Fiction: MPEG compression is better than JPEG for all video security applications

JPEG (Joint Pictures Expert Group) and MPEG (Motion Picture Experts Group) compression technologies, called codecs, are inherently related in how they compress and display video images. The primary difference between the two is that while JPEG transmits a stream of complete images, MPEG sends some complete JPEG-compressed images, along with a set of partial images that provide the changes in the image from the initial JPEG frame that was previously transmitted. Based on the specific network camera or video encoder selected, and the capabilities of the local network and Internet connections, either JPEG or MPEG can provide high-quality video viewing.

In comparing these two compression codecs, the installing security company must consider a number of factors to determine whether MPEG or JPEG-based devices will provide the best performance and value for a particular client. The first is the network’s available bandwidth to transmit video. Because JPEG transmits complete images, a high rate stream of JPEG images, for example 15-25 frames per second (fps), will require a large portion of bandwidth to deliver its images. MPEG video streams are intrinsically lower, as only a relatively few full images are transmitted, along with a number of partial images. From this perspective, MPEG devices should be considered when a sizeable quantity of video cameras or encoders are to be connected to an individual network, as the overall bandwidth requirements will be lower than with similar JPEG devices.

Product cost is another primary consideration. JPEG is a “free” technology, requiring no licensing fees to be paid by the manufacturer and secondarily by the user. Devices using JPEG are less expensive than equivalent MPEG equipment, for which licensing fees must be paid for use of the codec.

Who will view the video images may also affect the decision between MPEG and JPEG. Most current JPEG security cameras and servers allow any viewer, on the LAN or remotely over the Internet, to access and view the video images using a standard web browser such as Internet Explorer, provided the user has the correct IP address and username/password access information. Usually, no special software is necessary in the viewer’s computer.

Remote viewing of MPEG video cameras and encoder image streams often requires specific software be installed in the viewing computer, although some such devices allow MPEG viewing after downloading specific ActiveX or DirectX applets. Requiring specific software in the viewing computer helps limit the ability to view the images from a device. This may be a positive or a negative factor, based on the particular application.

Recording and storage concerns also tip the scale towards using MPEG devices for large-scale installations, as the overall files sizes of MPEG video streams will be lower than JPEG, providing smaller hard disk storage requirements, and/or allowing more video to be stored on the same-sized hard drive array.

Where to use which? JPEG is perfectly usable for smaller systems, such as individual cameras installed in a client’s chain stores so that he or she can view and record a camera or two from each location. MPEG is the technology of choice for larger, enterprise-level systems where minimizing bandwidth usage is paramount. Some vendors provide cameras and video servers with both technologies on-board.

Fact: Ethernet and Wi-Fi network devices are not supervised

When devices are connected and addressed onto a network, whether wired Ethernet or wireless Wi-Fi, those technologies do not themselves provide a capability for supervision. If a device is disconnected, powered down, or removed from the network no “alarm” signal is generated. The only way to know that a device has been disabled or removed is when a user or another computer cannot communicate with the device. Such failure indicates a problem in the cabling, network devices, power, or addressing of the network device.

This lack of electrical and power supervision of network devices should be of great concern to security system companies. Considerations should be given during the planning stages of a network-enabled security device installation as to the integrity of the power feeding security devices, as well as the physical security of the cabling connection to a DVR, intercom, or video server device. It is relatively easy to address a device, plug it into an existing hub or switch, and apply power, establishing the device on a network. It is just as easy to unplug the network cable or power, disabling a potentially critical security component or video feed.

Another issue is that of “rogue” computers being connected onto a network, allowing hackers or unauthorized personnel to access network resources, and potentially to disable or damage software programs. Ethernet and Wi-Fi networks are designed to accept all IP addresses within a specific class C range, and are often configured to use DHCP (Dynamic Host Control Protocol) which issues IP addresses to computers that ask for them. So an unauthorized user can walk into a business with a laptop computer, plug into an Ethernet-connected RJ-45 wall jack, and likely get onto the local network, if the DHCP server is giving out IP addresses. This problem is amplified if a network uses Wi-Fi wireless; a person sitting in his car outside of the target network’s building may be able to quickly receive an address and start to access network resources, without ever physically entering the building. DHCP servers can be configured to limit the number of addresses issued at one time, and can also limit the addresses issued to a specific list of MAC (Media Access Control) addresses, which would cause the server to only issue addresses to authorized computers or devices.

As static and DHCP IP addresses can both be active on the same network at the same time, hackers can also take guesses at otherwise unused static IP addresses. An intruder can use the “IPCONFIG” command at any network-connected computer, and quickly determine the IP address range of the network to which that computer is connected. With that information, a rogue computer can be quickly configured to communicate on the network.

Auxiliary software programs such as the ClearMap product from SyPixx, which is described on page 15 of the “Expert Tips” section of this guide, can be programmed to provide supervision of devices on a particular network. This program not only monitors existing devices for their connection to the network, but also can activate alarm and e-mail notification if a rogue device has been connected. Such software programs should be included with the installation of all high-end, enterprise-level network systems.

Fiction: All broadband Internet connections are the same

Unfortunately for security installation companies, all Internet connections are not the same. While a computer user may be able to access the Internet and surf the Web whether connected to a DSL, cable modem, or satellite connection, connecting network-enabled security equipment – particularly video with its high bandwidth requirements – to those same types of connections and getting acceptable performance and/or viewing from a remote location is often a different matter.

While the term broadband is often used to describe an always-on Internet connection, such as a DSL or cable modem link, the truth is that these services will vary widely in performance, and performance may vary during any given time period.

Using a broadband testing Web site (see page 14 in the “Expert Tips” section) will provide an installing technician with a good concept of the capabilities of a particular Internet connection. Remember that when installing a DVR, network camera, or video server at a client’s location, the amount of video signals that can be viewed will be limited by the upstream capability of the Internet connection. While most DSL and cable Internet providers tout their “big bandwidth” connections, their concept of big is the downstream component. Security installers need to look at the upstream component to gauge the quality and quantity of video that can be viewed from a remote location. Manipulation of a network camera or video server’s compression settings can reduce bandwidth needs, although video quality may suffer.

Be particularly cautious if considering the connection of network-enabled video devices to geo-stationary satellite-based Internet connections. Although a bandwidth test may show enough “pipeline” to provide decent video, the lag times between signals may make remote viewing of the video images cumbersome at best, and may not allow any viewing.

Fiction: A 100 Mbps Ethernet network will provide 100 Mbps of data throughput

Data networks are characterized by their throughput or bandwidth, meaning the amount of data bits that can be transmitted through the network’s cabling and devices within a certain period of time. This measurement is usually presented in a format of Kbps (kilobits per second) or Mbps (Megabits per second), with kilo meaning thousands and mega meaning millions.

Although Ethernet was initially designed to transmit 10 Mbps, developments in the communication protocol and cabling systems allowed for the development of a new 100 Mbps standard for Ethernet. Since its introduction in the early 1990s, 100 Mbps or Fast Ethernet has become the de facto standard for wired network communications.

A sports car may have a speedometer that reads a maximum of 185 miles per hour; however, road conditions, legal issues, and the driver’s fear may keep that car from ever reaching such a speed. In a similar fashion, cabling and connector issues, electromagnetic and radio frequency interference, and network devices will reduce the usable bandwidth of a particular Ethernet network. Technical studies indicate that the typical 100 Mbps Ethernet network actually provides between 50 and 60 Mbps of data throughput.

This is an important consideration for security dealers when designing network video systems, which are generally programmed to provide 24/7 streams of video images for viewing and recording. If installing 20 video servers that each require 2 Mbps of bandwidth, the aggregate video bandwidth is 40 Mbps. The security dealer may believe that these video feeds will require only 40 percent of a 100 Mbps Ethernet network’s bandwidth, when in reality 40 Mbps of video feeds will consume 80 percent of the bandwidth of a network which has only 50 Mbps of actual throughput.

Security system designers need to understand the true bandwidth potential of typical enterprise networks, and use products that can be programmed to provide reasonable quality video images at data rates of 1 Mbps or less.