What IT managers need to know about digital video on the network

Nov 1, 2001 12:00 PM, By Luke Richey

How many security managers have spent time, money, and human resources trying to implement digital video products over their corporate network — only to have the projects delayed or shut down by the IT or network administrator due to security or bandwidth concerns?

On the other hand, how many IT or network administrators have had their security managers attempt to install single- or multiple-networked computers without any prior thought to overall network integrity?

These are just two examples of how digital video over corporate networks can create rifts between IT and security departments. This article will cover what a network manager needs to know when confronted with the prospect of digital video recorders being placed on an existing LAN or WAN, and the security managers' response to questions on unfamiliar topics.

IT concerns are very real

MIS and IT managers contemplate the deployment of networked audio/video (mixed media) applications with more than a little apprehension. They correctly view their network as a crucial corporate resource and as a vital tool for information flow. Why then, they ask, should we add an unproven mixed media application to a functional and efficient network?

It is natural to assume that the addition of video traffic into an existing network has the potential of being disruptive. Concern about the coexistence of video and data traffic has good reason. Nobody wants to use a clogged network, but problems like these do not have to be an issue. Video and data applications are perfectly capable of coexisting harmoniously on the same physical and logical network. It's simply a matter of configuration and choice of DVR.

If the IT/MIS department is managing and/or selecting the DVR, concerns will include security, bandwidth consumption, manageability, stability, data integrity and archival and disaster recovery. If the security department is managing the system, there generally are two major points of concern — security of the network and bandwidth consumption.

What you need to know about bandwidth consumption

The digital video server is used as a video storage and transmission delivery system. The server may be used as a “store and forward” device for collection, de-multiplexing, reassembly, re-multiplexing and delivery of video streams. These streams are sent at varying bit rates depending on the DVR used. This leads to the primary concern of network congestion — specifically, whether the video data, when added to the network, will impede the flow of existing data services. Generally, the overall bandwidth of the delivery may be from 48 bits-per-second up to 47 megabits-per-second and usually contains from one to 50 streams.

There's a difference between video and data files. With regard to file sizes, video files tend to be much larger. In terms of flow, video traffic usually flows continuously. Most data traffic, on the other hand, proceeds in small bursting chunks. Lastly, video traffic is sensitive to time-delay, which usually does not affect data traffic. These differences contribute to the widely-held belief that video traffic can be more demanding of a network than data traffic.

When using Ethernet for video delivery over an existing network, care should be taken to balance existing data traffic to eliminate problems caused by conflicts between the video delivery and existing high-volume data traffic. Ethernet switches to isolate video and other data traffic can be used to allocate and balance the data load on the network.

Security must reign supreme

When evaluating or using high-definition digital recording devices that reside on the LAN or WAN, security is another primary concern. With remote users regularly viewing live and recorded video from a company's most vulnerable locations, it is common to be concerned about unauthorized users accessing these images and the network itself. Users of DVR products are deeply concerned about the potential security threats surrounding these next-generation video servers. Manufacturers of digital video recording products have built their systems on a variety of platforms including proprietary operating systems, the Windows 9x family, Windows NT, and Windows 2000.

A proprietary platform is an operating system designed specifically to run on a unique type of digital video recording product. By nature, a proprietary operating system is used by a single manufacturer unless licensed to other competitors.

Among other common platforms, the Microsoft Windows 9x family of operating systems (Windows 95, 98, & ME) originally released in 1995, has been the preferred platform used by DVR manufacturers. There are many reasons this family of operating systems have been so popular with the creators of digital video recording products. Largely, this product line is relatively stable, familiar to most users, and less expensive than its client server counterpart. Virtually no changes in the operating system have occurred in the last six years, thus developers of DVR software have been able to avoid making costly software rewrites. Indeed, when developing multimedia software, coding to a Windows 9x family product is considerably easier than coding to Windows NT, 2000 and XP.

Windows NT became the pride and joy of Microsoft as it provided users with complete network security. For the next six years, Windows NT set the bar for high-end network security until the recent unveiling of Windows 2000.

Built upon Windows NT technology, Microsoft Windows 2000 and XP provide the users of high-definition digital recorders with comprehensive security features to protect their sensitive data and video. These enhanced security features provide local protection in addition to securing information as it is transmitted over a LAN, WAN, phone line, or the Internet.

Windows 2000 also enables system administrators and authorized users to select from multiple levels of security. Windows 2000 also supports standard Internet security features such as IP Security, Kerberos authentication, Layer 2 Tunneling Protocol, and Virtual Private Networking for the most secure environments.

Other “need to know” items

No discussion of putting a new device on a secure, functional and existing network would be complete without discussing manageability, monitoring and reporting, stability, and archival and disaster recovery.

These issues are all highly dependent upon the DVR that a technical manager decides upon and, more importantly, what operating system on which that DVR is based.

For the record

About the author

Luke Richey is CIO for PC Open Inc. of Spokane, Wash.

About the companies

Visit infoLink at www.securitysolutions.com for more information on companies featured in this article.

PC Open — 97

Want to use this article? Click here for options!
© 2008 Penton Media Inc.

This month in Access Control

• Opening Up About Door Closers
• An Enterprise Approach
• The Framework For Open Systems
• On A Higher Plane
• More from April's issue