Converged vs. Dedicated Networks For Surveillance Tutorial

Author: Brian Rhodes, Published on Feb 11, 2015

Use the existing network or deploy a new one?

This is a critical choice in deploying video surveillance systems.

Though 'convergence' was a big theme of the past decade, deciding what to do has been much harder in practice.

In this guide, we break down the key factors in this decision, pro and cons, including:

  • IT vs Security Ownership
  • Existing Networks
  • Bandwidth
  • Network Quality
  • Technical Expertise
  • IT vs Security Ownership
  • Politics: Budget / Control / Avoiding Blame
  • Network Size
  • Expansion Difficulty
  • IP Address Conflict / IP Address Pool / Network Class
  • Security Concerns
  • Ongoing Maintenance Costs

*** *** ******** ******* ** ****** * *** ***?

**** ** * ******** ****** ** ********* ***** ************ *******.

****** '***********' *** * *** ***** ** *** **** ******, deciding **** ** ** *** **** **** ****** ** ********.

** **** *****, ** ***** **** *** *** ******* ** this ********, *** *** ****, *********:

  • ** ** ******** *********
  • ******** ********
  • *********
  • ******* *******
  • ********* *********
  • ** ** ******** *********
  • ********: ****** / ******* / ******** *****
  • ******* ****
  • ********* **********
  • ** ******* ******** / ** ******* **** / ******* *****
  • ******** ********
  • ******* *********** *****

[***************]

Selection ********

** *** *******,*********** **** * ****** ********** *** ********* ********* ************ ********, **** **** * ********* ****** ** ********.

IT ** ******** *********

*** ** *** ******* ******* *** ****** ** ** **** actual ****** ** ********, *** ********.

** ** *** ******** *** *** ******** ***********, ***** ** common, ****** *** *****, ********** ** *** *** ****** ** not ***** **** *****.

*** '***** ****' *** ******** ****** ******* ** ************ **** as ******** *** ***** ******. ********** **** ** **** *** have * *** **** ** ****** ****** *** ********* ** network ******** *********, *** ***** ****** *** ** ******* ** the **** ***** ** **** ********.

**** * ******** *******, *** *********** ** ********* ** ********. Potential *********** ******** *** ******* *** ********** ********, ** *** 'blame ****' ** ***** ****** ** ******* ******** *** ** avoided.

Existing ********

**** ******** **** *** ******** ** ****** *** ******* ** continuous ***** ************ *********. **** ** * ****** ********* ** surveillance ***********.

******* ** ****, ****** ** ************ *** ***** *********** *********** problems, *** **** ******* ***** *********.

*********

****** * *** ******* ** ** ******** ****** *** **** little ****** ** ***** ************ ** *** *******, **** ** email ** ****, ***** ***** ***** ********** ** **** * fraction ** ******* ******* ********. *******, ****** ** ******** ** cameras ****** ********** * ******** ** ****** *** ******** ******* infrastructure ***** ******* ******* ** **** *** ******** ***** ******* run ************.

** *** ***** ****, *** *** ************ ** * ********* separate ******* ** *** **** ** ******** * ********* *******. Not **** *** *** ******** ******* ******, *** ********** *** substantial ****** **** ** ** ***, **** **** ********* ******* maintenance ********.

*** ******* ********* ** * ********* ******* **** *** **** to ***** *********. **** * ****** ***** **** **** **** Ethernet ****** *** ****** ******* ** *****-********* *******, *** *** cost ********** ** ********* ** ******* ****** ** ****** *** continues ** ****. ******** * ********* ******* *** ************ ****** removes *** ****** ** ********* ********* ** ****** **** ********. The ******** *********** ***** **** ** **** ** **********, **********, and *********** * *** *****-**** *******.

Quality ** *******

** ********* ** *******, ******** ***** **** ***** ******* ** services ******** *********** ****** ** *****. ********** ******** *** ****** a ********* *** *** ***** ** *********** ******, **** ****, imagined, ** ******** *******.

*** ***** ************* / ********** ** ******** ******* ** ******* for ********* ******** ***** ** *** ******* ** **** **** hardware *** ************** ***** ** ******* **. ** * ******** lacks ******, *** ****** ** ***** ************ ** ***** ******* may ** ******** *** *********.

**** * ********* *******, **** ***** ** *******, *** ***** is ** ******** **** ***** ******** *** *********. *******, **** again ******** *** ********.

Technical *********

** **********, ******** *** ***** **** ****** ** **** ******* with ** ******* *****. *** **** **** ********** *** ********* plays ** ******** * ************ ******* ** ********* *********.

***** * ****** ******* ** ****** *** **** ******* ***** sense ** **** *** **** ** ******** **** ******** ** managed ******** *** *** ******* ************* ****-***. *********** '******* ** Service *** ***** *** ** * ********* *** ********* ****, but **** **** ********** ** ******* ***********. ******* **** ***** of ************* ** ****** ******** *****, *** ****** ****** ******* the ****** ********** ** ******* **************.

** *** *** *******, * ********** ******* ** ********* ******* to ****** *** ******** ******* ** ******* **** *** *** system ****. *** **** ** *** ***** ** ************* ****, but *** ****** ******** ****** ** ******* *** ******* ****** a ****** ******* ******. '**** *** ****' ******** **** ******* configurations *** *********** ** ********* ***** ********, **** **** ****** IT ***** ** ****** *********** *** ****** **** *** ******** them **** ****** **********.

Expansion ********** & ****** ****

** *******, *** ***** *** **** ** *** ******* ** a *** *************. *** ******** ******** ******** ********* ** ******** sites, *** ************** ********** ***** **** ******** *** ** * huge ******* *** ******** *********** ******* ** ******** ***** ** cable ***********.

**** ************* **** ******* ******** ** ******** ********** ******** ********* and ******** ********, *** ********* ***** ** ******** ***** ******* are ** **********. ********, ***** ***** *** ***** ******* **** some *********** ** ****** ********* ** ****. *** *********** **** of ****** ***** *** ** ********** ***********.

*******, *** ********* ********, **** ***** ******* *** ****** ******* buildings, ***** *** ** ********* ********* ** *********. ** **** cases, ********* ******** **** * ******** *********.

Security ********

*** *** *** ***** ** ********* ***** ********* ******* ******* also ** * ****** *******.

** ********** ********** ************ ******* ** *** *** ******* ***** it ****** ** **** ****** **. ********, ******* ****** ** video ***** ********** ******** ****** ** *** ******* *** ******* that ******* ****** ** ******. ** *******, **** ** * priority ** **** ********* **** ** ****** ** *** ****, even **, *** *** ***** ******* ** ****** ***** ***********.

*** ********* ******** ** **** ******** ******* *** ** ********* or ********* *** ******* ** ****, ****** *** ** *** 'low-risk ******' ******** ***** ** ************** ** ******** *****.

Ongoing *********** *****

*** ******* ** *********** ****** ****** *** **** ** ****, and ****** * *** ******.

*******, *** ******* ******* ** * ********* ******* ** * budgeted ** ********** **** ******* *********** *** ****** ** *** users. ******* *** ******* *********** ** * ******** *** ** departments, *** ****** ***** *** * ********* ******* ********* ********** the ******* ** ******* ***********.

*******, *** ********** *********** ** ******* ******* ** ********** ******** or ******** *******. ***** ***** *********** *** ******** ****** *** be ********* ** ********* * ********** *******, ******* ** *********** or ******* ********** ** ****** *** ** * **** ******* area.

*** ******* **** ** * ********* ******* ** **** ****** maintenance *** ****** *** ** ******* ** **** ** ***** addressed. ********* ** *********** ** **** **** *************** ******** ** fixing ********* ******* ** '***** *******' ** * ****, ** well ** * ********** ** **** *** ******** ****** *** service ** '***** ******' ** **** ***** **** ******** ******** once ** ***** *** ****.

Comments (11)

I think you need to add in the maturity of the customer, their infrastructure and the efficiences they may/may not have with respect to managing thereof.

A few years ago this would be more relevant than it could (or should) be today. So-called "convergence" isn't an event but an evolution. In many environments IT will continue to absorb the responsibility for providing the physical security as infrastructure and the security personnel are another end-user.

Casinos might be a special case in that cameras are a mission critical asset and the risk of getting ripped off is both external and internal.

But in most (modern) environments core switches should be gigabit with high capacity interconnects. VLAN tagging is a convenient way to logically isolate IP video traffic.

POE port density can be a problem towards the edge--in which case it might make sense for new/dedicated equipment. But even at that the proliferation of POE for (say) IP phones is becoming common and so is POE.

My point being, a professionally managed, modern network should be able to support IP video. If it's not, maybe IP video is a good reason to modernize. There exists value in using the same infrastructure for IP video and other networking needs. The dedication of a distinct network for IP video is leaving some of that value on the floor.

You are mixing could with should, with what happens with what you think should happen.

The reality is that this is still a significant issue and the political / territorial / fingerpointing aspect has not gone away for the large portion of users where IT and security remains separate.

I don't doubt that political / territorial is still a big deal and relevant. But, hey, so is analog. What I'm saying is the excuses are falling away. Where the security guy used to be able to say "bandwidth" or "security" he can't necessarily do so any more. I don't doubt that they're still the argument, but they won't be forever in many environments. When the argument becomes clearly political, it's increasingly difficult to justify if the infrastructure--itself designed to service the business as a whole as efficiently as possible--is able to do the job for both and makes sense to be managed singularly.

An example from retail, Yum! Brand's 'future store network' would set minimum bandwidth connections to stores, standardize network hardware in-store designed to (logically) segment wifi to customers, POS, digital signage, and IP video. And, no, the LP guy can't really argue duplicate hardware and infrastructure just because he doesn't get along with Joe over in IT..

As long as IP video is managed like analog but with RJ45 instead of BNC connectors, the customer is leaving a lot of 'internet protocol' opportunity on the floor.

"Where the security guy used to be able to say "bandwidth" or "security" he can't necessarily do so any more."

Actually I am saying the IT guys often say this. Not every IT department wants to have video surveillance dumped on then, the increased risk / troubleshooting.

As for retail:

"An example from retail, Yum! Brand's 'future store network' would set minimum bandwidth connections to stores, standardize network hardware in-store "

Retailers have been using converged networks for 10+ years because they have to. When you have stores / branches / sites scattered around the world, it is not that feasible to have multiple independent WAN connections for each service. And for retailers, they have to see the video remotely so the shared WAN becomes a necessity.

Retailers and anyone who runs credit card transactions have PCI-DSS compliance concerns which generally means that if they are a big box store they already have network infrastructure to support VLANs. Otherwise every device, including the surveillance servers gets added to their PCI audit scope of it's on the same VLAN. Even in some small Restaurant chains have some level of VLANs setup. I feel that restaurants, retail, hospitality, and healthcare facilities (due to HIPAA in the US) are the easiest to push for convergence. I have only done project on one campus but higher education seems to be fairly comfortable with convergence as well. They all already have so much junk riding on their network to begin with - AV control systems, teleconferencing, VOIP, etc. In my opinion big box retailers DEFINE converged IT.

It's places like factories and automotive corporations that I have seen the most push back. Anything that has even the most remote chance of impacting production for even a second starts a fire under IT and the production representatives will back them. Security is just a minor department.

i am willing to bet the vast majority of the time the biggest pushback from IT is sheer laziness or fear of the unknown. Just like every field there are people who are good at their job and some that you have to question who they are related to.

"I feel that restaurants, retail, hospitality, and healthcare facilities (due to HIPAA in the US) are the easiest to push for convergence"

Are you sure about that? We did a hospital that was very glad we to hear we were building a physically seperate network for the cameras. The only part of the system connecting to their network being the NVR, which made it easier for them to control.

As for retailers, it depends on the size of the retailer. Do not assume because the retailer or resturant chain is a big one, that they invest a lot in "compliance". The problem is the smaller, franchise owner who has to squeeze what they can from very small margins, like a sharecropper. So many times I have seen them install free, public wireless systems to attract patrons which are also connected to the same network as their old used, Windows based POS systems that didn't even have antivirus protection on them. When you talk to them about segregating the networks so patrons don't see the POS systems, they're like "Sure, as long as it doesn't cost me a dime. Otherwise... uh, yeah, I'll get to it maybe next month."

"I am willing to bet the vast majority of the time the biggest pushback from IT is sheer laziness or fear of the unknown."

Unfortunately, yes, very true. Not all the time, but more often than non-IT people probably realize. That's why is you don't have staff that are very IT proficient, you'll probably never recognize it.

We don't have a single client using more than 3-5 cameras on their network. I could never put our company's name behind infrastructure that we don't know front to back. If it is impossible to put in our own lines then fine but "convergence" is nice in theory, in practice its a hot mess. Think about it, one day some IT admin screws with the network and blocks port traffic within the network.. Cameras go down and the customer is upset... You consult with IT and they say "we didn't do anything" and you're left with trying to figure out their mess. To the customer it doesn't matter that IT did it, the blame game gets you no where. So I say NEVER piggy back on their network unless absolutely nessesary.

IPVM, this is a good thread, can you update it with a Cyber Security category. If the integrator favorites providing a private flat network, do they also provide remote monitoring and administration of that infrastructure?

We don't have a breakdown of that but we do have remote access stats. See: DDNS vs P2P vs VPN Usage Statistics

Thanks JH, will take a look.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

Large Hospital Security End User Interview on Mar 21, 2019
This large single-state healthcare system consists of many hospitals, and hundreds of health parks, private practices, urgent care facilities, and...
Silicon Valley Cybersecurity Insurance Startup Coalition Profile on Mar 20, 2019
Many industry people believe cybersecurity insurance is not worth it, as the voting and debate in our Cybersecurity Insurance For Security...
Top Metrics For Ensuring Integrator Profitability - Statistics on Mar 20, 2019
How do integrators ensure the profitability of their projects? As part of our profitability study, 100+ integrators answered the following...
Genetec Security Center 5.8 Tested on Mar 19, 2019
Genetec has released Version 5.8. This comes after a wait of more than a year that caused frustrations for many Genetec partners. Our previous...
Large US University End-User Video Surveillance Interview on Mar 18, 2019
Schools have become targets in modern days of active shooters and terrorist fears. The need for video and access security is high. Universities...
Hikvision Favorability Results 2019 on Mar 18, 2019
Hikvision favorability results declined significantly in IPVM's 2019 study of 200+ integrators. While in 2017 Hikvision's favorability was...
ONVIF Favorability Results 2019 on Mar 15, 2019
In the past decade, ONVIF has grown from a reaction to the outside Cisco-lead PSIA challenge, to being the de facto video surveillance standard...
Installation Course - Last Chance on Mar 14, 2019
This is the last chance to register for the March Installation course. This is a unique installation course in a market where little practical...
City Physical Security Manager Interview on Mar 14, 2019
This physical security pro is the Physical Security Manager for the City of Calgary. He is a criminologist by training with an ASIS CPP credential....
Integrator Profitability Bonuses - Statistics on Mar 13, 2019
While winning projects typically gets the most attention, how profitable those jobs turn out to be is key to the long-term success of integrators....

Most Recent Industry Reports

Silicon Valley Cybersecurity Insurance Startup Coalition Profile on Mar 20, 2019
Many industry people believe cybersecurity insurance is not worth it, as the voting and debate in our Cybersecurity Insurance For Security...
Covert IP Camera Shootout - Axis, Hanwha, Hikvision, March, Vivotek on Mar 20, 2019
Covert cameras were one of the last holdout areas for analog cameras. However, in the past few years, IP / HD covert cameras have become...
Top Metrics For Ensuring Integrator Profitability - Statistics on Mar 20, 2019
How do integrators ensure the profitability of their projects? As part of our profitability study, 100+ integrators answered the following...
Avigilon Launches 'Renewed Products Program' on Mar 19, 2019
There are lots of 'pre-owned' cars but pre-owned IP cameras? While such programs are common in other industries, in video surveillance, they are...
Hanwha Tax Evasion Probe, Camera Division Implicated on Mar 19, 2019
A Hanwha group subsidiary was raided as part of a tax evasion probe. While a Korean news media report listed the raided entity as 'Hanwha...
Genetec Security Center 5.8 Tested on Mar 19, 2019
Genetec has released Version 5.8. This comes after a wait of more than a year that caused frustrations for many Genetec partners. Our previous...
Retired Mercury President Returns As Open Options President on Mar 18, 2019
Open Options experienced major changes in 2018, including being acquired by ACRE and losing its President and General Manager, John Berman who...
Large US University End-User Video Surveillance Interview on Mar 18, 2019
Schools have become targets in modern days of active shooters and terrorist fears. The need for video and access security is high. Universities...
Hikvision Favorability Results 2019 on Mar 18, 2019
Hikvision favorability results declined significantly in IPVM's 2019 study of 200+ integrators. While in 2017 Hikvision's favorability was...
ONVIF Favorability Results 2019 on Mar 15, 2019
In the past decade, ONVIF has grown from a reaction to the outside Cisco-lead PSIA challenge, to being the de facto video surveillance standard...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact