Remote Video Surveillance systems are ever increasing in scope of deployment and functionality. The security industry has seen a wave of change as IP networked cameras and video recording equipment have been deployed, resulting in the opportunity to innovate and add additional features to various platforms. For example, using IP networking, security integrators are able to live stream video offsite, securely archive video in recorders at remote locations, and allow human operators to take action to respond to video streams from a distance. We can apply Artificial Intelligence / Machine Learning (AI/ML) tools to video streams to detect certain types of behaviors and actions (e.g. door opened, door closed, movement through a prohibited area, etc) and respond to such events. Cameras which specialize in reading license plates, recognizing faces, or thermally imaging the human body for a fever are all IP enabled today.
All this functionality, however, comes with significant complexity on the IP networking side. Many camera platforms expect and/or require a layer 2 network between cameras and their related appliances, which can lead to the need to deploy costly Dedicated Internet Access (DIA), Ethernet Private Lines (EPL), MPLS, or other outdated networking technologies. In many cases, these needs remove the ability to utilize readily available business or residential broadband connections which are classicially constrained from providing Layer 2 services. Furthermore, the increased cost of DIA, EPL, MPLS, etc can be prohibitive to add redundancy to the network, leading to single points of failure in a critical system.
Security experts face numerous challenges deploying Video Surveillance as a Service. Often, they need to attach their camera systems to networks run / operated by parties outside of their control. Firewalls, Access Control Lists (ACLs), Network Admission Control (NAC) can all prohibit the needed communication to successfully deploy services.
Workarounds such as Dynamic DNS, Port Forwarding, and DHCP / MAC reservations are difficult to maintain and scale. Many of these work around expose vulnerabilities in camera firmware to the Internet at large, which can then be exploited for DDoS attacks, such as the Mirai Botnet.
Big Network’s SD-WAN functionality, which offers Layer 2 networking, as a highly distributed, virtual Ethernet switch in-the-cloud, can help solve these unique challenges faced by security practitioners. Edge Pro and Edge Lite offer unique capabilities to assist. Use Edge Pro at your headend to aggregate camera traffic from remote locations, and hand it off to your NVR and other processing systems. Similarly, use Edge Pro at a high value remote location with dual ISP connections for redundancy and resiliency. Lastly, use Edge Lite at locations that need to be monitored, but without dual ISP connections.
Big Network and the Edge Pro allow you to seamlessly create Layer 2 LAN extensions, enabled with full encryption of the data path and multipath SD-WAN scenarios. In this case, we simply use Big Edge to securely extend the Datacenter LAN to the remote location. DHCP, TFTP, RTMP work just as though we’re on the local network.