Home
/
Axis
/
Network video
/
Manual

Axis Network video, Manual

Share

Page: 84 / 120

Axis Network video Manual Download Page 84

84

9.5

Network Security

There are different levels of security when it comes to securing information being sent over IP
networks. The first is authentication and authorization. The user or device identifies itself to the
network and the remote end by a username and password, which are then verified before the
device is allowed into the system. Added security can be achieved by encrypting the data to
prevent others from using or reading the data. Common methods are HTTPS (also known as SSL/
TLS), VPN and WEP or WPA in wireless networks.

(For more on wireless security, see Chapter 10.)

The use of encryption can slow down communications, depending on the kind of implementa-
tion and encryption used.

9.5.1 Username and password authentication

Using a username and password authentication is the most basic method of protecting data on
an IP network and may be sufficient where high levels of security are not required, or where the
video network is segmented off from the main network and unauthorized users would not have
physical access to the video network. The passwords can be encrypted or unencrypted when they
are sent; the former provides the best security.

Axis network video products provide multi-level password protection. Three levels are available:
Administrator (full access to all functionalities), Operator (Access to all functionalities except
the configuration pages), Viewer (Access only to live video).

9.5.2 IP address filtering

Axis network video products provide IP address filtering, which gives or denies access rights to
defined IP addresses. A typical configuration is to configure the network cameras to allow only
the IP address of the server that is hosting the video management software to access the net-
work video products.

9.5.3 IEEE 802.1X

Many Axis network video products support IEEE 802.1X, which provides authentication to
devices attached to a LAN port. IEEE 802.1X establishes a point-to-point connection or prevents
access from the LAN port if authentication fails. IEEE 802.1X prevents what is called “port
hi-jacking”; that is, when an unauthorized computer gets access to a network by getting to a
network jack inside or outside a building. IEEE 802.1X is useful in network video applications
since network cameras are often located in public spaces where an openly accessible network
jack can pose a security risk. In today’s enterprise networks, IEEE 802.1X is becoming a basic
requirement for anything that is connected to a network.

In a network video system, IEEE 802.1X can work as follows: 1) A network camera sends a request
for network access to a switch or access point; 2) the switch or access point forwards the query to
an authentication server; for instance, a RADIUS (remote authentication dial-in user service) serv-
er such as a Microsoft Internet Authentication Service server; 3) if authentication is successful, the

CHAPTER 9 - NETWORk TECHNOLOGIES

«
...
82
83
84
85
86
...
»

Summary of Contents for Network video

Page 1: ...Technical guide to network video Technologies and factors to consider for the successful deployment of IP based security surveillance and remote monitoring applications...

Page 2: ...We were first to bring the benefits of network video technology to professional video surveillance and remote monitoring applications intro ducing the world s first network camera in 1996 With more th...

Page 3: ...8 2 3 Day and night network cameras 21 2 4 Megapixel network cameras 23 2 5 Guidelines for selecting a network camera 24 Camera elements 27 3 1 Light sensitivity 27 3 2 Lens elements 28 3 2 1 Field of...

Page 4: ...eo 47 5 2 Standalone video encoders 47 5 3 Rack mounted video encoders 48 5 4 Video encoders with PTZ cameras and PTZ domes 48 5 5 Deinterlacing techniques 49 5 6 Video decoder 50 Resolutions 51 6 1 N...

Page 5: ...Network 85 Wireless technologies 87 10 1 802 11 WLAN standards 88 10 2 WLAN security 88 10 2 1 WEP Wired Equivalent Privacy 89 10 2 2 WPA WPA2 WiFi Protected Access 89 10 2 3 Recommendations 89 10 3...

Page 6: ...systems 106 11 4 6 RFID 106 Bandwidth and storage considerations 107 12 1 Bandwidth and storage calculations 107 12 1 1 Bandwidth needs 107 12 1 2 Calculating storage needs 108 12 2 Server based stora...

Page 7: ...l as its benefits and appli cations in various industry segments Comparisons with an analog video surveillance system are often made to provide a better understanding of the scope and potential of a d...

Page 8: ...digital network video surveillance system provides a host of benefits and advanced func tionalities that cannot be provided by an analog video surveillance system The advantages include remote access...

Page 9: ...with the cabling distance The further the analog video signals have to travel the weaker they become In a fully digital IP Surveillance system images from a network camera are digitized once and they...

Page 10: ...d Ethernet based information systems audio or security systems and other digital devices in addition to video management and application software For instance video from a network camera can be integr...

Page 11: ...using a variety of interoperable infrastructure Management and equipment costs are also lower since back end applications and storage run on industry standard open systems based servers not on propri...

Page 12: ...sh registers need to be opened because of long queues 1 3 2 Transportation Network video can enhance personal safety and overall security at air ports highways train stations and other transit systems...

Page 13: ...have enabled police to respond quickly to crimes being committed in live view 1 3 6 Government Network video products are used to secure all kinds of public build ings from museums and offices to libr...

Page 14: ...still analog network video is starting to make inroads especially in banks that value high image quality and want to be able to easily identify people in a surveillance video Network video is a proven...

Page 15: ...processing compression video analysis and networking functionalities The memory is used for storing the network camera s firmware computer program and for local recording of video sequences Like a com...

Page 16: ...built in support for Power over Ethernet PoE Axis network cameras also support advanced security and network management features Figure 2 1b Front and back of a network camera 2 2 Types of network ca...

Page 17: ...ed in a small dome housing The camera can be directed to point in any direction Its main benefit lies in its discreet non obtrusive design as well as in the fact that it is hard to see in which direct...

Page 18: ...ffic or wind EIS helps reduce the affects of vibration in a video In addition to getting more useful video EIS will reduce the file size of the compressed image thereby saving valuable storage space P...

Page 19: ...cking is an intelligent video functionality that will automatically detect a moving person or vehicle and follow it within the camera s area of coverage Auto tracking is particularly beneficial in unm...

Page 20: ...lens it offers a wider field of view than a mechanical PTZ network camera Figure 2 2e Images from a non mechanical PTZ network camera At left a 140 degree overview image in VGA reso lution at right im...

Page 21: ...ode one PTZ dome network camera can cover an area where 10 fixed network cameras would be needed The main drawback is that only one location can be monitored at any given time leaving the other nine p...

Page 22: ...the human eye sees them When the camera is in night black and white mode the IR cut filter is removed allowing the camera s light sensitivity to reach down to 0 001 lux or lower Figure 2 3a The graph...

Page 23: ...rk cameras available in Axis fixed cameras and fixed dome cameras incorpo rate a megapixel image sensor to deliver images with one million or more pixels This is at least two times better pixel resolu...

Page 24: ...xel cameras Fixed or PTZ In the following context fixed cameras refer also to fixed domes and PTZ cameras refer also to PTZ domes An area may be covered by several fixed cameras or a few PTZ cameras C...

Page 25: ...video Event management functionalities are often configured using a video management software program and are supported by input output ports and intelligent video features in a network camera or vid...

Page 26: ...important to select a vendor that offers a full product line of network video products and accessories that can meet the needs now and well into the future The vendor should also provide innovation s...

Page 27: ...needed to illuminate an object so that a good quality image can be obtained In general the more light on the subject the better the image With too little light focusing will be difficult and the image...

Page 28: ...ithin the lens assembly or the distance between the lens assembly and the image sensor 3 2 1 Field of view A consideration to take into account when selecting a camera is the field of view required th...

Page 29: ...n in normal view A wide angle lens generally provides good depth of field and fair low light performance Wide angle lenses sometimes produce geometrical distortions such as the fish eye effect Figure...

Page 30: ...to select a lens suitable for the camera A lens made for a 1 2 inch image sensor will work with 1 2 inch 1 3 inch and 1 4 inch image sensors but not with a 2 3 inch image sensor If a lens is made for...

Page 31: ...tive to the focal length the better the lens light gathering ability i e more light can pass through the lens to the image sensor In low light situations a smaller f number generally pro duces a bette...

Page 32: ...l light or prioritized frame rate or image quality is important to consider Figure 3 2d A camera user interface with options for setting among other things exposure in low light conditions 3 2 5 Manua...

Page 33: ...ength a large iris opening or a short distance between the camera and the subject will limit the depth of field Figure 3 2e Depth of field Imagine a line of people standing behind each other If the fo...

Page 34: ...specifically for the camera industry Early CMOS sensors were based on standard technology already extensively used in memory chips inside PCs for example Modern CMOS sensors use a more specialized tec...

Page 35: ...scanning is used mainly in CCDs Progressive scanning is used in either CCD or CMOS sensors Network cameras can make use of either scanning technique Analog cameras however can only make use of the in...

Page 36: ...is put on the screen one at a time in perfect order Moving objects are therefore better presented on computer screens using the progressive scan technique In a video surveillance application it can b...

Page 37: ...ould determine the exposure value For instance the foreground usually the bottom section of an image may hold more important information than the background for example the sky usually the top section...

Page 38: ...d backlight This problem typically occurs when attempting to capture an object in front of a window To avoid this problem reposition the camera or use curtains and close blinds if possible If it is no...

Page 39: ...general When the demands of the environment are beyond a camera s operating conditions protective housings are required Camera housings come in different sizes and qualities and with different feature...

Page 40: ...heavy blows but the thicker a covering is the higher the chances of imperfections Increased thickness may also create unwanted reflections and refraction of light Therefore thicker coverings should m...

Page 41: ...installation site A camera placed in a freezer room for example will need an outdoor housing that has a heater The level of protection provided by enclosures whether built in or separate from a camera...

Page 42: ...r a fixed dome network camera middle and for a PTZ camera at right 4 5 2 Mounting The way cameras and housings are mounted is also important A traditional fixed network camera and a PTZ dome camera th...

Page 43: ...the proper functioning of all cameras is difficult It is also useful in situations where no live viewing takes place and operators can be notified when cameras have been tam pered with 4 6 Types of mo...

Page 44: ...unt is often used together with a PTZ camera in locations such as a parking lot This type of mount usually takes into consideration the impact of wind The dimensions of the pole and the mount itself s...

Page 45: ...onnects to an analog video camera via a coaxial cable and converts analog video signals into digital video streams that are then sent over a wired or wireless IP based net work e g LAN WLAN or Interne...

Page 46: ...or connecting an analog camera using a coaxial cable Processor for running the video encoder s operating system networking and security functionalities for encoding analog video using various compress...

Page 47: ...system can automatically respond with actions that may include video recording sending alerts such as e mails and SMS activating lights opening closing doors and sounding alarms For more on event man...

Page 48: ...on its own it has to be mounted in a rack to operate Figure 5 3a When the AXIS Q7900 Rack shown here is fully outfitted with 6 channel video encoder blades it can accommodate as many as 84 analog cam...

Page 49: ...pair cables in a daisy chain connection from one dome camera to the next The maximum distance of an RS 485 cable without using a repeater is 1 220 meters 4 000 feet at baud rates up to 90 kbit s 5 5 D...

Page 50: ...traditional monitors in public spaces to demonstrate that video surveillance is used Another common application for video decoders is to use them in an analog to digital to analog configuration for t...

Page 51: ...iris functions made for analog video cameras in conjunction with a built in video encoder board In North America and Japan the NTSC standard is the predominant analog video standard while in Europe a...

Page 52: ...erived from the computer industry and that are standardized worldwide can be provided allowing for better flexibility The limitations of NTSC and PAL become irrelevant VGA Video Graphics Array is a gr...

Page 53: ...mmon megapixel format of 1280x1024 pixels gives a 1 3 mega pixel resolution This is more than 3 times the resolution that can be provided by analog CCTV cameras Network cameras with 2 megapixel and 3...

Page 54: ...country and at 50 60 Hz 50 60 frames per second SMPTE 274M HDTV 1080 defines a resolution of 1920x1080 pixels with high color fidelity in a 16 9 format using either interlaced or progressive scanning...

Page 55: ...cations needs to be viewable many years from the recording date By deploying standards end users are able to pick and choose from different vendors rather than be tied to one supplier when designing a...

Page 56: ...on and video compression Image compression uses intraframe coding technology Data is reduced within an image frame simply by removing unnecessary information that may not be noticeable to the human ey...

Page 57: ...er frame but perhaps in a different loca tion This technique divides a frame into a series of macroblocks blocks of pixels Block by block a new frame can be composed or predicted by looking for a matc...

Page 58: ...ewer bits than I frames but a drawback is that they are very sensitive to transmission errors because of the complex dependency on earlier P and or I frames A B frame or bi predictive inter frame is a...

Page 59: ...the lower the file size and image quality In some situations such as in low light or when a scene becomes complex the image file size may become quite large and use more bandwidth and storage space To...

Page 60: ...munications ITU T s Video Coding Experts Group and IT industries ISO IEC Moving Picture Experts Group and is expected to be more widely adopted than previous standards In the video surveillance indust...

Page 61: ...it rate constant leads to a lower image quality and frame rate Axis network video products allow the user to prioritize either the image quality or the frame rate if the bit rate rises above the targe...

Page 62: ...for a sample video sequence than an MPEG 4 encoder with motion compensation The H 264 encoder was at least three times more efficient than an MPEG 4 encoder with no motion compensation and at least s...

Page 63: ...truct a PTZ camera or a PTZ dome camera or alert the operator of one to visually verify an audio alarm Audio can also be used to provide users with the ability to not only listen in on an area but als...

Page 64: ...over the same network cable Figure 8 2b Some video encoders have built in audio making it possible to add audio even if analog cameras are used in an installation A network camera or video encoder wi...

Page 65: ...Audio modes Depending on the application there may be a need to send audio in only one direction or both directions which can be done either simultaneously or in one direction at a time There are thr...

Page 66: ...tected they can trig ger a network camera to send and record video and audio send e mail or other alerts and acti vate external devices such as alarms Similarly alarm inputs such as motion detection a...

Page 67: ...first is AAC LC Advanced Audio Coding Low Complexity also known as MPEG 4 AAC which requires a license AAC LC particularly at a sampling rate of 16 kHz or higher and at a bit rate of 64 kbit s is the...

Page 68: ...68...

Page 69: ...is a group of computers that are connected together in a localized area to communicate with one another and share resources such as printers Data is sent in the form of packets and to regulate the tra...

Page 70: ...ata at a rate of 100 Mbit s It can be based on a twisted pair or fiber optic cable The older 10 Mbit s Ethernet is still installed and used but such networks do not provide the necessary bandwidth for...

Page 71: ...re high data rates 9 1 2 Switch When only two devices need to communicate directly with one another via a twisted pair cable a so called crossover cable can be used The crossover cable simply crosses...

Page 72: ...t s as well as Fast Ethernet However 10 100 1000 are quickly taking over as the standard switch thus supporting 10 Mbit s Fast Ethernet and Gigabit Ethernet simultaneously The transfer rate and mode b...

Page 73: ...in more detail in the sections below 802 3af standard and High PoE Most PoE devices today conform to the IEEE 802 3af standard which was published in 2003 The IEEE 802 3af standard uses standard Cat 5...

Page 74: ...t fixed network cameras can receive power via PoE using the IEEE 802 3af standard and are normally identified as Class 1 or 2 devices With IEEE 802 3at pre standard or PoE the power limit will be rais...

Page 75: ...The Internet To send data between a device on one local area network to another device on another LAN a standard way of communicating is required since local area networks may use different types of...

Page 76: ...mportant speed to consider In a network video application with a network camera at a remote site the upstream speed is more relevant since data video from the network camera will be uploaded to the In...

Page 77: ...that the IP address for a network device may change from day to day With dynamic IP addresses it is recommended that users register a domain name e g www mycamera com for the network video product at...

Page 78: ...IP address and a specific port number The router is configured to forward any data coming into a predefined port number to a specific device on the private network side of the router The router then r...

Page 79: ...umber for the application To make the task of port forwarding easier Axis offers the NAT traversal feature in many of its network video products NAT traversal will automatically attempt to configure p...

Page 80: ...8 65b4 05d3 1315 7c1f 0461 7847 8081 Setting an IPv6 address for an Axis network video product is as simple as checking a box to enable IPv6 in the product The product will then receive an IPv6 addres...

Page 81: ...ice essentially works as a web server making the video available for the requesting user or application server HTTPS Hypertext Transfer Protocol over Secure Socket Layer TCP 443 Used to access web pag...

Page 82: ...sed when configuring VLANs is IEEE 802 1Q which tags each frame or packet with extra bytes to indicate which virtual network the packet belongs to Figure 9 3a In this illustration VLANs are set up ove...

Page 83: ...io the file transfer will try to use the full 10 Mbit s capacity between the routers 1 and 2 while the video streams will try to maintain their total of 5 Mbit s The amount of bandwidth given to the s...

Page 84: ...ies except the configuration pages Viewer Access only to live video 9 5 2 IP address filtering Axis network video products provide IP address filtering which gives or denies access rights to defined I...

Page 85: ...eo to be securely viewed using a web browser The use of HTTPS however can slow down the communication link and therefore the frame rate of the video 9 5 5 VPN Virtual Private Network With VPN a secure...

Page 86: ...the entire packet can be encrypted and encapsulated to create a secure tunnel Both tech nologies can be used in parallel but it is not recommended since each technology will add overhead and decrease...

Page 87: ...und In older protected buildings wireless technology may be the only alternative if standard Ethernet cables may not be installed Axis offers cameras with built in wireless support Network cameras wit...

Page 88: ...disadvantage with 802 11a is that its signal range is shorter than 802 11g s because it operates on a higher frequency conse quently many more access points are required for transmission in the 5 GHz...

Page 89: ...way for distributing encrypted keys 10 2 3 Recommendations Some security guidelines when using wireless cameras for surveillance Enable the user password login in the cameras Enable the encryption HT...

Page 90: ...90...

Page 91: ...or building management 11 1 Hardware platforms There are two different types of hardware platforms for a network video management system a PC server platform involving one or more PCs that run a video...

Page 92: ...fically designed for video management It is dedicated to its specific tasks of recording analyzing and playing back network video and often does not allow for any other applications to reside on them...

Page 93: ...t in web interface of Axis network video products provides simple recording functions that is manual recording of video streams H 264 MPEG 4 Motion JPEG to a server by clicking an icon or event trigge...

Page 94: ...be supported is in most cases limited by the hardware capacity rather than the software Storing video files puts new strains on the storage hardware because it may be required to operate on a continu...

Page 95: ...neous recordings from different cameras This provides users with an ability to obtain a comprehensive picture of an event which is helpful in an investigation Additional features may be multi monitor...

Page 96: ...iggered recording may be activated by for example video motion detection or external inputs through a camera s or video encoder s input port With scheduled recordings timetables for both continuous an...

Page 97: ...e before they are automatically deleted or moved to the archive drive Users may also be able to prevent event triggered video from being deleted auto matically by specially marking or locking them in...

Page 98: ...me Having the intelligent functionality at the edge i e in the network camera or video encoder enables a fast response time and a very large number of cameras to be managed proactively Figure 11 3d Ev...

Page 99: ...rating range of a camera an event can be triggered Figure 11 3e Setting event triggers using an Axis network video product web interface Responses Network video products or a video management software...

Page 100: ...st alarm image buffers can be set enabling a network video prod uct to send a set length and frame rate of video captured before and after an event is triggered This can be beneficial in helping to pr...

Page 101: ...a drop in air pressure is detected the detector breaks the circuit and images video as well as notifications can be sent from the camera Device type Description Usage Door relay A relay solenoid that...

Page 102: ...video management software Active tampering alarm This intelligent video functionality embedded in many Axis network video products can be used as an event trigger when a camera is manipulated in any...

Page 103: ...ure 11 3g AXIS Camera Management software makes it easy to find install and configure network video products 11 3 7 Security An important part of video management is security A network video product o...

Page 104: ...f network video products A standard network interface would ensure greater interoperability and more flexibility for end users when building multiple vendor network video systems For more information...

Page 105: ...f tailgating events can also be made Tailgating occurs when for instance the person who swipes his her access card knowingly or unknowingly enables others to gain entry without having to swipe a card...

Page 106: ...the control panel to visually check on part of a process In addition when an operation malfunctions the network camera can be triggered to send images In some sensitive clean room processes or in fac...

Page 107: ...ura tion As mentioned earlier this depends on the following Number of cameras Whether recording will be continuous or event based Number of hours per day the camera will be recording Frames per second...

Page 108: ...50 more than with the MPEG 4 Part 2 standard This means much less network bandwidth and storage space are required for an H 264 video file Sample storage calculations for all three compression format...

Page 109: ...0 Megabyte MB per hour MB per hour x hours of operation per day 1000 Gigabyte GB per day GB per day x requested period of storage Storage need Table 12 1c Camera Resolution Approx bit rate Kbit s Fram...

Page 110: ...disks and each disk can be up to approx 300 gigabyte GB In a small to medium sized installation the PC that runs the video management software is also used for video recording This is called a direct...

Page 111: ...servers and the storage is scalable to hundreds of terabytes Centralized storage reduces administration and provides a high performance flexible storage system for use in multi server environments Fib...

Page 112: ...of data in the event of a hard disk failure Figure 12 4a Data replication Data replication This is a common feature in many network operating systems File servers in a network are configured to repli...

Page 113: ...ed from a client rather than from the recording server itself Figure 12 5b A medium system Large centralized system 50 to 1000 cameras A large sized installation requires high performance and reliabil...

Page 114: ...and stores the video from local cameras The master controller can view and manage recordings at each site Figure 12 5d A large distributed system Surveillance workstations Master server 1 Storage ser...

Page 115: ...te camera for your application AXIS Design Tool This simulation based calculation tool available online or on a DVD helps determine the bandwidth and storage needs for specific network video projects...

Page 116: ...116...

Page 117: ...arket you need superior skills and expertise on IP based video solutions Team up with Axis Communications Academy to ensure that you are always a step ahead Learning the fundamentals Network Video Fun...

Page 118: ...Tian Yuan Gang Center C2 Dongsanhuan North Road Chaoyang District Beijing 100027 Tel 86 10 8446 4990 Fax 86 10 8286 2489 FRANCE BELGIUM LUXEMBURG Axis Communications SAS 7 9 avenue Aristide Briand 942...

Page 119: ...nications C Yunque 9 1A 28760 Tres Cantos Madrid Tel 34 91 803 46 43 Fax 34 91 803 54 52 Support 34 91 803 46 43 SOUTH AFRICA Axis Communications SA Pty Ltd Hampton Park Atterbury House 20 Georgian Cr...

Page 120: ...ased company operating worldwide with offices in more than 20 countries and cooperating with partners in more than 70 countries Founded in 1984 Axis is listed on the NASDAQ OMX Stockholm under the tic...

Reviews:

No comments

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands