Monday morning, 9am. You walk into your office, turn on your workstation. The
office assistant walks in and serves you a cup of tea. There's nothing
interesting on the newspapers, so you turn to your monitor, waving a hand
cheerfully at a couple of colleagues who have just come in to work. And then,
your face explodes in anguish. There are more than a dozen messages in your
inbox screaming panic at you. After the hysterics have died down, you try
assessing what's gone wrong. Your closest market rival seems to have had a
look at the design of your next product and has queued his own launch a couple
of days before yours, with a better-looking design. Your alarm bells go off...
is there an IP-Thief in your enterprise?
And this, in spite of the best measures of security and defense you have in
place. You have smartcards and fingerprint security, you have the best identity
management and protection systems in place, you have computer system and network
protection with the best security software and
hardware available. Even your non-IT based knowledge is safely under lock and
key with the more sensitive things under two or even three layers of security.
We have been telling you in the past (and will continue to do so in the future)
about different things you can do to secure this and that. Well, one of the
things we have also pointed out in those stories is that there is no real
defense against an authorized person doing unauthorized things. Also, once the
person has physical access to the target (computer system, piece of paper,
whatever), then there is nothing much you can do to prevent him from walking
away with the asset (information or property).
Guard against |
What do you need to protect your IP cameras against? Here's a ready list for you: 1. DoS and Flooding attacks seeking to disable the 2. Man in the Middle attacks where pre-recorded images 3. Unauthorized access by password cracking. Implement |
The traditional route to protect against unauthorized and undesirable
activities has been the Big Brother way; using CCTV (closed circuit television)
links to keep an eye on important places, things or even people. This form of
surveillance uses cameras placed at strategic locations linked by cable to
security consoles and rooms. Personnel at these locations watch the video
streams endlessly trying to spot something that shouldn't be happening.
The streams are also recorded using DVR (digital video recorders) onto tapes
or optical media. However, while this method may work fine in multi-floor
establishments, it fails at larger (city-wide) scales. When you consider your
own requirement of scaling it up beyond just one city, it fails even more
explosively. Let us explain in detail.
Eyes everywhere
There is no business or scenario where the need for surveillance would be
absent. Even if you're a supermarket chain, you may want to employ someone to
watch over your wares and make sure no one's making off with goods they didn't
pay for. Stores in the more developed countries regularly employ (CCTV-based)
surveillance to monitor areas of their shops they cannot directly keep an eye
on. In these stores, the cameras feed in directly to DVRs in the manager's
office without supervisory personnel -if there is a robbery at the store, law
enforcement can use the tapes to nab the criminals. ATM booths and kiosks use
cameras to keep an eye on people using the booth's facilities and if there is
an infraction like ATM-fraud, the bank can use the video to trace the
perpetrators.
Level-One WCS 2010 Camera | Level-One WCS 2030 Camera |
Key specs: Floor or roof mounted, zoom lens, color video, built-in microphone, 270-deg pan and 90-deg tilt and rotate, 10/100 Mbps Ethernet, 11g wireless, scheduled capture, motion detection, monitoring & playback software, web control interface, send images to FTP or mailbox, AV out for TV output
Price: Rs 35,500 (1 year warranty) Contact: mathew.vad@mindsindia.net |
Key specs: Wall mountable, zoom lens, color video, built-in microphone, no pan/tilt features, 10/100 Mbps Ethernet, 11g wireless, scheduled capture, motion detection, monitoring & playback software, web control interface, send images to FTP or mailbox
Price: Rs 18,700 (1 year warranty) Contact: jerry_albert@level1.co.in |
D-Link DCS 6620 | XProtect Enterprise |
Key specs: Wall mountable, CCD digital zoom lens, 10x optical zoom, color video, built-in microphone and 2-way audio through external speaker, MPEG-4 recording, Low-light (0.05 Lux) sensitivity, software to monitor/manage 16 cameras simultaneously, scheduled recording, motion detector
Price: Rs 45,000 (1 year warranty) Contact: dlinkpr@dlink.co.in |
Key specs: Software to control unlimited cameras (64 cameras per server, unlimited servers), event-activated recording, fully searchable, archive function, MPEG-4 support, multi-channel audio with listen-in, PTZ patrolling (with optional joystick control of camera), preset camera positioning, IPIX support, Evidence CD creation, data encryption and logging, logging of user actions, usable from a PDA client Price: On call Contact: milestonesys.com |
Surveillance is used heavily in traffic control as well. The next time you're
driving around your city, look carefully at the top-ends of the pillars
supporting flyovers at important crossings. You would be sure to spot a camera
there, looking at you. Construction locations have cameras looking at building
supplies and stores to make sure no one's stealing or tampering with them.
Sensitive establishments like research labs, pharmaceuticals and health-related
concerns use surveillance to make sure information and samples are not taken
outside or accessed by unauthorized personnel.
Manufacturing concerns (factories) can use surveillance to both track the
progress of various lines as well as keep a check on people and material. Data
centers have surveillance to help protect the deployments and make it easy to
look at different areas and equipment without having to go there.
Camera behavior | |
Patrolling: Continuous sweeps of the environment, regardless of activity in the area. The entire view may be recorded depending on camera configuration. Some cameras will only sweep a specific number of times before returning to a preset location. Motion detection: Designate one or more areas in Motion tracking: Sophisticated cameras can detect 2-way audio: Your camera most probably has a |
IP-connected eyes
The problem with CCTV based surveillance is that every one knows how to beat
them. Well, if you don't yet, watch a good Hollywood action movie (Mission
Impossible would be a good start). Also, there are problems scaling the
surveillance to beyond that one floor and building because of the need to lay
dedicated cabling to carry the imaging. If your remote cameras also accept
inputs to re-orient themselves, you would need more cabling. Then you need a
place to put all those tapes, not to mention a way to manage them. Now, since
surveillance is a part of your intrinsic need for security, its not a good thing
if almost everyone on the planet knows how to break it or you cannot use it
everywhere.
Files & formats |
Surveillance video can be recorded in multiple formats. As with all encoding, you need to pick the right format for surveillance imagery as well. The basic requirements are: 1. Image quality: You should be able to clearly 2. Image dimensions: The larger the dimensions, |
Here's where an IP Surveillance camera, which is nothing but a camera that
can be connected to your LAN using Ethernet or wireless or some other means and
talk TCP/IP to communicate. TCP/IP is what gives this form of surveillance its
name.
This greatly enhances the range of your surveillance operation and eliminates
the need to lay special cabling. If you're using it inside your campus,
chances are you already have Ethernet cabling near by or if you use wireless
networks, your camera should support that. Most modern IP cameras can do 802.11g
wireless in addition to 10/100 or even Gigabit Ethernet. If you don't have
either one handy, you can use the PSTN or cellular
networks using special adapters, to connect to your network over the Internet.
Not just for security
IP cameras (and even CCTV ones) need not be used purely for security purposes.
They can be used to keep an eye on remotely deployed equipment to avoid having
to go there physically to see what's happening. They can be used to study
things at a distance-for instance, you could put an IP camera on Barren Island
to study the volcanic activity there and connect it over VSAT to your labs
comfortably back on land. You can put IP cameras over production lines to
monitor progress of manufacture. Thermal or sound sensitive IP cameras can be
used for environment control. Traditional cameras carry a microphone to pick up
remote audio. But, there are also two-way sound enabled IP cameras that can be
used for screening using the speaker on it to communicate with people at the
remote site.
Nuts and bolts
Both forms of surveillance use cameras and recorders to capture and store the
visuals. The cabling required differs: CCTV ones require coax or optic cabling
while IP cameras need Ethernet cables or no cables at all if you use wireless.
If you plan to use end-to-end encryption to protect streams from tampering or
prevent others from listening-in, you can use scrambler/descrambler boxes at
either end. IP surveillance deployments typically upload their imagery to
regular file servers (like DAS/NAS boxes) instead of requiring DVR boxes.
Obviating the need to purchase and deploy surveillance-specific hardware like
DVRs and cabling can save you on cost, since IP surveillance can make use of
already in-place IT hardware.
Ready reckoner |
|
Feature | Benefit |
30 fps or faster frame rate | Jitter-free picture |
Motorized control, with swivel and pan |
You can direct the camera to watch/patrol different areas and follow movement |
Remote control | Lets you manage it remotely |
Web based view | Simplified access from anywhere, over the internet |
E-mail alerts on special triggers | Alerts you to infractions |
Record video | Capturing video is important to prove a sequence of events |
Time stamp recordings | Prove the event happened at the alleged date and time |
Embed watermarks/ digital fingerprints | Prevent the video from being tampered; ensure authenticity and integrity of the recording |
Power over Ethernet | No need to run separate cables for power or find power outlets nearby |
Wireless | No need to run Ethernet cabling |
Data encryption | Guard it against Man in the Middle attacks |
Let's look at the parallel requirement for software and manpower. CCTV
based surveillance does not require any special software-your camera is
connected to a DVR, with one or more monitors attached. Depending on the size
and sensitivity of your deployment/need, you may use digital switching and
control equipment like those used in a typical film-editing studio and these are
costly. IP Surveillance does not require you to add any special software to your
installation. Most cameras come bundled with applications to monitor, control
and configure your camera and its imagery. Their playback software will not let
the user tamper with the original copies. In addition, you can purchase and use
specialized software that let you control a lot of cameras simultaneously and
have complex things like fuzzy-logic based motion detection and alerting done
with your regular-Joe cameras.
Protect your guards
So, your cameras are watching your people, places and things. But who is
watching your cameras? Cameras are not the answer to the security jigsaw puzzle
either. They are as besot with problems as anything else you have around. If you
have regular cameras, anyone with a standard digital, S-Video or RYB set can
plug himself in and either look at what you're watching (which may be a breach
of security depending on what the camera is showing) or send you pre-recorded
video while they make changes to the subject under your surveillance without you
being aware that something was wrong.
When you have IP cameras, all the problems to do with TCP/IP based devices
are present. For instance, your camera is now suddenly susceptible to flooding,
sniffing, DoS attacks and more. Also, most cameras out there are protected with
nothing more than a regular login name and password, which for the most part are
left at default values. Which means anyone with access to Google can now access
all your cameras if they can access its network. Some wireless cameras can be
configured with encryption, but do check if your camera has WEP or WPA/WPA2 as
well. WPA2 is the better option for cameras that will be on wireless. So, do you
need additional protection to be deployed? A firewall just in front of the
camera at the remote site, maybe able to protect it from direct attacks. It will
not guard against people stealing imagery from it to study and come up with
scenarios to beat surveillance.
The way forward
Surveillance allows one to see what's happening and how it is being done. One
has to learn to adapt processes and systems for a better response the next time
around. It can save on manpower, money and time if the purpose is to remotely
monitor something, without having to place people in personal peril. It save
costs on the equipment and know-how as well.
go1984 for Camera Control |
|
Install the software like a regular application on any system. You can connect to this system later from any machine or J2ME cell phone and monitor your cameras. When asked, during installation, select the 'Enterprise' mode to get the full feature-set to try out. Click on the IP Camera option and add our camera (by IP address) to the software. You would also need to enter the administrator user ID and password to the camera ('root' and the MAC address in our case) into this pane. go1984 also lets you add locally connected Web cams as security cams-for this, select the DirectX option and accept the locally connected Web cam listed there. Check the 'Video' option if the local web cam can |
|
Connect to any IP camera by entering its host/IP and credentials. You can choose to view it live or only when the camera detects motion by selecting the radio buttons for that | Open the Alarm Management node and set up how to handle events that are triggered. You can choose to upload images to an FTP server, pop up notifications, or ring your phone |
This go1984 client runs minimized and can pop up automatically when new images are received-this lets you do other things and be alerted when something happens | You can use the User Management module to create users for the system (security personnel or supervisors) and assign them privileges for the functions offered by go1984 |
Price: $839 (Enterprise edition) Contact: http://www.go1984.com On CD: PCQ Enterprise\IP Surveillance\Surveillance\go1984 Setup.exe |