Who’s Watching The Network?
In the continual movement towards IP-based security, networks are playing a greater role in integrators’ security plans for their end users, as well as in the way they themselves operate. Networking and IT knowledge are becoming more and more useful — if not necessary — to remain successful, profitable and even relevant in today’s security environment.
In the IT world, monitoring the health and reliability of networks has been a best practice for many, many years. The ability to know immediately when an issue arises with a network or a device on that network can be incredibly valuable, allowing IT staff to identify and address problems while reducing or even eliminating network downtime. In some cases, this monitoring can even identify potential problems proactively, increasing the value of monitoring by allowing staff to address them before they can occur.
Because security’s IP age has been relatively short, there are many areas in which the industry lags behind IT. One of these is video network monitoring, which unfortunately has yet to take on the same level of emphasis as it has among IT practitioners. As a result, there are many video surveillance systems in use, ranging from small to very large, that are running on unmonitored networks. This leaves end users with no way to know if there are problems with their network or any of the IP devices running on it, often until it’s too late. While not having video needed to investigate an event can be a big problem, unmonitored networks are also susceptible to a number of other vulnerabilities that lead to data breaches or downtime. In reality, this is the case with more video networks than you might like to think.
“We’ve seen a 100 percent hit rate at sites we’ve visited in terms of something being down on the network,” says Vince Ornato, president of Seattle-based Vunetrix USA.
The main reason for this, says Tom Larson, director of sales and engineering, BCDVideo, Northbrook, Ill., is that where network security has become a given for IT professionals, integrators and other security professionals simply don’t think about it or even realize they should be thinking about it in the first place.
“Monitoring of networks and equipment is a problem the industry has had forever. A lot of it has to do with the fact that the people who are putting in video systems have a background in burg, fire or access control — not IT,” he says.
But it’s not just the security professionals who are resistant to monitoring video networks. In many cases, IT departments want no part of physical security, Ornato says.
“Monitoring of network infrastructure is common; however, seldom do we see it extended to physical security devices,” he says. “For IT departments, this becomes a stretch within the scope of their budgets, so IT people often resist dragging the security network into the sphere of monitoring. There are just too many devices and enormous amounts of video, which creates concerns with bandwidth, disk storage and network speeds.”
By now, it’s a given that nothing lasts forever, including cameras, recorders and other networked video security equipment. Therefore, the industry needs to get on board with monitoring video networks now or risk losing that segment of the business to outsiders, says Bud Broomhead, CEO of Mountain View, Calif.-based Viakoo.
“The conversation about video reliability and quality of service is long overdue. With more than 210 million surveillance cameras already installed globally, and with more than a 20 percent annual growth rate expected moving forward, customers are demanding better means of ensuring that their security and surveillance networks continually operate at peak performance,” he says. “And history shows that if our industry does not step up and provide the solutions and service that customers want, someone else will.”
The increasing movement of video and other security systems onto the network has brought many more people and departments — particularly IT staff — into this conversation than in the past.
“As everything that’s networkable ends up on a corporate LAN, IT people are getting more involved, and they don’t want any equipment deployed on their network without knowing about it,” says Charlie Erickson, vice president of product management, 3xLogic, based in Westminster, Colo. “I can’t remember a project in the last five years where IT hasn’t been involved as much as loss prevention.”
However, the industry is starting to catch up, with a number of solutions now available to provide this all-important network monitoring and diagnosis, something that has been much-needed for a while, Ornato says.
“Murphy’s Law — that anything that can go wrong will go wrong — runs rampant in the security industry because configurations are more complex and pieces can fail without fanfare. Without real-time or near real-time health and performance data, too many unknowns come into play,” he says.
Video network monitoring solutions come in many shapes and sizes. They may be cloud-based, appliance-based, software-based or virtual. They may monitor the network itself or any or all of the devices attached to the network. What they have in common is the ability to quickly detect problems. These solutions can be programmed to monitor for certain criteria, such as the temperature of a recorder, and alert when a threshold is crossed. This provides two main benefits to integrators and end users. First, it allows problems to be corrected quickly to minimize network downtime, and second, it can help identify potential problems before they occur, allowing equipment to be replaced to avoid an issue altogether.
Which solution is right for a particular application depends on the specifics of a customer and their network. For example, while cloud-based solutions have become more commonplace, they won’t work in every situation, Ornato says.
“If you have network security policies that disallow IP access through the firewall, you’ll be restricted to a video management solution or a standalone hardware appliance that has the core monitoring service reside inside the firewall,” he says.
If all of this has you thinking that there could be revenue in video network monitoring, you’re right.
“Integrators can use these solutions to deliver value in the form of reports and network health checks. This lets them offer more of a service than an insurance policy. After all, an insurance company doesn’t tell you when your brakes are about to fail,” Erickson says. “If you’re selling a service, customers see additional value in that service if you can preemptively fix problems so you’re not just waiting for them to call and say something is broken and needs to be fixed. That’s also an additional touch point that can help build and strengthen the ongoing relationship with the customer while generating additional revenue and value.”
The ability to generate revenue from video network monitoring should come as no surprise to savvy integrators who understand the importance of finding RMR from any possible source, Larson says.
“A lot of times end users look at integrators as an outsourced department. They’re performing maintenance, but we’re talking about a break-fix model as opposed to charging more, using software to see into the network and devices, and fixing them before they break,” he says. “When you buy something at Best Buy, the cashier always suggests a two-year protection plan, so our society is used to maintenance agreements. Integrators should build upon that expectation of a service or maintenance charge because even if they’re only getting a small fee, it’s still recurring revenue.”
Integrators can even use data gathered from network monitoring to provide detailed information about the lifecycle of equipment and systems and to help end users plan for inevitable upgrades down the line.
“Data that’s specific to a customer’s system can actually be analyzed and vetted to help customers understand their investment in their infrastructure as well as the lifecycle of that investment, which the data can actually predict,” Ornato says. “With the RMR model, if you’re on the bandwagon and know the inner workings so well, you can formulate a template for a new system for customers. No one else is going to have that data and that level of intelligence. So you can sell based on quantified data specific to the customer and their system.”
The best advice Erickson has for integrators who are deploying video networks is to use the tools available to monitor that infrastructure to deliver a real wow factor to customers.
“It’s important for integrators to know that the equipment they’ve installed is performing as sold, and nothing impresses a customer more than someone showing up to fix something they didn’t even know was broken. That’s impressive and the customer will remember that,” he says.
What’s an MIB File & Why Does it Matter?
One challenge security devices pose for IT departments is that unlike laptops, smartphones, printers and other “traditional” IT devices, IP cameras can’t be recognized by when plugged into a network. The reason? Management information base (MIB) files, which are essential to IT, says Tom Larson of BCDVideo.
“In the IT world, all products have an MIB file so that when you plug a laptop or a printer or a smartphone into a network switch or connect over Wi-Fi, that file allows the device to identify itself to the network,” he says. “In the IP camera world, most have no MIB file so when you plug a camera into the network, it shows up as an unknown device — and you never want to not know what’s connected to your network. That’s a real problem for the security industry.”
Some Things Never Change
The problem of having no one checking on or monitoring video surveillance equipment and systems is not unique to the IP generation. Vince Ornato, president of Vunetrix USA, should know, having been worked with video and security for more than 20 years. Based on his experience, he has become a recognized forensic video expert who has consulted for numerous clients over the years. One story in particular, he says, is an excellent example of how too many in the security industry have in large part still not learned from the past.“In 1991, I got called to a bank where there had been a robbery. When I arrived, a police officer handed me a videotape and said, ‘We can’t get anything off this.’ I couldn’t either, so I needed to figure out why. When I popped the top off the recorder, I saw all the iron oxide that belonged on the tape covering the spinning heads. I asked how recently the tape had been changed, and the answer was about three years. I had to tell them that in all likelihood, the recorder hadn’t been recording anything for about two-and-a-half years. Nobody checked this stuff — and still, nobody checks.”
For more information see these online resources.
Viakoo offers a 12-point checklist for identifying and addressing potential video network security breaches on its website at http://uptime.viakoo.com/securitychecklist.