Video surveillance systems have been deployed extensively in various organizations around the world. One of the main concerns of security managers in modern organizations is to have a video surveillance service that is operable and accessible at any given time. Reliability of the video surveillance system becomes very important, especially for IP-based solutions. Performance and capabilities of the overall system architecture and IP network affect the system's reliability; therefore, they must be highly resilient.
Video surveillance systems have been deployed extensively in various organizations around the world. One of the main concerns of security managers in modern organizations is to have a video surveillance service that is operable and accessible at any given time. Reliability of the video surveillance system becomes very important, especially for IP-based solutions. Performance and capabilities of the overall system architecture and IP network affect the system's reliability; therefore, they must be highly resilient.
Networking Resilience
The foundation of a video surveillance system is the IP network infrastructure, which is used to carry IP encoded video data from surveillance cameras to decoding devices. A failure in the IP network might completely stop the overall video streaming, creating a security risk. Therefore, operators must ensure that the networking infrastructure is based upon proven switching and routing components from well-known vendors and employs high-availability mechanisms, such as Rapid Spanning Tree Protocol (RSTP) in L2 devices and Virtual Router Redundancy Protocol (VRRP) in L3 devices.
The IP network redundancy also need to be supported by dual networking interfaces to ensure an alternative path for video streaming in case of a failure in the network switch or router. The design and implementation of a resilient network infrastructure can ensure the video surveillance service to continue without interruptions or failures.
Video Surveillance Infrastructure Resiliency
Video surveillance components such as the network video recorder (NVR), encoder and decoder, all have to be resilient to ensure the system performance. Encoders are used to convert analog video signal into digital video and transport it across the IP network. A failure in these devices can result in no video streaming; therefore, dual power supplies and dual fans should be employed to ensure proper operation. Dual Network Interface Cards (NIC) should also be employed to route video traffic in case if failure occurs in one of the interface or a network switch connected port.
Complete encoder redundancy is another important mechanism. In this architecture, a single encoder is used as a backup device to a group of encoders. This configuration is sometimes called N+1 redundancy, where N represents the number of active devices that are backed up by the additional decoder, which is in stand-by mode. If an active encoder fails, the standby encoder will take its place without intervention in the process.
Multicast streaming is also important for the overall system reliability because it enables the video signals to be delivered directly to the edge devices without having to pass through the NVR. For multicast to support the NVR, decoding devices and IP network must be able to support multicast protocols such as Internet Group Multicast Protocol (IGMP).
.jpg)
Recording video streams originating from encoding devices (IP encoders and/or network cameras) to an internal or external storage device, is the NVR. The NVR
must be designed as a highly reliable computing platform, including all the relevant components, starting from the CPU and memory, through networking interfaces, and ending with storage devices. The latter is one of the most critical components in the NVR system since video data is physically stored on the hard drives (HDD). A failure in the storage device means the lost or damage of video recordings. Therefore, the NVR must support Redundant Array of Independent Disks (RAID) configuration.
RAID ensures the recreation or rebuilding of the original data from the remaining
disks, even when a HDD fails. However, this data rebuilding operation requires
massive computing and storage resources that limits the NVR performance. As a result, to measure and publish NVR performance under rebuilding conditions is critical or the operator would risk a significant drop in video quality or video loss.
The NVR should also support N+1 configuration, dual power supplies, dual fans and dual networking interfaces to provide a resilient physical architecture. Moreover, the decoding device that comes in various forms, such as embedded devices, dedicated appliances, and PC workstations should also be complemented by advanced application functionalities such as Level of Service (LoS) and Persistent Video Monitoring (PVM).
Users control the underlying networking and video infrastructure via application, so the application must be resilient and consistent. LoS support is important for it ensures users to receive the optimal video stream and dynamically reduces the frame rate or resolution to accommodate new conditions. It also handles similar overloads in the decoding station, so smooth viewing experience is ensured automatically. As for video monitoring, Persistent Video Monitoring mechanism (PVM) and virtual matrix functionalities should be employed to ensure that the video signals are displayed automatically once the data is available.
Management and IT Security
.jpg)
The management components are responsible for the ongoing configuration and maintenance of the system, central point of management and enforcement of the connections between different entities of the systems. Therefore, the Application
Management Server (AMS) must be highly resilient, and it should employ high-availability architecture with backup server. A comprehensive and accurate maintenance alarm application should allow the personnel to quickly locate problems in the video surveillance system. The IP network also must be protected against cyber attack by extensive user configuration and operational capabilities to define relevant operational profiles. Configurability should be enforced by an advanced Role-Based Access Control (RBAC) mechanism. Extensive password protection scheme should also be included to hinder potential intruders from gaining access to the system.
Attention should be paid to the design of overall system reliability and resiliency to ensure the overall system reliability. The video surveillance arena is rapidly moving towards IP-based video surveillance systems. However, this migration must be accompanied with the introduction of a highly resilient and reliable video surveillance solution that ensures operational continuity of the security service, leading to a safer, more secure organization and business environment.