Get Up-to-speed on Security Network Fundamentals
In this network, the PCs share data via category cable, also known as unshielded twisted pair (UTP) cable.
Today’s security industry professionals are encountering more IP-technology security projects, yet many of them have not had the opportunity to learn networking from an IT perspective.
Fortunately, networking is not a new concept to most security installers, because they have been creating networks of PTZ cameras using RS-485 technology for many years now.
However, although IT installers have had the benefit of learning IT technologies as the networks evolved, security installers face the challenge of absorbing 20-plus years of knowledge at a rapid pace.
Fortunately, networking is not a new concept to most security installers, because they have been creating networks of PTZ cameras using RS-485 technology for many years now.
However, although IT installers have had the benefit of learning IT technologies as the networks evolved, security installers face the challenge of absorbing 20-plus years of knowledge at a rapid pace.
Start with Standards
To get up to speed quickly, security installers should start by studying the network standards. The Institute of Electrical
Although most network standards come from IEEE or EIA/TIA, industry-leading companies develop them as well. A good example is the Open Systems Interconnection (OSI) model.
In the mid-1980s, major communications and computer companies developed this model, a standard description of a network, to provide a platform for how systems manufactured by different companies could exchange information. Actually, the OSI model is not a true standard, but rather a concept that helps users understand the in-depth workings of a network.
Although most network standards come from IEEE or EIA/TIA, industry-leading companies develop them as well. A good example is the Open Systems Interconnection (OSI) model.
In the mid-1980s, major communications and computer companies developed this model, a standard description of a network, to provide a platform for how systems manufactured by different companies could exchange information. Actually, the OSI model is not a true standard, but rather a concept that helps users understand the in-depth workings of a network.
Know Your Network Cabling
Copper
Next, it is a good idea to become familiar with network cabling, which is developed in a highly standards-based environment. Copper Category 5 (Cat 5) cable has been the long-time standard for networks and is generally considered capable of working at up to 10 Mb/s. Cat 5 is comprised of four pairs of wire individually twisted and wrapped by a common sheath. Cat 5e cable has the same construction as Cat 5, but features a bandwidth of up to 100 Mb/s due to increased manufacturing tolerances and techniques.
An increasing need for network speed has created demand for higher-performance cable, such as Cat 6. Rated at 1Gb/s data bandwidth, the larger conductors of Cat 6 have specifically designed fillers to maintain the positions of the individual pairs, which minimize cross-talk within the cable. Further development continues to drive the capability of these cables, with Cat 6a cable rated at 10 Gb/s.
Fiber Optic
In addition to copper cables, fiber optic cable is frequently used in networks for two primary purposes. It allows the distance between the core switches and the edge switches to exceed the 300 ft. (100 meters) maximum distance of an Ethernet connection. It also is used for high-bandwidth applications, such as data centers.
Fiber optic cable is characterized by the size and type of the fiber. Single-mode fiber with a 10-micrometer core is used for extended distances, such as those in telephone systems.
Multimode fiber is the most common fiber in networks today and has a 62.5-micrometer core. Multimode fiber with a 50-micrometer core is becoming a standard as needs drive bandwidth higher.
Next, it is a good idea to become familiar with network cabling, which is developed in a highly standards-based environment. Copper Category 5 (Cat 5) cable has been the long-time standard for networks and is generally considered capable of working at up to 10 Mb/s. Cat 5 is comprised of four pairs of wire individually twisted and wrapped by a common sheath. Cat 5e cable has the same construction as Cat 5, but features a bandwidth of up to 100 Mb/s due to increased manufacturing tolerances and techniques.
An increasing need for network speed has created demand for higher-performance cable, such as Cat 6. Rated at 1Gb/s data bandwidth, the larger conductors of Cat 6 have specifically designed fillers to maintain the positions of the individual pairs, which minimize cross-talk within the cable. Further development continues to drive the capability of these cables, with Cat 6a cable rated at 10 Gb/s.
Fiber Optic
In addition to copper cables, fiber optic cable is frequently used in networks for two primary purposes. It allows the distance between the core switches and the edge switches to exceed the 300 ft. (100 meters) maximum distance of an Ethernet connection. It also is used for high-bandwidth applications, such as data centers.
Fiber optic cable is characterized by the size and type of the fiber. Single-mode fiber with a 10-micrometer core is used for extended distances, such as those in telephone systems.
Multimode fiber is the most common fiber in networks today and has a 62.5-micrometer core. Multimode fiber with a 50-micrometer core is becoming a standard as needs drive bandwidth higher.
Networking 101
Cabling and electronic devices, such as hubs, switches, gateways, routers and wireless access points, make up the physical part of the network. In today’s world, most of the traffic on an IT network uses the Transmission Control Protocol/Internet Protocol (TCP/IP), which can be considered the network’s “language.”
In IT networks, data is transmitted in digital ones and zeros, or bits. Bandwidth is measured in bits per second (bps), which may seem strange to installers who are used to talking about bandwidth measured in Hertz or KHz. However, in both cases, the term bandwidth indicates the ability of the system to carry a signal without change or degradation.
The diagram on the previous page shows a very simple network with two PCs and a data hub. In this network, the PCs share data via category cable, also known as unshielded twisted pair (UTP) cable. The data hub serves a function similar to that of a video distribution amplifier. A signal is presented to a port and the same signal is then made available to all of the other ports. A hub shares its capacity between all of the ports.
As an increasing number of network devices produced more data traffic, networks had to handle more bandwidth, and data switches were created to address this need. A data switch acts much the same as a video multiplexer by switching the full bandwidth from one source to another. But unlike a multiplexer, the switch makes the source selection very quickly and automatically.
Typically, the switch makes a connection with a duration of microseconds and changes the connection to another port in tens of microseconds. The connections also can be from any port to any port because all the ports are bidirectional.
A data switch can handle more traffic than a hub because the connection is at the full bandwidth of the switch. Current production switches typically have 100 Mb/s or 1 Gb/s bandwidth specifications.
Switches with modifiable parameters are known as managed switches, while units without configurable parameters are known as unmanaged switches. Initially, managed switches had a serial communications port that enabled configuration of the parameters via a terminal or PC.
But because going from switch to switch to modify configurations was time-consuming, switches today are generally configured over a network connection. The serial port connection is called out-of-band control, while a network connection is known as in-band control.
As the need to interconnect more equipment increased, IT could not connect everything to a single switch, so they daisy-chained multiple switches. This resulted in a design using a core switch and edge switches (see diagram at left).
The core switch is, just as its name indicates, at the core of a larger network. Core switches have very high bandwidth specifications in the 10 to 100s of Gb/s and a large number of ports to connect other switches and devices, such as servers.
Edge switches are typically deployed in closets throughout the building in order to meet the 300-ft. maximum distance of an Ethernet connection.
In IT networks, data is transmitted in digital ones and zeros, or bits. Bandwidth is measured in bits per second (bps), which may seem strange to installers who are used to talking about bandwidth measured in Hertz or KHz. However, in both cases, the term bandwidth indicates the ability of the system to carry a signal without change or degradation.
The diagram on the previous page shows a very simple network with two PCs and a data hub. In this network, the PCs share data via category cable, also known as unshielded twisted pair (UTP) cable. The data hub serves a function similar to that of a video distribution amplifier. A signal is presented to a port and the same signal is then made available to all of the other ports. A hub shares its capacity between all of the ports.
As an increasing number of network devices produced more data traffic, networks had to handle more bandwidth, and data switches were created to address this need. A data switch acts much the same as a video multiplexer by switching the full bandwidth from one source to another. But unlike a multiplexer, the switch makes the source selection very quickly and automatically.
Typically, the switch makes a connection with a duration of microseconds and changes the connection to another port in tens of microseconds. The connections also can be from any port to any port because all the ports are bidirectional.
A data switch can handle more traffic than a hub because the connection is at the full bandwidth of the switch. Current production switches typically have 100 Mb/s or 1 Gb/s bandwidth specifications.
Switches with modifiable parameters are known as managed switches, while units without configurable parameters are known as unmanaged switches. Initially, managed switches had a serial communications port that enabled configuration of the parameters via a terminal or PC.
But because going from switch to switch to modify configurations was time-consuming, switches today are generally configured over a network connection. The serial port connection is called out-of-band control, while a network connection is known as in-band control.
As the need to interconnect more equipment increased, IT could not connect everything to a single switch, so they daisy-chained multiple switches. This resulted in a design using a core switch and edge switches (see diagram at left).
The core switch is, just as its name indicates, at the core of a larger network. Core switches have very high bandwidth specifications in the 10 to 100s of Gb/s and a large number of ports to connect other switches and devices, such as servers.
Edge switches are typically deployed in closets throughout the building in order to meet the 300-ft. maximum distance of an Ethernet connection.
Connecting Networks
Often, IT will interconnect separate networks that need to exchange information. Traditionally, the interconnection was called a “gateway,” and it performed protocol conversions that allowed two or more networks to be connected.
Today, the need for protocol conversion is diminished greatly by the use of TCP/IP in the vast majority of networks. Due to the packet structure of the TCP/IP protocol, a device called a router has taken the place of the gateway.
The router provides connectivity between the networks and management of the packets all in one device (see diagram below). The term gateway is still used in many networks and should be considered the same as a router. However, today, gateway is generally the term used for the connection to a public network, such as the Internet.
Today, the need for protocol conversion is diminished greatly by the use of TCP/IP in the vast majority of networks. Due to the packet structure of the TCP/IP protocol, a device called a router has taken the place of the gateway.
The router provides connectivity between the networks and management of the packets all in one device (see diagram below). The term gateway is still used in many networks and should be considered the same as a router. However, today, gateway is generally the term used for the connection to a public network, such as the Internet.
A Look at Parallel Networks
Today, many diverse systems are utilizing networks to share information, both within a single application as well as between multiple applications requiring the same information.
Systems such as Enterprise Resource Planning (ERP), accounting, human resources (HR) and customer records are now sharing network bandwidth with lighting controls, security cameras and access control systems.
Although these systems can clearly coexist on the same physical network, the bandwidth required, system responsibility, possible regulatory requirements (HIPPA, Sarbanes-Oxley, PCI), and data security concerns can be quite different. The use of two parallel networks could address these issues.
A parallel network is a simple separate physical network used for a specified set of applications. Creating a separate physical network for security and facilities functions will allow the IT data management team to better manage the regulatory environment of the IT business network while providing the facilities department with the tools needed to take advantage of state-of-the-art technologies.
Implementing a parallel network is often a relatively low-cost project. One of the most costly components of a network is the installation of the cables or fibers, known as the “backbone,” from the core switches to the wiring closets. Due to the high cost of this installation, it is standard practice to install spare cables or fiber. Creating a parallel network simply utilizes some of the spare backbone capacity to connect new switches and devices.
The parallel network is not without its critics. Some argue that networks should not be kept separate because modern switches can establish a virtual LAN (V-LAN) to control bandwidth usage.
Systems such as Enterprise Resource Planning (ERP), accounting, human resources (HR) and customer records are now sharing network bandwidth with lighting controls, security cameras and access control systems.
Although these systems can clearly coexist on the same physical network, the bandwidth required, system responsibility, possible regulatory requirements (HIPPA, Sarbanes-Oxley, PCI), and data security concerns can be quite different. The use of two parallel networks could address these issues.
A parallel network is a simple separate physical network used for a specified set of applications. Creating a separate physical network for security and facilities functions will allow the IT data management team to better manage the regulatory environment of the IT business network while providing the facilities department with the tools needed to take advantage of state-of-the-art technologies.
Implementing a parallel network is often a relatively low-cost project. One of the most costly components of a network is the installation of the cables or fibers, known as the “backbone,” from the core switches to the wiring closets. Due to the high cost of this installation, it is standard practice to install spare cables or fiber. Creating a parallel network simply utilizes some of the spare backbone capacity to connect new switches and devices.
The parallel network is not without its critics. Some argue that networks should not be kept separate because modern switches can establish a virtual LAN (V-LAN) to control bandwidth usage.
Remote Video Monitoring
A significant factor driving the use of IP-based security systems is the ability to view video from a remote location. Implementation is the key to the success of remote viewing. If your client has an IT staff, they will be able to guide you through implementation and provide you with the address of the router/gateway. However, if you are working with a small business or an organization that does not have an IT staff, you need to know how to configure a remote connection to a network.
The ease or difficulty of setting up remote viewing is dependent upon the type of Internet connection the business provides. Internet connections provide network devices with IP addresses, which can be thought of as being like phone numbers.
Very high-performance Internet connections are more expensive and often provide a static or unchanging IP address. But most low-cost Internet connections feature Dynamic Host Configuration Protocol (DHCP) providing dynamic IP addresses that change on a regular basis. This kind of Internet connection could be giving network devices different IP addresses every time. Think how difficult it would be for you to reach someone by phone if that person’s phone number was constantly changing!
To address the challenge of DHCP use a dynamic domain name server (DDNS) provider to set up a DDNS connection with the video recorder. The DDNS provider tracks the recorder’s changing IP address and gives it a Web site name. This allows the remote client to connect to a Web site name instead of a specific IP address and use a low-cost Internet connection to support a remote viewing function.
The application of IP network fundamentals will certainly be a part of the security landscape for the foreseeable future as physical security systems migrate to IT networks. Security installers who learn these new technologies will benefit the most from this trend.
The ease or difficulty of setting up remote viewing is dependent upon the type of Internet connection the business provides. Internet connections provide network devices with IP addresses, which can be thought of as being like phone numbers.
Very high-performance Internet connections are more expensive and often provide a static or unchanging IP address. But most low-cost Internet connections feature Dynamic Host Configuration Protocol (DHCP) providing dynamic IP addresses that change on a regular basis. This kind of Internet connection could be giving network devices different IP addresses every time. Think how difficult it would be for you to reach someone by phone if that person’s phone number was constantly changing!
To address the challenge of DHCP use a dynamic domain name server (DDNS) provider to set up a DDNS connection with the video recorder. The DDNS provider tracks the recorder’s changing IP address and gives it a Web site name. This allows the remote client to connect to a Web site name instead of a specific IP address and use a low-cost Internet connection to support a remote viewing function.
The application of IP network fundamentals will certainly be a part of the security landscape for the foreseeable future as physical security systems migrate to IT networks. Security installers who learn these new technologies will benefit the most from this trend.
Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!
