Cisco's IPICS Solution Examined

Author: Antony Look, Published on Oct 18, 2010

A key component of Cisco's emerging physical security strategy is the integration of three systems: surveillance, access control and communications. Their communications offering is called Cisco IP Interoperability and Collaboration System or IPICS for short.

As IPICS will be a point of differentiation for Cisco's overall 'physec' offering, we are going to examine its functionality, technical requirements, cost and applications.

Prior to joining IPVM this summer, I was a network engineer for a Cisco Channel Partner. One of my larger projects was designing and deploying a statewide IPICS solution that integrated stand-alone analog radio systems through a government run IP network and interfacing them with networked PCs.

Inside the Pro section, I explain the various components used, their approximate cost, the key issues faced and best applications fit.

Since IPICS is likely new to many of you, below is a short video we grabbed from YouTube with Cisco's own product intro:

Introduction

The Cisco IPICS solution allows collaboration between disparate communications silos (e.g., between IP phone, analog PTT radio, cell phone, PC, and Smartphone). The application was highly focused on Public Safety and inter-agency communications where stand-alone analog radio networks between e.g., fire, police, emergency medical services, and civil defense agencies could be 'patched' together during a critical incident.

However, the IPICS solution has been leveraged to provide greater real-time information (audio, video, and text) distribution capabilities to Cisco's physical security applications. It is now expanded to be woven into Cisco's Connected Physical Security solution.

Application Recommendations

Get Video Surveillance News In Your Inbox
Get Video Surveillance News In Your Inbox

Because of the high cost and complexity of the IPICS solution, it is most appropriate for larger, IT-centric organizations who would benefit from its robust real-time incident response and collaboration features and possess the IT skill necessary to provide ongoing maintenance and optimization. Histrorically, verticals such as Transportation, Public Safety, Education, Industrial and larger enterprises comprised the sweet-spots for IPICS adoption, because of existing analog radio communications infrastructures. Furthermore, the solution is much more compelling for organizations already invested in associated Cisco IP telephony, Cisco physical security applications, and have a pre-existing Land Mobile Radio system.

Smaller campus-like organizations (e.g., well funded private schools with high security demands from patrons) having associated Cisco technologies already in place for IP telephony, video surveillance and radio communications may also reasonably consider IPICS systems. Such organizations can simply add the IPICS components to achieve a richer level of real-time security information and extend the functionality of both their security and communications systems.

However, IPICS is clearly a high end offering for those with $100,000+ to spend and willing to engage senior network engineers to implement the system. As such, it is out of the range of most small and even medium businesses.

Real World Observations

The implementation of Cisco's IPICS solution can be a very time intensive and highly complex task. Its design requires considerable knowledge in several combined disciplines - IP telephony, analog radio, and advanced data networking. It requries a well coordinated effort between customer and engineer, and a well documented understanding of the customer's existing network and end-user needs and expectations.

A larger government network in which I deployed IPICS within, presented considerable challenges when looking to establish end-to-end multicast capabilities and remote access over the Internet/WAN. Many larger government networks are also managed by more than one concern as they are usually disparate LANs and WANs patched together. This made the acquisition of key information regarding the existing customer network especially challenging.

Although, having the networking gear to support and 'turn-on' multicast, the political or procedural hurdles to doing so required designing less than optimal work-arounds involving multicast over GRE tunneling between sites. Designing the system to allow remote access over the Internet also proved daunting as there were several firewalls within the larger network that had to each be negotiated.  This was compounded by having to maintain multiple tunnels (IPSec and GRE) through several firewalls.

Basic Requirements

The basic IPICS solution, requires several hardware, software and licensing components:

IPICS Server - This component provides centralized management of the entire system and controls when and how various radio systems are 'patched' together. Typically, this software is hosted on Cisco server hardware (Cisco Media Convergence Servers). The starter package costs roughly $50,000+

Router Media Services (RMS) - At least one of these are required. This is a router that processes and mixes audio streams from the various communications devices.  It needs to be a relatively powerful and scalable router chassis equipped with one or more dual T1 cards and associated DSP modules, (3900 series routers are the recommended minimum). The RMS is enabled by a feature license atop one of the higher functioning and priced IOS images. This component will roughly cost $20,000+

LMR Gateway Router (LMR) - This router, equipped with an E&M card and associated DSP module(s) is used to interface with stand-alone analog radio systems. It encodes and packetizes the audio stream and multicasts it over an IP network. A solution will require at least one LMR Gateway router at each radio site intended to communicate within the IPICS network. The services can be provided on as low as a 1900 series router with the appropriate feature licenses and voice enabled IOS image. Thus, the cost for each LMR is roughly $2,000 - $5000.

Ideally the three components must be placed on the same multicast enabled IP network. Theoretically, there exist techniques to circumvent these requirements using, for example, Multicast over GRE tunneling, various VPN techniques etc. But such, scenarios will increase complexity and cost of design and integration. The basic components will allow the formerly isolated analog radio systems to communicate with each other in configurable, dynamic and policy based scenarios.

Optional Components and Functionality

More features and functionality can be added to the IPICS solution:

Push-To-Talk Management Console Client  (PMC Client) - This software application is supported on Windows based PCs. It allows the operator to participate in radio channel monitoring or two-way communications between LMR Gateway enabled radio systems. PMC clients have thier own 'identity' on the IPICS network and can even communicate with other PMC clients, smartphones, IP phones, and PSTN phones. These are purchased as server controlled, simultaneous connection licenses roughly at $200 - $400 each.

Dispatch Console - This is a more recently added command and control application for the IPICS solution. It provides a front-end for monitoring and controlling the media resources within the IPICS 'network'. The application is also the key ingredient for integration with Cisco physical security applications. The dispatcher console can access Cisco video management systems to provide real-time video information to select personnel. This application is also licensed per active connection and managed by the IPICS server.

Policy Engine - This is a licensed feature for the IPICS server that allows connectivity to span PSTN communications devices, for example, cell phones and land-line phones. The base package includes the Policy Engine feature and a few PSTN connection licenses for roughly $10,000 to $20,000. The Policy Engine requires an IP telephony system or similar gateway to interface the IP network with the PSTN (e.g., Cisco Call Manager Express or Call Manager).

Call Manager Express (CME) or Call Manager (CM) - These IP telephony systems integrate with the IPICS server to provide PTT capabilities to Cisco IP phones.  This is especially useful in environments with a supporting WLAN infrastructure whereby Cisco wireless IP phone models can participate in radio over IP communications in a somewhat mobile fashion. If an existing CME or CM system is in place it is just a matter of purchasing individual IP phone PTT licenses at about $300 each. Otherwise the cost will vary wildly to implement an entire IP telephony system for variously sized organizations. A small 25 IP phone CME system can be estimated at roughly at $20,000 to $30,000.

IPICS Mobile Client - This is a smartphone application currently available for Apple iPhones that provides another communication client option to participate in the IPICS environment. If planning to integrate IPICS 4.0 with physical security applications, this component is essential to enable multimedia collaboration. It is a free application in the Apple App store, and is licensed on a per active connection controlled on the IPICS server itself. The Mobile Client can leverage either its WiFi or 3G connectivity to access IPICS systems.  Access from remote WiFi and 3G networks is enabled using the iPhone built-in Cisco VPN application.

For video surveillance applications the IPICS Dispatch Console and Mobile Client represent the most compelling optional components.  Cisco has already integrated a VPN application with Apple's iPhone OS, making remote WiFi and 3G interaction with the IPICS system highly mobile.  To date, I have not seen a SCCP or SIP (SIP softphones exist but work poorly with Cisco call agents) softphone client for the iPhone. Such a development would add great value to the IPICS + Cisco Call Manager (or Express) solution as the iPhone would then be able to serve as both IP phone and IPICS client within corporate or remote WiFi and 3G networks. Imagine a corporate environment where no Cisco IP phones needed to be purchased  - just use your or your company issued iPhone with SCCP/SIP softphone and Mobile Client.

Network Engineering Considerations

The design, deployment and optimization of an effective IPICS solution is a fairly complex task. 'Sanctioned' installers of Cisco IPICS must qualify as an Authorized Technology Partner (ATP) channel partner.  ATP designations are reserved for advanced and emerging technologies, require an invitation by Cisco, and require considerable training and lab gear investments. The field of Land Mobile Radio itself is one that requires a substantial level of expertise, experience and knowledge. Typically IPICS ATP partners must prove existing competency and industry experience in LMR and also have Cisco Certified Professional level voice specialized (CCVP) network engineer(s) on staff.

Competitive Offerings

Telex and Catalyst (not to be confused with Cisco's Catalyst switches) manufacture competitive offerings to the Cisco IPICS solution. However, these solutions go head to head with Cisco's Land Mobile Radio over IP (or RoIP) functionality, which represents only one aspect of the IPICS solution.

If RoIP is the only consideration than the competing vendors can be had at a significant pricing advantage and simpler integration and usability. The flexibility and overall feature set is limited (no video or physical security extensibility), and sometimes the proprietary nature of the systems prohibit strategies to circumvent less than optimal pre-existing environments.

2 reports cite this report:

Cisco Surveillance Strategy Shift on Sep 19, 2011
Where is Cisco going in the physical security market? In this note, we provide answers both to their overall strategy and to their specific...
Cisco's Video Management (VSM and Stream Manager) Examined on Dec 07, 2010
Cisco's approach to video surveillance management is uncommon. Before one can appreciate how it is better or worse, it is important to understand...

Related Reports on Audio

Alexa Guard Expands Amazon's Security Offerings, Boosts ADT's Stock on Sep 21, 2018
Amazon is expanding their security offerings yet again, this time with Alexa Guard that delivers security audio analytics and a virtual "Fake...
Favorite Intercom Manufacturers 2018 on Sep 14, 2018
Intercoms are certainly increasing in popularity, driven by the integration of video and IP networking. But who is the favorite? On the one side,...
Zenitel/ Stentofon Turbine IP Intercom Tested on Aug 06, 2018
IPVM has published reports testing an Axis door station and a Hikvision door station (tested). However, those companies are new entrants to this...
Digital Watchdog Low Cost 4MP Camera Tested on Jul 02, 2018
Based on member 4MP testing requests, we bought and tested Digital Watchdog's low-cost 4MP DWC-MTT4Wi to see how it performs in real world scenes,...
FLIR Launches Saros on May 01, 2018
Has FLIR solved the video intrusion / remote monitoring problem or have they created an overkill, overly expensive device? FLIR has launched...
Netwatch / NMC Mega Deal Targets Global Remote Video Monitoring on Apr 27, 2018
Big money has entered the remote video monitoring market. While remote video monitoring has been done for more than a decade, the market has...
Owl Car Cam Tested - Disappoints on Mar 30, 2018
With $18 million in VC funding, and led by the former product lead for the iPod and the VP of Engineering of Dropcam, Andrew Hodge, hopes are high...
Audio Usage In Video Surveillance Statistics on Mar 28, 2018
Audio is more widely available and easier to use than ever, with many IP cameras building audio in and often making integration as simple as...
Next Gen 5MP / 6MP Camera Shootout (Axis vs Dahua vs Hanwha vs Hikvision) on Feb 28, 2018
Many manufacturers have released new generation 5MP / 6MP cameras that tout super low light, WDR and other features historically typical in 1080p...
Improved Edward Snowden Haven App Test Results on Jan 26, 2018
Haven developers have substantially improved the application, just over a week after IPVM's original test report, with Haven now fixing motion...

Most Recent Industry Reports

Ladders For Installers Guide on Sep 25, 2018
Ladders are one of the most important pieces of worksite equipment for the surveillance technician. Too often, however, even highly experienced...
Favorite Access Control Reader Manufacturer 2018 on Sep 25, 2018
Favorite reader votes are in, and it is not close. A global access giant ran away with the votes in a one-sided contest. But for many, the...
Genetec Takes Aim At 'Untrustworthy' 'Foreign Government-Owned Vendors' on Sep 24, 2018
Genetec is taking aim at 'untrustworthy' 'foreign government-owned vendors'. This is not a new theme for Genetec as nearly 2 years ago, Genetec...
4MP Camera Shootout - Axis, Dahua, DW, Hanwha, Hikvision, Uniview, Vivotek on Sep 24, 2018
4MP usage continues to climb, especially for low cost fixed lens models. To see who was best, we bought and tested seven 4MP models from Axis,...
Alexa Guard Expands Amazon's Security Offerings, Boosts ADT's Stock on Sep 21, 2018
Amazon is expanding their security offerings yet again, this time with Alexa Guard that delivers security audio analytics and a virtual "Fake...
UTC, Owner of Lenel, Acquires S2 on Sep 20, 2018
UTC now owns two of the biggest access control providers, one of integrator's most hated access control platforms, Lenel, and one of their...
BluePoint Aims To Bring Life-Safety Mind-Set To Police Pull Stations on Sep 20, 2018
Fire alarm pull stations are commonplace but police ones are not. A self-funded startup, BluePoint Alert Solutions is aiming to make police pull...
SIA Plays Dumb On OEMs And Hikua Ban on Sep 20, 2018
OEMs widely pretend to be 'manufacturers', deceiving their customers and putting them at risk for cybersecurity attacks and, soon, violation of US...
Axis Vs. Hikvision IR PTZ Shootout on Sep 20, 2018
Hikvision has their high-end dual-sensor DarkfighterX. Axis has their high-end concealed IR Q6125-LE. Which is better? We bought both and tested...
Avigilon Announces AI-Powered H5 Camera Development on Sep 19, 2018
Avigilon will be showcasing "next-generation AI" at next week's ASIS GSX. In an atypical move, the company is not actually releasing these...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact