Loading...

Overview

Video surveillance based on digital iP technology is revolutionizing the physical security industry. The network is a crucial element in any surveillance installation because it enables all the other surveillance functions – transmitting video streams so they can be viewed and stored, and carrying power to the cameras themselves using Power over ethernet (Poe).

An iP surveillance system always includes one or more of the following components:
• IP cameras
• Video servers to record, aggregate, process, and broadcast video streams
• Clients (monitoring stations), which are typically PCs equipped with dedicated surveillance software to enable real-time viewing and review of stored video
• Network Attached Storage (NAS) devices to store the video
• Switches with the appropriate feature set and bandwidth capacity to manage network traffic–required for the entire surveillance network to function properly
• CAT5E or better cabling, for adequate performance

Operation involves transmission (streaming) of video information from the cameras to a video server, where it is aggregated, processed, stored, and distributed to the monitoring stations and storage devices. Factors such as transmission modes and video compression modes can have a significant effect on bandwidth requirements, storage requirements and cost.

value_cctv_singapore_affordable_surveillance_network_switch_choosing_right_system
CHOOSING A SWITCH: BANDWIDTH and PORTS

For the vast majority of surveillance applications, Fast Ethernet cameras are often used. In spite of their name, they include a Gigabit port for uplink purposes in a two-tier network. Sometimes, however, even a deployment with only Fast Ethernet cameras may require 10 Gigabit uplink capabilities. If Gigabit Ethernet cameras are used, a Gigabit switch is required.

Request Professional Consultation
value_cctv_singapore_affordable_surveillance_network_switch_reference_example_design_20_cameras
Bandwidth and Power Calculations: 20 Cameras
Average bandwidth per camer 9.48 Mbit/s based on specifi c set of image resolution, compression type and ratio, frame rates and scene complexity
Total bandwidth for twenty camera 9.48 x 20 = 190 Mbit/s
PoE Class 1 (maximum 2.7W)
Total PoE budget 2.7 x 20 = 54W
Key NETGEAR Components
Switch M4100-50-POE (48 ports Fast Ethernet PoE 802.3af, Layer 2+ )
Redundant Power Supply RPS5412 (Optimal Power one-to-one RPS unit) or RPS4000 (RPS unit up to four switches)
External Power Supply RPS4000 (supplemental PoE power up to four switches

Reference Design: 20 Cameras

This diagram shows a typical installation with 20 cameras and one server, where the traffic is all managed by a single switch. It is a complete solution that is ideal for a small facility with typical interior lighting conditions. The cameras are all fi xed, Fast Ethernet cameras. It’s assumed there’s no need for PTZ capabilities. The video server has a 1 Gigabit bandwidth capacity.

The benefits of this design include the following:

Simplicity
• The switch can be configured with a unique, easy-to-use web-based interface as well as the industry-standard command line interface (CLI).
• The switch delivers PoE power to all the cameras (with a maximum PoE budget of 380w), so no power cabling is required.

Minimum Bandwidth Impact
• The cameras transmit a unicast stream to the server. The server in turn transmits multicast streams to the rest of the network, which minimizes the video stream bandwidth burden on the network.
• An IGMP Querier that determines which clients belong to various groups is combined with an IGMP Snooper that determines which ports within those groups are “interested.” The result is that data is sent only to the appropriate ports, eliminating unnecessary network traffic and maximizing efficiency.

Resilience
• Redundant Power Supply (RPS) protection. The switch can be connected to a back-up power supply to provide redundancy and ensure 24/7 reliability.
• External Power Supply (ESP) option: If the power demands of the network should exceed the PoE budget, additional power can be supplied via an EPS module, ensuring that the network is scalable over time.

Security
• The switch provides for MAC-based security to prevent physical hacking, e.g. unscrewing a camera and replacing it with a PC.
• Assuming the cameras support the IEEE 802.1x authentication standard for port-based Network Access Control, a higher level of security can be implemented using a RADIUS server or Windows Server 2008 Network Policy Server (NPS). With this approach, access to ports can be blocked even if hackers succeed in spoofing and emulating MAC addresses during an attack.

BENEFITS OF IP SURVEILLANCE NETWORKS

IP surveillance was once affordable only by large enterprises, but several factors have changed that situation. Today, most organizations have already installed IP networks upon which surveillance video transmissions can piggyback. Also, prices for IP video cameras and storage devices have fallen dramatically. As a result, IP surveillance is not only a viable choice for organizations of any size. It’s usually the best choice.

IP surveillance offers a number of benefits that analog installations can’t match.

Request Professional Consultation

• No new cabling. Traffic can be carried by an existing physical IP network. PoE (power over Ethernet) allows cameras to be connected to that network, eliminating the need for expensive Ethernet and power cabling to those cameras.

• Lower labor costs. Digital network-attached storage (NAS) devices reduce labor costs by eliminating the need for personnel to mount, replace and store tape cartridges and deal with all the other small but time-consuming problems endemic to tape systems.

• More convenient viewing access. Security personnel, administrators and other authorized parties can access surveil-lance video from any location on a 24/7 basis. Video clips can be distributed to law enforcement as e-mail attachments. There is never a need for third parties to visit the scene of an incident to view the video.

• More reliable storage. Unlike tape, digital storage doesn’t degrade over time or when copied. NAS devices incorporate redundancy features and data integrity checks to ensure that every bit of footage is captured and available on demand within a few seconds.

• Easier integration with applications. IP surveillance systems are much easier to integrate with monitoring applications, from simple motion detection to advanced video content analysis such as face or license plate recognition, because no analog-to-digital conversion is necessary.

• No risk of obsolescence. As the world becomes increasingly digital, analog surveillance systems will inevitably become obsolete over time, whereas IP surveillance systems are future-proof and will always be easy to upgrade, typically through soft ware alone.

value_cctv_singapore_affordable_surveillance_network_switch_reference_example_design_200_cameras





value_cctv_singapore_affordable_surveillance_network_switch_reference_example_design_200_cameras_v2
Bandwidth and Power Calculations: 200 Cameras
Average bandwidth per camer 21.7 Mbit/s based on specific set of image resolution, compression type and ratio, frame rates and scene complexity
Total bandwidth for twenty camera 21.7 x 40 = 868 Mbit/s per Access Layer switch
PoE Class 1 (maximum 2.7W)
Total PoE budget 2.7 x 40 = 108W per Access Layer switch
Key NETGEAR Components
Distribution Layer Switch M5300-28GF3 (24 ports Gigabit Ethernet Fiber with 10 Gigabit uplinks, Layer 3)
Access Layer Switch M4100-50-POE (48 ports Fast Ethernet PoE 802.3af, Layer 2+ )
Rest of Network Switch M5300-52G3 (48 ports Gigabit Ethernet with 10 Gigabit uplinks, Layer 3)
Redundant Power Supply RPS5412 (Optimal Power one-to-one RPS unit) or RPS4000 (RPS unit up to four switches)
External Power Supply RPS4000 (supplemental PoE power up to four switches

Reference Design: 200 Cameras

This 200-camera installation would be typical for a facility where cameras must be located in multiple locations, e.g. a warehouse, a parking lot, administrative offices and so on. It consists of several IP subnets and associated VLANs but without Layer 3 routing complexities. All the cameras are on the same subnet. The servers that manage them are on another subnet, while the clients/viewing stations may be on other subnets. Each access-layer switch connects forty cameras, and also powers them via PoE. All the cameras are fixed, Fast Ethernet cameras (without PTZ capabilities) and have PoE capability.

This design delivers a highly available network that provides uninterrupted connectivity. It incorporates a level of redundancy such that there are no points of hardware failure. Further, critical components can be swapped without interruption of service.

The benefits of this design include the following:

Simplicity
• The “private VLAN” capability of the NETGEAR switches in this design means that camera deployment is inherently less complicated when the cameras are all in the same Layer 2 network. The network is also easier to manage without Layer 3 routing to the servers.
• With a Dynamic Host Configuration Protocol (DHCP) server, already up and running in most IT departments, and also available in NETGEAR switches, the need for configuring the cameras is entirely eliminated.
• This network design avoids the use of the Spanning Tree Protocol, which is complex and difficult to configure. The network’s highly resilient Distribution layer allows for the best of both worlds with redundant links to the servers and ac-cess layer switches, as well as advanced load balancing and seamless failover capabilities – made as simple as “trunking”
• A Multicast VLAN Registration (MVR) feature replicates the multicast video streams from the access subnet across as many other subnets as desired, preserving all of the bandwidth conserving features of the access subnet (IGMP Querier and Snooper) and the publish / subscribe model. This eliminates all the complexities of multicast routing to clients/viewing stations.

Minimum Bandwidth Impact
• The “private VLAN” capability of the NETGEAR switches in this design means that all the cameras are isolated and cannot talk to one another, even though they are on the same subnet. Eliminating camera-to-camera “chatter” reduces bandwidth utilization.
• To minimize bandwidth consumption, an IGMP Querier that determines which clients belong to various groups com-bines with an IGMP Snooper that determines which ports within those groups are “interested.” The result is that data is sent only to the appropriate ports, eliminating unnecessary network traffi c and maximizing efficiency.
•The avoidance of the Spanning Tree Protocol also enables more effi cient use of bandwidth, since all links are active and load balancing is enabled.

Resilience
• Redundant Power Supplies (RPSs). In this design the switches are all equipped with an RSP in the unlikely event that a switch power supply should fail. This approach can be implemented on a one-to-one basis with NETGEAR RPS5412 redundant power supplies if all the switches are in different buildings. If the switches are on the same rack, a NETGEAR RPS4000 can be used to provide redundant power to as many as four switches. The internal power supply of the switches at the Distribution layer is modular and can be “hot swapped” with no interruption to service.
• External Power Supplies (ESPs). If additional power is required beyond the 380w provided by the M4100-50-POE switches, it can be supplied via NETGEAR EPS modules, which can provide the access layer switches with 740w each.

Security
• MAC-based port security (MAC address table locking) provides a minimum level of security by preventing an attacker from disconnecting a camera and connecting a PC in its place for hacking purposes.
• Assuming the cameras support the IEEE 802.1x authentication standard for port-based Network Access Control, a higher level of security can be implemented using a RADIUS server or Windows Server 2008 Network Policy Server (NPS) with or without MAC authentication bypass (MAB). With this approach, access to ports can be blocked even if hackers succeed in spoofing and emulating MAC addresses during an attack.

NETGEAR Network Switches for Surveillance Systems in Singapore We recommend two lines of Managed switches for IP surveillance networks:



The NETGEAR Intelligent Edge M4100 series.


These are Fast Ethernet (10/100) and Gigabit Ethernet (GigE) access layer switches with several Gigabit ports for uplink functions.

The NETGEAR Next-Gen Edge M5300 series.


These are Gigabit Ethernet (GigE) switches with embedded 10 Giga-bit ports (10GbE) for uplink functions and virtual chassis stacking

Request Professional Consultation