Migration to IP
The benefits of adopting a network-based approach to system design are manifold, and growing demand from end users means that those installers and integrators who have yet to embrace migration risk losing existing customers when they want to upgrade or expand their existing solutions. Here Benchmark presents advice from a number of leading infrastructure providers for those looking to migrate legacy solutions to a networked platform.
For many years, the UK was a significant leader in both the development and implementation of advanced security technologies. When network-based systems first arrived, that fact was something of a double-edged sword. The situation is still the same today, albeit with a growing number of installers and integrators realising the potential on offer from migrating existing solutions to an IP-based platform.
The upside of the UK’s leading position in security technologies was the fact that installers and integrators had a heritage of innovative thinking and a mindset focused very much on the delivery of bespoke solutions. As new and merging technologies entered the market, it was good to have a core of engineers who were willing and able to rapidly progress with regards to advanced system design and the delivery of benefical solutions.
The downside was that a vast number of applications not only had well designed and effective systems which served their needs and often had a good few years until they needed replacing, but most sites also had legacy infrastructure in place which end users were loathe to rip out and replace.
As more and more value-added features and functions become available – 4K and HD video, flexible VMS solutions, video and audio analytics, business intelligence, browser-based access control, integrated solutions, smart buildings and home automation – so end users are increasingly demanding more from their systems.
The most efficient way to realise the demands of customers both now and in the future is to migrate to an IP-based platform. Where the budget (or the appetite) for a totally new system does not exist, the migration can be achieved easily and cost-effectively by leveraging existing infrastructure to deliver a flexible and fully scalable solution.
Benchmark canvassed opinion from infrastructure experts to find out how this can be realised.
The pace of migration
Paul Routledge, Country Manager, D-Link
The security industry is witnessing significant change in terms of the transition from conventional to IP-based systems. However whilst this change has accelerated over the past few years, many companies of have been reluctant to take that leap of faith and invest in an IP-based future.
First and foremost, there are numerous advantages for installers and integrators looking to migrate to IP-based solutions. Advantages include improved performance, quality enhancements, ease of installation, cost-effectiveness and scalability.
Converting to an IP solution is an attractive prospect, not to mention that analogue and older technology systems are beginning to reach their end of life, with IP technology moving to the forefront of modern security.
IP solutions also offer more in terms of RoI (return on investment) and TCO (total cost of ownership). They also deliver greater longevity than legacy technologies and better value over a longer time span. Whilst the initial outlay could be more expensive, over time costs will be less as IP solutions, plus they are not as strenuous when it comes to man management and power consumption.
IP-based solutions hold a number of advantages, particularly in terms of its scalability. A network video system can easily grow with the users’ needs as IP-based systems allow network cameras and other applications to share the same wired or wireless network infrastructure for communicating data. Installations can also be carried out at any pace with continued functionality throughout the lifetime of the installation, with the option to either grow or reduce an IP solution, dependent upon the user’s requirements.
It’s important to realise the possibility to integrate old with new. There is no need to throw legacy systems out. The migration to IP can be done either by running the old system side-by-side with the new, or integrating existing equipment into a newer digital infrastructure. This can be achieved using encoders and convertors, many of which are designed specifically for security.
Choosing a migration strategy is an issue that installers and integrators need to take into consideration. There are two main ways of migrating. The first option involves freezing the existing security setup and installing an IP solution alongside.
Initially the new IP system would be used to protect new locations not covered by existing system, but over time parts of the legacy solution could be moved across, either by replacing devices with IP equivalents or by using encoders and convertors to digitise the legacy infrastructure and integrate it with the Ethernet network.
The second migration strategy involves replacing the back-end of the system with an IP-based solution, but continuing to use the existing equipment to provide security processes. Again, installers and integrators can use encoders and convertors to link the devices to the IP-based controller, replacing edge devices with IP products as and when they reach the end of their lives.
There are also a number of steps that integrators and installers should bear in mind when looking to migrate to IP, whether that involves approaching an IP-based solution for the first time or upgrading an existing system to benefit from new technologies.
One of the most significant advantages of IP-based systems is the ability to use existing network infrastructures rather than having to install custom cabling. However, even when compressed, some security data such as video can consume large amounts of bandwidth, especially with a high cameras count. As such, it’s essential to analyse how stressed an existing network is already, and how much headroom there is to carry the extra traffic involved. This will help assess whether changes will need to be made in order to cope.
Thankfully, due to modern plug-and-play technologies, an IP device is no harder to install than a conventional security product. By using existing network infrastructure, installation time can be drastically reduced, especially if PoE is also employed.
Many switches are available which simplify the creation of VLANs, segmenting security traffic from the rest of the network. This reduces the need for dedicated surveillance hardware and lowers maintenance costs.
With different options available and easy installation, migrating to IP-based security can be done at any pace.
Alan Jones, External Technical Sales Consultant, Dantech Electronic Engineering
When you consider the progression we’ve seen in electronic security systems technology, it’s worth remembering that the fundamentals don’t change. Every system still relies on the continued availability of a stable power supply, and security cannot be guaranteed if the system is not secure against threats like physical attack, IT problems or hacking.
While the advent of PoE has increased options for deployment of power to networked devices, plenty of security devices are still powered by conventional, low voltage supplies. It is an important distinction that IP connectivity does not necessarily mean that the use of PoE power provision is sensible or even practically possible. Whether to employ PoE versus conventional device power will depend on various factors, the paramount being reliability. Providing for continuity of power during mains failures, building in physical protection of that power source and ensuring that its status can be monitored are all indicative of a professional approach to security systems design.
While the reality is that design choices are always made in the context of budget constraints, no customer will thank you for paying too little attention to key factors such as reliability, continuity of operation, physical security, accessibility and the cost of maintenance. While it may seem a less pressing consideration in connection with power provision and management, ignoring standards compliance also creates a potential minefield, in particular where the design will involve PoE networks.
Like any other electrical equipment, PoE devices will have different power needs, and these can be categorised under the relevant standard (IEEE 802.3:2012) as follows: up to 12.95W (PoE ‘Type 1’, 15.4W PSE) and up to 25.4W (PoE+ ‘Type 2’, 30W PSE). Since the current revision of the IEEE standard deals only with PoE power levels up to 30W, some manufacturers have produced standards-compliant devices requiring no more than 25.4W and PoE sources delivering up to 30W per port.
Where a powered device consumes more than 25.4W, there will be a dedicated High-PoE source, and higher cable specification requirements will apply.
When designing the PoE element of a security system, is it wise to place power sources centrally and rely on the network infrastructure for distribution of that power? Central UPS support is not much help if there is a connectivity problem, after all. It would be better to spread the risk by placing power sources closer to where security devices are located.
Edge power devices should be robust, efficient and reliable, incorporating batteries to ensure that security processes continue in the event of a power or network failure. With remote monitoring, status information can be generated.
When using PoE, these power sources should be fully compliant with the current standards and suitably rated, allowing any compliant device to be powered. Devices without restrictive power budgets will enable reliable operation and easier future expansion and replacement. If the power unit also includes an on-board switch, the connected devices can be kept running and communicating even when the wider network experiences a problem.
Think about powering a variety of network-connected security devices in a particular part of a building, at a particular door, or for a particular purpose, while also providing battery back-up for emergency operation. This could eliminate equipment reboots caused by power problems.
It is unlikely that a well-designed and secure system can be achieved if the provision of system power is handed off elsewhere to a separate area of responsibility such as an IT department. Even when handled by security installers and integrators, standard IT products are widely used, even when they are deployed outside the IT suite, no doubt because they are relatively cheap. But what about the reliability of the low voltage power supplies that feed those devices? Is the installer going to put a UPS by each one to provide continuity of power in the event of loss of mains power? How will they be mounted and protected from inadvertent or malicious tampering? Can they be easily mounted and are they monitorable remotely?
Attempt this with standard IT products and the costs and complexity start to escalate. Instead seek out a range of PoE sources with built-in security features that are designed specifically for security applications.
Exploiting legacy infrastructure
Neil Staley, Product Marketing Executive, Mayflex
Deploying a migration from analogue-based technology to a network-based solution can be achieved in a number of ways and it is recommended that this is completed in a phased programme as budgets and infrastructure become available. An important advantage to this phased migration model is that devices can be transitioned cost-effectively, individually or in groups.
There are several technologies available that can be used by the installer and integrator. In situations where there is more flexibility with budgets, then the ideal solution is to deploy a new structured cabling network, ensuring the cabling medium has been deployed to the optimum performance level, ready for all aspects of security data including video transmission.
However, there are technologies that you can use when migrating to digital technology using existing infrastructure. The advantages of this methodology are that new cabling is not required, existing infrastructure assets have their RoI extended, legacy devices can be retained, limitations of network cabling (100 metres) are not a factor and installations are quicker to deploy.
The entry level starting point is normally to consider an encoder device in the control room. The encoder performs an analogue-to-digital (A-D) conversion and streams the video onto the network. The advantage of this method is devices can be added to a network-based system with no additional costs for hardware or software except for the encoder. The disadvantage of this type of migration is that expansion, scalability and exploitation of advanced management features often cannot be realised without further investment in a new system.
If using a professional equipment vendor, then the addition of more devices with an open platform management software package will enable an increased level of benefits.
This type of configuration does require careful planning. An advantage of this type of configuration is that security data can be accessed from remote sites once a connection from the site to an ISP enables connection to the internet.
By utilising legacy infrastructure in this way, the end user can enjoy a number of benefits such as increased functionality, distributed architecture and no single point of failure.
Building-to-building applications where multiple IP streams need to be moved between premises can be achieved using wireless bridges. By deploying wireless in hard-to-wire applications, an installer or integrator can create a backbone of data that easily carries security data and provides broadband connectivity across a site of unconnected buildings.
In applications where devices are at the perimeter of a site, and therefore a long distance away from the control room, the use of media converters is recommended. These small devices enable video and data to be converted from coax and data cabling onto fibre which can transmit signals, loss free, over extended distances. These signals are then reconverted at the rack and put onto the network in the control room area.
Using media converters at the edge enables installers and integrators to extend distances and utilise PoE to deliver power to devices over UTP. This topology takes the local power that is being used for the media convertor at the remote end and injects power over the final leg of the UTP link to drive the device.
In applications where budgets are limited and the end user wants the installer or integrator to utilise existing UTP or coax cabling, they can upgrade devices with the use of Ethernet over Coax convertors. The advantage of these devices is that an existing cable can be utilised for any type of network connection by simply installing a device on either end of the copper cable. Another advantage of this technology is that extended distances can be achieved, and PoE versions enable power to be fed remotely. With this type of technology, distances of up to 800 metres with 100 BASE-T connections are available. These convertors are ideal for devices that are outside of the 100 metre limitation such as perimeter cameras on the edge of a site.
The benefits of networked solutions are well established with ever increasing features and functionality available. The migration to digital is well under way as end users demand more from their security system investments.
John Croce, CEO, NVT Phybridge
Installers and integrators looking to migrate to IP must clearly define the desired end state prior to deploying IP-based solutions if they are to be successful. What end points and applications are important to the customer? What things cannot be risked or compromised for the sake of being connected? Is the network capable of supporting the IP-based applications and devices that are being considered? Will the engineers involved be able to handle the evolution? What is the ROI for the end user?
For many, the migration to IP is either well under way of has been completed already. Those who have yet to act need to appreciate both the architecture of a network and how it is best adapted to meet security needs.
Core business LANs are designed to connect devices used by staff to drive revenues, operate effectively and make the business successful. We can consider this as the ‘Profit’ network.
There are other supporting platforms that are also migrating to IP: security such as video, access control and enhanced security applications; voice and telephony; building controls and other building oriented devices. The common requirement is having PoE switches to connect the applications to end points located throughout the building.
Planning and preparation to create a LAN platform robust enough to support all the different requirements is critically important.
One of the biggest mistakes made when designing a LAN upgrade for security (and other supplementary technologies to a business’ core operations) is creating network topology based on the limitations of standard PoE switches and not considering recent switch innovations.
Recent enhancements to switch capabilities include greater speeds, routing, power and quality of service. Two things have not changed in over 25 years with regards to standard LAN switches: the need for multiple pairs of UTP cable and the maximum reach the switch, which is 100 metres.
Many LAN designs are based on using standard LAN switches with their wiring and distance limitations. As a result, many installers and integrators believe that the only option is to rip-and-replace legacy infrastructure and install new ‘standard’ PoE switches. Ironically, this way of thinking is often the main barrier to customer sites agreeing the migration to an all IP platform.
Some of the most exciting switch innovations in recent years are the creation of long reach PoE switches that allow customers to transform their existing coax, telephony or multi-pair UTP infrastructure into a robust IP platform ideal for many of the end points being considered, including security. These switches eliminate the need to rip-and-replace infrastructure, allowing for a graceful, non-disruptive and cost-effective way to migrate to IP.
The cost-savings are obvious as end point that is 700 metres away can be supported by existing coax cable. The alternative with ‘standard’ switches is having to build six equipment cabinets and install new Ethernet cabling.
The use of long reach switches makes installation simplicity and flexibility available when migrating to IP. The beauty of this approach is that the security team can manage and control the IP based solution end-to-end, with no impact on the core ‘Profit’ network. Indeed, the installers and integrators won’t even need to access the corporate LAN.
The IT department can create a topology for the core network that is secure and isolated from the security network, but can integrate the security end points into their overall network monitoring and management platform if desired. The customer and the IT departments can enjoy full control, but the security network cannot affect business operations.
It is simple to complete a partial migration with this approach. The IP long range switch is connected to the server and the IP-based solution sits alongside the legacy solution.
Moving from a partial migration to a full migration when budget becomes available, and moving from an extended LAN to separate LAN, is a simple task.
Having the option to leverage existing infrastructure that is designed as point-to-point is ideal for real-time applications, and greatly simplifies the migration. Long reach PoE capabilities allow installers and integrators to gracefully migrate, creating either a separate or integrated LAN topology with ease.