By Shaun Behrens • May 24, 2018
Monitoring Physical Security Systems
The basic principles of physical security systems have been around for decades, and have not changed that much: surveillance, intrusion detection, and triggering alarms in case of breaches or anomalies still form the basis of any security installation. What has changed, however, is the technology driving these basic principles, as digitization has changed the very bones of security systems. Along with this digitization, new challenges have arisen. In this post, we take a look at some of these, and how to mitigate them.
But what are these new technologies ("new" being relative, considering some have been around for more than a decade) that are changing the physical security industry? Here are some examples:
- IP Cameras: In the late '90s, the first network cameras kickstarted the move in video surveillance away from analogue and towards digital. Later, IP cameras, which embraced IP networking technology, Power over Ethernet (PoE), and various kinds of video compression, provided a better way to connect and manage surveillance cameras. As an added bonus, it has become easier to access video feeds remotely using mobile devices.
- IP Access Control: Not only cameras took advantage of IP networking technology; IP access controllers can connect directly to the network, and no longer need a terminal server as they did in the old days.
- Digital Data Storage: Previously, data such as recorded video footage was committed to tape. More recently, data is stored digitally on hard drives or in the cloud.
- Other "Things": In the age of IoT, many other devices are network-enabled. Panic buttons, motion detectors, HVAC (Heating, Ventilation, and Air Conditioning) systems, and smoke detectors are just a few examples.
A Smorgasbord of Technologies
Other than being a word I like to use whenever it is even remotely applicable, "smorgasbord" (thanks, Sweden!) is an apt description for modern security systems. Because of the digitization of their components, these systems are often a patchwork of technologies, protocols, and a variety of devices from multiple vendors. The first challenge security system integrators face is that they need to get all these disparate devices on a network, and then get that network configured and optimized. Yeah, might take more than a few days.
But getting the environment set up and configured is just the first part of the struggle.
The New Weakest Link: The Network
The digitized nature of modern security systems introduces new points of failure in addition to the traditional ones. For example, lost data has become a factor. With video data stored digitally, if something goes wrong – such as a storage device crashing or the network not transmitting data – video footage can be lost.
But perhaps the biggest weak point for modern security systems is the underlying network. Bottlenecks, bandwidth issues, or routing problems that prevent data being sent or received properly are all things that can compromise a security system. And if cyber criminals get access to the network or devices, they have the ability to negate the security of the entire system. This might involve shutting down aspects of the system, or using devices for purposes other than intended.
The above risks pose a critical danger to any security system. So how do you prevent these things from happening?
The short answer is: you cannot completely circumvent these risks. Electronic devices will malfunction, networks will have bandwidth issues, and storage devices will fail. These are the eternal truths of the digital world. All you can do is take preventative steps where possible, and set up alerts for when there is a failure. Enter network monitoring.
Monitoring the Security System
As with other industries, modern security systems have seen a convergence with traditional IT: you have the specialized security devices running on the same infrastructure as more operational IT devices such as switches, servers, routers, and so on. While this does add to the complexity of these systems, it also means that there is the possibility to monitor everything in one place, despite the disparate technologies.
The same general steps that apply to monitoring traditional IT environments also apply to monitoring a security system network:
- Establish the metrics for a healthy running system. For example, how much bandwidth do specific devices use when operating normally? What does the traffic flow look like in different parts of the network at different times of day? What kind of CPU usage is normal for servers?
- Based on the metrics from step 1, set up thresholds and alerts. When values go above or below the "normal" values, then you know that you have a potential problem.
Using a good network monitoring solution, it's possible to get a view of the entire network on one dashboard. Furthermore, the information you get from monitoring the network can help you make adjustments to help prevent loss of data or critical failures. Take a look at some examples in the table below of potential issues you can pick up when monitoring a security system.
|IP Cameras||High bandwidth usage||Adjust the image resolution, video compression, or frame rate.|
|Storage Devices||Low disk space available||Archive older data, or increase HDD size.|
|UPS (Uninterruptible Power Supply) Back-Up Battery Power||Low battery level||Investigate reasons for the low level, and replace/repair if necessary.|
|All Devices||Device not responding||
Troubleshoot the issue.
One of the advantages of network monitoring is that the kinds of systems you can monitor are quite varied, as long as the connected devices offer standard technologies (such as SNMP, NetFlow, WMI, and so on). While the monitoring approach remains the same - configure a sensor for a device and get statistics from that sensor - the actual network can look very different from one installation to another. So with the same network monitoring principle, you might be monitoring a hospital, a Smart Home, a Smart City...or a physical security system.