introduction to ip surveillance

8/6/2019 Introduction to IP Surveillance

1/22 INTRODUCTION * SETUP * IMPLEMENTATION

IP / NETWORK

SURVEILLANCE SYSTEM


2/22

CONTENTS

INTRODUCTION ....................................................................................................................................................... 1

OVERVIEW ................................................................................................................................................................ 3

BENEFITS ................................................................................................................................................................... 6

SYSTEM IMPLMENTATION AND APPROACH ............................................................................................... 10

CENTRALIZED ARCHITECTURE................................................................................................................................. 10

Scalability problems with a Centralized Architecture ........................................................................................11

DISTRIBUTED ARCHITECTURE.................................................................................................................................. 13

Distributing Configuration Data ........................................................................................................................13

Distributing Licensing Data ...............................................................................................................................14

Distributing Live Data ........................................................................................................................................14

Solving the problems of a Centralized Architecture ...........................................................................................15

EXAMPLE SMALL SECURITY MANAGEMENT SYSTEM .............................................................................................. 16

EXAMPLE MEDIUM SECURITY MANAGEMENT SYSTEM ........................................................................................... 17

EXAMPLE LARGE SECURITY MANAGEMENT SYSTEM .............................................................................................. 19


3/22

IP/NETWORKSURVEILLANCESYSTEM

Page|1IP SURVEILLANCE SYSTEM

INTRODUCTIONIP-Surveillance is a term for a security system that gives users the ability to monitor and record

video and/or audio over an IP (Internet Protocol-based) computer network such as a local area

network (LAN) or the Internet. In a simple IP-Surveillance system, this involves the use of a

network camera, a network switch, a PC for viewing, managing and storing video, and video

management software.

Network / IP-Surveillance video system

Unlike analog video systems that use dedicated point-to-point analog cabling from the camera

location to the viewing/recording station, IP-Surveillance (or network video) uses the IP network

technology as the backbone for transporting information. In an IP-Surveillance application,

digitized video and/or audio streams can be sent to any locationeven around the world ifdesiredvia a wired and/or wireless IP network, thus enabling video monitoring and recording

from anywhere with internet access.

While an analog video system is for the most part a one-directional signal carrier that ends at the

recording device, a network video system is bi-directional (allowing information to be sent and

received) and can be an integrated part of a larger, scalable system. A network camera, for

instance, can send video, audio and other data (e.g., SMS) to a user, as well as receive from the

user audio and data instructions that could, for example, activate doors or external alarms. In

addition, a network video system can communicate with several applications in parallel and

perform various tasks such as detecting motion or sending different streams of video. Such a

system provides for greater performance possibilities and flexibility.


4/22



IP-Surveillance video system with alarm integration

NetworkCamera


5/22



OVERVIEWAn IP-Surveillance system can be as simple or as sophisticated as clients needs require. In a

simple scenario,

PC where the viewing and recording of video is to be done. Ethernet cable between a PC and a network switch (which allows different devices to

connect to each other and share, for instance, a common Internet connection) and a cable

from the switch to the camera location.

Equipment that can captures video and sends the stream over the network. This can be anetwork camera, or an analog camera connected to a video encoder (also sometimes

known as a video server).

Overview of an IP-Surveillance system

The network camera or a video encoder connects directly to the network - not to a PC as is the

case with a web camera. Once the network camera (or analog camera and video encoder) is

installed and configured, viewing and recording live video can be achieved through a web

browser on a local PC or a remote PC via the Internet. In order to access and record video from

many cameras simultaneously, a video management software program on the recording PC has

to be installed.


6/22



Since IP-Surveillance systems are easy, flexible and cost-effective to scale up, each component

of the system can be customized to fit the needs. The following is a brief overview of the

components that can be tailored to your application:

a) Network camera/video encoder:Network cameras range from fixed cameras and fixed domes, to pan/tilt/zoom (PTZ) and PTZ

dome cameras, and may be designed for use indoors or outdoors. Other network camera features

include built-in support for wireless communication, megapixel resolutions and vandal

resistance. Both network cameras and video encoders may offer a variety of capabilities such as:

Several simultaneous video streams using different video compression formats (e.g.H.264, MPEG-4 Part Motion JPEG) that are optimized for bandwidth and image quality;

Input/Output ports for connection to external devices such as sensors and alarms; Built-in intelligence such as video motion detection and tampering detection; Sophisticated alarm and event management functions that can communicate with

different devices and applications simultaneously, and can send separate video streams in

different resolutions, at different frame rates and to different places;

Audio support; Power over Ethernet, which enables power to be delivered over the same cable as for data

transmission.

b) Network:There are many ways to design and secure a network for IP-Surveillance. In addition, a network

can be as small or as extensive as required, and it can be wired, wireless or a combination of

both. It is also easy to increase the bandwidth capacity of your network simply by adding

switches/routers. And different technologies can be used to optimize bandwidth usage.

Furthermore, a wired network can deliver not only data, but also power using Power overEthernet (PoE) technology. This simplifies installation of PoE-enabled network cameras/video

encoders and provides cost savings.


7/22



c) Hardware (server and storage):The hardware requirements of an IP-Surveillance system are not complex. Simply use standard

components found in the IT industry. Todays PC, with a Pentium processor and Windows

operating system, is able to run a video management software, and record and store video fromup to 50 cameras. If the hard disk on the actual server running the recording application is not

enough, there are solutions that enable increasing storage space and achieve increased flexibility

and recoverability. As larger hard drives are produced at lower costs, it is becoming less

expensive to store large amounts of video.

d) Software:A wide range of software is available to help you in the preparation, installation and management

of an IP-Surveillance system. These applications make it easier to find, install and configure the

video products on the network. They allow, among other things, for central management and

configuration of the network video products for viewing, recording and security preferences.


8/22



BENEFITSIP-Surveillance provides a host of benefits and advanced functionalities that gives you greater

control and management of live and recorded video, as well as alarm events. This makes the

system highly suited to security surveillance applications.

a) Remote accessibilityThe main benefit from IP cameras is that the user can see surveillance images from any computer

on the networkwithout the need and expense of additional hardware or software. If you have a

port to Internet, you can securely connect from anywhere in the world to view a chosen facility

or even a single camera from your surveillance system. By using a Virtual Private Network

(VPN) or the company intranet, you can manage password-protected access to images from the

surveillance system. Similar to secure payment over the Internet, a users images and

information are kept secure and viewed only by approved personnel.

b) Remote accessibility:Access to live and recorded video at any time and from virtually any networked location in the

world. Multiple, authorized users at different locations may be able to access live or recorded

video. This is advantageous if a company wants a third-party, such as a security firm or remote

office, to benefit from and have access to the video.

c) High image quality:High image quality is essential in a security surveillance application. You want to be able to

clearly capture an incident in progress and identify persons or objects involved. In a network

video system, the quality of images produced can be more easily retained than in an analog

surveillance system. With an analog video system, the captured images are degraded with every

conversion that the images make between analog and digital formats and with the cablingdistance. The further the analog video signals travel, the weaker they become. In a fully digital

IP-Surveillance system, images from a network camera are digitized once and they stay digital

with no unnecessary conversions and no image degradation due to distance traveled.


9/22



A network camera that uses progressive scan technology provides clearer images of moving

objects because the whole image is presented at one time. With an analog video signal, two

consecutive interlaced fields of lines are presented to form an image, and when displayed on a

PC monitor, blurriness occurs when objects move between the image capture of the twointerlaced fields.

A megapixel network camera (i.e. one that delivers an image comprised of 1 million or more

pixels) can also offer resolutions greater than what an analog camera can offer, which means that

more detail or larger areas can be covered.

d) Future-proof integration:Network video products based on open standards can be easily integrated with computer and

Ethernet-based information, audio and security systems, video management and application

software, and other digital devices. For instance, a network camera can be linked to specialized

software programs that could, for example, analyze the visual and/or audio data to detect wanted

persons in a crowd or unauthorized access to specific areas.

e) Scalable and flexible:An IP-Surveillance system can grow with the organizations needs. Network video products can

be added to the system as desired without significant or costly changes to the network

infrastructure. You can place and network the products from virtually any location, and the

system can be as open or as closed as desired.

f) Cost-effective:An IP-Surveillance system has a lower total cost of ownership than a traditional analog CCTV

surveillance. Management and equipment costs are lower since back-end applications and

storage run on industry standard, open systems-based serversnot on proprietary hardware such

as a DVR in the case of an analog CCTV system. Additional cost savings come from the

infrastructure used. IP-based video streams can be routed around the world using a variety of

interoperable infrastructure. IP-based networks such as LANs and the Internet, and various

connection methods such as wireless are much less expensive alternatives than traditional coaxial


10/22



and fiber needed for an analog CCTV system. In addition, an IP infrastructure can be leveraged

for other applications across the organization.

Furthermore, Power over Ethernet (PoE) technology, which cannot be applied in an analog videosystem, can be used in a network video system to increase savings and reliability.

PoE enables networked devices to receive power from a PoE-enabled switch through the same

standard cable that transmits data (video). Hiring a certified electrician and installing a separate

power line are not neededa big advantage, particularly in difficult-to-reach areas. With PoE,

network cameras/video encoders will also be able to receive centralized backup power from a

server room with an Uninterruptible Power Supply; so in the event of a power failure, the

cameras will still be able to operate.

g) Event management and intelligent video:There is often too much video recorded and lack of time to properly analyze them. Advanced

network cameras/video encoders with built-in intelligence or analytics take care of this by

reducing the amount of uninteresting video recorded and enabling programmed responses.

Advanced network cameras/video encoders have such features as built-in video motion

detection, audio detection alarm, active tampering alarm, I/O connections, and alarm and event

management functionalities. These features enable the network cameras/video encoders to be


11/22



constantly on guard in analyzing inputs and waiting for an impulse to kick-start an action or a

series of actions. Having intelligence/analytics conducted at the network camera/video encoder

rather than at the recording server reduces network bandwidth usage and storage needs since

only actionable data (video) is sent over the network.

Event management functionalities can be configured using the network video product user

interface or a video management software program. Users can define the alarms/events by setting

the type of triggers to be used and when, as well as the responses (e.g., recording to one or

multiple siteswhether local and/or off-site for security purposes; activation of external devices

such as alarms, lights and doors; and notification messages to users).


12/22



SYSTEMIMPLMENTATIONANDAPPROACHThere are two different approaches to saving data in an IP Video system. A Centralized

Architecture uses a master database usually located in the central control room or head office. A

Distributed Architecture spreads the data around the Security Management system generally

keeping it close to where it is produced or needed.

The stored data in a Security Management system can be categorized into two types:

Configuration data such as site information specifying the design and make-up of theSecurity Management system. Examples of Configuration data includes lists of cameras,

lists of users, user permissions, site structure and maps representing the layout of the

system. After the initial installation and commissioning stages of a Security Management

system, Configuration data is not routinely changed. It is however routinely read by

operators e.g. when logging in to the system.

Live data such as CCTV video recordings and alarm data. Live data is accessedcontinuously during normal Security Management operations, either by devices recording

the data or operators reviewing the data.

CentralizedArchitectureConfiguration data is usually held in a database called the Site Database. This makes it easy for

administrators to make and manage changes however it also creates a problem. When an

administrator makes a change to the Site Database, the distributed users throughout the Security

Management system do not get the changes.

The obvious and easy solution is to have the Site Database held centrally on a master database

server and have all users access the master server over the network. This is called a Centralized

Architecture.

Many systems use a Centralized Architecture for storing more than just Configuration Data.

They may also use it for storing Live Data such as video recordings or alarm data.


13/22



This approach is suitable for small implementations resident in one location/building but is

compounded with serious scalability problems which a Distributed Architecture gives a scalable

solution leading to unlimited Security Management system sizes potentially spanning cities,

countries and continents.

ScalabilityproblemswithaCentralizedArchitecture

Typical Centralized Architecture

The figure above shows a Security Management network consisting of one or more sites each

with its own Local Area Network (LAN) connected to a Central Office. The Central Office is

also where the Central File Server is located, hosting the Site Database. Also in the Central

Office are Network Video Recorders (NVRs) for recording CCTV video and Alarm data.


14/22



Every camera and workstation in each remote office must regularly, and in some cases

continuously, communicate with the Central Office in order to check for changes and updates in

the Site Database, check for valid licensing or store recording and alarm data.

This causes four huge problems:

a) Cost: All users continuously communicate with the Central Office. On a LAN that meansbuying expensive high-end switches and on a WAN it means using up precious

bandwidth.

b) Reliability and Resilience: What happens when the WAN or core LAN switch breaks?Remote users can be left stranded with no access to the live and recorded video from

cameras which are actually located locally to them on a working LAN.

c) Single point of failure: What happens if the server hosting the Site Database fails? Allusers of the system rely on access to the site database. For example to get login

credentials verified or license permissions checked. If the Site Database server fails, the

whole Security Management system goes down.

d) Scalability: As more cameras and users get added to each remote office and as moreremote offices get added to the network, everything gets congested. The local LANs get

congested, the WAN links get congested and the Central Server gets congested coping

with increasing levels of traffic checking for Site Database changes, valid licensing and

storing recordings and alarms.


15/22



DistributedArchitecture

Distributed Architecture

The Distributed Architecture figure above shows how the same Security Management network

can be constructed using distributed databases.

DistributingConfigurationDataEach remote workstation can keep a local cache of the Site Database. Configuration data does

not change very frequently. This means the information can be synchronized between the Central

Server and the remote workstations either according to a managed schedule or on-demand whena change happens.

In the event that the Central Server, a core LAN switch or the WAN fails, users at workstations

can continue to work using their locally cached Site Database.


16/22



Distributing Licensing Data

Rather than holding license information centrally in the Central Server, individual components of

the SECURITY MANAGEMENT system can hold their own licenses. For example, cameras can

hold information in their on-board memory about allowed viewing and recording resolutions, or

allowed frame rates. They can also hold information on which features are enabled such as

advanced motion analytics features.

Such a model, where the sources of the valuable data (the cameras and recorders) contain their

own licenses, means that the cameras and recorders never need to talk to the Central Server.

Because the data sources have their own distributed licenses, this frees up the data viewingapplications, running on each workstation, from requiring any license at all. An operator cant

view video if the camera or recorder wont let him. This means none of the workstations need to

check licensing conditions with the Central Server

DistributingLiveDataRather than continuously streaming recording and alarm data back from the remote sites to the

central site across the WAN, it would be much better to keep the data locally on the LAN. Oneor more local Networked Video Recorders at each remote Site would reduce traffic across the

WAN and allow users at the remote sites to access recordings and alarms even when the WAN is

not available.

Of course the Central Office is often where alarm management happens across the whole

Security Management system so users in the Central Office can still access the remote

Networked Video Recorders in the event of an alarm or incident investigation. Usually when this

happens they only need to playback or export certain portions of video from certain cameras and

dont need to access the full 24x7 recordings that have been made of all cameras at the remote

site.


17/22



SolvingtheproblemsofaCentralizedArchitecturea) Cost: Precious WAN bandwidth is not used for continuous communication with all

remote devices. Instead Configuration Data is distributed in a managed scheduled way. In

the event of an operational incident, only the Live CCTV video data that is required needbe moved across the WAN or extended LAN. The need to check license data across the

network is removed entirely. Core network switches can be specified to cope with

reduced network loads.

b) Reliability and Resilience: A critical source of failure in the Security Managementnetwork is the WAN. Money can be spent on increasing the reliability of the WAN

connections but it is much more effective to distribute the data so that users still have a

working Security Management system even if the WAN connections fail.

c) Single Point of failure: Another critical source of failure in the Security Managementsystems are the data stores either the Central Server hosting the Site Database or the

recorders. Again, money can be spent on increasing the power and reliability of those

machines but it is much more effective to distribute the data stores so that users still have

a working Security Management system even if those components fail.

d) Scalability: With a distributed architecture, each remote office really can be treated as atemplate and simply duplicated as necessary. For even larger systems, there is no reasonwhy multiple Central Servers cant be distributed and synchronized adding yet another

layer of distribution and resilience.


18/22



ExampleSmallSecurityManagementSystem

Small Distributed Security Management System

Even in a small Security Management system consisting of 20 cameras, 1 NVR recorder and 3operator workstations, there are advantages to the distributed approach. One workstation can be

chosen to host the master site database. This can then be shared using standard network file

sharing options and the other workstations can point at this master copy. In addition they will

keep local caches to cope with the event that the master workstation fails.

This allows the site administrator, who can be logged in to any of the workstations, to make

changes to the master site configuration. The architecture automatically distributes the changes

to the other workstations.

Using standard file sharing, updates are notified only when they happen so that each workstation

can refresh its local cache as necessary.


19/22



ExampleMediumSecurityManagementSystem

Medium Distributed Security Management System

A medium sized Security Management system might consist of up to 200 cameras spread across

several distinct locations (floors on a building or buildings on a campus). Some operators may be

located at each location but also there will typically be one central control room where several

operators monitor the entire site.

With a distributed approach, the master configuration data will be held in a dedicated file server

in the central office. Each workstation will use the file server as its primary source of

configuration data but will also hold a local cache of the data.

Live data (recordings and alarm logs) will be distributed to each location by placing Network

Video Recorders around the network. This keeps the majority of the live Security management

data away from the central control room.


20/22



Advantages to this approach:

Medium sized Security Management systems generally have a greater requirement forresilience. The file server can be stored securely and safely away from the operationalcontrol room. If the file server fails, workstations still have local caches so there is no

interruption to the Security Management system.

By separating the Static configuration data from the Live Security Management data, theprocessing and disk space demands of the master site database is minimal meaning the

file server can be entry level server. For example, a site database for a 200 camera

system need contain no more than 100 Kbytes of data.

Recording and alarm data need only be fed back to the central control room on demand(e.g. when investigating an incident). With a centralized architecture, all recording data

would continuously be fed back from all cameras requiring more costly infrastructure


21/22



ExampleLargeSecurityManagementSystem

A large Security Management system will consist of thousands of cameras spread across many

locations. Sometimes these locations will be geographically dispersed across cities, countries and

even continents e.g. city surveillance, a large corporation, railway system or road system.

Sometimes there may be one large location with a high density of cameras split into different

groups of cameras.

Large systems will also usually have a central control room from where the whole system can be

monitored. Some systems will have several such central control rooms. The entire network islinked by a Wide Area Network (WAN), which may use leased lines, wireless connections, DSL

connections, satellite links and even the public Internet.

Under a distributed architecture, each location or group of cameras has a local file server and all

workstations at that location have local caches. As with the medium Security Management

Overview of an IP-Surveillance system


22/22


system, the master configuration database is held in a central control room on a master file

server.

Each location will also have a local file server. The local file servers are all synchronized withthe central master database either according to a managed schedule (e.g. once a night) or on-

demand whenever an administrator makes a change to the site configuration.

At each location, individual workstations talk only to their local file server, never to the master

server in the central control room. In addition, each workstation maintains a local cache of the

configuration data.

Also, each location has sufficient local storage in the form of NVRs to record all the locally

produced video and alarm data.

The advantages of this approach are:

Cost: Managed synchronization of static configuration data across the network meansdata is only sent on the few occasions there is a change. Even then it can be scheduled to

avoid peak bandwidth times. Distributed storage for live recording and alarm data means

the overall WAN bandwidth required is much lower.

Reliability and Resilience: When the master server fails or the WAN link breaks,operators always have local caches of the Site Database so they can still access any

devices on their LAN. In addition, by distributing the recording capability, operators

local to an incident will always have access to live video, recorded video and alarm data

for their local cameras, even if communication with the central office is down.

Scalability: The Security Management network for a small system can be treated as atemplate for cutting and pasting as many times as necessary. The majority of live data is

held locally wherever it is produced and needed. Overall control of the system through

site configuration data can still be managed centrally but then distributed in a manner that

makes efficient use of wide area networks.

introduction to ip surveillance

Documents