The author analyzes the integration of the different physical security systems to a corporate LAN network, as well as the technical and administrative aspects that must be taken into consideration.
CCTV system (closed circuit television)
CCTV systems are the systems that present the most commercial demand at the moment both at the business level and at the level of common use and presents a great security alternative, in addition to allowing other activities other than video surveillance such as video conferences and any application that uses video exchange in some way.
The CCTV system can be considered one of the most complex at the level of alarm systems, since it comprises too many interrelated stages. For our case we will only work with the stages that comprise the capture, storage and visualization of video.
1. Video capture stage: It consists of a physical device called a lens which by physical principles transmits the image to an electronic device in the camera in charge of giving the image a processing.
2. Image processing stage: In this is the camera as such, and is responsible for processing the image collected by the lens and convert it into what we know directly as analog video or digital video.
3. Primary transmission stage: It is the transition stage that is responsible for taking the video from the camera to a recording system, whether local or remote. This means of transmission can be varied: Wired, Wireless, or by LAN network.
When talking about wired or wireless media, the image goes analogously, but if we talk about the LAN network as a means of transmission this image is digitized directly by the camera and packaged as an IP traffic.
4. Digitization stage: It can be found included within IP cameras in stage 3, but generally in Colombia digitization is handled through DVR recording systems. This in order to achieve greater storage capacity and be able to give greater handling to the captured video.
5. Storage stage: Proceed directly to save the video sent by the camera, whether digital or analog. At this stage are elements such as VCRs, NVRs and DVRs.
6. Secondary transmission stage: It is distinguished from the first one since in this one a transmission is made from the recording equipment either a VCR or a DVR to a display equipment, it can be digital or analog but due to the technological demand of the moment the analog system is very little used, this transmission as in stage 3 can be done in a wired way if the system is analog or on the network if it is digitally.
7. Display stage: Displays the image captured or saved in the storage systems. It is at this stage that there is computer equipment and software in which the video surveillance or the application that is sought with the video is carried out.
Technical aspects to consider
To establish the integration of CCTV systems to the corporate network, it is necessary that communication can be established between storage equipment or IP cameras with display equipment. For this, the equipment has network interfaces that allow them to use the LAN network as a means of transmission.
When handling analog systems these require an external device known as Streamer or codec that allows us to change from an analog to digital transmission mode to achieve transmission through the network.
The interfaces of DVR, IP Camera or Stremers systems handle speeds of 100 Mbps and the protocols used for video transmission is TCP, such as FTP or http; compression algorithms such as MPG4, JPG are handled which allow to alleviate the weight (payload) of IP packets to travel through the network.
Depending on the algorithms used, DVR storage systems can be found that allow us to achieve a large enough compression of the video, this can be 20 Kbps per camera or low compression that can require demands of up to 7.2 Mbps.
Visualization systems are generally computer equipment that connects to the LAN network by its network interface with the feature that could be considered as operating terminals with applications that require large processing capacity, storage and bandwidth demand.
Guidelines for the resizing model of a network
The purpose of the model is to be able to give the guidelines and guidelines that are required to be able to measure the impact that the corporate network of an organization can have when trying to incorporate a physical security system and thus be able to resize the characteristics of the network.
The development of the model is based on 4 aspects that must be taken into account when resizing a LAN network by integrating a physical security system which are the technical, administrative, security and organizational. These 4 aspects are very interrelated within the organization and the non-consideration of any of them when evaluating can cause the system not to be fully integrated.
1.Technological infrastructure to manage.
2.Administration policies.
3.Operation support infrastructure.
4.Operation demand.
5.Security support infrastructure.
6.Security Policies.
7.Management.
8.Administrative structure of the organization.
Technical aspect
The aspect that has more relevance and importance when resizing the LAN network is the technical aspect since it constitutes the central axis and is the support of the rest of the aspects considered. As a technical aspect we have considered all the elements related to hardware and software that constitutes the corporate network. And we can define 4 fundamental variables when including a security system.
*Trading platform. (operating systems).
*Computer equipment.
*Bandwidth.
* Architecture and interconnection equipment (Swiches, routers on the LAN).
These variables must be measured clearly and concisely by the personnel in charge of the corporate network in order to determine if the minimum infrastructure required for the security system to be integrated into the organization's data system is in place.
Administrative aspect
The second aspect in importance is the administrative and the primary objective of this aspect is simply to generate the administrative policies of the network resources. It is very interrelated to the technical aspect since depending on the administrative policies that are generated, maximum use can be obtained from the network.
Within this aspect we can classify four fundamental variables.
*What to administer.
*What you are looking for with the administration.
*Who is responsible for administering.
*How management is measured.
With the determination of these variables, it is sought to be able to establish the administrative guidelines that are or should be implemented for all the network resources that will be incorporated into the corporate network by the integration of the physical security system.
Security aspect
The security aspect is of great importance for the operation of the network, an intrusion, access control or video system can greatly support this aspect, but it must be evaluated that the system to be incorporated does not present possible flaws or weaken the security scheme that the network possesses.
For this aspect, all the policies that the organization has on these three points must be taken into account:
*Authentication.
*Integrity.
*Confidentiality.
And evaluate them within the following two variables:
*What current security policies may be impacted by the new system.
*What new security policies should be implemented due to the new system.
This in order to be able to establish which policies of the organization must comply with the new system and which policies due to the new system must be generated.
Organizational aspect
This aspect allows us to define is how it should be and what characteristics the new system that is intended to be included in the organization must have; if it fits the real need required and the expectations you have. Taking into account the organizational aspects.
On this aspect, two global variables can be defined:
*Purpose of system implementation
*Scope of the new system
Entering to evaluate in them the feasibilities of the same system.
Conclusions
*Active implementations of security systems are carried out in an improvised "trial and error" manner or based on previous experiences. Causing that in many occasions it goes from being a security system to a vulnerability system since the lack of knowledge of the implications can cause weak points in the rest of the system.
*In the design of an implementation on the corporate network, not only should the technical aspect be considered, although it represents more than 50% of it, the non-incorporation of organizational, administrative and security aspects may mean that the implementation does not have the expected result or impact.
* The lack of regulations, models and / or standards for the integration or installation of security systems in data networks can cause some systems not to operate 100%, wasting their utilities, this because there was no complete vision of what the integration of a physical security system to the data network implies.
Leave your comment