October 2008

October 2008 Supplement to Security Products

CHICAGO’SVIRTUAL SHIELD

IP networking strengthens public sector security

22

MASS NOTIFICATION MEETS THE FIRE PANEL 14Newer, faster ways to get the word out

ERM DEMYSTIFIED 26CSOs take on a broader strategic role

PLUS

Miami International Airport Goes IP 8

CHICAGO’SVIRTUAL SHIELD

IP SPEAKS CLEARLY IN MASS NOTIFICATIONBy Sharon J. WatsonThe modern mass notification system is not onetool or product, but a security solution encom-passing an increasing range of networks and ap-plications, many of them Internet protocol-based.The U.S. government now encourages Depart-ment of Defense facilities to adopt IP-centric notification solutions while educa-tion, industrial and business users are incorporating UFC language into theirown MNS RFPs.

PUBLIC SECTOR PROTECTIONBy John W. VerityOne of the world’s most ambitious municipal videosurveillance systems, Chicago’s Operation VirtualShield is putting IP to the test across a wide spec-trum of technologies—serving as a showcase forboth suppliers and the Department of HomelandSecurity. It represents just one example of hownetworked security strengthens surveillance,perimeter protection and threat detection in public sector applications.

ERM DEMYSTIFIEDBy Steven TitchERM might be the new watchword of the day, but itis what security has done for years. What’s new isthat, because of compliance laws designed to pro-tect corporate shareholders such as the Sarbanes-Oxley Act, ERM has senior management’s attention.

ContentWhere Physical Security & IT Worlds Converge

© Copyright 2008, all rights reserved. Network-Centric Security is a supple-ment to Security Products, an 1105media, Inc. publication, and is published 6 times a year: February, April, June, August, October and December.

The information in this magazine has not undergone any formal testing by1105 Media, Inc. and is distributed without any warranty expressed or implied.Implementation or use of any information contained herein is the reader’s soleresponsibility. While the information has been reviewed for accuracy, there is no guarantee that the same or similar results may be achieved in all environments. Technical inaccuracies may result from printing errors and/ornew developments in the industry.

OCTOBER 2008 VOLUME 2 NO. 5

Network-Centric Security welcomes vendor information and briefings. To arrange a briefing, pleasecontact our editor, Steven Titch, via e-mail at titch@experteditorial.net. Our agreement to acceptor review product material or backgrounders is not a guarantee of publication.

6EnterWhere the emphasiswas not too long agoon choosing productsolutions to meet specific securityneeds, ERM meansCSOs must align the enterprise’s securitypriorities with the enterprise’s vulnera-bilities taken as a whole.

8InnovateSecurity conver-gence has taken a major step at Miami InternationalAirport with Ericsson Federal’s completionof a large-scale customized installa-tion of an integrateddigital video, audioand access controlsystem.

30LaunchNew applications,strategies and solutions.

33ExitA new IEEE standard will double Power over Ethernet performance.

OCTOBER 2008 | SECURITY PRODUCTS

EDITORIAL

EditorSteven Titch281-571-4322

titch@experteditorial.net

Art DirectorDale Chinn

PublisherRussell Lindsay

rlindsay@1105media.com

Associate Publisher/Editor-in-ChiefSecurity ProductsRalph C. Jensen

rjensen@1105media.com

SALES

District Sales ManagerWest/Southwest /Central

Barbara Blake972-887-6718

bblake@1105media.com

District Sales ManagerSouth/Southeast /Midwest

Brian Rendine972-687-6761

brendine@1105media.com

District Sales ManagerNE/Eastern Canada/International

Randy Easton678-401-5543

reaston@1105media.com

District Sales ManagerCalifornia/Central and Western Canada

Ben Skidmore972-587-9064

bskidmore@1105media.com

District Sales ManagerEurope

Sam Baird+44 1883 715 697

sam@whitehillmedia.com

District Sales ManagerChina

Jane Dai - New Buddy Limited+86-755-82925229

District Sales ManagerTaiwan

Peter Kao–Idea Media+886-2-2949-6412

peter.idea@msa.hinet.net

1105 Media14901 Quorum Dr., Suite 425

Dallas, TX 75254

Editorial services provided byExpert Editorial Inc.

www.experteditorial.net

features

departments

1414

2222

2626

S6

The debate is over.There is no doubt that when it comes to securing the enterprise, end users are abandoning single-ven-

dor, proprietary models and embracing open, interoperable architectures supported by multiple sources.Nonetheless, there are a handful of vendors who, while acknowledging the trend toward IP

networking, insist this convergence will still take an indeterminate time to mature. There’s still a lot of analog CCTV equipment out there, and users are hesitant to toss that out just for the sake ofmerging security and IT.

This desperate argument attempts to frame IP as just another procurement option as if it were anal-ogous to choosing a proximity reader vs. a card swipe. To be sure, the amount of legacy security equip-ment and its relative age factor into any purchasing decision, but these days security RFPs deal (orshould deal) with more than how systems purchased in 2009 will mix with systems purchased in 2002.

The limitations of proprietary systems become unavoidable when the conversation turns to enterprise risk management. As the article beginning on page 26 reports, ERM has become the foundation of the chief security officer’s job. Though the emphasis was not too long ago onchoosing product solutions to meet specific security needs, the new task is aligning the enterprise’ssecurity priorities with the enterprise’s vulnerabilities taken as a whole.

The change is subtle but significant. Yes, the job still calls for extensive knowledge of the nuts andbolts of surveillance, access and alarm systems. What’s new is the requirement to adapt the securityprocess to the goals of the larger corporate mission.

For example, until recently, the CSO’s job was “protect the facility.” Today, it’s “protect shareownervalue.” It’s more than semantics. CSOs must now measure, quantify and qualify risks and vulnerabilitiesagainst the consequences of a breach or breakdown.“Protect property” has morphed to “protect assets.”To steal your confidential information, I don’t need to filch a disk or a document.All I need to do is findan unsecured work station and use the flash drive I brought with me. Are your surveillance, access systems and IT safeguards integrated enough to catch me before I’m out of the building?

Finally, yesterday’s request to comply with corporate policy has become today’s requirement tocomply with the law. Those fax cover sheet boilerplates about proprietary infor-mation? Those dictates about not deleting e-mails? Ignoring them could meancriminal liability. It’s the CSO’s job to make sure the organization under-stands that from top to bottom.

What does this have to do with IP? At the most basic level, IP networking is the foundation on which all information is created,processed, manipulated and disseminated around the enterprise. If security is going to be an elemental part of the enterprise, which is necessitated by laws such as Sarbanes-Oxley, security systems must becompatible with IP.

Some enterprises will do well with hybrid systems in the near term,but beware of vendors, integrators and consultants selling you on a long-term proprietary strategy. One of two outcomes is guaranteed within the next 24 to 36 months: they’ll either have shifted to an open systems strategy themselves, or be out of the end-to-end market.

ERM: What It’s All Aboutby Steven Titch, Editor

OCTOBER 2008 | SECURITY PRODUCTSS8

Security convergence has taken a major step at Miami International Airport with Ericsson Federal’scompletion of a large-scale customized installation of an integrated digital video, audio and access control system. The deal also represents a substantial inroad by a telecommunications company into securi-ty contracting, pointing to the growing significance of large-scale networking experience in security workfor major infrastructure points.More than 15 million travelers pass through the airport each year, placing Miami International in thetop 30 worldwide in terms of handling passengers.The airport serves as a major U.S. gateway not onlyto Europe, but also to Latin America.

Ericsson Federal, Plano, Texas, incorporated in the U.S., is the government system integration armof Ericsson Inc., the U.S. subsidiary of Sweden’s Ericsson AB. Ericsson ranks among the world’s lead-ing suppliers of wireline and wireless switching equipment and networks. This background will be in-creasingly important, says Frank McGhee, vice president of marketing and business development atEricsson Federal, as security and IP networking converge.

Ericsson’s telecom and wireless background provides a degree of differentiation from integratorswith experience in transportation (Bombardier), building management (Honeywell, General Elec-tric), enterprise networking (IBM,Accenture) and defense (Raytheon). Of its competitors, only Ger-many’s Siemens and Cisco Systems, San Jose, Calif., can boast telecom pedigrees. However, Siemens’integration activities draw on a far more diversified infrastructure portfolio. Cisco has so far shiedaway from approaching end users as an integrator on security projects, choosing instead to developchannel partnerships.

HIGH-SPEED VIDEOEricsson Federal was the lead contractor in the Miami airport project, which brings together equip-ment and channel partners from a number of sources.

Its solution for Miami International includes live high-speed video surveillance, synchronized withtwo-way audio intercoms, and supports both digital video and audio recording. The system includeslive full-frame video feeds from more than 500 cameras—along with audio and telemetry informa-tion—linked to security workstations throughout the airport.The system also includes an access con-trol system and alarm system to secure more than 1,000 access points across the airport.

The enormous demand for security integration presents Ericsson

with a new opportunity to apply network technology.

Miami Airport Goes IPby Steven Titch

“Digital video and audio integrate with existing CCTV,”McGhee says. The IP backbone network uses asynchronoustransfer mode switching, a standardized switching protocol usedlargely in the telecommunications industry. “ATM offers high re-liability, especially for video transmission,” he says. “It’s a robust,hardened solution.”

Elements of the Miami International surveillance system in-clude NICE Systems’ network video recorders and Telindus’CellStack video management software, McGhee says. He couldnot disclose the suppliers of access control systems or video cam-eras, although he says high-definition, megapixel cameras arepart of the mix.

The policy-based CellStack system focuses a security officer’sattention only on events that require an officer’s direct involve-ment. In the event of a security breach, an automated alarm noti-fies a security officer at his or her workstation. The security officercan view the video feed in real time and adjust the PTZ camera tofollow the event from any camera on the network. Ericsson alsoadded an analytics package to further aid response.

In addition to third party equipment integration, Ericsson bringsits own technology to the project. Additional broadband and Eth-ernet switching comes from Ericsson’s Redback Networks unit. ItsTandberg Television division supplied high-definition MPEG-4video encoders. Although there’s no use of wireless in Miami International’s security network now, Ericsson is in a position to apply its considerable work with the third generation wirelessso-called Long Term Evolution standard, forward-looking technol-ogy designed to boost data speeds in commercial wireless networksas high as 100 Mb/s.

“Ericsson brings a comprehensive platform to address videosurveillance management end-to-end,” McGee says.

TEST LAB ON SITEA unique component of the Miami airport contract is an onsite in-teroperability lab where all multi-vendor surveillance equipmentand system components can be tested and verified before beingimplemented. The lab sees regular use, McGhee says. Cameras,pressure sensors, infrared sensors and other devices have beenevaluated. “You work out any integration problems prior toputting it into the network,” he says.

Moreover, with security priorities shifting away from turnkeyvendors toward an emphasis on best-of-breed components, Erics-son sees an opportunity to leverage its experience both with net-

working technology and government contracting into the securityspace. Like enterprises struggling to mix legacy security systemswith newer, network-centric systems, the federal government seekssystem integrators that do best-of-breed evaluation and deliverquality products that are compatible, McGhee says. “It means understanding the value proposition and putting together the bestsolution,” he adds.

With its traditional telecom market maturing and consolidat-ing, the enormous demand for security integration presents Eric-sson with a new opportunity to apply network technology, espe-cially with broadband and video. “It’s strategically important toEricsson,” McGhee says. “It brings together all the capabilitiesthe company has.”

The security surveillance system at Miami International is oneexample of Ericsson Federal’s National Security and Public Safetysolutions. Other Ericsson Federal NSPS solutions include NationalBorder Control systems, emergency response systems and criticalarea surveillance systems.

“As broadband becomes more prevalent everywhere, we’reright at the center,” McGee says. “We can move into the multime-dia or applications space to utilize this great wealth of bandwidthwe’re going to see over the coming years.”

Honeywell DetailsVideo ManagementSoftware Platform

by Steven Titch

Honeywell joined the burgeoning listof vendors offering software designedto integrate video surveillance com-ponents via the Internet protocol lastmonth, formally unveiling its new IP-based video management system. Honeywell, which had teased its Video Management System inMarch at ISC West, was scheduled to begin commercial shipmentsin September, according to Rob Blasofsel, access/video integrationmanager at Honeywell Automation and Control Systems, Min-neapolis, who was interviewed for this article in August.

Honeywell is positioning its VMS as a “top box,” Blasofsel says.Unlike most of its competitors, which include Milestone Systems,Pelco and On-Net Surveillance Systems Inc., the Honeywell softwarepackage does not integrate an NVR per se, but is designed to bring

OCTOBER 2008 | SECURITY PRODUCTSS10

More than 15 million travelers pass

through the airport each year, placing

Miami International in the top 30 worldwide

in terms of handling passengers.

together multiple DVRs, NVRS, digital andanalog cameras, and other client devices—from Honeywell and other vendors—undera common management platform.

But Honeywell goes one step further.Ultimately, it sees the high-level videoplatform merging with its access platformto become a single point of security andsurveillance management. The video man-agement system tightly integrates withHoneywell’s Pro-Watch security manage-

ment system for access control and man-agement, to the point to where they near-ly handshake. “They share common ser-vices,” Blasofsel adds, referring to code-level software and functions. “They canshare common servers. They eventuallywill form one platform.”

For example, the video and access

control platforms can work in tandem toensure there can be video recording and retrieval of all card access entries. It caneven do credential imaging if credentialingis part of access policy, Blasofsel says.

Honeywell also provides analytics,an integrated database manager andATM/point-of-sale support with the sys-tem. The software runs on Windows XPand Windows 2003 Second Edition and En-terprise Edition. It can connect to variouslarge-scale storage platforms, includingiSCSI RAID from Honeywell, Blasofseladds. Application protocol interfaces areavailable, and a software development kitis under development.

Other features include:• Operator messaging feature enables data

sharing of incidents among operators.• Auto-discovery of cameras connected

to Honeywell Rapid Eye, Fusion andEnterprise recorders.

• User-defined macros that can executecommon operations.

• Video pursuit made possible with motiondetection sensors in surrounding cameras.

• Digital zoom from PTZ and fixed cameras.• Ability to investigate events and alarms

by simultaneously viewing alarm videosat various stages. For every alarm, userscan view the video captured during pre-alarm, on-alarm and post-alarm, as wellas view live video from the camera thattriggered the alarm.Honeywell licenses the product on a per-

interface basis. For example, once the userpurchases a license to use the interface fora specific NVR, there is no limit on thenumber of those NVRs the user can attach,Blasofsel says. The platform is highly scal-able from smaller enterprises up through“power surveillance users,” he adds.

The software has been in beta testing formost of this year, Blasofsel says, althoughhe declined to disclose any customers. Thepackage is aimed at airports, seaports, largemultisite commercial buildings, casinos andother high-profile facilities, he says.

OCTOBER 2008 | SECURITY PRODUCTSS12

Honeywell is positioning its VMS as a “top box.”

Powerful, Flexible Client Software• One, easy to use

interface controlseverything

• Compatible withWindows, Linux and Macintosh

Latest Technology Integration• H.264 cameras• Multi-megapixel

cameras• Easily connect to

mobile devices likeiPhone and BlackBerry

• Accessible via allmajor web browsers

• Video analytics

Cost Efficient• Connect analog and IP

cameras to one server• Simple IP camera licensing• Scalable: multiple servers

from a single client• 1-Year free software

upgrades, 3-Year warranty

Complete IP VideoSurveillance Solutions

Hybrid Sytems • NVR Systems • NVR Software

www.exacq.com • 317.845.5710

Designed and manufactured in USA.

Project1 9/9/08 8:39 AM Page 1

Circle 207 on card.

IP SPEAKS CLEARLY IN MASS NOTIFICATIONNew solutions add wide range of networked applications

By Sharon J. Watson

IP SPEAKS CLEARLY IN MASS NOTIFICATION

How do you tell potentially thou-sands of people how to avoid animminent threat?

At Cleveland State University, firealarm panels in 84 buildings will con-nect via the school’s fiber backbonenetwork. Using a central controller,the school will be able to issue a net-work-wide warning or to send a

S14

OCTOBER 2008 | SECURITY PRODUCTSS16

message to one building, a specific floor or a single classroom. Thesystem, from SimplexGrinnell, includes Web-based instant messagingto alert students, faculty and parents off campus.

That’s a snapshot of a modern mass notification system—notone tool or product but a security solution encompassing an in-creasing range of networks and applications, many of them Inter-net protocol-based.

“This market is going through an IP-driven transition and evo-lution,” says Guy Miasnik, president and CEO of AtHoc, aBurlingame, Calif.-based firm providing enterprise-class MNS tomilitary and private-sector clients.

IP is driving the MNS evolution because it enables integrationof a wide range of security and business-oriented systems that maythen feed to the MNS. The Department of Defense recognizes thisability in Appendix C of its Universal Facilities Criteria 4-021-01document that details the promise of “net-centric alerting systems”for emergency notification uses.

The appendix acknowledges the ubiquity of IP-based technolo-gy throughout public and private entities as well as IP networkingand integration opportunities. It encourages DOD facilities toadopt IP-centric notification solutions—and education, industrialand business users are incorporating the UFC language into theirown MNS requests for proposal, say vendors.

MESSAGING MATTERSThe higher education market, reacting to highly publicized campusshootings, has driven the market in “software as a service” messag-ing-based MNS, say vendors.With SaaS, the vendor hosts the appli-cation on its own remote servers; the client accesses applicationsby the Web or virtual private network.

For MNS, these solutions primarily use IP-based networks andcommunications protocols, like wireless short messaging service,to deliver emergency notifications to personal communicationdevices, including cell phones, landline phones, PCs, e-mail, PDAsand pagers. Many can convert text to voice as well as send mes-sages in multiple languages.

Most vendors offer Web-based interfaces for creating messagingalerts. “The system has to be easy to launch,” says Ann Chamberlin,sales director for channels at 3N Global, Glendale, Calif., which pro-vides messaging solutions.“It can’t require an IT person.”

Some messaging systems allow individual users Web access forupdating and managing their personal contact information. Oth-ers query corporate personnel databases, such as Microsoft’s Ac-tive Directory or Oracle. Most enable administrators to groupmessage recipients into logical categories—by floor, dormitory,function or schedule. Heartland911, a New York-based nonprof-it, uses an MNS from Universal Alert, Newark, N.J., to query itsdatabases for volunteers with required skills to respond to nat-ural disasters.

These one-to-many systems have the advantage of being easy toimplement. “You deploy once, centrally, on the network,” Miasniksays, giving an MNS wide coverage quickly, yet cost effectively.

Messaging systems can vary significantly in terms of infrastruc-

Know Your Fire Panel Is there a mass notification system hidden in your facility?

“Most don’t realize the huge potential they already havein place with their fire alarm system,” says Tom Giannini,CPP, director of security and emergency communicationsmarketing at SimplexGrinnell. “It offers a layered technol-ogy approach and lets you leverage your infrastructure fora comprehensive plan.”

The word is getting out about fire alert systems-basedMNS. National Fire Protection Association members arereviewing a new, draft chapter for the National Fire AlarmCode (NFPA 72). Known as Chapter 12, “Emergency Com-munications Systems,” and drawing from the Departmentof Defense’s UFC document, the chapter lays out specifica-tions for when code-compliant fire alert systems could beused for “routine, frequent use” and when an MNS alertcould take priority on such systems.

“The fire alarm system has always been sacred ground,”says Peter W. Tately, sales development manager, MNS, atSiemens Building Technologies. “Chapter 12 opens thedoor to using it for additional purposes.”

Modern fire alert systems can incorporate paging,horns, sirens, speakers, preprogrammed voice announce-ments and LED screens, most now restricted by fire codesfor use only in a fire emergency. Highly survivable tokenring networks connect fire panels, many of which are IP-ad-dressable and can be managed from a central workstation.Further, they are routinely inspected and tested. All ofthese qualities make the fire alert system a natural focalpoint for MNS and beyond, say some vendors.

“In 2010, as horizons broaden, the fire control panel be-comes the centerpiece,” Giannini says. He says increasingthe functionality of the fire control panel is the most cost-ef-fective way to implement MNS as well as enhance security.

Other vendors expect fire alert systems to remain inde-pendent while communicating with other systems via IP.“The fire system really needs to retain primacy as a lifesafety system,” says John Weaver, director of marketingfor Gamewell-FCI in Northfield, Conn.

Some entities may prefer to use their existing IP corpo-rate backbone networks for MNS, say vendors.

“There’s no [regulatory] code associated with mass no-tification, so customers want to use their existing net-works,” says Fred Santos, senior product manager, sys-tems marketing, Siemens Building Technologies. “You cancommunicate easier with IP.”

“Today, people are more comfortable with the network formission-critical applications,” says Guy Miasnik, presidentand CEO of AtHoc. He points out many corporate networksare now built with redundant routers and data centers.

It’s an open question whether local fire officials could re-quire IT networks used for MNS purposes to meet specificsurvivability and availability requirements—and how thoserequirements might compare to the ones fire alert systemnetworks meet.

ture robustness and redundancy. That’strue in part because some systems nowbeing marketed as MNS originally weredesigned for non-emergency functions,such as paging groups of employees orsending desktop alerts.

Throughput also can be an issue for lessrobust messaging systems. Sometimeslower prices mean the vendor is using anon-guaranteed service level from telecomproviders—so a time-critical message maytake hours or even days to arrive.

Questions to ask include how many

servers a vendor operates, where these arebased, what its survivability strategy is,how many telecom lines it has available,how quickly messages are sent and howoften it upgrades its key system compo-nents, says Mark Bomber, strategic prod-ucts manager for ADT Security Services,Boca Raton, Fla.

“We actively replicate data across allour data sites,” says Marc Ladin, vicepresident of global marketing for 3NGlobal. The company, which supplies mes-saging solutions to SimplexGrinnell, runsmultiple data centers across the UnitedStates and Canada, with each of thosesites protected by extensive security mea-sures, he says.

GREAT VOICE STILL SPEAKSHowever, even with redundant data serversand dedicated lines, if a recipient’s cellphone or PDA is not enrolled in the systemor is turned off—a requirement in manyclassrooms—the one-to-many personalmessage fails.

“We’ve seen institutions that have pur-chased these systems and find text messag-ing isn’t enough,” says Tyler Johnston, di-

rector of marketing development, MNS, atCooper Notification, Long Branch, N.J.

“You’ve got to work the Web messaginginto the overall MNS strategy,” says PeterW. Tately, sales development manager,MNS, at Siemens Building Technologies,Buffalo Grove, Ill.

A comprehensive MNS strategy, vendorssay, includes one-to-many personal messag-ing as well as components typically associ-ated with fire alert systems: visual displays,sirens, horns and loudspeakers capable ofprojecting intelligible “great voice” mes-

sages over significant distances. Large edu-cation or industrial campuses might needto cover athletic fields or parking areaswith wireless networks.

The University of California at Los An-geles, an AtHoc client, has an MNS that in-corporates traditional fire emergency de-vices like sirens and horns and also uses anIP network to communicate to all types ofmobile and desktop devices. Further, IPtechnology integrates the IP tools, fire sys-tem and radio to a unified console.

“They’ve achieved a very high level ofredundancy in the way communicationgoes out to people,” Miasnik says.

“One solution doesn’t fit all scenarios,”Cooper’s Johnston says. “If you have multilayered systems, you can target your audiences and give each group specific instructions.”

ONE SYSTEM, MANY TRIGGERSVendors report that many customers askthem to integrate MNS to other internaland external systems, ranging from indus-trial sensors to local police departments.

“We see more technologically advancedcustomers saying they want as many oftheir systems to be interfaced as possible,”says Tom Giannini, CPP, director of securi-ty and emergency communications market-ing for SimplexGrinnell.

OCTOBER 2008 | SECURITY PRODUCTSS18

Some messaging systems allow individual users

Web access for updating and managing their

personal contact information. Others query

corporate personnel databases, such as

Microsoft’s Active Directory or Oracle.

Planning For The WorstA mass alert will be effective only if it’s been well thought out in advance, all ven-dors agree. Clients must consider what threats—natural, criminal, terrorist—theyface as specifically as possible and what their responses to those threats would be.That includes knowing how messages would be worded, how they would be deliv-ered and to whom.

Answering these questions helps define the true scope of a client’s MNSneeds, says Mark Bomber, strategic products manager, ADT Security Services.He says some messages must reach just a few key people empowered to act onthem and an existing access control or video management platform may alreadyaccomplish this. “We might be able to implement existing procedures, notrewrite them,” he says.

“Utilize triggers and information points to create event-driven scenarios forMNS,” suggests Tyler Johnston at Cooper Notification, director of marketing de-velopment, MNS. He notes IP-integration enables systems to trigger actions aswell as messages, such as closing a gate and activating cameras.

Some vendors, including 3N Global and AtHoc, offer clients prepackaged re-sponse templates tailored to potential situations in vertical markets, such as mil-itary, higher education and industrial. These can be starting points to help clientsdevelop comprehensive MNS strategies.

“By having precreated messages based on best practices, there’s a betterchance people will take the right actions,” says Marc Ladin, vice president ofglobal marketing for 3N Global.

S20S20 OCTOBER 2008 | SECURITY PRODUCTS

Systems triggering the MNS range fromNational Oceanic and Atmospheric Ad-ministration weather bulletins to haz-ardous materials sensors to security sys-tems such as access control and video ana-lytics. Giannini says a fire system could trig-ger video cameras to switch on at high res-olution to record an area where a smokealarm is active.

Such integration is relatively easy toachieve, provided the other systems also

use common IP protocols, including RSS,XML and CAP. Vendors may provide soft-ware application protocol interfaces, mak-ing it easier for third parties to integratewith their systems.

“What we see is MNS becoming a com-ponent of a complete physical security ar-chitecture,” Miasnik says. “The notificationspace opens a path to a more comprehen-sive security solution.”

The flexibility of an IP-based MNS

also leads clients to use their systems fora variety of non-emergency purposes,vendors say. For instance, Raytheon usesits system for multimedia video presenta-tions to specific business units; Boeinghas added an RSS news feed. Both areAtHoc clients.

One Siemens healthcare client imple-mented an MNS for fire alarms and thenrealized it could be used to manage cer-tain clinical procedures and physician on-call schedules. “They’ve found three orfour daily use applications when the origi-nal goal was emergency use,” Tately says.

Some consultants worry daily use of anMNS could dull its impact in an emergency.Vendors, however, say using the systemoften helps administrators be comfortableand familiar with it instead of coming to itcold during an incident. In addition, emer-gency communications can easily be de-marcated so they are not mistaken for aroutine message.

“Our system provides capabilities to cre-ate different user experiences based on thetypes of data coming in,” Miasnik says.

That range of user experiences madepossible by an MNS means many functionsshould be represented in MNS implemen-tation specifications, say vendors. These in-clude facilities, security, IT, business conti-nuity and upper management.

“You really need them all in the room tofigure out how to cover all the constituen-cies,” Johnston says.

Sharon J. Watson is a freelance writer based in Sugar Land, Texas.(sjwatson@experteditorial.net)

Since 2001 Brussels Airport

has relied on IndigoVision’s IP

Video for CCTV Surveillance

7 Years - Field Proven

700+ Cameras

40 Workstations

1 Integrated Solution

IP Video and Alarm Managementwww.indigovision.com

Project7 9/5/08 11:11 AM Page 1

Circle 212 on card.

The flexibility of an

IP-based MNS also leads

clients to use their

systems for a variety

of non-emergency

purposes, vendors say.

business district. Now, several hundredmore cameras are being added, along withsophisticated analytics from IBM, and thecity is moving to exploit IP’s superior flexi-bility in tying together many disparatetechnologies located across the city’s 237square miles.

One example: In addition to viewingscenes and incidents via the city’s ownstreet-mounted cameras, Chicago safetyand law-enforcement officials also can se-lectively harness private video surveillancenetworks. The set-up mirrors the net-worked video surveillance system in Lon-don that proved successful last year in pre-venting a car bomb detonation in the WestEnd and identifying the suspects (see “TheLondon Eyes,” November 2007).

Argiropoulus declines to state howmany video networks are available to hiscommand centers, but he cites the SearsTower, the Board of Trade and Blue CrossBlue Shield of Illinois buildings as typicalexamples. At the city’s request, each loca-tion’s private video net can securely con-nect via a virtual private network concen-trator to the city’s own surveillance system.Software supplied by Genetec, St. Laurent,Quebec, melds the city and private videostreams to create the illusion of a seamlesswhole. Staffers at the city’s emergencycommand and control center can readilyswitch between views as needed and bringup related information on the city’s 911emergency map.

“IP enables us to create a single solidvideo solution” from potentially many dif-ferent video sources, Argiropoulus ex-plains. “It enables us to gel video packetswith some highly sophisticated applica-tions, too.” He offers the example of plumemodeling—a computer-based method forpredicting how, say, poisonous fumes re-leased by an overturned tank truck will dis-perse over time. By combining the outputof such a program with imagery from aPTZ camera on or near the scene, safety of-ficials can determine how best to get emer-gency crews to the accident site and how toevacuate. “We can sweep the appropriateareas and get a more granular idea of

exits,” he says.IP enables more than just melding dif-

ferent data sources. In addition to operat-ing its own extensive fiber-optic networkand telephone company, the city of Chica-go has arranged to distribute safety-relateddata feeds via satellite links. Using leased,24/7 satellite capacity, the city can delivervirtually any amount of real-time traffic toa fleet of custom-designed mobile com-mand centers. These $2 million vehicles canbe driven to wherever the police and firedepartment may need them.

“We can put PTZ cameras right there onthe scene,” Argiropoulus says.

Achieving that mobile broadband con-nectivity, however, took some doing. Thechallenge: how to overcome the 1-second la-tency incurred as signals travel the 44,500-mile roundtrip to outer space and back.That

delay’s enough to cause data packets to bedropped and thereby interfere with voice,video and other real-time traffic.

“We can’t afford to have our applica-tions hanging” because of latency, Ar-giropoulus says.

The solution proved to be a satellite-linkemulator supplied by the Office of NavalResearch, with which Argiropoulus and histeam had previously developed close rela-tions. They used this test gear to “tweak theIP stack,” he says. Now, the satellite linkslook like local wireless connections or Cat-6 cabling in terms of providing near-zerolatency. “We had to do what the militarywould do, and we take a lot of pride” instreamlining the satellite links, Ar-giropoulus says.

In addition to the fiber-optic network,Chicago is employing a wireless mesh net-work to backhaul video streams from itsstreet-mounted cameras. More than 500

transceivers, supplied by Firetide, LosGatos, Calif., use licensed spectrum in the4.9 GHz band to provide 85 megabits-per-second of IP bandwidth. Meanwhile, thecity is experimenting with WiFi as a way tosend streaming video and other security-re-lated data to laptop computers and otherdevices out in the field.

IP GOES TO SCHOOLIP technology’s helping smaller cities toachieve high-grade security, and it’s helpingspecific agencies within those cities.Schools in particular are adopting the tech-nology to beef up surveillance while copingwith limited capital budgets.

Take the Deer Park Independent SchoolDistrict, serving 12,200 students in theHouston metropolitan area. It has wired itsfour junior high and three high schools

with IP-based video surveillance networksfrom locally-based LenSec that replaceaging and somewhat awkward VHS tape-based setups. By opting for an IP system,says Don Dean, deputy superintendent, thedistrict is able to gain substantial opera-tional efficiencies and prepare for possibleaddition of new devices and technologies.

Taking advantage of IP video’s ability todisplay on standard PC screens, for instance,the district provides comprehensive cover-age of its campuses without incurring thecosts of a full-time monitoring staff. Insteadof sending video to a central location, thestreams from as many as 100 cameras in asingle school are divvied up between a num-ber of full-time administrative personnel al-ready working in that facility. Dean explainsthat most problems in public schools occurjust before school begins, during the timebetween class periods, at lunch and immedi-ately after school. So, at each of those limit-

WWW.SECPRODONLINE.COM S23

Mark Denari, director of aviation security and public safety at San Diego International Airport, quickly rat-tles off a list of advantages when asked about using IPwith security systems.

“Moving to IP means more simplified systems with fewer controlsand fewer boxes to contend with,” Denari says. It’s easier to attachdevices to IP networks and get applications to share data, he adds,but with their fine-grain addressing schemes, it’s also easier to limitaccess to those devices and applications on a selective basis.“We seeIP systems as the way to go,” he says. “Clearly, digital technologygives a greater degree of flexibility, alacrity and effectiveness.”

Denari’s enthusiasm is evident across the government sector.From San Diego to Houston to Chicago, airports, school districts,

educational campuses and entire cities are embracing IP as a net-working and operational platform.

IP-POWERED SHIELDEasily one of the world’s most ambitious municipal video surveil-lance systems is the city of Chicago’s Operation Virtual Shield.And it’s putting IP to the test across a wide spectrum of technolo-gies and applications—serving as a showcase for both suppliersand the Department of Homeland Security.

The project’s first phase saw the installation of several hundredPTZ cameras around what Jim Argiropoulus, acting executive director of the city’s Office of Emergency Management and Com-munications, calls “especially hot areas” of the city’s downtown

OCTOBER 2008 | SECURITY PRODUCTSS22

From Chicago to San Diego to Houston, networked security strengthens surveillance, perimeter protection and threat detection

By John W. Verity

PUBLIC SECTORPROTECTION

Chicago is moving to exploit IP’s superior

flexibility in tying together many disparate

technologies located across the city’s

237 square miles

ed periods of time, paraprofessionals such assecretaries and assistant principals stop theirregular work and, using a dedicated PCmonitor on their desks, watch activities atschool entrances and in hallways and com-mon areas.

“There’s no empirical data, but we be-lieve a lot of issues of student-on-studentdisturbances have been reduced becausestudents are educated to the fact that wehave these cameras in place,” Dean says.

The IP surveillance—running on the

same Ethernet cabling that conveys the dis-trict’s traditional IT traffic—also makes itpossible to send live video directly to policeand fire safety officials, Dean adds.

IP TAKES FLIGHTFeeling more pressure than schools to im-prove their security are airports, which arereaching for IP-based solutions, too. Thecore strategy of airport security is summedup as detecting threats, delaying thosethreats (with fences and screening proce-dures, for instance) and responding withlaw enforcement personnel. It’s mainly inthe detection of threats where technologywill play a growing role, replacing humanoperators with various forms of automa-tion that can share information and act in acoordinated way.

San Diego International Airport providesa good example of how airports are count-ing on IP to help in this regard. In mid-June,the airport chose a consortium of three com-panies, led by Munich, Germany-basedSiemens, to implement a $4 million upgradeof its physical security systems, with IP pro-viding connectivity and fostering integrationof numerous types of sensors and devices.Possibly $9 million more may be spent in the future.

“We can’t rely on humans,” securitychief Denari says, to improve the detection

of threats and achieve what he calls “air-port domain awareness.” Instead, “we needto maintain situational awareness by lever-aging technology and integrating data frommultiple sources.”

Consider how the airport plans to useradar—not to watch aircraft but to detectpeople and ground vehicles approachingthe airport’s sprawling perimeter. Thanksto IP networking, Denari says, it will be rel-atively easy to pass radar-generated alertswith those from other types of sensors, such

as thermal-imaging cameras, to a centralpoint for analysis. The key will be a so-called fusion engine, a computer speciallyprogrammed to rapidly collect and, usingpreset rules, analyze and even act on manystreams of live data at once. San Diego haschosen such a product from ProximexCorp., Sunnyvale, Calif.

“If data from two different kinds of sensors indicate evidence of a suspiciousvehicle penetrating our perimeter, the fu-sion engine would send a single ‘target in-bound’ alert to the operations center,”Denari explains. Among the other tech-nologies that might feed into this mix areshock sensors, buried fiber optics (able todetect movements on the ground above)and infrared video cameras. All, Denalisays, will be provided in products that areIP-ready out of the box. “We’re reallyworking from the outside in, with everypiece of the network being IP-centric.”

Video surveillance will surely play a keyrole in the airport’s future. Today, some 350cameras are in use, but that number couldeventually top 1,000, Denali says. Perhapsmore important than numbers, though, willbe increased video “intelligence.” Untilnow, he says, video has been largely a back-ward-looking tool, able to record events forlater forensic analysis. But emerging ana-lytic methods that autonomously detect

anomalies aim to make video much moreuseful for providing real-time informationabout an immediate potential threat.

In certain cases, analytics will run withincameras, in others that will be left toservers located upstream on the IP net-work. For instance, a camera able to detectno activity in a baggage-screening roommight stop sending its images to a serverfor storage. Where it’s necessary to auto-matically recognize and look up licenseplates on cars at a gate, the analysis mightbe left to a server.

PROPRIETARY IS OUTSmaller airports are adopting IP, too, if onlyto reap the benefit of hardware savings. AtOrlando Sanford International in Sanford,Fla., security and police chief Bryan Garrettsays he’s fed up with proprietary securitygear. Certain legacy manufacturers, he says,have become notorious for bidding low towin government contracts, only to chargerelatively high prices for add-on gear oncethe customer is locked in. Or, by discontinu-ing certain product, they might force cus-tomers to pay for unwanted upgrades.

With IP, Garrett says, “I can choose from50 [network] switch makers. IP saves us alot of money by taking the proprietary na-ture out of vendors. There’s no reasonthings have to be proprietary.” In one case,he recalls, video camera supplier Verintdidn’t respond to some of the airport’stechnical needs, so Garrett turned toGenetec.There was no need to change any-thing at the network’s head-end, he says.“All we had to do was reflash somefirmware. We were all done in two days.”

Orlando Sanford, expecting to servesome 2 million domestic and internationalpassengers this year, has about 300 surveil-lance cameras installed, many of them ana-log. But from now on, all new cameras,Garrett says, will be IP-ready, as will everyother physical security device that needs tobe networked. “We’re always looking forbetter, cheaper ways of doing things, andright now, that means IP.”

John Verity is a freelance journalist based inMaplewood, N.J.. He can be reached atjohn@jverity.com

OCTOBER 2008 | SECURITY PRODUCTSS24

‘We need to maintain situational awareness

by leveraging technology and integrating

data from multiple sources.’

—Mark Denari, San Diego International Airport

Security Executive Council, a Marietta,Ga.-based professional association ofCSOs. ERM is about protecting the assetsof the corporation. What’s new is that,because of compliance laws designed toprotect corporate shareholders such as theSarbanes-Oxley Act, ERM has seniormanagement attention.

“A lot of this was done internally, but itdidn’t go very high in the organization,”Hayes says. “Now it has to be reported andmonitored by the board.”

A CONVERGENCE DRIVERERM also goes hand-in-hand with conver-gence. First, there’s convergence from amanagement perspective. Once seniormanagers get involved, they look at how se-

curity operations can be applied to abroader ERM strategy that takes in fi-nance, information technology and evenmarketing and branding.

“What’s changing is that the board andexecutive management are looking at allhazards and all risks and asking for a planthat handles all,” Hayes says. Business con-tinuity, disaster recovery, emergency plan-ning, supplier disruption planning, weatheremergency planning and crisis manage-ment planning, which may all have oncebeen independent processes, are unifiedunder one plan.

This process is not much of a shift forCSOs in the Fortune 1000, Hayes says, butfor some in the “Fortune 50,000,” it can bevery different. “It’s new for companies thathave never done this before,” he says.

BROADER ROLE FOR CSOFor security professionals, ERM presentsnew opportunities.

“The CSO needs to assist in crafting asecurity policy plan,” says Mario Sanchez,chief security architect for Hewlett-Packard’s ProCurve unit, Palo Alto, Calif.Questions of risk must be viewed from aholistic perspective that addresses both theprotection of tangible assets—people andproperty—as well as intangibles such asbrand equity.“It’s a process, not a product,”Sanchez says.

John Szczygiel, president of Mate Inc.,McLean, Va., the U.S. subsidiary of Israel’sMate Ltd., agrees. “ERM forces a CSO toput the security investment in the contextof a number of possible risk responses,” he

says. Those responses cross IT, human re-sources, financial and legal departments.Asa result, risk becomes more broadly de-fined, Szczygiel says.

Szczygiel, who is also vice chairman of theOpen Security Exchange, a cross-industryforum promoting platform interoperability,says another change is that many CSOs now

must create a business case for their invest-ments. That means assessing the impact of anegative event, delineating methods to han-dle the risk and articulating the cost.

Szczygiel offers key questions: “What’sthe right place to protect? Where is the riskto expose? Can you weigh business objec-tives against the corporate risk appetite?”A CSO who can supply a board with theanswers to these questions can end upbeing elevated to a position where he orshe is creating solutions that allow the busi-ness to expand, Szczygiel says. He advisesCSOs not to view the business case re-quirement as just a layer of overhead but asan opportunity to work “elbow to elbow asa partner” with other executives in creatingand protecting value for the company andits shareowners.

CONVERGED AND OPENAlong with organizational convergencecomes technology convergence. ERM ar-guably would not be possible without theconvergence of physical and logical securi-ty. “When people talk about ERM, evenwithout realizing it, it turns into a conver-gence discussion,” says Fredrik Nilsson,general manager with Axis Communica-tions Inc., Chelmsford, Mass., the U.S. unitof Sweden’s Axis Communications AB.

The integration of physical and logicalsecurity stimulates a process that is greaterthan the sum of its parts. IP integration al-lows CSOs to network surveillance, accesscontrol and system sensors to derive infor-mation that can be used to create morebusiness value and efficient operations.

Data from converged systems also enablesbetter risk identification, evaluation andmanagement.This in turn leads to addition-al IP integration of security systems. It’s avirtuous circle.

It’s almost a given that there is a robustIP network within the enterprise to supportconvergence, says Nilsson, who argues

WWW.SECPRODONLINE.COM S27

Chase Farms in Walkerville, Mich.,didn’t plan to turn video surveil-lance into a risk management tool;it just happened.

The agricultural producer originally setout to watch over a seasonal work force bypositioning Internet protocol (IP) cameraswherever they were needed. Because thecameras recorded the pace and volume ofeach day’s harvest and processing, the num-ber of laborers working specific fields andthe number and frequency of truck pick-ups,Chase realized the cameras were providinga wealth of information it could use to moreefficiently manage business operations.

With quantifiable numbers, Chase couldbetter anticipate labor requirements, matchshipments to hourly volume, reduce waste,

increase safety and compliance and trainnew workers faster. Savings from all ofthese improvements plummeted to the bot-tom line. Beyond reducing Chase Farms’exposure to theft and other physical securi-ty vulnerabilities, the process contributedto measurable reductions in workplace ac-cidents, emergency response time, andproduct spoilage and loss.

Security tools such as video cameras,management software and analytics applica-tions once perceived as purely surveillancetools now have a key role in managing cor-porate risk, says Eric Fullerton, president ofthe U.S. office for Milestone Systems A/S,Brøndby, Denmark, which supplies videomanagement software to Chase Farms.

Enterprise risk management is one of

many buzzwords bandied about the execu-tive suite these days. Because it is often an ill-defined term, it can be intimidating to chiefsecurity officers who suddenly find them-selves part of an ERM initiative emanatingfrom the corporate board. In truth, oncelaunched, ERM is a fairly simple process.Most companies have ERM principles inplace, although they may never have beenidentified or qualified as such. Nonetheless, asudden directive from the executive suite, ac-companied by few details, that departmentmanagers collaborate on an ERM plan canadd pressure and confusion.

But it shouldn’t be overwhelming. ERMmight be the new watchword of the day,but it is what security has done for years,says Bob Hayes, managing director of the

OCTOBER 2008 | SECURITY PRODUCTSS26

ERMDemystifiedEnterprise Risk Management Opens New World for CSOs

By Steven Titch

ERM might be the new watchword of the day,

but it is what security has done for years.

using IP-based products is the best way tomanage security convergence.“It’s the onlyway to ensure the operation is keeping cur-rent with technology evolution,” he says.

Milestone’s Fullerton emphaticallyagrees. “A CSO must choose a truly openplatform to get best-of-breed. No onetoday knows what the best piece of equip-ment will be tomorrow,” he says. “That’swhy it’s important to choose an ecosystemwith partners that play together.”

“They must be able to incorporate thebenefits of new technology when it comesalong,” adds Fred Wallberg, director ofmarketing for the Americas at Milestone.

SEC’s Hayes, however, advises end usersnot to get too caught up in breathless ven-dor pitches.They still should consider costs,and even a sound ERM program doesn’tnecessarily call for a forklift overhaul.“Would I put in an all-new system for thatreason?” he asks. “No.”

Hayes advises that CSOs begin with sys-tems that help them assess the threats theyface and how they are prepared to handlethem. “I think there are products that willhelp,” he says.

ANALYTICS AND OTHER TOOLSHayes is referring to analytics and situationawareness tools, which sit on top of a securi-ty system and gather information that can beanalyzed and mined for security weaknessesand vulnerabilities. Users then set policiesand procedures via the software that identifyand confirm a threat or emergency and en-sure a proper response. Vendors includeOrsus, New York, and Or Yehuda, Israel;

ioimage, Herzliya, Israel; and Mate.Analytics and forensic tools also can help

strengthen the all-important value proposi-tion, says Divr Doron, vice president of mar-keting for ioimage. Analytics, he says, pro-vide statistical information for aggregatingtypes of threats and their causes, a key ERMdata set. “It is instructional in providing in-formation patterns—high-risk sites, high-risk time frames,” Doron says.

This approach can be especially effec-tive in achieving cooperation and buy-infrom IT security counterparts, who al-ready are accustomed to making procure-ment cases through identification and cat-aloguing of events, adds John Whiteman,ioimage’s vice president and general man-ager for the Americas.

“The equipment a CSO has becomesmore valuable to the organization. All of asudden you can extract value from that,”says Rafi Bhonker, Orsus’ vice president ofmarketing (see “Finding Danger in theData,” April 2008). Situation managementsystems allow CSOs to map the risk con-cepts, he says.

“The platform takes the ERM conceptand implements it in a way you can use,”Bhonker says. Consultants are big on the“book”—the binder that describes top tobottom security policies—but in the heat ofthe moment, Bhonker says, “no one’s goingto open the book.”

STAY ON TARGETThreats and vulnerabilities are alwayschanging. That’s why CSOs must work tounderstand not just security issues purely

related to physical protection but also thelarger risks their organizations face. Securi-ty at a defense contractor or pharmaceuti-cal company might be excellent at stoppingtrespassers or blocking a denial of serviceattack but fail to recognize other threats.

“The threat landscape is more profes-sional,” ProCurve’s Sanchez says. “Attacksare elegant and finessed.” For example,someone may use a password-guessing pro-gram to log on to a corporate network, orthey may simply try to walk off with a lap-top or flash drive left in an unsecured area.

“People are after information, not to takedown the network for the sake of doing it,”Sanchez says. “It’s important not to remainstagnant in the ever-changing environment.”

But there’s no reason this should hap-pen, Bhonker says. Because of ERM, enter-prises are making security a strategic partof the organization. “ERM is an issue toeveryone,” he says. Certain verticals—transportation, seaports, airports, rail-roads—are ahead of the curve because oftheir high-profile vulnerability. But ERM-driven convergence is visible in the grow-ing trend of end users investing in interop-erable video, access control, radar, infraredsystems, emergency notification, analyticsand situation management.

“Two years ago, no RFP addressed this,”Bhonker says. “Now there are RFPs thatare very specific as to how the end userwants all their technologies to work in acoordinated manner.”

Steven Titch (titch@experteditorial.net) iseditor of Network-Centric Security

OCTOBER 2008 | SECURITY PRODUCTSS28

The New Risk Management Matrix

Chief Security Officer

Chief Information Security Officer

Chief Financial Officer

General Council

Protection and safety of personneland property

Protection of information assets

Sound budgeting, accounting andgeneral fiduciary practices

Protection against civil and criminallegal liability

TheftAttackContingency planningDisaster recovery

Specific regulatory complianceShareowner relationsProcurement review and approvalVendor and partner selection

Shareowner value

Brand protection

External and internal fraud protection

SOX and other general legal compliance

Position Individual ERM Responsibilities Common ERM Responsibilities

WWW.SECPRODONLINE.COM OCTOBER 2008 | SECURITY PRODUCTS

5 Video ServerStarDot Technologies has introduced the Express 2 video server.It features a single input video channel at 30 fps D1 resolution with loopingoutput. With the press of a button, the BNC connectors both become inputs,turning a single input video server into a dual input video server.The devicealso supports S-video.

3 Wireless Surveillance SystemAVerMedia Technologies Inc. has unveiled a video surveillance system that combines anNVR, a wireless router and four preconfigured wireless IP cameras.

The EB1704HB WiFi-4 standalone NVR surveillance system offers an innovative surveillance system for residences, small businesses and convenience stores. By usingplug-and-play IP connectivity and compatibility, the system can be installed and configured in less than 10 minutes, the company says.

The wireless video system can be connected to virtually any CCTV, LCD or TVmonitor with real-time recording and advanced MPEG-4 compression. Onboard intelligence lets motion detection, smoke detectors and other external sensors beadded. Alarms can trigger an alert to a cell phone, PDA or remote computer.

Sagem Morpho Inc.’s Morpho RapID 1100 line of mobile biometric devicesintegrates a larger screen, a keyboard, enhanced wireless communication capabilities and digital cameras to support facial recognition.

The Morpho RapID 1100 is built on the Psion Teklogix iKon, a rugged,dust- and rain-resistant PDA. Wireless communication options include WiFi,cellular and Bluetooth with GPS localization. A 500-ppi forensic-qualityruggedized scanner captures digital images of a suspect’s fingerprints. UsingSagem Morpho Automated Biometric Identification System technology, theprints are instantly compared against an onboard watch list of up to 180,000records or transmitted wirelessly for automated identification against a centralized database. Mug shots can be captured with the integrated 2 megapixel camera for facial recognition.

4 Biometric Identification

OCTOBER 2008 | SECURITY PRODUCTSS30

1 LPR Links with Situation ManagementHi-Tech Solutions Ltd., a developer of optical character recognition com-puter vision systems, and Rontal Applications Ltd., a provider of incidentmanagement and operational continuity systems, have introduced EagleEye, a comprehensive system for real-time tracking, monitoring and surveil-lance of vehicles on campuses, complexes and compounds. Eagle Eye com-bines HTS’s license plate recognition devices and Rontal’s SimGuard inci-dent management system.

Eagle Eye’s LPR devices can be deployed at entrance gates and variouslocations including airports, seaports, train stations, industrial parks, militarycamps and universities. The LPR devices are connected to SimGuard. Whena vehicle crosses the first LPR device, it is recorded in SimGuard’s database.If the vehicle crosses the main gate and fails to cross the next expected LPRdevice, the system shows the vehicle’s whereabouts by marking the area onSimGuard’s situational awareness 3-D display of the site. Operators canthen track the suspected vehicle while maintaining full situational awareness and, if necessary, direct a response to the exact location.

Bosch Security Systems has released the VIP X1600 XF, a multichan-nel codec with high-speed fiber connectivity.

The XF series is designed to increase network connectivity andvideo storage options for end users. The devices feature a 1 GB/s Ethernet port on the rear of the base units and two Ethernet portsand a 1 GB/s pluggable optical transceiver slot on the front. Theseallow for system designs that incorporate direct connection to aniSCSI storage array or fiber connection to a remote storage area network, among others, and make inside-rack cabling easier.

2 Codec with Fiber Connection

OCTOBER 2008 | SECURITY PRODUCTSS32

6 Low-profile TransmitterNapco Security Group has introduced a low-profile transmitter designed to mount unnoticed in slimline-type window frames.The GEM-TRANSLPmeasures 2.5 x 1 x 0.5 inches and comes with one replaceable lithiumPL2032 coin cell battery. An internal reed switch and 24-inch external miniconnector pigtail lead also are included for wiring jumper-selectable exter-nal devices. The transmitter is designed to support alarms, access controlsystems and video and electronic digital and proximity locks.

7 802.11 Access Point

8 Facilities Management SoftwareContinental Access has introduced a facilities management soft-ware suite for government users. CardAccess 3000 softwaresupports FIPS 201, TWIC and CAC interim regulations.Integrating software, access control hardware, readers, badgingand controllers, the suite can manage an unlimited number ofdoors, the company says. CardAccess 3000 supports all readertechnologies from proximity to biometrics and is a turnkey

solution for stand-alone entry level through networked world-class enterprise systems.Threat level management enables security personnel to react quickly to present or pending

dangers by multi-hierarchical threat levels. Security professionals can instantly deactivate access privileges by badge or by entire groups, depending on the threat level. Visitor manage-ment, new category counters and activity links provide enhanced building supervision.

Strix Systems has introduced a plug-and-play wireless access point supporting up to 64 users pernode and industry-standard security algorithms for secured backhaul and client connectivity.

Strix’s Integrated Hot-Spot Systems is a dual-radio system delivering 802.11a (optional4.9GHz) and 802.11g access. Powered by Strix Edge OS, the system scales efficiently and economically, maximizing coverage areas affordably and reducing deployment and operating costs.

Information in this section has been supplied by the respective vendors. Network-Centric Security magazine does notaccept responsibility for the timing, content or accuracy of the product data or for the quality or accuracy of the photos.

WWW.SECPRODONLINE.COM 33

Power over Ethernet (PoE) is being widely adver-tised as a panacea for access control systemusers. Certainly, we have all looked forward tothe day when a single network drop at the doorwill replace the multitude of cables currentlyneeded for card reader communications, requeststo exit, door position and lock power.

The primary objective of any PoE system is to reduce costs. Stringing wire throughouta building for a proprietary access control network is often the most expensive part of thetotal system. If any system commonly found in today’s modern building needs an alterna-tive to standard AC power, it is the access control system.

A basic PoE system will consist of powered devices (PD) and power sourcing equip-ment (PSE). A typical example of a PD is PCSC’s door interface module, which distrib-utes power to the card reader, the locking mechanism and request-to-exit (REX) device.A typical example of PSE is a PoE switch.

RELEVANT STANDARDSSince 2003 the applicable IEEE standard for PoE has been P802.3af.This standard permitsuse of Cat-3 cable, but limits power per port to a maximum of 12.95 watts. As PoE has be-come more popular, the power limitation of this standard has stifled device manufactur-ers’ ability to meet marketplace demands.

The new PoE Plus standard (IEEE P802.3at, also known as Hi PoE) is nearing comple-tion and is expected to be ratified soon. Draft 3.0 of the new standard, dated March 2008,nearly doubles the power from the AF standard. However, the standard will require theuse of Cat-5 (or better) cable. The eight wires of Cat-5 cable versus the four of Cat-3 allowmore power to be transmitted. The AT standard also requires PoE Plus equipment to becompatible with existing AF equipment.

Table 1 shows power requirements for PDs vary according to the device type, manufac-turer, load, cable length and other factors. PCSC’s door interface module, for example,

New Standard Boosts PoE By Steve Bowcutt

continued on page 34

The new standard nearly doubles the power

from the older AF standard.

OCTOBER 2008 | SECURITY PRODUCTSS34

requires 200 mA at 12 vdc or 2.4 watts. A typical door lockingmechanism may require 500 mA at 12 vdc or 6 watts. A REX sen-sor may require another watt. A card reader may require 3 watts.Even without allowing for environmental factors and cable length,a fully loaded access control system can easily start to approach theupper limit of the older AF standard.

Table 2 shows the powered device classification defined inP802.3at. Minimum power available for PDs, factoring in cablelength and environmental factors, is shown.

Type 1 PDs, or IEEE P802.3af devices, have a maximum wattagerequirement of 12.95W. Type 2, or IEEE P802.3at devices, have amaximum wattage requirement of up to 25.5 watts.

PoE is quickly becoming a viable alternative for access controlsystem designs. Well-designed PoE-based access control systems

will comply with the new IEEE P802.3at standard by incorporat-ing Cat-5 or better cable and Hi PoE power availability; consist ofPDs that have been designed and tested to meet the PoE Plus stan-dard; and incorporate power back-up systems that keep the accesscontrol functioning during a power failure.

The long awaited panacea for access control systems may verywell be a reality given the new, soon-to-be-ratified, IEEE P802.3at PoE specification. Be careful when looking through the mar-keting hype to identify those access control system and PoE device manufacturers that understand and conform to the devel-oping industry standards.

Steve Bowcutt (sbowcut@1pcsc.com) is business development manager at PCSC Inc.

Network-CentricSecurity e-newsNow available in your in-boxtwice a month

Join over 30,000* integrators, end users,installers, contractors and IT professionals

who get the most up-to-date network-centric security news delivered to

their desktops twice a month.

Sign up now at www.secprodonline.com/mcv/newsletters/

*Publisher’s Own Data

P

Table 1: Power Required at the Door

Powered Device at the Door Required Power

Door interface module 2.4 wattsReader 3 wattsLock 6 wattsREX device 1 wattsTotal power requirment 12.4 watts

Table 2: Powered Device Classification

PD Classification Power Available for the PD

“Default, Type 1” 0.44-12.95 wattsType 1 0.44-3.84 wattsType 1 3.84-6.49 wattsType 1 6.49-12.95 wattsType 2 12.95-25.5 watts

1008secSup_Cover_v1.pdf1008secSup_s04_TOC_v3.pdf1008secSup_S06_Enter_v3.pdf1008secSup_s08_s12_Innovate_v4.pdf1008secSup_S14_S20_Watson_v4.pdf1008secSup_s22_s24_Verity_v3.pdf1008secSup_s26_s28_Titch_v4.pdf1008secSup_s30_s32_Launch_v3.pdf1008secSup_s33_s34_Exit_v3.pdf