It makes sense to use a Networked Video Server that can use Analog Cameras and compress the maga data and make it digital and then send it across to the client. I would suggest to have a look at enVigil video server
The topic of this discussion is "Network Video Storage and Megapixel Camera Technology" not IP Camera's!
The reason people are so hooked on doing Camera based storage and analytics is due to the premise that IP is the solution for moving SD/HD Video between a Camera and a storage solution be it DVR, NVR, NAS. IP has severe bandwidth, QoS and cost per channel issues when trying to move realtime HD Video across a network.
D1/VGA Camera's are causing performance issues with 720p and 1080p having 4 to 8x more data, the problems of network design and infrastructure become even more apparent.
1) Centralised Video Storage and Image Analytics will ALWAYS be cheaper than Camera based storage and analytics due to Moore's Law.
2) IP transport between a Camera and DVR has limitations that are directly impacting Video quality in terms of both Frame rate and Compression, to meet bandwidth, QoS and cost per channel targets.
3) IP Video Transport is perfect for DVR to Client, as latency and packet loss is not a real issue when reviewing a single stream of Video for review.
4) IP has a hard distance limitation of 100M, and High Frame rate, High Quality HD Video will require GB Ethernet with Cat6 Cable. Distances beyond 100M require Repeater, Routers or Fibre Optic Convertors
The traditional DVR/Camera model with point to point Analogue DVR/Camera transport and IP based Client control and review still offers the best price/performance ratio in the market today. For 16 Camera or less systems with less than 4000 sq/ft, there is simply no need to incur extra costs for an IP Camera architecture, that a) Costs more b) Is harder to Install c) Slower Frame Rates d) Poor picture quality.
NTSC/PAL in D1 is successfully servicing 98% of the installed based and over 90% of new installations. HD Camera's represent less than 150K per year world wide and technologies such as HDcctv (www.highdefcctv.org) will embrace the proven SD DVR/Camera architecture and offer better, cheaper, faster and easier solutions for deploying HD CCTV systems to 85% plus of the market.
IP is great transport and when used correctly offers many benefits but other technologies such as SDi exist for a reason as they offer inherent advantages over IP for certain applications (Uncompressed, Realtime, QoS, Cost per Channel, Low Latency, Distance, Ease of Install). SDi in particular is the backbone of the Broadcast Industries move to HD Video and the investments being made in R&D are an order of magnitude higher than IP Video for CCTV.
SDi makes sense for Camera to DVR
IP makes sense for DVR to Client
www.cradle.com
Sunday, December 6, 2009
Monday, November 9, 2009
How can one avoid video jacking?
The article ( http://www.wired.com/threatlevel/2009/07/video-hijack/ ) on how a malicious intruder in a LAN can hijack an IP camera and insert his/her own IP feed into the system. The intruder uses a simple but effective technique called ARP cache poisoning / ARP spoofing. ARP cache poisoning is a technique that uses a host computer (the intruder) to position itself between an IP camera and an NVR, making the NVR believe that it is talking to the IP camera, but in fact it is talking to the intruder. This way, the intruder can inject any video feed that it wants into the NVR.
This is a fundamental problem with NVRs and IP cameras. Since LAN is a trusted environment, and ARP is a technique that was developed assuming trust between computers on a LAN, this problem will not easily go away unless the underlying protocols are changed.
Even if the video is encrypted on the LAN, the main communication between the client and the server is not. This can help an attacker disable the NVR/DVR in question, even if he is not able to inject video.
How can one avoid video-jacking? One way is entirely avoid using IP cameras and use only Analog cameras. Since tampering of analog cameras require physical access to the infrastructure, this may be a bit more secure. One can argue that even with analog cameras in place, IP streams still do flow through the LAN from the DVR/NVR to any connected clients.
A more complete way to prevent video injection is by using a peer-to-peer VPN connection along with Analog cameras. Cradle's enVigil products come with peer-to-peer VPN pre-installed. Thus, all access on the LAN to the enVigil server is through a peer-to-peer VPN connection. Thus, even if a computer is hijacked with APR spoofing techniques, it will be nearly impossible to inject/hijack the video streams, since that requires cracking the VPN networking layer.
Please visit www.cradle.com for more information on the enVigil product.
This is a fundamental problem with NVRs and IP cameras. Since LAN is a trusted environment, and ARP is a technique that was developed assuming trust between computers on a LAN, this problem will not easily go away unless the underlying protocols are changed.
Even if the video is encrypted on the LAN, the main communication between the client and the server is not. This can help an attacker disable the NVR/DVR in question, even if he is not able to inject video.
How can one avoid video-jacking? One way is entirely avoid using IP cameras and use only Analog cameras. Since tampering of analog cameras require physical access to the infrastructure, this may be a bit more secure. One can argue that even with analog cameras in place, IP streams still do flow through the LAN from the DVR/NVR to any connected clients.
A more complete way to prevent video injection is by using a peer-to-peer VPN connection along with Analog cameras. Cradle's enVigil products come with peer-to-peer VPN pre-installed. Thus, all access on the LAN to the enVigil server is through a peer-to-peer VPN connection. Thus, even if a computer is hijacked with APR spoofing techniques, it will be nearly impossible to inject/hijack the video streams, since that requires cracking the VPN networking layer.
Please visit www.cradle.com for more information on the enVigil product.
Spoofing IP based CCTV systems
This is reply to the video security over the internet by Tom
Tom Medlicott
Owner, cctvengineer.com
yes i think hybid system will be around for a long time. and infact hybrids will only get better. each month we are starting to see major problems that exist along side the ip systems. end users (the customers) just finding out they have very expensive yearly licence fees to run there ip systems and another problem that has just been released is the following artical from america.
(I HAVE REMOVED LINK TO THE SOFTWARE) if you wish the link please email me.
Spoofing IP based CCTV systems
The case against the security of IP based CCTV systems was recently highlighted with the release of a new web tool shown at the hacker conference in Las Vegas. A security assessment tool, Videojak has the ability to both intercept Internet video feeds and eject false 'looped' images.
Similar in concept to Hollywood's "Mission Impossible" where the attacker can hack, monitor and record a CCTV feed (when nothing is happening), then play this back in a loop to hide the actual live feed (presumably while Tom Cruise is lowered down on a black rope).
This tool also provides the ability to intercept video conferencing.
To be on the safe side, if you are using any kind of conferencing facility you should assume that the information can be intercepted. With the popularity of IP streamed video systems we are not sure if our network is compromised or not.
so another reason why hybrid is better. i.e use analog in the top security places and ip in not so high places. have the best of both worlds with a hybrid system
Tom Medlicott
Owner, cctvengineer.com
yes i think hybid system will be around for a long time. and infact hybrids will only get better. each month we are starting to see major problems that exist along side the ip systems. end users (the customers) just finding out they have very expensive yearly licence fees to run there ip systems and another problem that has just been released is the following artical from america.
(I HAVE REMOVED LINK TO THE SOFTWARE) if you wish the link please email me.
Spoofing IP based CCTV systems
The case against the security of IP based CCTV systems was recently highlighted with the release of a new web tool shown at the hacker conference in Las Vegas. A security assessment tool, Videojak has the ability to both intercept Internet video feeds and eject false 'looped' images.
Similar in concept to Hollywood's "Mission Impossible" where the attacker can hack, monitor and record a CCTV feed (when nothing is happening), then play this back in a loop to hide the actual live feed (presumably while Tom Cruise is lowered down on a black rope).
This tool also provides the ability to intercept video conferencing.
To be on the safe side, if you are using any kind of conferencing facility you should assume that the information can be intercepted. With the popularity of IP streamed video systems we are not sure if our network is compromised or not.
so another reason why hybrid is better. i.e use analog in the top security places and ip in not so high places. have the best of both worlds with a hybrid system
The importance of encrypting video over Internet
The importance of encrypting video over IP
http://www.wired.com/threatlevel/2009/07/video-hijack/
How important it is to send video encripted and over the VPN?
The importance of encrypting video over IP
How important it is to send video over encrypted video VPN?
Read this article
http://www.wired.com/threatlevel/2009/07/video-hijack/
1. The attackers are able to view video being streamed across a network, and
2. The attackers are able to use a man-in-the-middle attack to insert video controlled by the attacker to a video decoder somewhere on the network.
The linked video shows viscerally how an attacker could foil a security/surveillance video system – a modern-day Thomas Crown Affair. But the underlying problem goes beyond the surveillance market and could conceivably affect a wide range of industries using video over IP. This is a big deal, and vendors of any form of network-connected IP video device – whether a camera, encoder, or decoder – should take note.
http://www.wired.com/threatlevel/2009/07/video-hijack/
How important it is to send video encripted and over the VPN?
The importance of encrypting video over IP
How important it is to send video over encrypted video VPN?
Read this article
http://www.wired.com/threatlevel/2009/07/video-hijack/
1. The attackers are able to view video being streamed across a network, and
2. The attackers are able to use a man-in-the-middle attack to insert video controlled by the attacker to a video decoder somewhere on the network.
The linked video shows viscerally how an attacker could foil a security/surveillance video system – a modern-day Thomas Crown Affair. But the underlying problem goes beyond the surveillance market and could conceivably affect a wide range of industries using video over IP. This is a big deal, and vendors of any form of network-connected IP video device – whether a camera, encoder, or decoder – should take note.
Tuesday, September 8, 2009
Features of enVigil for hotels
Unique features of
enVigil Networked Video Surveillance Server
(enVigil NVSS)
Truly Networked Multi-location Video Surveillance (CCTV)Solution
Your browser may not support display of this image.enVigil Solution
Linux based server, Java based client (Windows and MAC OS support), simultaneous local and remote archiving, built in VPN, automated detection of video loss or tampering, PDA phone support, sensor integration, video analytics and ability to centrally administer distributed multi-location system.
Designed to survive malicious attacks – Surveillance system will continue to operate even if control room is destroyed
Compact size video servers are easily concealed at various locations distributed throughout the facility. Full monitoring access is available at multiple locations over LAN and WAN. Control room has only monitors and computers for accessing enVigil systems. Surveillance system will continue to operate even if the control room is destroyed.
Machine based automated diagnostics for preventing down time
To support 24 X 7 X 365 days operation enVigil server performs self diagnostics on schedule and a central server verifies proper operation of the system and monitors the health of enVigil servers and the camera systems to warn administrator of degradation of storage or hardware that could lead to failure. The central monitoring server reports un-intended shutdown of enVigil system.
Audit trail of all access and actions
All interactions with the video server are logged in to create an audit trail and to warn of unusual access or attempted access.
End to end secure encrypted communication
Fully encoded video and data transmission using built in VPN secure communication over LAN and WAN. System supports simultaneous VPN access capability to multiple surveillance sites. Multi level password protection and user verification.
System Implementation utilizing existing cameras and wiring
enVigil system solution preserves investment of existing analog cameras and wiring infrastructure. The existing infrastructure is transformed into IP enabled modern system. Existing DVR can be used to provide redundant surveillance capability as the enVigil can added as a parallel surveillance system.
Complete Remote Surveillance Solution
High quality live remote monitoring using LAN, WAN, WiFi, WiMax networks, and GSM and CDMA wireless broadband available form cell phone operators. Adaptive compression bandwidth is used to deliver smooth live video that maintains lip sink for audio when audio is used. Two way voice communications built in from remote location to surveillance site. System supports Private camera capability with fine grain access control, Remote control of PTZ cameras, Remote access and down load of recorded audio and video and alarm information for forensic analysis.
Central administration of multi-location surveillance
A user with administrative privileges can remotely administer enVigil video servers at remote locations. He can add and delete users and make changes to the set up just as he would do if he were using a monitor and a keyboard attached to the video server.
Integrated sophisticated video analytics
enVigil is a platform for loading software for video analytics for integrated video analytic solution. People analytics such as loitering detection, intrusion detection, wrong way entry, face capture and object analytics such as object left behind are available. Early smoke and fire detection analytical capability is planned. Smart alert capability such as motion detection with masking, tampering with camera such as blind detection and video loss detection, distributed sensor integration (fire alarm sensor, temperature sensor, water detector sensor) are built in capabilities.
Multiple means for delivering local and remote alerts and alarms
A full set of communication means are available to send alert and alarm notices. These includes SMS message, email message, turning on of a siren or lights. Independent wireless, phone line and LAN paths can be deployed to make sure if one path is blocked an alternative path can be used to get the alert and alarm information out to the security personal. Data can be protected against disk drive failure using the same kind of RAID store servers as used by IT departments.
Multi-tier storage and continuous remote archiving for data protection
The architecture of the system supports multi-tier storage. enVigil video server has local storage to keep recording data even if network connection is broken. The surveillance data can be securely stored on a Network Attached Storage at secure pace in the building and for disaster management the data can be simultaneously archived at a remotely located data center.
Rugged Hardware for Indian environment
The enVigil server has been designed to reliably operate under Indian condition of dust, heat and fluctuating power supply. The Linux operating system and the server software are stored in a Solid State Drive so that they are not affected by failure of rotating Hard Drive. The software of the system has been designed to anticipate failure of the Hard Drive and to handle failure gracefully should it occur.
Designed for easy integration with other systems
The hardware and software architecture of enVigil system provides for easy integration with fire alarm, access control and building management systems. Cradle technology owns full stack of technology upon which enVigil is built and as such it has full flexibility to make necessary modifications to enVigil to make integration easy.
Scalable system architecture
The enVigil surveillance system is scalable to cover multi-location deployment. Video surveillance system for a chain of hotels where each hotel has cluster of cameras can be deployed in a way where both the local operating authorities and centrally located security department have simultaneous access and control.
Technology Advantage
To achieve higher protection again malicious hacking attacks on the video server the enVigil system used Linux operating system. All communication is encrypted though embedded VPN. Multi-tier password protection and all the means that have been developed for banking application and corporate IT are available to protect unwanted intrusion into the surveillance system
USA based Technology and Support also India engineering and support available worldwide.
www.cradle.com/downloads.html
enVigil Networked Video Surveillance Server
(enVigil NVSS)
Truly Networked Multi-location Video Surveillance (CCTV)Solution
Your browser may not support display of this image.enVigil Solution
Linux based server, Java based client (Windows and MAC OS support), simultaneous local and remote archiving, built in VPN, automated detection of video loss or tampering, PDA phone support, sensor integration, video analytics and ability to centrally administer distributed multi-location system.
Designed to survive malicious attacks – Surveillance system will continue to operate even if control room is destroyed
Compact size video servers are easily concealed at various locations distributed throughout the facility. Full monitoring access is available at multiple locations over LAN and WAN. Control room has only monitors and computers for accessing enVigil systems. Surveillance system will continue to operate even if the control room is destroyed.
Machine based automated diagnostics for preventing down time
To support 24 X 7 X 365 days operation enVigil server performs self diagnostics on schedule and a central server verifies proper operation of the system and monitors the health of enVigil servers and the camera systems to warn administrator of degradation of storage or hardware that could lead to failure. The central monitoring server reports un-intended shutdown of enVigil system.
Audit trail of all access and actions
All interactions with the video server are logged in to create an audit trail and to warn of unusual access or attempted access.
End to end secure encrypted communication
Fully encoded video and data transmission using built in VPN secure communication over LAN and WAN. System supports simultaneous VPN access capability to multiple surveillance sites. Multi level password protection and user verification.
System Implementation utilizing existing cameras and wiring
enVigil system solution preserves investment of existing analog cameras and wiring infrastructure. The existing infrastructure is transformed into IP enabled modern system. Existing DVR can be used to provide redundant surveillance capability as the enVigil can added as a parallel surveillance system.
Complete Remote Surveillance Solution
High quality live remote monitoring using LAN, WAN, WiFi, WiMax networks, and GSM and CDMA wireless broadband available form cell phone operators. Adaptive compression bandwidth is used to deliver smooth live video that maintains lip sink for audio when audio is used. Two way voice communications built in from remote location to surveillance site. System supports Private camera capability with fine grain access control, Remote control of PTZ cameras, Remote access and down load of recorded audio and video and alarm information for forensic analysis.
Central administration of multi-location surveillance
A user with administrative privileges can remotely administer enVigil video servers at remote locations. He can add and delete users and make changes to the set up just as he would do if he were using a monitor and a keyboard attached to the video server.
Integrated sophisticated video analytics
enVigil is a platform for loading software for video analytics for integrated video analytic solution. People analytics such as loitering detection, intrusion detection, wrong way entry, face capture and object analytics such as object left behind are available. Early smoke and fire detection analytical capability is planned. Smart alert capability such as motion detection with masking, tampering with camera such as blind detection and video loss detection, distributed sensor integration (fire alarm sensor, temperature sensor, water detector sensor) are built in capabilities.
Multiple means for delivering local and remote alerts and alarms
A full set of communication means are available to send alert and alarm notices. These includes SMS message, email message, turning on of a siren or lights. Independent wireless, phone line and LAN paths can be deployed to make sure if one path is blocked an alternative path can be used to get the alert and alarm information out to the security personal. Data can be protected against disk drive failure using the same kind of RAID store servers as used by IT departments.
Multi-tier storage and continuous remote archiving for data protection
The architecture of the system supports multi-tier storage. enVigil video server has local storage to keep recording data even if network connection is broken. The surveillance data can be securely stored on a Network Attached Storage at secure pace in the building and for disaster management the data can be simultaneously archived at a remotely located data center.
Rugged Hardware for Indian environment
The enVigil server has been designed to reliably operate under Indian condition of dust, heat and fluctuating power supply. The Linux operating system and the server software are stored in a Solid State Drive so that they are not affected by failure of rotating Hard Drive. The software of the system has been designed to anticipate failure of the Hard Drive and to handle failure gracefully should it occur.
Designed for easy integration with other systems
The hardware and software architecture of enVigil system provides for easy integration with fire alarm, access control and building management systems. Cradle technology owns full stack of technology upon which enVigil is built and as such it has full flexibility to make necessary modifications to enVigil to make integration easy.
Scalable system architecture
The enVigil surveillance system is scalable to cover multi-location deployment. Video surveillance system for a chain of hotels where each hotel has cluster of cameras can be deployed in a way where both the local operating authorities and centrally located security department have simultaneous access and control.
Technology Advantage
To achieve higher protection again malicious hacking attacks on the video server the enVigil system used Linux operating system. All communication is encrypted though embedded VPN. Multi-tier password protection and all the means that have been developed for banking application and corporate IT are available to protect unwanted intrusion into the surveillance system
USA based Technology and Support also India engineering and support available worldwide.
www.cradle.com/downloads.html
Go beyond Security in Hotels using enVigil from Cradle Technologies
Go Beyond security in Hotels
Whether its keeping an eye on the traffic in your lobby or monitoring customer satisfaction, Cradle's Networked Video Surveillance System (NVSS) is here to help you become more efficient.
1. Monitor traffic in the hotel lobby to get clear pictures of all guests/visitors
2. Record all customer transactions to monitor and improve customer satisfaction levels
3. Place cameras in all open/common areas to prevent petty theft
4. Place cameras near valuable items such as hotel safes or valuable artwork.
5. Place cameras around the hotel's perimeter to secure the building and facilities
Following are the questions the hotel security staff should ask themselves and work with their system installer to make sure that these questions and concerns are met when they are purchasing and configuring their surveillance system:
* Where do you experience the most thefts?
* Have you ever wished that you caught something on camera?
* How do you currently manage security at your hotel?
* Do you feel like your surrounding area contributes to your overall security?
* How would you describe your average guest?
o Business travelers
o Leisure travelers
o Families
* How is your hotel or resort laid out?
o Single building housing guest rooms, amenities like pool and spa, and facilities.
o Several buildings spread out over a large property
* Have you ever had issues with employee theft?
www.cradle.com/downloads.html
Thursday, September 3, 2009
networked video surveillance for Hotels
HAVE YOUR CAKE AND EAT IT TOO!
Convert your Analog System into IP based system
No need to discard existing cameras and wiring
Your browser may not support display of this image.
enVigil Solution
Linux based server, Java based client, simultaneous local and remote viewing and archiving, built in VPN, automated detection of video loss or tampering, sensor integration, PDA phone support, video analytics and ability to centrally administer distributed multi-location system.
* Designed to survive disasters & malicious attacks
Surveillance system continues to operate even if control room is destroyed. Compact size video servers distributed throughout the facility. Full access from desktop, laptop and PDA mobile phones.
* End to end secure encrypted communication
Built in VPN for secure encrypted communication over LAN and WAN. Multi level password protection and user verification.
* Complete Multi-location Remote Surveillance Solution
High quality live remote monitoring using LAN, WAN, WiFi, WiMax networks, and GSM and CDMA wireless broadband available from cell phone operators.
* Automated diagnostics to prevent down time
Supports 24 X 7 X 365 days operation. Automated self diagnostics of video servers, cameras and storage. The central monitoring server reports un-intended shutdown of enVigil system.
* Integrated sophisticated video analytics
Object left behind, face capture, loitering detection, intrusion detection, wrong way entry etc. Distributed sensor integration (fire alarm sensor, temperature sensor, water sensor)
* Delivering alerts and alarms through SMS and Emails
* Multi-tier storage and continuous remote archiving for data protection
* Rugged Hardware with Linux operating system
* US based technology and India based Engineering and support centre
Subscribe to:
Posts (Atom)
Posts
