What Network security is expected in surveillance ??

[kalpesh_nikumbh 0]

Hi !!!

 

is migrated from analog sytems to IP now. But is new for networking.

 

While designing Networks, IT poeple typically suggest

 

Web managed switches , support of SMTP , VPN , IEEE 802.1x , IGMP , Supports standard Management Information Bases

 

I can understand all these filtering & above mentioned protocols are useful for desktops since user there do lot of fuctions (read/ write ) over network....hence tracking there activity is important.

 

While camera streams videos.

 

IP cameras have QoS for applying the security policies... thus security required can be implemented at camera end.

 

So far web managed switches are concern, if we have only 1 switch of typically 24/48 port , cann't we go for unmanaged switching??

 

question here is being a standalone network (dedicated for CCTV) with typically 30-40 camera sites , all these security at network level is real ly required??

any suggesstions on this is appreciated.

 

regards,

 

Kalpesh

[Erron S. 0]

Hi !!!

 

is migrated from analog sytems to IP now. But is new for networking.

 

While designing Networks, IT poeple typically suggest

 

Web managed switches , support of SMTP , VPN , IEEE 802.1x , IGMP , Supports standard Management Information Bases

 

I can understand all these filtering & above mentioned protocols are useful for desktops since user there do lot of fuctions (read/ write ) over network....hence tracking there activity is important.

 

While camera streams videos.

 

IP cameras have QoS for applying the security policies... thus security required can be implemented at camera end.

 

So far web managed switches are concern, if we have only 1 switch of typically 24/48 port , cann't we go for unmanaged switching??

 

question here is being a standalone network (dedicated for CCTV) with typically 30-40 camera sites , all these security at network level is real ly required??

any suggesstions on this is appreciated.

 

regards,

 

Kalpesh

 

This question has been answered already. Anything networked into an existing network should have PCI (payment card industry) compliance or the user of the system is at risk of having their credit card processing abilities removed. Something to think about for all the guys that routinely drop a imported DVR with no compliance into a convience store. Who's at fault when they pull their CC abilities? There's also HIPPA and SOX that are regulators in this industry. There's a nice white paper on my website concerning PCI compliance, I would go read it for sure. There's also a ton of info out there that pertains to this via a quick google search.

[zmxtech 0]

bit late anyway...

 

QOS is not a policy its a TAG on TCP packet. the switch will run QOS policy if you set it up. [nothing to do with security]

Its normally used to give VOIP data a high priority.

 

If you have 2 networks data and cctv at least run 2 VLANs even a 3rd for PTZ control.

If you have the $$$ a separate POE switch is the go. like a Cisco 3750ps

 

If you are worried about security run 802.1x on the switch and have a firewall\IDS .

An Easier way >run switch port "MAC address" security also which locks down the MAC and amount of users. and send the traps out also for IDS

 

The problems not really with the network, its with IP cameras they have very very basic security.

 

Its quite easy to splice a cat5 and sniff the camera feed and/or add another etc. yes you could put it in a loop feed it with VLC etc etc

>but only if its a nuclear base and Jack bauer asked !

 

hope that give you some ideas

[Sawbones 0]

It's not just the cameras that have very very basic security... some of the DVRs do too.

 

Segmenting your network is really the way to go, particularly with a large number of IP cameras.