for decades.
Since the beginning of networked PCs,
different technologies have been adopted
into network-based applications. Once the
mainframe world realized that PCs were
not a fad and their futures depended on
adoption and support of PCs, the gates
were forever open.
This technology shift was certainly a
change, but perhaps more impactful was
the shift in the channels that supplied the
technology. Traditional, low-voltage suppliers
began offering network cabling, while
electrical contractors began installing network
infrastructure. Software distributors
began to sell hardware, and so on.
As IP became the standard for networking
protocols and enterprise, home
telephony became an application on the
network through VoIP intelligent controllers
for industrial applications, such as
power plants and machinery. Traditional
cable entertainment became triple play
services: voice, video and data on large
scale and private networks.
Currently, there is wide-spread adoption
of surveillance video as an IP application
over both dedicated and non-dedicated
networks. Along with surveillance
video, a host of adjacent technologies
crossing the IP line include access control,
digital signage, intelligent building automation
and even smart grid applications.
As each of these applications bridge over
to IP, IT support becomes an increasingly
IP, or network video surveillance, has perhaps
experienced some of the more vigorous
resistance to convergence over the IT
backbone due in part to technology questions
and to the perception of the issues associated
with supporting video on a single
backbone. Infrastructure advancements, efficient
compression and exceptional performance
have relieved some of IT’s hesitation
about adopting support as a service.
However, a better understanding of
supporting structured video versus unstructured
video—the difference in the
configuration capabilities of network
surveillance cameras versus typical video
that traverses the network—has opened
the door for IT adoption and support
of physical security applications. With
structured video, the constant stream, or
bandwidth load, can be calculated and accommodated,
based on the characteristics
of the video. Unstructured video, on the
other hand, can take the form of streamed
Internet content such as news feeds, You-
Tube content and more.
While 74 percent of IT managers acknowledge
video Internet content exists
on their networks, this is accepted as normal,
day-to-day, network traffic. As IT
becomes more educated on network video
surveillance and corresponding transmission
attributes, the realization will be that
this represents more of a network design
issue than a long-term, support challenge.
The Evolution of
IT infrastructure has evolved to better support
more multimedia applications running
concurrently on the network. More
intelligent switches allow better network
segmentation, prioritization and quality
of service (QoS). Lower-cost bandwidth
support in the form of Gigabit Ethernet
(GigE), 10-Gigabit, 40-Gigabit and 100-Gigabit connections offer tremendous growth capabilities for
support in terms of bandwidth usage because storage costs keep
in line with Moore’s Law, allowing for greater retention of digital
information, including network video.
Standards-based communications and infrastructure have
been adopted, making all of this possible by allowing technology
to scale and become cost effective and open to innovation, despite
anyone’s profit and loss plans.
Who owns the system?
Some have compared the shift from analog to IP video surveillance
to the shift from plain old telephone service (POTS) to
VoIP. Where network video surveillance diverges most from the
adoption of VoIP, however, is the question of ownership. More
specifically, who owns the cameras; who owns the stored video;
and who owns the video management software?
In most large environments, IT will not replace security forces,
safety officers or chief security officers. In fact, in best practice
cases, there is close cooperation between security, safety, operations
and IT. One excellent example is a major U.S. university’s IT
department that adopted the following practice:
- Security provides the number and location of cameras to be
added to the network.
- Security provides the funding for installation of the cameras.
- Security maintains the cameras and manages the application(s)
on the servers.
- IT provides PoE-powered network ports to the cameras.
- IT provides the required server(s) and storage per 100 cameras.
- IT manages and maintains the switches, servers and storage.
- Security and IT work out the number of servers and amount
of video storage needed per 100 cameras.
This demonstrates collaboration between IT and security,
making it a classic example of Infrastructure as a Service, because
both parties maintain control of their respective budgets
and tools, while neither assumes responsibility for a role not under
their traditional acumen.
Bandwidth and Storage
Still Leads the Conversation
As an IT professional, two areas of network camera, video-related
technology to focus on are storage and bandwidth. Network
switches provide enhanced capabilities specific to video today, but
huge strides are being made that benefit the industry relating to
storage capabilities. Recent advancements include the adoption
of more edge storage, such as an SD card inside an IP camera
or video encoder, network attached storage (NAS) devices, blade
storage and of course, Big Data.
Understanding the benefits of different storage architectures is
as important as the network design itself. As savvy system designers
are using switches today to prioritize critical network traffic and
create redundant network architecture to protect against pathway
failures, end users can similarly use Edge to Centralized Storage to
guard against network outages, contain bandwidth in the form of
video storage to network segments and as allow for less intensive
trickle storage to be centralized and stored in a cloud.
IT still has some interesting decisions to make about network
and storage additions as well as designs for how to support added
network traffic and storage requirements. IT can take the opportunity
to consolidate the infrastructure cost and either spot or
wholesale upgrade the network designs, based on current infrastructure
For example, switch enhancements allow for greater bandwidth
control through traffic policies, VLANs and basic QoS settings.
This offers IT the ability to upgrade the backbone connection
switch in the intermediate closets and configure that switch
to manage policy for the video by traversing the network for the
other connected switches or simply expand the upgrades from
that point on.
Beyond Just Physical Security
As bandwidth concerns subside from the addition of networked
cameras on IT’s infrastructure, concerns about the cyber security
of cameras and video streams is increasing. Manufacturers
of IP-based cameras typically support commonly-used, network
security protocols, the best of which support the gamut of password
protection, IP address filtering, HTTPS encryption, IEEE
802.1X network access control, digest authentication and user
access logging. Using standard, network security protocols, the
cameras and video should be as secure as the network.
Another consideration for IT is that IP-based camera applications
are expanding beyond just physical security. For instance,
retailers are dual-purposing cameras to include people counting
as well as keeping track of customer traffic and dwell times in
specific retail aisles or store areas. Known as “heat mapping,” this
traffic pattern information helps manage item placements to help
cross-sell or determine vendor cost for “hot” locations.
Others are using video for marketing compliance, such as video
proof that the retailer placed a specific product and/or product
materials in a specified location, for a fee from the supplier. Instead
of completing affidavits of compliance, the retailer simply
provides time stamped video evidence of compliance for billing
There are some clear takeaways for resellers on both sides of
the IT and physical security fence. Traditional security integrators
are making strides in networked video from networking design
to hosted video in the cloud, while traditional IT VAR is
moving into the IP video surveillance space, even though these
were not their historical footprints.
Next Generation of
Infrastructure as a Service
The point of IT Infrastructure as a Service becomes increasingly
relevant as additional adjacent applications become IP centric.
Access control is already joining IP cameras as an adjunct to security
and safety, but technologies that are a bit less obvious in
terms of ownership including intelligent building automation,
IP-based audio and visual, HVAC control and the smart grid.
If security has its own network:
- Which one grows with these added applications?
- What happens as the campus store starts using security-class
cameras for quality control, people counting and marketing
- Whose network is this going to run on?
- Who is going to manage these servers and storage?
The answers seem clear; IT continues to provide connectivity
and rack space while the individual departments manage their
own applications. This is already happening with other technologies
across the enterprise. After all, IT might service the payroll
system, but it’s the finance department that cuts the checks.
This article originally appeared in the August 2013 issue of Security Today.