Jump to content

Recommended Posts

I have an ip cctv installation coming up, the customer has a business network existing on site with fiber between switches. There are spare cores on the fiber so new switches are to be installed for the cameras, the customer wants to keep all camera traffic away from the business network. Therefore the NVR server and cameras will all be addressed on a different network range to the business network. However the customer wants to view the cameras through the client sw on the business network and also remotely. The client sw detects the server even when they are addressed on different ip address ranges eg. 192.168.1.1 and 10.1.86.1, if one of the switches on the camera side is linked to one of the switches on the business side and the addresses are as above does the camera traffic effect the business network? Also the server has two network ports so one will be used for the camera network,

 

How do I use the other network card for remote viewing when the server is addressed 192.168.1.1 and the router is on the business address range 10.1.86.1?

 

Sorry about the long post, hope it makes sense.

Share this post


Link to post
Share on other sites

If the cameras are all on a physically separate network, I'd keep it that way, without linking the two at the switches... then just plug one of the server's NICs into each network - the 192.* addressed NIC into the camera network, and the 10.* NIC into their corporate network. Leave the "Default Gateway" blank on the 192.* NIC, too, ANY traffic that's NOT destined for the 192.* network will automatically be routed to the 10.* network.

 

That should be all it takes!

Share this post


Link to post
Share on other sites

If they both goto the same server though, wont that still affect everything?

Share this post


Link to post
Share on other sites

No. Traffic for the 192.* network will be routed in the DVR to the appropriate NIC; all other traffic will default to the 10.* network. Unless the NICs are bridged, the two won't networks won't even be able to directly communicate with each other.

 

Technically running both over the same wires shouldn't have a significant "cross-effect" as long as the switches can handle the traffic, but if the infrastructure is already in place for the cameras to have their own physically separated network, that's certainly preferable, for both reliability and for security.

Share this post


Link to post
Share on other sites

I have a number of systems running this way, and it works fine, and does provide isolation between networks, as Soundy indicated, they could be physically separate networks, or just different subnets/VLAN's on the same physical network/switch.

 

I have also done systems that had a separate subnet/VLAN for the cameras on the same physical network, and added static routes for the computers that needed access to the NVR.

 

If you were really into isolating networks, you could also add a router with stateful packet inspection that only allowed viewing traffic, and nothing else, between the NVR and the viewing network.

 

I had one customer that requested this, so if the NVR was compromised by an attacker gaining access to the camera network/NVR through removing an exterior camera and connecting to the camera network, they still would not be able to get to the core network.

Share this post


Link to post
Share on other sites

What I meant is that if its using a single computer to now do the video and the business stuff, then it could slow down that way.

Share this post


Link to post
Share on other sites

Not sure what you're asking. Having both networks connected to a single machine won't slow down either network at all. Obviously running business apps on a DVR will slow both operations down, but that still won't affect either network.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×