IP Video Surveillance

An Essential Guide
This book’s author, Alex Lytkin, has spent many years working with digital
video surveillance systems. In this guide, he addresses, step by step, all the
topics related to IP video surveillance systems.
Starting with the structure of IP cameras, Alex Lytkin describes in detail the
mechanisms of IP-flows transmission, ways of recording, and the structure of
video servers. A large section of the book is dedicated to networking
technologies, switching equipment and issues related to building a high-
quality network infrastructure. At the end of the book, the author gives
examples of typical IP video surveillance systems for a variety of facilities,
ranging from installations in private houses to complex systems in banks and
shopping malls, where hundreds of cameras are used.
The book is written in simple, clear language. The author manages to present
even the most complex material associated with various network technologies
in the most accessible form.
IP video surveillance: An Essential Guide is a great guide for beginners as
well as for those who already have experience in this field. This book aims to
help you open the door to the future of video surveillance systems.
Feel free to ask questions and make comments on the book’s website
http://ipvideosystemdesign.com/

Copyright © Alexander Lytkin

All rights reserved. No part of this book may be reproduced or utilized in any
form or by any means, electronic or mechanical, including photocopying,
recording, or by any information storage and retrieval system, without
permission in writing from the author.
Although every precaution has been taken in the preparation of this book, the
publisher and author assume no responsibility for errors or omissions. Neither
is any liability assumed for damages resulting from the use of the information
contained herein.
E-book ISBN - 978-5-600-00033-9

All requests to the Author should be addressed to:

E-Mail: info.30fps@gmail.com
WEB: http://ipvideosystemdesign.com/
 Introduction

Perhaps you’ve heard something about IP video surveillance and even

encountered it in practice. The most advanced IP video technology allows the
creation of systems which, due to their wide range of features, far surpass the
traditional analog-based video surveillance systems. IP-video allows you to
work with high resolution, to obtain a high degree of functional flexibility,
and to use sophisticated analysis.
However, in addition to its broad array of options, IP-technology is often
associated with problems and difficulties in set up and maintenance. Without
a doubt, it is more difficult to launch the server and correctly organize the
network than to set up the more familiar analog video recorder. However,
these difficulties disappear once you get acquainted with the fundamentals of
IP video surveillance. This book aims to provide the reader with a basic
understanding of IP video and to remove all barriers standing in the way of
use of these innovative technologies.
If you are just starting to work with IP video surveillance systems, this book
will be an ideal helper for you. With the help of simple and accessible
language, we describe the features of IP cameras, recording servers and
network technologies.
Unlike an encyclopedia, this book does not contain comprehensive data on
every topic associated with IP video. On the contrary, the idea behind this
book is to single out IP video fundamentals and to explain them in the most
accessible way. That is why you will find no references, no digressions into
the history of video surveillance, and no encyclopedic definitions in this
book. These days, if you’re familiar with the basics and understand the
structure of IP video surveillance systems, you can easily find all the other
details you need on the Internet.
Over time, you may want to buy a separate book for each topic: networks,
video analysis, server solutions, etc. But before you delve into each topic,
you need to get a general idea of the IP video surveillance systems and how
they are arranged. This book represents an ideal first step toward
understanding the field of IP video.
Whether you are a novice or an expert in the field of security systems, I hope
this book will help you to learn something new about the features of modern
video surveillance systems and IP technologies.

About the Author

Alexander Lytkin is one of the world’s foremost experts in the field of digital
video surveillance systems. For 10 years a member of the STA group of
companies, he has been closely involved in the field of modern video
surveillance technology.
In recent years, Alexander has led the development of integrated solutions in
the field of IP video surveillance. He has written reports on developments in
IP video surveillance technology and conducted topical workshops for major
companies throughout Russia. Alexander Lytkin is the author of a number of
articles on digital video recorders and IP video surveillance systems.

Who this book is intended for

Thanks to its simple language and easy explanations, this book may be
interesting to a wide range of readers.
If you are an expert in video surveillance, your interest will most likely be
aroused by the topics related to networking technologies. If you are an expert
in the IT sphere, then you are likely to be interested in IP cameras and ways
of organizing video recording and playback.
Design professionals will almost certainly be interested in the section
showing examples of video systems and ways of organizing them in various
facilities.
Those in the commercial department will be able to develop familiarity
with IP equipment, knowledgeably communicate with customers and help
them to choose the right solutions for their needs.
Managers may find this book extremely useful as it adds to their knowledge
base about the latest technologies and their potential use for company
development.
Even if your professional activity is not related to security systems, the book
may be interesting as a source of basic knowledge about network video.
Structure of the Book
The typical IP video surveillance system consists of five basic components.
Each component is described in a separate chapter:

1. Chapter 2: Cameras
2. Chapter 3: Lenses
3. Chapter 4: Video Recording
4. Chapter 5: Video Playback
5. Chapter 6: Network

In addition to describing the components, we thoroughly analyze examples of

typical IP video systems construction: Chapter 7 contains "Examples of IP
video surveillance systems" as well as an overview of the intellectual
analysis technology in Chapter 7: "Video analysis."
Finally, Chapter 9: "Cheat Sheets" presents responses to questions that often
arise at the beginning of an IP video surveillance system project.

Notations
To improve navigation, the book uses a series of notations:

The magnifying glass symbol shows practical examples. Most of these

examples are easy to reproduce at home.

The exclamation mark is used to emphasize important information. This

symbol is used infrequently in the book - only to single out the information
that is really worth paying special attention to and remembering.

The arrows indicate references to other sections of the book. For example,
if in one chapter we analyze a video surveillance system that uses DDNS
technology, you will find a reference to the section of the book devoted to the
description of the technology. Using this reference, you can quickly refresh
your knowledge of DDNS technology, and then return to the analysis of the
original system.
 Chapter 1
Understanding IP Video
Surveillance

In this chapter:

What is IP video surveillance ?

Advantages of IP video surveillance
Main components of IP system

Around the year 2002, we witnessed a wide-scale replacement of obsolete

video tape recorders with new, advanced digital video recorders. At that time
there was much discussion, dispute and controversy concerning the new
digital technology. In the whirlpool of different judgments it was not easy to
understand which recorder was better, what actual resolution and recording
rate would be obtained, and what difficulties were to be faced during setup
and further operation. In most cases, all the issues relating to new technology
were solved by each company in its own way, using a laborious trial and
error approach.
Now, many years after they first appeared, digital recorders have become
quite a common and comprehensible component of a video surveillance
system. However, today we again find ourselves on the threshold of large-
scale implementation of new progressive technology. This technology is IP
video surveillance.
The key component of the new technology is an IP video camera. Now,
however, upgrading of a video surveillance system is not limited to replacing
a separate component. IP video surveillance implies a new principle of
construction of the entire system. Now, video is transmitted by a common
twisted-pair wire or optical fiber instead of an individual coaxial cable.
Servers and multiple-disk storage devices are used as recording devices,
instead of recorders and computers with video capture cards. Data display
devices are not connected to recorders any more, but now they are hooked up
to decoders. Besides these features, IP systems comprise switches, routers,
wireless networks and a great deal of incomprehensible network technology.
Naturally, we find ourselves again asking many questions about how to
implement these new systems, beginning with simple ones related to IP
network building theory and ending in those concerning assembly and
operational practices. The fact that the technology is new makes it difficult to
answer some of the questions intelligibly, while on the other hand, other
questions may have a few answers which, strange as it may seem, appear to
completely contradict one another. This book has been published to help you
understand the ins and outs of IP video surveillance. It contains all the basic
information required to understand what an IP system looks like in general,
and how each component operates by itself. As well, the book discusses how
to choose IP cameras and their lenses, and what parameters to pay attention
to when choosing recording and switching devices. To reinforce the theory,
we show you a few typical diagrams of practical IP system construction at the
end. So, let’s begin!

What Do These Two Letters Mean?

IP stands for Internet Protocol. In other words, IP is a means of data delivery
from one device to another through a network. Therefore, these two letters
added to “video surveillance” imply that the system is based on the network.

Advantages of IP video surveillance

Before we plunge into a description of IP technologies, we should find out
why we are doing it. Why do we need IP? How is it better than analog video
cameras with video recorders? Here are three of the most popular reasons to
install IP video surveillance systems.

Image quality. The first and foremost advantage of IP systems is the

possibility of obtaining megapixel resolution. The resolution of the best
 analog cameras is limited to 0.4 megapixels. Modern matrices allow us
to obtain images of 10 megapixels and higher. To transmit high-
resolution video, a network is used. In most cases it is this high
resolution that causes companies to make the switch to IP video
surveillance.
Fewer cables and, in some cases, no cables are required. Sometimes
the choice is made in favor of IP when it is necessary to install a camera
without any cables laid to the site. In this case, either wireless cameras
are installed, or common network cameras are connected to available
mains sockets of the office network.
Besides, IP video surveillance requires a single UTP cable to transmit
video, power, dry contact closure data and control instructions for PTZ
devices. Analog systems, on the other hand, require a separate cable in
each case.
A possibility to increase the number of cameras without changing
the SCS. In IP networks, streams from multiple cameras can be
transmitted through a single cable. Therefore, when we install new
cameras, additional streams can be transmitted via existing lines. This
advantage is generally referred to as “flexibility”, “extensibility” or
“scalability”.

Let us mention again that the main advantage of IP cameras is their high
resolution.

Are there other ways of transmitting

megapixel resolution besides networks?
In fact, it is possible to obtain a megapixel image without using a network.
Technology exists that allows transmitting high-resolution video through a
regular coaxial cable.
Figure 1.1: HD-SDI connection.
Data is transmitted through high-speed HD-SDI (high-definition serial digital
interface) which looks like a regular BNC. At present, this technology is
being developed by HDcctv Alliance.
On one hand, this variant of video surveillance system building is rather
interesting: we always have a “live” image at 25 frames per second without
any delays. Besides this, there is no need to handle the networks: all you need
to do is connect the camera to the recorder and it starts working.
However, in practice, the picture is not so rosy. When video is transmitted
through a coaxial cable, the recorder receives a lot of uncompressed video
streams of high resolution. Taking into account the fact that one
uncompressed stream involves 0.5 – 1.5 Gbit/s, it is hard to imagine the
required processing power of a recorder capable of compressing and
recording the data from, for instance, 16 cameras simultaneously. Nowadays,
devices for recording up to eight cameras are available on the market.

What does an IP video surveillance system

consist of?
The structure of an IP surveillance system is quite simple.
Figure 1.2: IP video surveillance system components.
 IP cameras, which make and compress video at the same time;
Servers or video recorders, which receive streams from the cameras,
record them to disks and either transmit “live” video or archive records
to workstations.
Workstations, which receive video from servers and display it on their
screens.
Network switches, which connect all the components above.

The term “server” has two meanings: a computer device or software. For
example, a 19”rack mount server is a computing device, while a web server is
software which forms web pages.
All these devices will be discussed in more detail below. We will analyze
their arrangement and types as well as pay special attention to ways of
preventing mistakes when choosing various components.
 Chapter 2
IP Cameras

This chapter looks at the following issues

Arrangement of the IP camera

Comparison of CCD and CMOS
What is a web server?
How to choose the best IP camera

The first thing we think of when we hear the word "surveillance" is a

compact CCTV camera, looking down from the ceiling or wall. Similarly, the
first component of an IP video surveillance system is the IP camera. We can
say more - a modern IP camera can be a surveillance system in itself: the
camera can shoot, record and send messages about the occurring events.
In this chapter, you will learn about the arrangement and different types of IP
cameras, and what features you should consider when choosing an IP camera.

How the IP camera is arranged

The modern IP camera is the result of combining a camera and a small
computer in one body. Here is the scheme of the IP camera work process:
Figure 2.1: IP camera arrangement.
The lens focuses the image on the image sensor, which converts an optical
image into an electrical signal. After amplification, the signal is transmitted
to the image processor for adjustment of brightness, color and other
parameters. Here, the compressor compresses the video stream and then it is
ready to be transmitted to an external network via the Ethernet controller.
All the tasks are managed by the camera’s CPU, which, among other things,
performs the functions of motion detection, web server, and many others.
Like any computer, the IP camera requires an operating system. The IP
cameras usually use various modifications of Linux as an operation system.
Let’s examine each component of the camera in detail.

IR-Cut filter
We begin from a small device located between the camera lens and the
sensor. This is an optical filter or an infrared filter. Basically, it is a small
glass plate, which does not let the infrared (IR) light pass to the sensor. Why
is it necessary?
Figure 2.2: Operating principle of the IR filter.
The fact is that the sensors are sensitive not only to visible light, but also to a
fairly large part of the infrared spectrum. If the IR filter is not set, then
because of the contact of the infrared spectrum with the sensor, the colors of
the resulting image will be distorted beyond recognition.
Many cameras are equipped with a special mechanical drive that can install
the IR filter in front of the sensor and when necessary - remove it. Why is it
necessary to remove the filter? At night, when visible light is low, it is
reasonable to remove the IR filter to allow more light to reach the sensor,
even in the infrared range. When this happens, the camera goes into black
and white mode, solving the problem of color distortion. This type of camera
is called a "day-night camera."

Different types of sensors have different sensitivity to the IR spectrum,

and therefore produce different sensitivity gain when the IR filter is removed.

Sensor
Today’s CCTV cameras use two types of sensors: CCD and CMOS. To
convert light into electrical charges, the CCD and CMOS sensors use
photocells. The difference between these sensors lies in the way the electric
charges are read.
CCD reads a signal by a consistent charge transfer from the cell, where it was
formed, to the adjacent cells until it reaches the edge of the sensor, where it
will be transmitted to the amplifier and video editing processor.
Figure 2.3: CCD arrangement.

Let’s imagine: the light strikes a photodiode of one of the CCD pixels. This
results in a few free electrons, i.e., a negative electric charge. This charge
must somehow be delivered to the amplifier, and further - to the camera
processor. In this case, we are not talking about the current that can be
transmitted by wire, but only about a few electrons, which, before they can be
transmitted somewhere, have to be amplified, i.e. converted into voltage.
Thus, the charge of the pixel, where it was formed, is shifted to the adjacent
pixel, and then moves successively from pixel to pixel until it reaches the
edge of the sensor. Then it gets into the shift register and in the same way is
successively transferred from cell to cell, until it finally reaches the amplifier.
Here the charge is converted into the voltage that can be further processed by
the processors.
Unlike CCDs each of the CMOS sensor’s photodiodes has its own transistor,
which converts the charge into an electrical signal directly on the pixel.
Hence, in the CMOS there is no such thing as a successive transfer – the
signal is read directly from the pixel.
Figure 2.4: CMOS arrangement.

Let’s compare the advantages of each of these technologies.

CCD advantages
High light sensitivity. The CCD sensor’s photocell has a larger area than the
element of CMOS. Each CMOS photodiode has a transistor and "connection"
of the accompanying elements, which take a fairly large area.
In other words, CCD receives more light than CMOS, which has a large area
of the sensor that is simply not sensitive to light. It should be pointed out,
however, that CMOS technologies are still developing and much more
sensitive sensors are appearing in the market, step by step catching up with
CCD.
Today there are two basic CMOS technologies - Active Pixel Sensor (APS)
and Active Column Sensor (ACS)
Figure 2.5: APS (left) and ACS (right).

As the drawing shows, the ACS technology allows for a significant increase
in the area of the photosensitive element as compared with APS.

When selecting IP cameras, pay attention not only to the type of sensor –
CCD or CMOS, but also to the technology – ACS or APS. ACS is more
sensitive than APS.
Low noise level. Compared with CMOS, CCD has a minimal number of
active electronic elements, which could cause the thermal noise in the picture
in the result of heating.
CMOS advantages
Resolution. Now, relatively low-cost CMOS sensors with resolution of 10
megapixels or higher are available. The maximum resolution of CCD used in
CCTV is only 1 megapixel.
Low-cost CMOS. Cameras that use CMOS are significantly cheaper than the
cameras using CCD.
Compact size and lower power consumption can significantly reduce the
size of cameras.

Physical size of the sensor

The size of the sensor is determined by its diagonal length in inches. Modern
sensors may have the following sizes: 2/3; 1/2.7; 1/3 and 1/4. The larger the
physical size of the sensor, the more light falls on each pixel, which has a
positive effect on the sensitivity of the camera.

Video signal processor

Video signal processing is present not only in IP cameras, but in all analog
CCTV cameras. It is an important module, which performs the primary
processing of the video signal: it adjusts the brightness, color, contrast, and
performs more complex operations. These are some popular functions
performed by the video signal processor:
AGC (Automatic Gain Control) - allows amplification of the signal and
affords an acceptable image in low light. Typically, the adjustment range is
limited to 10-fold amplification, as greater amplification leads to considerable
noisiness of the video signal.
AWB (Automatic White Balance), or AWC (Automatic White
Compensation) - automatic adjustment of the white balance to normalize the
the color rendition.
BLC (Back Light Compensation) / SBLC (SuperBLC) - backlight
compensation, which allows adjustment of the illumination of the subject
against a bright background.
DNR/SDNR (Digital Noise Reduction / Super Digital Noise Reduction) -
digital noise reduction algorithm.
WDR (Wide Dynamic Range) - an extended dynamic range for high-quality
or imaging when one part of the frame is dark and the second is very bright.

Compression processor
Video-stream compression is usually performed by a separate DSP (Digital
signal processor). The DSP chip, apart from the processor itself, has its own
memory to which the software algorithms that perform compression are
loaded. Today’s DSPs have quite an impressive performance that allows
compression of the megapixel streams in H.264 format at 30 FPS.
After compression, the stream is transferred to the camera management
software for onward transmission to the network or recording to the built-in
flash card.

Camera CPU
The IP camera, in fact, is a small self-contained computer. And like any
computer, the IP-camera has a central processing unit (CPU), memory,
operating system (usually a modified Linux) and software ("firmware"). This
complex provides the overall management of the camera and allows
implementation of additional user features. Some of these features are listed
below.

Motion detectors and different video analysis functions

Almost all IP cameras have built-in motion detectors that analyze the video
stream. The regular motion mask detector is a simple function performed by
the CPU.
Also, complex video analysis, such as, for example, abandoned objects
detector, object tracking and classification is arousing more and more
interest. These functions are transferred from the video processing servers to
the cameras. In this case the analytical algorithms are typically performed by
a separate DSP.

For more details on analysis refer to the section "Video analysis"

 The transfer of the video analysis to the cameras allows, firstly, use of
higher quality uncompressed video for processing and secondly, significant
unloading of the video recorder.

Recording to the built-in flash card

If you insert the flash memory card in the IP camera, the control software will
be able to record the stream on the card in the form of files, i.e. our camera
will act as a camera itself and at the same time - as a recorder. The user will
be able to connect to the camera via the computer browser and to adjust the
video recording parameters: resolution, speed, and motion detector. Later, the
user will also be able to download the stored video archives files from the
camera to the computer via the browser.

Web server
The web server is a special program. When you type the address of your
favorite web site in the browser, your computer connects to the server and
requests the necessary information. In response, the program "web server"
sends us an HTML page of the web site.
Figure 2.6: Web server of the camera.

Similarly, when we specify the IP address of the camera in the browser, the
web server working in the camera sends us an HTML page. On this page we
see the camera settings and video stream.

Control of the camera’s dry contacts

The camera’s software allows control of the dry contacts of the camera – to
close and open the output relay, or to read the state of the input contacts.

Network interface
The connection of the IP cameras to an Ethernet network is carried out
through an adapter. Many camera adapters also support PoE (Power over
Ethernet), allowing the camera not only to obtain data, but also to receive
power through a single cable.

For more information on PoE refer to the section "Network equipment"

How to choose the IP cameras

The question of how to choose the camera can be viewed from three sides:
the type of camera, image quality, and functionality. Let’s examine these
issues in detail.

The type of camera

The type of camera or the physical version of the camera defines its scope.
Here are the main types of cameras:

Box Camera
Dome Camera
PTZ, SpeedDome
Non-mechanical pseudo PTZ dome camera. The operator controls the
rotation of the camera, as in the case of the PTZ camera. The camera
does not physically move. It is equipped with a wide-angle lens and
captures the whole panorama from 180° to 360° at once. The operator
only moves a virtual window with the help of software.
Miniature hidden camera

Figure 2.7: Web server of the camera.

Having defined the appropriate type of camera, let’s continue on to the most
interesting point - the parameters that determine the quality of the image.

Resolution
As a rule, we base our choice of IP camera on the resolution parameters
because this is the most obvious indicator of quality. The resolution of an IP
camera can be up to 10 megapixels, but beware: a large number of
megapixels may not only provide advantages, but also serious disadvantages:

it requires a significantly more expensive lens

it reduces video transmission speed
it can have low sensitivity.

Also be aware of the fact that sometimes the claimed camera resolution can
be higher than the resolution of the sensor itself. How can this be? For
example, we take the frame 1280x720 and transmit it to the camera’s
processor, which increases the frame resolution up to 1920x1080, and
calculates the missing pixels as the mean value between the adjacent
elements. This method is called interpolation, and results in a large image
with blurred details.
Besides the sensor, the performance of the video processor and compression
quality affect the final resolution obtained on the screen. The actual
resolution of the camera is measured in the TV lines during testing. For this
purpose, one should make several video recordings of the testing table in
different lighting conditions, and then look at what point the lines of the
testing wedge merge. This will be the actual resolution of the camera.
Figure 2.8: Testing wedge for measuring the resolution capability of the
camera.

Light sensitivity
This parameter is by far one of the most important to consider when choosing
the IP camera. We are used to getting a decent picture at night by installing
an inexpensive analog camera on the street. So it often can be a surprise when
you replace that old camera with an IP camera, which, among other things, is
several times more expensive, and instead of a picture at night, you see a
"black screen".
When choosing a camera, the first thing you need to pay attention to is the
sensitivity stated in the specifications. A minimum necessary level of
illumination is measured in lux. 1 lux means the camera will show something
at dusk, but at night it will catch nothing without artificial illumination. Here
are some benchmarks for comparison:

Table. Light conditions

Recording Conditions Illumination Level
Sunset 500 lux
Twilight 1 lux
Night with full moon 0.1 lux
Night with a quarter of the lunar disk 0.01 lux
Night with a clear starry sky 0.001 lux
The acceptable parameters for a camera that will be installed on the street are
0.01 lux or less.
However, it is difficult to measure the number of lux, so the sensitivity stated
in the specifications does not always reflect the actual capabilities of the
camera. To get an impression of the camera sensitivity, you need to pay
attention to the size of the sensor, as well as to its type. The larger the sensor,
the better the camera; CCD is better than CMOS; ACS CMOS is better than
CMOS APS. But the safest and most highly recommended way of judging a
camera is, of course, to test the camera by recording a few test videos of
moving objects in poor lighting conditions.

It is important to understand that in low lighting conditions the camera’s

resolving power is significantly worse. In addition, moving objects produce a
smearing effect due to the increased exposure. Usually when the light level
drops to the stated sensitivity of the camera, the image quality drops to an
unacceptable level.

Framing speed
Framing speed is also a quite interesting and worthwhile option. Unlike the
analog cameras that always transmit video in real-time at 25 or 30 FPS, not
all IP cameras can boast such a speed. For example the cameras with very
high resolution will not be able to shoot at a speed of more than 5 - 10 FPS.
This means that you will have the renewal slides, but not video on your
monitor wall. In this case, you must decide what is more important: a high
resolution or comfort of the operator.

Capabilities of the video signal processor

As we already know, the signal from the sensor is processed by the video
processor. Here the normalization of the brightness, contrast, noise reduction,
and a number of other changes occur. The final video quality largely depends
on this processing. The difficulty lies in the fact that looking at the
specifications, it is difficult to assess the processing quality. This can be
assessed only indirectly by the presence of such features as 3D-DNR (noise
reduction system), digital image stabilization, WDR (wide dynamic range)
advanced system, etc.
Now let's look at the functionality of the camera.
Compression algorithm. More and more cameras support both popular
codecs MJPEG and H.264.
Presence of PoE. If the camera can be powered from the switch and requires
no separate PSU, it is a definite advantage. Now almost all cameras support
PoE. There is, however, the opposite situation: some compact cameras
support PoE only. In this case, the presence of PoE at the absence of power of
12/24 V can be a disadvantage.
Presence of audio input or built-in microphone is also an advantage.
Presence of flash cards and dry contacts. It is important to remember that
the presence of slots for the memory cards and dry contacts on the back panel
of the camera does not guarantee that you will be able to use them somehow
in the system. If you plan to use the flash card or dry contacts, you must first
check with your supplier whether the camera itself can control the contacts
and whether or not you can use the card for recording in the required mode.
Will the video surveillance software work with the card and the contacts of
the given camera model?
So let’s generalize the list of important parameters for IP cameras:

Resolution
Light sensitivity
Framing speed
Capabilities of the video signal processor
Compression algorithm
PoE.
Audio
Analog output
 Flash card and dry contacts

What is a video streamer?

A device exists to receive video from the analog cameras, digitize it,
compress and transmit it to the network, i.e. convert the analog video to the
IP stream. This device is called a streamer. It is also often called a video
server or a video encoder.
Figure 2.9: Arrangement of the video streamer.

The internal structure of the video streamer is similar to that of the IP camera.
In fact, it is the IP camera without the camera itself, i.e. without the sensor
and video signal processor.
Video streamers are often used to connect analog cameras to the IP video
surveillance system. For example, at the upgrading the majority of cameras
are replaced by IP cameras. But some expensive high-speed PTZ dome
cameras are kept and connected to the new system through the video
streamer. Besides the video stream itself, the streamers allow passing of the
audio data, information on the status of the dry contacts, as well as telemetry
signals through the IP network.
 Chapter 3
Lenses

In this chapter the following issues will be examined

Lens resolution
Lens types
What is the lens aperture?
Focus quality
Sizes and types of the lens mounts

A good camera always requires a good lens. Now that cameras are able to
form many megapixel images, the requirements for the quality of lenses have
increased dramatically.
When choosing a lense, the first thing we usually look at is its focal distance,
or "view angle". However, apart from this, the lens has a number of important
parameters. Let us consider them in order starting with the most complex one
- its resolving power.

Lens Resolution
Once you have decided on the camera, you have to solve an equally tricky
problem, which is to choose a good camera lens. If you install the wrong lens
on a many megapixel camera, the quality of the resulting images will like that
of a conventional analog camera, instead of megapixel quality.
The problem is that the resolving power of the lens may significantly vary
from model to model. On the other hand, in their specifications,
manufacturers do not specify any parameters to enable one to draw a
conclusion about the quality of the lens. The only thing manufacturers do is
add the prefix «Megapixel Lens» to the name of the camera, which, in fact,
hardly clarifies anything. In some cases, these so-called megapixel lenses are
worse than conventional CCTV lenses for analog cameras.
So how can you choose a good lens? We can suggest three ways:
Individual testing. This does not refer to a full test with detection of such
parameters as the number of lines per millimeter (for this we would need a
laboratory), but to making a few test recordings using different lenses with
the camera we plan to use onsite. The standard test patterns or simply a
contrast scene with lots of small details can be used as a subject. The made
recordings will help assess the acuteness and detail of the frame and to select
the appropriate model.
Published tests, comparisons and comments. To choose the appropriate
model you can view articles with comparisons and also read user comments.
Price. Production of the high-quality lens is a complicated and expensive
process (compare the cost of the CCTV lenses, and lenses used in
photography), so a cheap lens is unlikely to have a high resolution.

Lens types
Standard lenses are used with the box cameras.
Zoom lenses or motorized lens with the remote control of the focal distance
(zoom). I recommend having autofocus for this type of lens.
Pinhole is a lens with a small diameter cone front. These lenses are used for a
hidden camera installation.
Panoramic lenses have an extremely wide viewing angle and allow capture
of a full hemisphere in a single frame. This type of lens strongly distorts the
geometric proportions of the image. The camera’s processor or software on
the server side performs the subsequent normalization of the frame geometry.
The panoramic lenses are used in pseudo PTZ cameras that shoot the entire
hemisphere. With these, the operator controls the camera by moving a virtual
window throughout the hemisphere that is being shot.
Mirror lenses use a combination of mirrors and lenses for high zooming at a
minimum size.
Lenses with a built-in image stabilizer can largely eliminate the jitter of the
image when the camera is exposed to strong vibrations. It is worth pointing
out that there are program methods to stabilize the frame: digital processing
on the side of the camera, processing on the side of the server or the
subsequent processing of the video using specialized editors. However, the
quality of the software processing is significantly inferior to capabilities of
lenses with stabilization.

Focal distance or view angle

Focal distance is the distance from the main point of the lens to the point of
ray focusing. It is important to understand that the focal distance determines
the capture angle of the scene. The longer the focal distance, the smaller the
angle and the higher the visible zooming.
Figure 3.1: Focal distance and view angle.

Varifocal lens, or a lens with variable focal distance, has the ability to
change the focal distance and, consequently, the angles.
There are a number of free and paid programs that not only help convert
millimeters of the focal distance in the angles, but also visually present to you
how an object will look on the screen when you use certain lenses.
Aperture ratio
The original definition of the aperture ratio is a quantity characterizing the
degree of attenuation of the light flux by the lens. This attenuation depends
on many lens parameters. In everyday life, we can give a less complicated
definition for the aperture ratio. It is the focal length divided by the f-number,
for example F/1.4. The f-number determines how wide the aperture is
opened. And the lower this number, the wider the aperture and the more light
can pass through the lens. That is why a lens of F/1.4 will be faster than a
lens of F/5.6.
Figure 3.2: Lenses with different aperture ratios.

However, money spent on an expensive fast lens is not always well spent. It
is important to know one nuance associated with the sharpness. The wider the
aperture opens, i.e. the larger the focal number, the more difficult it is to get a
clear focus on the entire area of the frame. In some cases, instead of buying
an expensive rapid lens, it is better to choose a more sensitive camera or to
provide artificial lighting for your subject.
We will examine in detail why it is difficult to obtain a sharp image with an
open aperture, as well as other issues related to the focus:
Focus quality
The main objective of the lens is to focus the rays on the camera’s sensor.
But this is quite difficult to do well. Let us examine the issue of focusing with
an example.

Asphere
Suppose we have a camera lens that we will depict as a simple lens.
Figure 3.3: Spherical lens.

Note how the rays entering our lens converge to different points. At the same
time, no matter how we try to adjust the sharpness, we will get a blurry
picture. This is a common problem of many lenses, caused by the fact that
spherical lenses do not provide an ideal focus for the entire area. To solve this
problem you need to use more expensive aspheric lenses. Therefore, if the
use of the aspheric lenses is mentioned in the specifications you can expect a
better focus.
Figure 3.4: Aspheric lens.
IR correction
Suppose we have chosen a good aspheric lens and installed it on a street
camera. After a while, watching the night records we notice that despite the
image being sharp in daylight, at night the sharpness declines substantially.
One reason for this is infrared radiation. At night when the camera goes into
black-and-white mode, the IR filter is removed and a large fraction of the
light in the infrared range strikes the sensor. The refraction angles of visible
light and infrared radiation are different, so the focus for the IR spectrum is at
a different distance if compared to the visible light.
Lenses with IR correction, which due to the use of different types of lenses,
have focus for both visible light and IR radiation at almost the same point,
can help cope with this effect.

Depth of field
There is another way to increase the quality of the lens focusing. And this
way, unlike the first two, is completely free. All you need to do is to close the
aperture as much as the lighting conditions permit. The smaller the aperture,
the sharper image we get. On one hand, this effect is related to the depth of
field, which is the distance between the near and distant points in space that
are sharp in the frame. When you close the aperture, the depth of field
becomes bigger, sharpening the details that were previously out of focus.
Figure 3.5: Depth of field.
On the other hand, closing the aperture, we block the rays passing through the
peripheral zone. The rays can only pass through the center of the lens. The
fact is that the farther from the center, the more difficult it is to maintain a
perfect geometric lens shape and to provide a uniform focus. For example,
we remember that when we use the spherical lenses, the edges of the picture
may get blurred. With a sufficient closing of the aperture, the rays will only
pass through the center and the blurred edges will become clear again.
Figure 3.6: Closing the aperture to improve the image quality.

While experimenting with the aperture, remember that when we close the
aperture we deprive the camera of light, which in low lighting leads to noise
and resolution reduction of the obtained images.
Other characteristics of the lens
Format
There are different lenses for sensors of different sizes. For example, the lens
may be suitable for a 1/3 or 1/2 lens. This parameter is always cited in the
specifications. The lens for a bigger sensor can be used with a sensor of a
smaller size. If you do the opposite, such as install a lens 1/3 in a camera with
a sensor 1/2, you will have a black border at the edges of the frame.

Mounting
Two types of mounting are used in CCTV: C and CS. The difference between
them lies only in the distance from the lens mounting plane to the sensor. The
earlier format C has a distance of 17.5 mm. With the advent of the more
compact sensors (less than 1/2") you can reduce this distance to 12.5 mm (CS
format) and thereby reduce the size and the cost of the lens itself. Nowadays
the majority of CCTV lenses correspond to the CS format. C lenses can be
used with the CS cameras, using the adapter ring, while on the contrary C
cameras cannot be used with CS lenses.
Figure 3.7: Installation of the lens with different types of mounting.
Aperture control
There are 3 methods of controlling the aperture.
Manual method, when the opening degree of the aperture is regulated by a
swing ring on the lens.
VC or video signal control (Video Drive) - In this case, the camera
transmits a video signal to the lens and the lens, analyzing the signal, decides
whether to open or to close the aperture.
DC control (Direct Drive), when the camera itself estimates the brightness of
light falling on the sensor, and applies a voltage directly to the lens motor that
controls the opening of the aperture.
 Chapter 4
Video Recording

In this chapter, we examine:

Options for organizing the video recording

How the process of getting video streams is arranged
How the server is arranged
How to choose the best video recorder

The first task of the video surveillance system is to get a high-quality image
of the object. The second is to store the image for potential investigation into
an incident observed in the recording. In this chapter, we will examine in
detail all the issues associated with video recording, starting with the process
of obtaining images from the cameras and ending with a description of the
individual functions of the server software.

Where is the video stream from the IP

camera recorded?
Sometimes a computer may be used as a recording device, sometimes a video
recorder, and sometimes the system dispenses with a separate recording
device. Depending on the task, you can use one of the following:

Recording to the camera side. The video stream is recorded to a

memory card inserted directly into the IP-camera. Nowadays, virtually
all IP-cameras have this feature.
Video recorder. A specialized device for recording the video streams.
There are recorders to record both analog and IP cameras.
Software plus computer. With special software installed on the
 computer, you can record video to the hard disk.
Server for video recording. This is an improved version of recording to
the computer. The server is usually much more fault-tolerant,
productive, and easy to maintain.
SaaS. SaaS means ‘Software as a Service’. In this case we need neither
video recorder, nor special software. The video is recorded through the
Internet to third-party servers. We need to enter into a contract with a
company providing such services, and the company takes care of all
issues related to the organization of video recordings. In turn, we have
remote access to our video archives without the need to purchase any
additional equipment.

Which option do you choose in each case? In general, this is determined by

the number of cameras and requirements for the system functionality. For
example, if we have a system with two cameras, then it makes no sense to
install a separate video recorder or server. It is easier to record video to the
memory card of the camera or to a PC. If the system has 100 or more
cameras, the most reasonable option would be to install multiple servers.

Table. Comparison of recording options

Advantages Disadvantages
Recording
to the
camera The simplest and the There is a risk that the
side cheapest option; archives can be stolen
Minimal load on the network; together with the
camera;
The archive depth is
limited by the size of the
memory card

Video
recorder
As a rule, the recorder is It has fewer features
easier to set up than a than the computer
computer system; system;
Limited ability to
integrate with other

Software
plus
computer Wide variety of software
ranging from completely free
versions up to packages that
cost tens of thousands of
dollars;
Integration of video
surveillance with other
systems is relatively quick to
achieve;
Server for
video
recording High level of reliability;
Complete solution that
eliminates the problem of
software and hardware
interoperability;
SaaS
No need for initial
investments - only fees for
the provision of services;
No need to understand how
the equipment functions;
Video archives are protected
from theft
security systems (e.g.
fire and burglar alarms);
Building a high-quality
system requires
extensive knowledge of
information
technologies;
There may be problems
with the interoperability
of the software and
selected computer
components;
As a rule, the server is
the most expensive
solution;
It is necessary to provide
a third party with access
to private video content;
Due to the instability of
the Internet connection,
individual video
fragments may not be
recorded;
How the process of getting the video stream
is arranged
Before we proceed directly to the recorders, let’s take a look at how the
camera transmits video. Analog cameras generate a standard television
signal, which can be seen on the oscilloscope. And what do IP cameras
generate?
Initially, IP-cameras generated separate files - JPEG-images. That is, the IP
video surveillance system worked as follows: the IP camera shaped a frame,
compressed it into a JPEG file and put it on a specific web address, for
instance:
http://192.168.1.10/images.jpg, where 192.168.1.10 is the IP address of
the camera.
The computer downloaded the image from the camera, just as we download
pictures from websites. Then, the camera updated this image several times
per second, so that the computer downloaded the actual frame each time.
In camera settings, this method is generally defined as JPEG over HTTP,
and it is present in the majority of the modern cameras.

Put the IP camera in this mode and try to enter the location address of
JPEG images in the address line of the browser. (The location address may be
found in the manual of your IP camera). Pressing F5 or the update will enable
you to see changing images in the browser. In fact the recorder does the same
thing: it updates the images several times per second and saves the result.
That is how video surveillance systems worked a few years ago. Now this
method is seldom used, as the streaming compression algorithms and
streaming methods for video transmission are becoming increasingly popular.
The most prominent representatives of streaming compression algorithms are
MPEG4 and H.264 that, in contrast to JPEG, do not compress each image
individually, but work with a sequence of frames, selecting and recording
only the changing frames. The most common mechanism of the streaming
transmission is RTSP. Let us examine this in further detail.

RTSP
RTSP (Real Time Streaming Protocol) is an application protocol, which
describes the commands for the video stream control. With these commands,
we can order the camera or server, for example, to start broadcasting the
video stream. The request at the beginning of the playback appears as
follows:
PLAY rtsp://192.168.0.200/h264 RTSP/1.0

This means that RTSP is simply a set of commands for the video stream
control.

Let us run an experiment. To do this we need the IP camera with RTSP

and its RTSP address. This address appears as follows rtsp: // <ip address of
the camera>/mpeg. It can be found in your camera’s manual or in the API
description. For convenience, we will list the RTSP addresses for a number
of popular cameras.

Table. RTSP addresses of popular cameras

Manufacturer RTSP Address
ACTi rtsp://IP address of the camera/
Acumen rtsp://IP address of the camera /mpg4/rtsp.amp
Arecont rtsp://IP address of the camera /h264.sdp?res=(half |
Vision full)&x0=(0..max_sensor_width)&y0=
(0..max_sensor_height)&x1=(32..max_sensor_wisth)&y1=
(32..max_sensor_height)&qp=(4..51)&ssn=(1..65535)&
[doublescan=(0|1)]&[bitrate=(0..65536)]&[fps=1..100]
Note that it is the parameters of the requested stream that are
given in parentheses, i.e. the expressions in the parentheses
must be replaced by the desired value
AXIS rtsp://IP address of the camera /mpeg4/media.amp
or
rtsp://IP address of the camera /axis-media/media.amp
D-Link rtsp://IP address of the camera /play1.sdp
GeoVision rtsp://IP address of the camera /ch001.sdp
Samsung rtsp://IP address of the camera /mpeg4unicast
Sanyo rtsp://IP address of the camera /VideoInput/1/h264/1
Sony rtsp://IP address of the camera /media/video1
 Once we have learned the RTSP address of the camera, we open the
standard player that supports RTSP. It can be one of the following programs:
Windows Media Player, QuickTime, Media Player Classic, VLC media
player, RealPlayer, MPlayer. We chose QuickTime. Open the menu File>
Open URL and enter our RTSP address. After this, QuickTime will connect
to the camera and play the live video.
The recorders operating in IP video surveillance systems get video from the
cameras either by using HTTP (that is, also, as we download JPEG images
from a website) or as a stream through RTSP (that is, as we received it with a
standard player in the last example).
In IP camera settings, the streaming option for data transmission may be
referred to as RTSP over TCP, RTSP over UDP or just RTP.
So RTSP is a set of commands for the video-stream control. But what do
TCP, UDP, and RTP mean? TCP, UDP and RTP are the transport
mechanisms (protocols), which actually transmit the video.

TCP
Suppose we have chosen RSTP over TCP and want to start the video-stream
transmission. What will happen at the level of the transport mechanisms? A
connection between sender and receiver will be preset with the help of
several commands. After this, the transmission of the video will begin. In this
case, TCP will ensure that all data reaches its intended recipient without
change and in the correct sequence. TCP will also adjust the speed of
transmission so the transmitter does not send more data than the receiver can
handle.

UDP
UDP is an alternative to TCP. Unlike TCP, UDP does not establish a prior
connection, and instead just starts sending the data. UDP does not ensure that
the data is received and does not duplicate it if separate parts are missing or
were received with errors. UDP is less reliable than TCP. But on the other
hand, it provides faster transmission of streams due to the lack of the iteration
mechanism of the lost packages.
The difference in TCP and UTP can be illustrated by the following example.
Two friends meet:
TCP variant
Mike: Hi! Let's chat! (Connection is being established)
Eddie: Hi! Ok! (Connection is being established)
Mike: Yesterday I was at the store. Do you understand? (Data transfer)
Eddie: Yes! (Confirmation)
Mike: The new equipment was being unloaded there. Do you understand?
(Data transfer)
Eddie: No (Confirmation)
Mike: The new equipment was being unloaded there. Do you understand?
(Retransmission)
Eddie: Yes! (Confirmation)
Mike: Tomorrow I'll be there again. Do you understand? (Data transfer)
Semyon: Yes! (Confirmation)
UDP variant
Mike: Hi! Yesterday I was at the store (Data transfer)
Mike: The new equipment was being unloaded there. (Data transfer)
Mike: Tomorrow I'll be there again. (Data transfer)
Mike: I can ask the price for you. (Data transfer)
Mike: They have promised discounts for large quantities (Data transfer)
Mike: If you want, call me and we will go together (Data transfer)
Eddie: Ok, I’ll call (Data transfer)

You can also see the difference in the protocols by running the following
experiment: try to set the camera in RTSP over TCP and wave your hand in
front of the lens - you will see a delay on the screen. Now run the same test in
RTSP over UDP. The delay will be shorter.

The delay time depends on the following factors: compression format,

computer power, transport protocol and features of the software that
participates in video decoding.

RTP
RTP (Real-time Transport Protocol). This protocol was created specially to
transport real-time traffic. It allows monitoring of synchronization of the
transmitted data, to correct the sequence of the package delivery and, that is
why it’s better for transporting video and audio data.
In general, it is better to use RTP or UDP for video stream transmission.
Working through TCP is justified only when we have to deal with problem
networks, because TCP will be able to correct the mistakes and failures
arising at the data transmission.

How does a computer-based video recorder

work
Now we understand the principle of getting the video stream, let’s take a
closer look at the video recorder. As an example, we will take a computer
with software installed for video recording, and a 1-megapixel camera, which
transmits the video in H.264.
Schematically it appears as follows: the program receives the video stream
via a computer network card and records it to a file on the hard disk. You
may ask: Is that all? Is it so easy?
So how are CPU, RAM and video cards involved in this process?
Figure 4.1: How the video recorder works.
CPU is involved in the video recording only for control, and the load on it is
quite low.
RAM is needed for operation of the video-recording program. The more
cameras we want to record at the same time, the more memory we need.
Video cards are not involved in the video recording process at all. The video
card is only needed to display live video or archives.
Let us examine the role of each component in greater detail.

CPU
The process of recording information to disk does not require high computing
power, so the load on the CPU is usually low.

The CPU loading on the Windows based systems can be seen with the
task manager by pressing «Ctrl + Shift + Esc»
If you have already had to deal with IP video surveillance systems, then you
may have asked this question: "We have installed an IP video surveillance
system and a very powerful computer with the most productive process used
for recording, but the CPU is constantly loaded to 100%. Why is this
happening? "
Most likely, this computer does not only perform recording, but also video-
stream encoding / decoding. It happens in the following cases:

1. Besides recording, the live video is playing on the computer. Before

displaying the picture on the screen, the stream has to be decoded.
Decoding of megapixel cameras requires significant CPU resources.
2. The software motion detector is turned on. For a detector to be able to
detect motion in the frame, again it is necessary to pre-decode the
stream. To avoid overloading the CPU, it is better to use hardware
motion detection that works on the camera.
3. The software will re-encode the stream. This can be done either if it is
necessary to additionally compress the stream for transmission over a
network, or if the software performs recording in its internal format. In
either case, re-encoding is extremely non-optimal and should not be
used without good reason.

Here one more question may arise: "If CPU and RAM are not so important
for video recording, why can’t we save on the hardware and record all of our
100 cameras to one computer?"
Answer: Even with optimal use of computer resources, it is quite difficult to
do this. One of the limitations is the speed of recording to the hard disk.

Video recorder hard disks

Let’s examine this issue using an example.
Suppose we have 100 cameras with a resolution of 1 megapixel. Let’s see if
there’s any chance we can record them to a single computer.
Our cameras are in H.264 and transmit the stream with a speed of 6Mbit per
second. In total, this is 600Mbits/s and if our computer’s network card and
our network have a capacity of 1Gbit/s, then we can get the stream. Now let’s
convert megabits in megabytes. One byte is 8 bits, so 6Mbit = 6/8 = 0.75
MBytes.
 The speed of the data transmission over the network is usually measured
in megabits/sec - Mbit/s
The volume of the recorded data is usually measured in megabytes - Mbytes.
One byte is 8 bits.
Since we have 100 cameras, the total stream is equal to 0.75 Mbytes/s x 100
= 75Mbytes per second.
Now we need to understand: how fast can the video be recorded to our
computer’s hard disk?

Not to be confused! The actual speed of reading/recording and the

capacity of the interface - these are two different things. For example, the
capacity of the interface SATAII is 3Gb/s or 375 Mbytes/s and the recording
speed to the hard disk connected via this interface can be as low as 30
Mbytes/s.
To determine the actual speed of the disk we need to use a special program,
such as one of the free programs IOMeter or DiskBench. The range of
recording speeds of different disks is very large - from 10Mbytes / s to
100Mbytes and more. In our case, the test showed the speed of 54Mbytes / s.
This means that even with the most optimal configuration, we won’t be able
to record these cameras to one computer.
Now let’s examine a more interesting issue. Suppose our test showed a
recording speed of 100Mbytes / s. Does this mean that we will be able to
record all cameras to a single computer? Again, no. In practice, we need to
divide the resulting speed at least by 2, because in real conditions the
computer performs not only video-stream recording, but also parallel reading
and transfer of the archives to the network, as well as many other support
activities.
As we mentioned earlier, the maximum recording speed of modern hard disks
can reach 100Mbytes / s and higher. How much higher? The standard 3.5"
disk has a rotation speed of 7,200 or 10,000 rpm and a recording speed of up
to 100Mbytes / s. There are more expensive disks with a spindle rotation
speed of 15,000 rpm. The maximum recording speed of these disks is over
150 Mbytes / s.
But that's not all. By combining 15 disks in the total array with the help of
such devices as the RAID controller, you can increase the maximum
recording speed right up to 800 Mbytes/s!

What is RAID?
RAID is a Redundant Array of Independent Disks. In other words, RAID is a
few disks integrated by the controller. With this integration, the system and
the user see the disks as a whole.
There are two main objectives of integrating disks in a single array. The first
objective is to increase fault tolerance and reliability of the data storage. The
second one is to increase the speed of reading / recording. A striking example
of the disks’ integration with the aim of increasing the operation speed is
RAID0.
The incoming information is divided by the controller into blocks and
recorded to all disks in the array. The advantage of RAID0 is an
exceptionally high reading / recording speed, which is due to division of the
incoming stream between the individual disks reaching 800 Mbytes / s. The
disadvantage has to do with reliability, as the failure of any of the disks leads
to the loss of all data.
Figure 4.2: RAID 0.

An example of the array, the main objective of which is fault tolerance, is

RAID1, or "mirror". All information is completely duplicated, achieving a
high degree of data storage reliability.
Figure 4.3: RAID 1.
Currently, the most widely used array in IP video surveillance and other
systems is RAID5. What is it?
The incoming stream is divided by the controller into blocks that are each
recorded to their own hard disk. The hash total is recorded to the last disk.
Figure 4.4: RAID 5.

Suppose that one disk has failed. In this case, the lost blocks will be
recovered by simple logic addition of all blocks left on other disks, and the
hash total stored on the last disk. In binary terms it simply appears as follows:
Disk 4
Disk 1 Disk 2 Disk 3
 “Hash Total”
0 0 0 0
1 0 0 1
1 1 0 0
1 1 1 1
With logic addition 1+1 is 0, 0+0 is 0, 1+0 is 1.

Problem.

We have the following values: 0;1;1;0;1;0;1;1;0;0 Calculate the hash total!

We have the following values: 0;0;1;1;1;х;1;0;0;1;0;1;1;1 and the hash total

is 1. Calculate the value in place of ‘x’.
If you look at the RAID5 illustration, you will notice that the hash totals are
not on the same disk, but are distributed evenly among all disks in the array.
This is done to evenly distribute the load between the disks and to achieve
higher reading / recording speed.
The disadvantage of RAID5 is that in case of failure of one disk, the
reliability of the entire array is sharply reduced. The failed disk is changed for
a new one and the hours-long data recovery process is started. In the course
of this process, to calculate the lost value, an intensive reading of the data
from the remaining disks in the array is performed, which can cause the
failure of one more disk. If one more disk fails before the recovery process is
complete, the array will be destroyed with a total loss of data.
There is a more reliable option - RAID6. The principle of operation of this
array is similar to that of RAID5 with the difference that here, 2 hash totals
calculated by different algorithms are recorded. This provides protection in
case of a simultaneous failure of 2 disks.
Figure 4.5: RAID 6.
In addition to these basic options for building the arrays, combinations
thereof are also possible. For example, RAID10 is a combination of RAID1
and RAID0.
Figure 4.6: RAID 10.

Such combinations allow you to take advantage of two types of arrays

simultaneously.
It is important to remember that while organizing RAID you have to use
disks of the same capacity.
The total storage capacity of the array while integrating the disks in RAID 0
is practically equal to the sum of the capacities of all disks. In other cases, the
total storage capacity of RAID will be less than the sum of the capacities of
all disks.

If we use RAID 1, the storage capacity will be equal to capacity of all

disks divided by two.
If we use RAID 5, the storage capacity will be equal to capacity of all
disks minus one disk.
If we use RAID 6, the storage capacity will be equal to capacity of all
disks minus two disks

What are DAS, NAS and SAN?

You can record video to the internal disks of the server and to an external
data storage device. There are three types of external storage: DAS, NAS and
SAN.
DAS (Direct Attached Storage) is a data storage device that is connected
directly to the server, which uses it exclusively.
Figure 4.7: DAS connection diagram.

Servers receive streams from the cameras and record each of them to their
own disk array. The connection can be carried out through different
interfaces, ranging from a low-speed USB and ending with a Fibre Channel.
NAS means Network Attached Storage. Actually, this is a server connected
to the network, which provides its disks for the use of other computers. Users
see this server as a network drive, and they can open the folders, read and
record the files.
Figure 4.8: NAS connection diagram.

The video recording server receives the streams from the cameras and re-
sends them over the network to a specified network drive.
SAN (Storage Area Network) in contrast to the first two options, is not a
device, but a network - a separate data storage network. This network has its
own SAN switches, through which the individual data storage devices are
connected to each other. Typically, the SAN network uses high-speed optical
communication lines.
Figure 4.9: SAN diagram.

The servers receive the streams from the cameras and record them to a virtual
disk that is physically a whole infrastructure. For example, the server sees the
virtual disk, but in reality there are two separate arrays, which are located in
different parts of the building, connected by optics, and which duplicate each
other's recordings. In this case, the server does not have to take care of the
data backup mechanisms and load distribution between the individual
storages - these issues are dealt by the SAN controller.
The question is: which option should you choose for the IP video surveillance
system? The most popular solution is DAS. These devices provide good data
transfer speed, they are easy to configure, and are also relatively inexpensive.
The disadvantage of DAS is the limited flexibility.

Here is an example. We have two servers, each of which records 20

cameras by the movement. We connected their own DAS to each of the
servers. After a while it appears that the intensity of the movements in the
frame on some cameras is significantly higher than on the others. Therefore,
the archive depth of one server is 15 days and of the second one is 2 months.
If we used network storage, we could simply change the quota for each of the
servers and level the depth of the archive.

If we use the internal drives or DAS, we cannot solve this problem so easily.
If you compare NAS and DAS, then the DAS storage in the video
surveillance systems is used more often than the NAS storage. If you use
NAS, large amounts of data are sent over the video surveillance network,
which is already heavily loaded. So if you plan to install NAS storage, you
have to pay special attention to the calculations of the network capacity.
SAN systems are very rare in the field of IP video surveillance. SAN is
usually used in enterprise networks with thousands of computers, when you
need to organize a single universal storage system with a high level of
processing speed and fault tolerance. In video surveillance, we are generally
dealing with only a few servers and workstations. SAN is a quite expensive
system, so the use of this technology for a small number of similar devices
rarely pays for itself.

Network interface
Having dealt with the issues of recording to the disk, let’s turn our attention
to the server’s network interface. The server receives video streams from the
IP cameras over a network. Nowadays there are two common types of
network interfaces: with a capacity of 100Mbits / s (100BASE-T) and 1Gbit /
s (1000BASE-T). There are also interfaces with a capacity of 10Gbits / s, but
these are rarely used now.

How many IP cameras can be connected to the computer over the

network interface?
Suppose we have a computer with a 100-megabit network card.
Let’s make a small calculation.
First of all, let's say that the maximum should not be 100Mbits/s, but 70% of
this value, because the effective capacity is significantly below the nominal
value.
If our cameras transmit video at a speed of 6Mbits/s, the maximum of what to
expect is:
70Mbits/s / 6Mbits/s = 11.6,

i.e. the stream from 11 cameras.

A 1-gigabit channel will allow you to receive 116 streams.
A 10-gigabit channel - 1160 streams.

Determine how many streams you can take through the network card of
1Gbit/s, if each stream is transmitted at a speed of 20Mbits/s.

Why does the server have 2 network ports?

If you have already dealt with modern IP recorders or servers, you may have
noticed that many of them have two gigabit ports. There are 3 ways to use the
dual network interface:

For construction of the fault-tolerant network topology;

In this case, the central switch is duplicated, so that in case of
failure of one of them, both servers will continue to receive the
video streams.
Figure 4.10: Fault-tolerant network topology.
 For physical separation of the network in which the cameras are
located, from the external networks where the client work places are
located.
Figure 4.11: Physical separation of networks.

In this example, the workstation is connected, not to the general

switch, but to the second network port of the server. That is, it
"sees" only the server and the streams, which it broadcasts. The
station cannot connect directly to the cameras, or, for example,
change their settings.

Remember that in the network separation, the VLAN

technology is also used. For more information on VLAN, refer to
the section Networks.
To increase the capacity, the ports sometimes can be combined.

Random access memory

While starting the program, the program itself together with the associated
data must be uploaded from the disk into RAM. The more complex the
program and the larger the volume of the data processed, the more RAM is
required for the operation.
How much RAM do I need to run the program for video surveillance?
This question can be answered only by the program’s developer. Generally,
the more cameras we want to record, the more memory is required.
Will my system run faster if I increase RAM by 2 times? If the existing
memory capacity meets the requirements of the developers, a further increase
in capacity will not affect the processing speed, because the additional
memory will remain unused.
It is important to know that there is a limit on the maximum capacity of
RAM. Nowadays, most video surveillance programs are developed for a 32-
bit operating system with a 32-bit addressable memory. This means that the
program cannot "see" more than 3 GB of RAM.
By connecting the camera, the video surveillance program backs up a certain
capacity of memory. The more cameras that are connected, the more memory
is required. If we want to connect a large number of cameras (typically more
than 50) the program may run out of all the "visible" memory and produce an
error.
To remove this restriction, we may use a 64-bit operating system, plus, just as
important, a 64-bit video surveillance program. In this case we will face no
restrictions - the program can use all the memory available. It should be
noted that nowadays a 64-bit video surveillance program is a rarity.

Operating system
Nowadays you can find a video recorder running both Windows and Linux.
For years the experts have been arguing which system is better. Let's try to
compare and determine the advantages and disadvantages of each system.

First let’s examine the most irritating issue of security.

The operating systems and the programs themselves have different
vulnerabilities. Vulnerability is understood as a defect in the program
code that allows an attacker to "trick" the program and make it perform
an act for which they have no rights.
Based on reports, we can say that Windows has more vulnerabilities
than Linux. Besides this, the danger of these vulnerabilities in Windows-
based systems is generally higher. Most of the gaps in Linux can only
disrupt some services, while many gaps in Windows can cause a
malfunction of the system as a whole.
Operation stability.
There is a perception that Linux runs more stably than Windows. In fact,
both Linux and modern Windows-based systems work quite well. But
the main source of failures and "sticking" is usually the video
surveillance software itself. Therefore, when assessing the stability, the
first thing to look at is not the operating system, but at the selected
software product.
Functionality of the video surveillance system.
Most programmers develop video surveillance software for Windows
systems. It's easier and cheaper to work with Windows. And because of
this, Windows software products have much richer functionality and
more user-friendly interfaces than the Linux versions.
Installation and configuration of the system.
This question should be viewed from two sides. If we deal with a server
on which it is necessary to install an operating system and programs
without assistance, to start the server it will be much easier if we use
Windows. On the other hand, we may have a ready device, such as
video recorder. In this case, all the necessary software is already
installed, and to ensure that the system works, we need to perform only
the simplest configuration. Here, we do not care what operating system
runs the device.
Troubleshooting.
As a rule, if you have problems with Linux systems, the only way to fix
those problems is to take your equipment to the service center. If the
system is running under Windows, then the company’s technical service
personnel may diagnose the failures themselves.
Cost
Finally, please note that the cost of some Windows versions can exceed
one thousand dollars, and the Linux operating system is free of charge.
Table: Comparison of Windows and Linux
Windows Linux Comments
Safety Linux has lower vulnerability, and
– + therefore is better protected.
Reliability of The issue of stability rather refers not to
operation
= = the OS, but to the quality of the video
surveillance software.
Functionality Functionality of video surveillance
+ – programs for Linux is greatly inferior to
capabilities of software developed for
Windows.
Performance The operating system does not affect the
= = performance of the server much.
Installation and If the software must be installed from
configuration
+ – scratch, it will be easier to do it on a
= = Windows-based system.
If we deal with a ready recorder, the type
of operating system will not matter.
Troubleshooting Windows-based systems are easier to
+ – diagnose.
Cost Windows is quite expensive. Linux is
– + free.
What conclusion can be made? If the main requirement is the highest level of
security of the system, for which one can sacrifice functionality, the choice
will be made in favor of Linux. If the important role is played by functions,
integration capabilities, as well as operational convenience and flexibility, it
is more appropriate to choose Windows.

Software for video surveillance

The last component of the video recorder is a program that itself connects to
the camera, requests the video streams and records them to the disk. There is
always a video recording program on one of the recorders. Sometimes, the
program is divided into server and client sides. The server side is a self-
contained algorithm that starts along with the operating system and does not
have its user interface. It is the server side that does all the work on the
reception, recording and broadcasting of the video streams. The second client
side serves for the formation of interfaces with which you can set the video
recording modes, i.e. configure the server side.

What is the difference between the video recorder and

computer?
In fact, the video recorder is designed just like a computer. Video recorders
also have CPU, RAM, network cards and hard disks. The difference in the
video recorder is that, first of all, virtually all of its components are
assembled in a single board and cannot be replaced or upgraded. And
secondly - all the necessary software is already installed on the recorder and
hidden from the user. Access is provided only to a specially designed user
interface of the video surveillance program.
Computer
/ Recorder Comments
Server
Functionality The computer system usually has
+ – much more functionality than ready-
made devices.
Integration with The computer system is more open
other systems
+ – and has more capabilities for
integration with other devices
Configuration The recorder has a simple interface,
– + so it is much easier to configure than
the server.
Troubleshooting The recorder is a completely closed
+ – device, and therefore only service
center engineers can diagnose and fix
problems.
Safety Because the recorder does not
– + provide access to the system files, it
= = is much more difficult to disable it
than in the Windows-based systems.
However, it should be mentioned
 that, if the server is installed in a
closed 19"cabinet and can be
accessed only remotely, the issue of
security will depend only on the
quality of the software and the type of
operating system.
Cost In general, the cost of server solutions
– + is higher than the cost of the
recorders. However, the opposite can
also be true.

How to choose the best recorder or server

When choosing a video recorder for an IP video surveillance system, we rely
on technical specifications. Let’s examine all the relevant characteristics in
order, and note the points that need special attention.

Number of connected cameras

The number of cameras is a key parameter that allows you to calculate how
many servers should be available to record the IP cameras. The difficulty is
that many manufacturers do not specify this value in the technical
specifications of the device. The fact is that video streams from different
cameras may vary significantly. For example, the stream from a camera with
standard resolution of 640x480 on average is 0.5Mbits/s, while the stream
from a 2-megapixel camera can be 8Mbits/s or more.
In addition to the resolution, the compression format plays an important role.
The 2-megapixel camera, operating in H.264 will generate a stream of 8Mbits
/ s, but if you put it into MJPEG format, the stream can increase up to
20Mbits/s.
We recommend that you contact the supplier and clarify the real capabilities
of the server. And we would recommend doing this even if the technical
specifications indicate the number of connected cameras. Specify to the
supplier all the camera models you are going to connect, the compression
format and planned streams, and then specify the maximum number of
cameras connected to the server, as well as the maximum recording speed.

Supported cameras
This is the second important and difficult question. We are interested not only
in the possibility of obtaining images from the camera on the server’s screen,
but also in how deeply the server knows the camera interface.
Find out answers to the following key questions:

On what protocol can the server receive a video stream from the
camera? If the server works with this particular camera only in JPEG
over HTTP - it's bad. First, we will neither be able to get the real-time in
recording, nor when watching the live video. And second, we will
unreasonably load the network, because the JPEG stream is very
extensive. The best option for today is the support of h.264 codec with
RTSP over UDP (RTP).
Can the server obtain information from the hardware motion
detection working on the camera? Each IP camera has its own motion
detector. Once the camera detects motion in the frame, it informs the
server that puts the corresponding stream on a record. If the server is not
able to receive information about the state of the camera motion
detector, it'll have to use its own software detector. In this case, the
server will need to pre-decode the incoming stream, causing a high load
on the CPU.

If you have a video surveillance system based on the computer, run the
following experiment: put the camera on a permanent record (preferably in
h.264) and watch the CPU load. In our case it loaded to 16%. If you use the
hardware motion detector, the load will remain unchanged, as all work will
be done on the camera. And now put all the cameras on a record according to
the motion detector using the software detector. The CPU load in this case
was 100%. So, if by connecting a large number of cameras we have to use the
software detector, then we should be ready to face a shortage of computing
power. In this case, the last recourse is to refuse the recording mode "by
motion" altogether.
Additional questions:

Can the server receive and record the audio stream of the camera?
Can the server send commands to telemetry when it comes to PTZ
cameras?
Can the server connect to the camera via the secure SSL connection?
Can the server automatically detect the camera in the network and
configure its IP address?
Can the server operate the dry contacts of the camera?
Can the server operate the camera settings?

Having answers to these questions will help us understand how the server is
suitable for a particular type of camera.

Number and maximum capacity of disks

The more disks you can install on the server or recorder, the greater the depth
of the archive that can be obtained. Now on the market there are server
models that allow installation of 24 or more disks.

How to calculate the required capacity of the array knowing the number
of cameras and streams?
Let’s solve this problem by an example.

Suppose we have 20 cameras, each of which generates a stream of

6Mbits/s. Calculate the capacity of the array required to store the records
obtained over 14 days.

To do this, we need to convert megabits into megabytes and multiply by the

number of cameras:

6/8 x 20 = 15Mbytes

15Mbytes is recorded by our server every second. Now we need to know how
much data is recorded every day:
15 x 60 x 60 x 24 = 1.296 million Mbytes/day.

To record a 14-day archive, the server needs:

1.296 million x 14 = 18,144,000 Mbytes or 18 terabytes.

This is for permanent recording. If you record using the detector, and motion
in the frame will be present for an average 12 hours a day, then the necessary
amount will be reduced two-fold, i.e. to 9Tb.
It is necessary to remember that when using RAID, a substantial proportion
of the disk space is occupied with the operation information. So when using
RAID 5, the effective capacity is reduced by one disk. When using RAID 6 -
by two disks. When using RAID 1, the effective capacity is reduced by half.
In addition, many manufacturers recommend allocating a separate disk for
the operating system, which also reduces the capacity available for the video
archive.

Use of the internal arrays and network storage

When the internal disks are not enough, suppliers often point to the fact that,
when necessary, you can always connect an external disk array. Indeed, now
almost all recorders and especially servers have the ability to work with such
devices. However, if you plan to use the external drives for recording, be
prepared to take on all issues related to calculation of the required capacities.
The IP video recorder or server receives a fairly large data stream from the
camera. To determine which of the arrays offered on the market will be the
best for our recording device, we need to know its real reading / recording
speed and compare this with the total data stream coming from the cameras.

Example. We have a server that keeps a record of 20 megapixel cameras,

each of which passes a stream at 8Mbits/s or 1Mbyte/s. The total stream is 20
x 1Mbytes = 20Mbytes/s. For confident operation we define a two-fold
margin on performance. That is, we need an array with an actual recording
speed of 40Mbytes/s and higher.

The actual recording speed of the array can be found only by testing.
To connect the external arrays the following interfaces can be used:

Fiber Channel
SAS
iSCSI
Ethernet
eSATA
USB

For more information on the arrangement of SAN and NAS refer to the
section "What are DAS, NAS and SAN".

Possibility of combining the disks into RAID

When choosing a recorder, pay attention to the possibility of combining the
disks into RAID. The hard disks of the IP video recorder are constantly in the
process of intensive reading / recording. When recording the megapixel
cameras, the load on the disks is much higher than with analog cameras, so
for the IP systems, the probability of disk failure within a few years of
installation is quite high. The best option for better reliability of video
archives storage today is the integration of disks into RAID5 or RAID6.

For more information on RAID refer to section "What is RAID"

Reliability of the hardware

It is very difficult to determine the quality and reliability of the recorder,
focusing only on its technical characteristics and appearance. However, we
will present here a number of features that distinguish the higher quality
equipment.
Hot swap of the disks and availability of the RAID hardware controller.
Hot swap of the power supply and / or dual power supplies that duplicate
each other.
Structure for installation in the 19” rack. Also a good thing is the
availability of slides for a quick release of the server from the rack.
Remote monitoring system for the status of the server. The temperature
sensors of various components and monitoring of the CPU and RAM loading.
Watchdog - availability of the system for monitoring system hang up. In the
case of hang up, the system restarts a specific application or the entire device
as a whole. There are software control systems that monitor the status of a
specific program, as well as hardware control systems that monitor the status
of the operating system and device as a whole.
In addition to performance characteristics, pay attention to reviews of the
colleagues who have already dealt with this recorder model or server.

Software features
Having defined the basic characteristics of the IP recorder, such as the
number and the type of supported cameras, you should pay attention to its
functional capabilities. Let us review the most common of these.

Operation with the live video

Navigating with the help of object interactive planning. Imagine:

instead of a list of 100 cameras with their names, the object plan with
the camera icons arranged at appropriate places will be displayed on the
screen. If you click on a camera icon, you will see a live picture from
this camera.
Logically grouping the cameras. For example, a group of "Front
porch" cameras. If you click on the group, you will get a multi screen
with the respective cameras. It is also convenient if one camera can be
added to multiple groups simultaneously.
Easy to control PTZ cameras. The most convenient way to control the
PTZ camera is, of course, the joystick. If the system does not support the
connection of a joystick, you have to control the camera using a mouse
or keyboard.
Browsing through the PDA or mobile phone. This usually requires
additional software for the PDAs, as well as a system for re-coding the
video stream from the megapixel to a stream that is suitable for the
mobile devices.
Displaying multi screens on multiple monitors. With this feature,
instead of installing a single monitor with a multi screen of 32 cameras
you can connect, for example, 4 monitors to the monitoring stations and
display 8 cameras on each.
Setting arbitrary sizes to the multi screens and arranging cameras
into panoramas. If a group of cameras is focused on areas adjacent to
objects, this function will help to display them as one large panoramic
picture.
Video broadcasting in a network using Multicast. In some cases it is
necessary to provide access to groups of cameras for a large number of
users. For example we design the monitoring of the parking lot near the
house. If the money for the system is collected by the tenants, all of
them, of course, want access to the cameras that are filming their cars.
For the server to transmit the signal from one camera to hundreds of
users at the same time, we will need the support of Multicast. Or if the
camera itself broadcasts in Multicast, the server must be able to receive
the Multicast stream.

For more information on Multicast refer to the section "What

are Unicast, Broadcast and Multicast".
Setting tabs in the archive during the surveillance process in order to
go back to them quickly. For example, you might be monitoring a game
in a casino. Something seems suspicious, but for the moment, you
cannot get distracted and open the archives. Pressing a button, you set a
tab on the current situation, and when you have time you can quickly go
back to the point that interests you.
Ergonomics and operation comfort from the perspective of the
operator. The only way to evaluate the operation comfort of the
program is to try to work with it.
Voice messaging. Imagine that instead of the flashing icons on the
screen in case of emergency the system will say, for example: Attention,
movement is detected on the second floor, Sector B.
Changing the arrangement of the multi screen automatically
according to schedule. Often during the day you need to monitor one
group of cameras, and at night another group. The change of groups can
be done automatically at a specified time.
Video recording and operation with archives

Simultaneous viewing of multiple camera archives on the multi

screen. For example you go over an extraordinary situation where you
need to follow an individual who is in the field of view of several
cameras. If the software allows, you simply place the cameras you need
on the multi screen and start the synchronous playback. Now you clearly
see: the man came out, walked in the door, went down the hall, then
turned the corner, climbed the stairs and so on.
The time to search for fragments in the archive by date and time in
the different devices can range from a few milliseconds to several hours.
It depends on how well the software can index the archives. We agree
that it is not very convenient to specify the date and time of the desired
fragment, and wait an hour for the system to find it.

What does indexing mean?

Imagine that you need to find a description of RTP in a book.
Without an index, you would have to consistently review all the
pages until you come across the right paragraph. But at the end, the
book has an index. And there all the key terms are listed in
alphabetical order. With an index we can quickly find RTP and we
will see that the required description is on a page number 20! The
index in the databases works the same way, allowing you to
instantly find the required information.

Search for video segments by motion in a given area of the frame.

This search is very easy: simply select, for example, a window in the
frame and click "search" - the system immediately shows a list of all the
recorded moments when this window was open.
Export of video segments in various formats and speed of their
creation. It is helpful when the system can convert the video segment
you need to a universally accessible format like AVI. The speed is still
important because the conversion of the megapixel streams is a
resource-intensive process, and the export of the video segment may
take several hours.
 Pre-recording. When recording by motion, it is necessary to start
recording not after the motion in the frame has already been detected,
but a few seconds earlier. In this case, we will not lose time and causes
for this motion. It is important to specify whether the function of pre-
recording operates with use of the hardware detector in the camera, or if
it can only be turned on for the software detector.
Built-in image editor to improve the recorded segments. A segment
with the video of an incident usually requires a correction to highlight
the interesting details. A built-in editor solves this problem.
Parallel recording to 2 autonomous servers. For example, we may
need operational recordings with an archive depth of 1 week to be
performed to the server next to the video surveillance post, and long-
term 3-month-old archives to be stored in a secure server room in
another building. To do this, we need to divide the streams from the
camera and direct them to different devices.

In some cases, such a task can be solved by using a camera with a dual
stream. One stream is recorded to one server, and the second one – to another
server.

Flexibility in configuration

Defining a different depth of the archive for different cameras will

allow more effective use of the available disk space. In some cases this
function is necessary, for example, data from 2 cameras out of 20 need
to be stored for 6 months.
Operating through a secure SSL connection will eliminate the
possibility of anyone obtaining the passwords from your system by
scanning the network traffic between the server, cameras and operator's
work places.
Automatic finding of cameras in the network and giving them IP
addresses will help you greatly reduce the time of commissioning. If you
assigned the addresses manually, you would have to first find all the
cameras in the network with the help of the programs coming with them.
Then you’d have to install and rewrite to a separate file all the IP
addresses and passwords. After that, you would need to register your
cameras in the video surveillance program and re-configure all the IP
 addresses and passwords.
If you have an automatic search function, it is enough to command and
the software will find all the connected cameras and assign them IP
addresses by itself.

For more information on camera search in the network and

assignment of addresses refer to the section "More on addressing".
Programming the scripts allows you to flexibly configure the system
response to incoming events. For example, when there is motion in the
field of view of a given camera at night, the system can automatically
display the number of cameras on the multi screen and beep.

Remote operation

Sending alarm messages to email. In addition to the text, the server

can transmit the current frame from the corresponding camera.
SMS notification. The server must be able to connect with a special
website – SMS center, which, after receiving a message from the server,
sends us SMS.
Re-coding of the stream to operate through a slow speed connection.
If our server is connected to the Internet at upload speed of at least
5Mbits/s, then it will be difficult to watch live video from the megapixel
cameras remotely. Some software developers offer a special feature that
allows you to convert the megapixel stream in the format of, let’s say,
640x480, and additionally compress it. In this case, we can get an
acceptable frame-updating speed when working remotely, even if the
connection speed is less than 1Mbit/s.

Video analysis features

Nowadays there are a lot of different detectors. The algorithm analyzing the
video stream can run both on the server side and on the side of the IP
cameras. If you cannot find the required algorithm among the server
functions, it may be among the functions of one or another IP camera. In this
case, the main thing that you will need from the software is a maximum tight
integration with the camera. The software should be able to get data on the
detection from the camera to respond appropriately.
 For more information on the operation mechanisms of the recognition
system, refer to the section "Video analysis".

Integration features

Integration with BFA and ACS means the ability to exchange data
between the video surveillance systems, BFA (burglar and fire alarm)
and ACS (access control system). This this integration, we can configure
the system, for example, as follows: when the perimeter detector
actuates the command from the BFA system, data is sent to the video
surveillance server, which automatically directs the camera to the
needed part of fencing and displays it on the operator’s screen.
Integration with POS allows you to get a video segment showing a
buyer with the cash register data witnessing what the buyer has paid.
Integration with storage software allows the logistics companies to
attach the video archive to the database with the numbers of boxes,
containers or vehicles. After specifying the number of the box, you will
get not only the time of its passage through the terminal, but also the
relevant video.
Integration with ATM is a reliable tool for protection against fraud.
After attaching the video archive to the transaction numbers, we can
easily see who drew the money from a particular credit card.
 Chapter 5
Video playback

In this chapter, we examine:

All you need to know about monitors

What devices participate in IP video playback
What difficulties arise when decoding
How graphics accelerators are arranged

Now we know how to organize the recording of the video streams. But the
video system is not only for recording but also for performing surveillance
itself. In this chapter, we will examine in detail how the operator’s workplace
is organized in the IP video surveillance system. Let's start with the simplest
aspect of this organization – with the monitors.

All you need to know about the monitors

Nowadays, the following types of monitors are available on the market:

LCD (Liquid crystal display). This is perhaps the most popular and
versatile option available today. Liquid crystals reflect or block radiation
from the backlight, thus turning pixels on and off.
OLED (Organic Light-Emitting Diode). This is a relatively new and
promising technology. For example, the OLED-based monitors have no
such parameter as the angle of view: the image can be seen from any
angle. In addition, the advantage of OLED is its high color quality,
absence of inertia, as well as smaller size and weight. However, current
OLED technology has a significant drawback - the life of the monitor is
about 2-3 years.
 The plasma panel is used in CCTV, when you need a diagonal of
50"and above. In this technology, cells with ionized gas-plasma, which
glow at an electric discharge, are used as the pixels. Compared with
liquid crystals, plasma panel cells have much larger dimensions. For this
reason, it makes sense to use the panels for the construction of large
monitor walls only.
There are also projection and laser monitors, but these are generally
not used in video surveillance.

Choosing the monitor according to the features

The main feature of the monitor is, of course, its size. There probably would
be no difficulties in determining the size of monitor you need. But suppose
you want to install a 21-inch monitor. About a hundred types of monitors
with this diagonal are available on the market. To select the most appropriate
model, it is necessary to pay attention to additional features:

Resolution. If you use megapixel cameras it is strongly recommended

that you choose monitors with a resolution of at least a Full HD
1920x1080, otherwise you will not be able to assess the quality of
images from the cameras.
Screen ratio. Format 16:9 is becoming increasingly popular, and it does
not make much sense to choose a 4:3 monitor for IP video surveillance.
Also, if you use cameras that transmit a 16:9 picture, then while using a
4:3 monitor you cannot form a complete multivision: at the top and
bottom of the image there will be black bands due to the mismatched
ratios.
View angle. If the monitor is installed on the monitor wall, it is
important that the view angle is maximum both vertically and
horizontally.
Response time determines how well the fast-moving object will be
displayed. Nowadays almost all monitors have a response time of less
than 10ms. This is more than enough for video surveillance.
Brightness and contrast determine the quality of the picture. Again,
almost all modern monitors have very high parameters, which
completely satisfy the objectives of the video surveillance.
 Supported interfaces or video connectors connect the monitor to the
image decoding device. At the moment the following options exist:
VGA, DVI, HDMI, as well as BNC for connection of the analog video
signal. If we discard BNC, then it does not much matter which of the
interfaces will be used for connection. It is important to remember the
maximum cable lengths for the different interfaces.

There are copper cables that allow transmission of VGA and DVI at
distance of up to 50 meters, and HDMI – of up to 15m. DVI or HDMI optic
cables with a maximum distance of about 100m are also available on the
market. When choosing a long cable, it is important to specify what
resolution it will allow to pass.

Monitor mounting. When choosing a monitor, pay attention to the

possible ways it can be mounted, as well as to what securing accessories
are available. If you plan to mount the monitor on the wall, and the
supplier does not provide the securing accessories, ask whether the
monitor supports a standard VESA (FDMI) mount. VESA is standards
association, which, among other things, developed a mounting standard
for flat monitors (FDMI). There are many independent producers of a
variety of VESA mountings.
Special version. Monitors in metal cases with impact-resistant glass are
also available on the market.

How many monitors do we need?

So we have determined the type of monitor we need. This raises the question:
How many monitors do we need? Let us examine an example.
Suppose we have 100 cameras at a facility and this facility is a bank. Let’s
answer the following questions:
What exactly do we want to monitor? Unfortunately the answer
"everything" does not fit. We need to define the list.
In our example with the bank it will be necessary to constantly see the main
entrance, banking hall and cash-dispensing unit, storage, and access roads
No. 1 and 4, when the collectors work there. It is also desirable to determine
the specific situations we need to track.
Then we need to make a list of cameras that are needed to monitor the
defined objects. In addition, let’s determine how carefully we need to track
each camera.
In our example we have singled out 6 of 100 cameras which require constant
monitoring. These six cover the main entrance, banking hall and cash-
dispensing unit. We will monitor another 20 cameras from time to time.
Other cameras are installed in the hallways, parking lots and other less
significant places, and do not require constant monitoring.
How many people will perform monitoring? This is the second most
important issue, since it is the number of employees that eventually imposes a
limit on the number of monitors. It makes no sense to install twenty monitors
with sixteen cameras on each, if only one operator monitors them. One
person cannot simultaneously keep track of hundreds, and so investing in
extra monitors and decoding systems for them can be safely considered as
money down the drain.

The number of cameras that can be monitored simultaneously by one

operator, ranges from one, for example if we need to carefully monitor a
process, such as a game in a casino, to as many as 20 when it is necessary to
assess the overall situation in the frame.
Once we have answered the questions, we have to compare the number of
cameras required for the operational monitoring and the number of operators.
In our case, two employees are responsible for 26 cameras, which is well
within the norm.
Finally we define the final configuration:
1 Monitor: 4 important cameras. The more important the cameras, the
smaller the number that should be displayed on the multi screen.
2 Monitor: 2 important cameras plus 2 cameras from the general list.
3 Monitor: 9 cameras from the general list.
4 Monitor: 9 cameras from the general list.
At this point the problem could be considered solved, but we will add another
monitor to control the system and display the alarm cameras.
5 Monitor: an interactive floor-by-floor plan of the object for the control of
the system plus the alarm monitor function. We must not forget about the
remaining 74 cameras. They are used primarily for debriefing; that is, the
records from these cameras can be displayed after an incident. However, it is
good to set up the monitoring system so that under certain conditions these
cameras appear on the operator’s screen. For example, when the detector in
the hallway actuates at night, the corresponding camera is automatically
displayed on the alarm monitor.
Figure 5.1: Operator’s workplace.

Sometimes one or more alarm monitors are left without any image; that
is, only the black background is displayed. In this case the appearance of the
alarm camera on the screen will definitely attract the attention of the guard.

Decoding
The playback issue in analog video surveillance systems is very different
from how it is done in IP video surveillance. The normal recorder receives
video signals from the analog cameras, digitizes and immediately displays
them on the screen. Here we do not come across any difficulties and can
display 16, 20 or more cameras at the same time. Unlike analog cameras, the
IP cameras transmit the compressed, i.e. encoded video. And before
displaying the picture on the monitor, the video must be decoded.
Nowadays, decoding and simultaneous displaying of multiple megapixel
cameras on the multi screen is one of the most difficult issues in IP video
surveillance.
With the advent of digital high-definition video the streams have increased
substantially. So the first task to deal with is the efficient compression of the
streams. With the advent of the H.264 codec the matter of compression
became irrelevant, but there was another problem: decoding of one H.264
stream with a resolution of Full HD 1920x1080 increases the CPU load on
the average PC by 50%. What should we do if we need to decode dozens of
cameras at the same time? And if we are working at an airport and we need to
display not just dozens of cameras on the screens, but hundreds? Let us
examine these issues in order and begin with a description of the existing
decoding devices.

What do the monitors in the IP video surveillance

system connect to?
In the IP video surveillance system the following devices can be used to
decode the video:
IP recorder or video recording server usually has a video output and can
display an image on the screen. However, in most cases, the recorder has a
very limited ability to display megapixel cameras. So unlike the analog video
surveillance, where the monitor basically connects directly to the recorder, in
an IP surveillance system, different devices are used to record and display
video.
An operator’s workstation is currently the most popular option. A powerful
computer with the client software is used as the workstation. The station
receives the streams either from the IP recorder, or directly from the cameras,
decodes them and displays the images on the screen. Decoding is usually
performed at the software level, so when you use megapixel cameras and
heavy codecs such as h.264 you need a computer with a powerful processor
or even a dual-processor station.
 When choosing a station for decoding it is necessary to verify with the
manufacturer the number of streams that can be displayed simultaneously
with a given compression format (JPEG or H.264) and resolution.
The decoding station is the same computer as in the previous case, except
that it has special software installed on it that does not have its own interface.
The keyboard and the mouse do not connect to the station, and all
management is performed through the network from the main operator's
workplace. It looks as follows: the operator at the computer screen takes the
camera icon, say, number 15, and drags it to monitor number 3. At the same
the computer sends a command through the network to the decoding station,
which takes the appropriate video stream from the network, decodes it and
displays our camera on its monitor, which is monitor number 3.
Figure 5.2: Displaying the image with the help of the decoding station.

The hardware decoder is a small, usually single-channel device capable of

receiving a video stream from the network and displaying it on the screen.
This decoder works like a decoding station – it receives commands through
the network from the control software and displays the corresponding camera
on the screen.
Analog IP camera output is sometimes also used to display the image on
the monitor. For example, we have installed a IP camera at the gatehouse.
The megapixel IP stream is transmitted over the network to the main
surveillance point. However, the watchman, who sits in the gatehouse, also
needs to see the image from this camera. In this case we can take the analog
signal directly from the camera (if the camera has this function) and transmit
through a conventional coaxial cable to BNC-connector of the watchman’s
monitor.

Comparison of compression standards in terms of

decoding
The modern IP cameras mainly use two compression standards: M-JPEG and
H.264.
Decoding of the M-JPEG stream does not require high computational power.
On the contrary, H.264 is very picky about the performance of the computer.
For comparison: a computer which can simultaneously decode 5 megapixel
cameras in H.264 without problems will play back more than 20 M-JPEG
streams of similar resolution.
But you should not immediately convert all your cameras into M-JPEG
format. You have to keep in mind that, first, M-JPEG in practice rarely
provides a smooth playback, i.e. the images in the live video on the monitor
wall will be somewhat discrete. And second, the stream will increase more
than threefold, which will reduce the depth of the archive by three times and
correspondingly load the network.
It is worth noting that there are combined options, when the high resolution
M-JPEG stream is passed for recording and low resolution H.264 stream is
displayed. In this case, you can reduce the load on the decoding station and
maintain the quality of the video archive.
In order for this to work we need, first, the IP camera to generate two
simultaneous streams, and second, the software to use different streams for
displaying and recording.

Graphic accelerators and CUDA

With the increasing complexity of graphics, the amount of calculation
necessary rose significantly, and CPUs were no longer able to cope with the
demand. The solution was to create a separate processor for graphics. That is
how the notion of a graphic accelerator appeared. This device takes over the
task of the graphics processing, thus relieving the central processing unit
(CPU).
What makes an accelerator more capable of processing graphics than a
powerful CPU? The answer lies in the architecture.
The typical processing mechanism for 3D-graphics looks as follows: the
processor receives a set of polygons that make up a three-dimensional object,
and processes them, turning them into pixels on the screen of the monitor. At
that the processing of each individual polygon is separate from the others,
and can be performed in parallel.
The CPU architecture was originally designed for the fastest sequential
execution of complex tasks. The architecture of the graphic processor is
optimized for parallel execution of large numbers of simple tasks. That is
why in image processing, graphics processors or GPUs (Graphics Processing
Units) have an impressive performance.
In addition to all this, modern GPUs themselves are complex devices and the
number of transistors they possess is no fewer than are found in a CPU.
Moreover, the number of GPU cores can reach 400 or more.
Here you may have a fair question: How are 3D accelerators related to the
issue of decoding the video streams? After all, there are no polygons or three-
dimensional models in decoding!
In fact, with the development of the GPU, developers found themselves
wondering why, since GPUs perform parallel calculations with efficiency,
they should not also perform a variety of tasks unrelated to 3D graphics. That
is how the notion of GPGPU (General-purpose graphics processing units)
appeared, implying a technology that uses the GPU for general computing.
With this technology the programmers who create software for decoding may
transfer a part of the calculations from the CPU to the GPU, thus greatly
increasing task solving speeds.
Currently the best known GPGPU technology is CUDA designed by
NVIDIA. When using graphic accelerator with CUDA you can significantly
reduce the load on the CPU during encoding or decoding of the video
streams, and thus increase the number of cameras simultaneously displayed
on the screen.
But here we must remember that we can increase the number of decoded
streams only if the video surveillance software itself supports CUDA. If the
software is not able to transfer the decoding tasks to the GPU, then even with
the most powerful graphics card that supports CUDA installed in the
monitoring station, we will not see any increase in performance. Therefore,
when choosing the software for a video surveillance system, ask your
provider if there is a possibility of using the graphics accelerators.
 Chapter 6
Network

In this chapter, we examine:

What IP addresses and packages are

What routing is
How IP addresses are assigned
How Multicast works
Transmission medium – copper, optics, and radio channel
The differences between hub, switch, and router
How to choose a switch
What DHCP, DDNS, NAT, STP, IGMP, VPN, VLAN, etc. mean

Now we know how the IP-cameras, recording servers, and operators’

workstations work and we can begin to discuss the last and most extensive
topic - the network. In this chapter we will analyze this issue in detail,
starting with how the network works in general, and ending with a
description of the specific technologies, such as, for example, Multicast.

How is the network arranged?

It is not difficult at all to understand how the IP network works. To do this,
we just need to recall how the conventional postal system works.

IP addresses, packets, sockets

Suppose we want to send a letter to a friend in another town. To do this, we
take the envelope, write the address of the recipient and our return address on
it, and then put the letter in the envelope and take it to the post office. The
letter goes through a series of intermediate post offices and is sent to the one
closest to the recipient, and is finally delivered to our friend. When the friend
answers, he simply changes places of the source and destination addresses
and sends the envelope in the opposite direction.
The IP network works the same way. Instead of a letter, we pass data from
one computer to the other, say, to our friend’s computer. In the same way as a
letter, this data is put into an envelope, which according to the network
terminology is called a packet. Before is the packet is sent, it is assigned a
delivery address, which is now called the IP-address.
Each IP address consists of 4 numbers from 0 to 255, for example
192.168.0.10. Like the houses in the town, each device must have a unique
IP address in the network. The packet finds the required computer by looking
for its IP address. But that's not all. In fact the data exchange is performed not
by the computers, but by the programs working for them, so the packet needs
to find not only the computer, but also the appropriate program – the
recipient. For this purpose one more number is added to the packet IP
address, which corresponds to the particular program. This number is called a
port. It looks like this: 192.168.0.10:80, where 80 is the port number or a
number that determines what program this package is assigned to.
In full the packet IP address looks as follows:
Source address:
IP: 192.168.0.5 (From where)
Port: 80 (From whom)
Destination address:
IP: 192.168.0.10 (To where)
Port: 54120 (To whom)

The head is followed by the actual data that is being transmitted (letter).
Some programs may choose the port numbers for their independent
operation. Others use only certain officially registered ports.

Short list of well-known ports

Port
Programs used by the port
Number
21 Programs transmitting files via FTP
25 Mail programs using SMTP
53 DNS server
80 Web server
110 POP3 server sending letters from the mail box to the mail
program on the user’s computer
525 Time server
554 Programs transmitting data via RTSP
860 Programs working via iSCSI
In addition to the well-known ports there are also well-known IP addresses
that are reserved for specific purposes.

List of well-known addresses

Addresses Assignment
127.x.x.x Subnet for communication within the host (local host), that
is for exchange of the data between programs within a
single device
10.x.x.x For use in private networks
172.16.x.x For use in private networks
192.168.x.x For use in private networks
224.x.x.x For multicasting
255.255.255.255 Broadcast address
The combination of the IP address and the port, for example
192.168.0.10:80, is called a socket.

See what nodes your computer is connected to at the moment. To do this

via the Start menu click Run and enter cmd - the console will appear. In
Windows 7 in the search box, type and click Command Prompt. Enter
the command netstat -an.

Node is any device on the network. Node can be a computer, IP-camera,

or connecting switch.

Networks, subnet mask, routing

Let us examine the issue of delivery of information between the devices in
more detail. To do this, we will use the example of the conventional postal
system again. The LAN itself is very similar to the postal service of a small
town. For example, we have decided to send a card to a friend, who lives on
the next street. To do this, we pass the card to the post office employees, and
having glanced at the address they immediately can tell where the right house
is, and where they need to deliver the card.
Figure 6.1: Switch connects the devices within a single network.

The switch, that knows where the computer (recipient of our packet) is and
what port to send the packet to, works in the LAN as a post office.
Figure 6.2: Port is a part of the address, as well as the physical connector of
the network device.

But suppose that our friend does not live on the next street, but in another
town. In this case the post office employees do not know where his house is.
They only know the address of another post office, which will be able to
deliver the card. So they redirect it there.
In this case each of the towns is a separate network. If we want to send a
packet from one network to another, then we need a router. This device, like
a post office, according to its routing tables redirects the packet to the switch
of another network.
Figure 6.3: Router makes a connection between networks.

The devices in the different networks can have the same IP addresses, just as
there are streets with the same name in different towns.
The postal address on our card consists of two parts - the country and index,
which indicate the post office nearest to the recipient, and the second part -
street, house and apartment where the letter can be delivered directly to the
recipient. The IP address is divided in the same way: the first part is the
address of the network, and the second one is the address of the host
(computer). For example the IP address 10.130.16.12 can be divided as
follows: 10.130.16 – it is the network address and 12 – it is the address of
the host.
Sending data between the networks is performed by the router, which knows
nothing about the host, and sending data between the hosts is performed by
the switch, which, in its turn, does not know the addresses of networks.

Host is a common name for any network device. Host can be both server
and IP-camera.
OK, now we know that the data transmission between the devices that are in
the same network can be performed via the switch, and for data transmission
between devices from different networks, the router is required. And the IP
address defines whether the device belongs to this network or not.

Example. Look for the IP address of your computer. In our case the
address is 192.168.1.154. Now change the first number. In our case we
change 192 to 193. Now your computer is not in your network and
cannot share data through the communication switch. Try to open any
 network resource and you'll see that it is not available.

And now let’s examine something more interesting. Suppose the address of
our computer is 192.168.1.154. If, instead of changing the first number, we
change the third, that is, in place of 1 we put 2, for example, will the
computer belong to the network or not?
In order to determine whether the computer belongs to the network or is
considered to be located in another network, there is such a thing as a subnet
mask.
For example a subnet mask 255.255.255.0 means that the first three
numbers completely determine the network and the last number from 0 to 255
specifies the address in the network. That is in our case all addresses ranging
from 192.168.1.0 to 192.168.1.255 will belong to the same network. And
address 192.168.2.0 belongs to another network, and can connect to it only
through a router.
If a mask is specified as 255.255.0.0, then the first two numbers define the
network, and the second two numbers define the host. In such a network there
may be not 256 addresses, as in the previous example, but 65536, that is, all
addresses from 192.168.0.0 to 192.168.255.255. If we specify the subnet
mask, for example 255.255.255.192, then this segment will have only 64
unique IP addresses starting with 192.168.0.0 and ending with
192.168.0.63. The number of the available addresses has to be calculated at
the network design stage.
Sometimes, the subnet mask is stated together with the IP address using a
slash. For example, 192.168.0.1/24 means the address 192.168.0.1 with a
subnet mask 255.255.255.0. Compliance of the specific values can be found
in the directory, or calculated using special calculators.
At this point you might ask: why bother to divide the network into separate
subnets? Let everything be a single address space.
There are two main reasons for the division of the networks into subnets:

Increasing productivity. If a high load network is divided into subnets,

you can focus the main traffic within the individual subnets - in this case
the entire network as a whole is unloaded.
 Improving safety. When you divide a network, the different computers
fall into the address space of the different subnets and cannot connect
directly. To do this, they need a router or gateway through which all the
traffic will pass. In this case, having configured the gateway in a certain
way we can easily control all the traffic.

DNS and DDNS

So, we know that in order to send a request to a computer, we need to know
its IP address. But it is quite difficult for a regular person to remember these
figures. It is much easier to remember names. Therefore a special program
was created that allows conversion of the text, or domain name, into the IP
address. It is called the DNS (Domain Name System). The principle of
operation is very simple:
Suppose we type the address www.google.com into the browser. The
computer communicates with the DNS server, and asks it: Which IP-address
corresponds to www.google.com? The DNS server checks with its tables and
reports: 74.125.224.81! After this, our browser sends a request to the
specified IP address.
In addition to DNS, there is DDNS or a dynamic domain name service. It
refers the changing IP address to one static domain name. This allows access
to the server by its name, even if its actual IP address is constantly changing.

Let us look at an example. We installed the IP camera, connected it to

the Internet via router and want to get an image from a remote computer.
In this case our internal network will consist of only two devices - router
and camera.

Figure 6.4: Connecting the camera to the Internet via router.

Note: the router has 2 IP addresses – the internal address and external
(public) address appointed by the provider. It is the public address that is
visible from the Internet, and it is this that we need to know when connecting
to the camera. However, this address is usually a dynamic one and is being
constantly changed by the provider. After indicating 83.100.50.50, we get
access to the camera, and tomorrow, our provider will change the address to
83.100.50.55, and we will not be able to connect. DDNS can solve this
problem. Our router will automatically notify DDNS on changes of the IP-
address, which in turn will link the current IP address with a constant
dedicated domain name, such as «camera-home-1.dyndns.org». With this
name we can always find our camera.

OSI Levels
Information transfer through the network is also very similar to a
conversation between people. Both can be viewed with varying degrees of
proximity. For example, the sounds form the basis of the conversation. More
broadly, people do not communicate with sounds, but with words. If we take
a wider view, people speak a certain language. That is, in communication
they follow certain rules for using words and building phrases.
These are the levels in the conversation mechanisms.
The network has the same levels, and they are called the OSI levels (base
model of open systems interconnection). In total there are seven levels.

1. Physical level. The network devices communicate by means of

electrical, optical or radio signals. The OSI model defines the required
frequency and amplitude of the signals.
2. Data link level. Then the signals between the network devices are
converted into logical zeros and units, and are combined into frames,
just as sounds are converted into letters and then into words when
communicating.
3. Network layer. The frames are packed into the IP packets, which are
then assigned the IP addresses of the recipients. That is, the network
devices share not just the electrical signals, but the data. However, the
signals still constitute the basis of everything.
 4. Transport layer. The rules and mechanisms of the level that determine
by which rules the devices will share the IP packets. For example,
protocol or in other words the mechanism TCP determines that before
sending the packets it is necessary to establish a connection, just as two
men might trade phrases before they have a conversation - Hello, Let’s
have a talk. After establishing the connection, TCP will monitor the
delivery of the packets, and if the package is missing or coming twice,
TCP will correct it.
5. Then Session level,
6. Presentation level,
7. and Application layer, determining the rules of communication
between the programs.

More on addressing
We already know that the IP packets find their recipients using specified IP
addresses. But what if, for example, our new IP camera has no IP address yet.
In this case we cannot send it a request and get an answer. In other words we
cannot work at the level of the IP packets, i.e. at the network level. To
configure the IP address of the camera, we need to go down to the lower
layer, i.e. the data link layer.

MAC address
The low data link layer has its own addressing system, which allows devices
to be found within the same LAN. This addressing is based on the physical
address of the network card - a MAC address, which is also sometimes called
an Ethernet address. This is an absolutely unique address which is assigned to
the network device during the manufacture and looks like this: 00-BC-DF-83-
AB-F7.

Using the MAC address you can send a request to the device without the IP
address. In addition to the addresses that belong to specific devices, there is a
so-called MAC broadcast address FF-FF-FF-FF-FF-FF. This address does not
belong to any device, but when you send a request to this address the
information is sent immediately to all devices in the network.
So, having included one or more new IP cameras in the network, we first
have to give them IP addresses. To do this you can use the supplied utility
program. This application usually sends the broadcast request to the network
at the address FF-FF-FF-FF-FF-FF. All of the manufacturer’s cameras send
their data to the program after receiving this request. As a result all the
connected cameras are immediately displayed as a list of MAC addresses,
and now you can assign a unique IP address to each of them.
Figure 6.5: Assigning the IP addresses to the cameras.

It is important to remember that the transfer at the data link level, i.e. to
the MAC addresses, works within a single LAN. If our cameras are located in
different networks, the search should be conducted in succession, connecting
to each network separately.

DHCP
If in our system there are a large number of cameras, it makes sense to
automatically obtain the IP address through DHCP (Dynamic Host
Configuration Protocol), rather than to manually assign each individual
camera’s IP address.
The program that assigns the IP addresses to the new devices is called a
DHCP server. It can run on both PC and the communication switch. In order
for the DHCP server to be able to assign a new IP address to the new device,
the device must support DHCP and be prepared to obtain the address
automatically. Typically in the camera’s network settings, a checkmark
appears next to Obtain the address automatically. All modern IP cameras
support DHCP.
Thus, when connecting a new IP camera, the DHCP server automatically
assigns it the correct IP address. However, in order for the system to have
some order, it is desirable for the IP addresses to be assigned according to
certain rules.
Figure 6.6: Automatic assignment of the IP addresses to the cameras.

For example a camera at Gate No. 1 is assigned the address 192.168.0.121,

and at Gate No. 2 - 192.168.0.122. To do this, before connecting the camera,
you need to configure the DHCP server, that is, to link the port numbers,
which the cameras are connected to, with certain IP addresses. In our case we
need to link Port No. 18, which the camera at Gate No. 1 is connected to,
with the address 192.168.0.121, and Port No. 22, which the camera at Gate
No. 2 is connected to, with the address 192.168.0.122.
Having configured the DHCP server, we have taken care of the issues related
to IP addresses assignment. Even if the camera at Gate No. 1 fails, it will be
sufficient to establish in its place a new one, and the DHCP server will
automatically assign the address of the previous camera to it.

What is a Firewall?
A firewall is a program that filters the IP packets. For example a firewall can
pass the data from the address 192.168.0.10:80 to the computer, and block
the data from the address 192.168.0.15:25. Note: the firewall filters not only
the IP addresses, but also the ports. The main task of the firewall is to ensure
safety when working in the network.

Here's an example: we have two offices. Each office operates its own IP
video surveillance network, but you need to make sure that the security
 personnel from one office can access the other office’s video
surveillance system. To do this, we connect the two networks over the
Internet.

Figure 6.7: Connecting two networks over the Internet.

In order to restrict access to the video surveillance networks from the

outside, we set up firewalls so that they block all the incoming traffic
that does not come from the second office. In this case the firewall will
pass only those IP packets that come from the address 84.102.12.44. In
addition you can configure the firewall so that it passes only the packets
that come from a certain program, that is, from a particular port on
which the program operates.

Figure 6.8: Restricting access to the network with the help of the firewall.
It is important to remember that the firewall blocks the unwanted inbound
and outbound traffic, thus protecting the local network from intrusion.
However, when sending the information over the Internet, there is also a risk
of its interception. The most common way to protect against leakage is to use
the VPN connection.

For more information on VPN refer to section "Support for VPN

connections".

What are Unicast, Broadcast and Multicast?

Unicast, Broadcast and Multicast are different forms of communication.
Unicast – the data is transferred from the sender to the recipient.
Figure 6.9: Two identical Unicast streams.
If the network has two recipients for the same data (for example, two people
are watching the same IP camera) the camera will generate two identical
streams, one for each recipient. This has two disadvantages. First, it increases
the load on the camera. Our camera can generate frames with a maximum
speed of 30 FPS. If two people want to watch the stream at the same time, in
the Unicast mode the camera will have to send half (15) of the frames to one
client, and the second half (15 frames) – to the second client. If there are not
just two, but ten clients, each will receive a stream at a speed of about 3 FPS.
Suppose that the frames are transmitted to the clients not by the camera, but
by the server. It has enough power to transmit 30 frames to each client, but in
this case we see the second disadvantage of Unicast - the stream between the
server and the switch increases from the standard 8Mbits/s to 16Mbits/s.
Broadcast – the data is transmitted from the sender to all devices on the
network
Figure 6.10: Switch sends the broadcast stream of all devices.
In this case the camera generates 30 FPS and transmits them to the switch.
The switch also sends the stream to all its ports, and all clients receive video
at 30 FPS. The disadvantage of the broadcast form is an unjustified load on
the ports that do not request the stream.
Multicast is the most effective form of stream transmission to multiple
recipients. In this case the stream from the camera is transmitted only to those
recipients who request this stream.
Figure 6.11: Stream from the camera is transmitted by a router to those
devices that request the stream.
Let’s examine this scheme in more detail. The camera transmits the stream
not to the recipient’s IP address, but to a special multicast address, such as
224.0.0.1. When a client wants to play the stream, the computer sends a
request to the router to join the group 224.0.0.1. This request is sent using
protocol, called IGMP, and looks like this: JOIN 224.0.0.1. After that the
router records the recipient and sends him the stream from the camera. Other
clients can also join this group and the router will distribute the stream to all
comers.
If a client wants to watch another camera, the computer joins another group at
the address, say, 224.0.0.2, and receives the stream from another camera.
We agree that this is a very convenient scheme for video stream transmission,
especially for cases when you want to watch the camera from a large number
of computers.
For the system to work, we need a device that will record the recipients and
send them the streams. As we have already seen, this role is played by the
router. However, nowadays there are many models of so-called routing
switches, which can also act as multicast routers. If you choose this device,
you must pay attention to the availability of IGMP, which allows
arrangement of multicast distribution.
Let us examine another common case when in addition to the multicast
router, conventional switches are involved in the system.
Figure 6.12: Arrangement of Multicast transmission using an intermediate
switch.

Here, the stream from the multicast router is sent to the client through the
switch. In this case, for the system to work, this switch must support IGMP-
snooping. With this function, the switch can determine whom to send the
stream that came from the router. In the absence of this function, the switch
cannot identify the recipient and will broadcast the stream to all its ports.

Transmission medium
In order to deliver the data from one device to another, we usually need a
cable or, in general terms, a transmission medium.
IP networks use three types of media: copper cable, fiber optics, and radio
channel. Let us examine the features of each type.

Copper cable
The most popular transmission medium is a copper twisted pair. There are
several types of twisted pair.

UTP (Unshielded twisted pair) — without a protective screen;

 FTP (Foiled twisted pair)— with one common outer screen in the form
of a foil;
STP (Shielded twisted pair) —with protection in the form of a screen
for each pair and a common screen in the form of the net;
S/FTP (Screened Foiled twisted pair) — outer screen of copper and
each pair in the foil braid;

Also the twisted pair has such a parameter as a category - from 1 to 7. The
higher the category, the higher its bandwidth and the more high-speed
connections it can provide. In practice, two types of cables are used in the
network: CAT-5 and CAT-6. The fifth category is suitable for 100-megabit
connections, the sixth one - for gigabit channels. To connect the twisted pair
to the network device the RJ-45 connector is used.
For both categories the maximum line length between the nodes is 100
meters. This is an important limitation to consider when designing a system.
Very often in video surveillance, the distance between the camera and the
recording device exceeds 100 meters. There are several ways to increase the
length of the line:

To install a repeater or an intermediate switch. In this case we will be

able to increase the length of the line for another 100 meters.
To use converters (modems). These devices convert and amplify the
signal, and then can transmit data by two strands of the twisted pair or
coaxial cable to a distance of 1.5 km. It is important to remember that
for devices of this type, the longer the line, the lower the transmission
speed is.

Figure 6.13: Using the converters for signal transmission over long
distances.
 Example. We need to send an image from 5 IP cameras to a central
server room over a distance of 1.5 km. The stream from the cameras is 5
x 8Mbits/s = 40Mbits/s. The specification of the converter specifies that
at a distance of 1.5 km, the maximum capacity is no more than 20
Mbits/s. Conclusion: we cannot use the converter in this case.

If you need a high-speed connection at a great distance, it is necessary to use

fiber optics.

Fiber optics
The fiber optics is a thin photoconductive thread. The transmitter with LED
or laser sends the light pulses through the fiber optic thread, and the receiver
at the other end receives them.
There are two types of fiber optics:
Multimode fiber. Core diameter of the fibers is approximately 50 microns.
For optics this is quite a lot, and that’s why the rays or modes from the
transmitter propagate along different trajectories. The trajectories have
different lengths, and the rays going along the short trajectory come before
the rays going along the long trajectory. The longer the line, the more
noticeable the difference is and the more blurred the signal that arrives at the
receiver. Because of this, Multimode is not used at distances greater than 2
km.
Figure 6.14: Propagation of light in the multimode fiber.
Single-mode fiber. Due to the small diameter, the light within the core may
propagate only along a single common trajectory. Thus, all the rays starting
at the same time reach the receiver over tens of kilometers also at the same
time, without any blur. Using single-mode fiber we can arrange the transfer
of data at a speed of 1Gbit/s over a distance of 100km.
Figure 6.15: Propagation of light in a single-mode fiber.

Example. We need to send an image from 5 IP cameras to a central

server room over a distance of 1.5 km. To do this, we connect the
camera to the switch using UTP. The switch connects to a central switch
in the serve room via the optical port.

Figure 6.16: Connecting the remote switch via the optic line.
Equipment for fiber optic networks
In this section we will briefly discuss the various devices that are used to
arrange the fiber optic connections.
The media converter connects the optic line with the copper line. Typically
the media converter is a small device that on the one hand has an optical
interface, and on the other - an interface for connecting the twisted pair.
Figure 6.17: Connecting the camera to the optic line via media converter.

Example of using the converter: the camera is mounted at a distance of 5 km

from the main building. To connect it to the central system, we convert the
signal from the camera into optics using the media converter.
SFP module. This is a small device that is installed inside a switch or other
network device to connect the fiber optics to it.
Figure 6.18: SFP module.

There is a large number of SFP modules, which vary depending on the type
of fiber optics and the length of the transmission lines.
The attenuator is a device designed to reduce the signal level. Power of the
optical transceivers is calculated for a specific length of optical lines. If the
transceivers designed for a distance of, for example, 10 km are installed at the
ends of the line, but in reality the length of the line is 500 meters, then to
make this work, we need to install the attenuator.
Pigtail is a segment of optical fiber designed to terminate the fiber-optic
cables. On one side of this segment there is a connector and its other end is
connected to the cable by welding or permanent connection.
Connectors. The following common types of connectors are used to connect
optics to the network devices:

SC
LC
2ХLC

Wireless connection
It is possible to transfer the data not only by cable, but with the help of radio
signals. Nowadays the most common standard for wireless transmission is
Wi-Fi (standard 802.11). The main advantages of the wireless network are its
low cost and ease of installation. For the arrangement of the IP video
surveillance system based on Wi-Fi, you need only to power the IP cameras
with the built-in Wi-Fi-adapter and set the access point.
Figure 6.19: Connecting the camera via Wi-Fi.

In addition to the standard access points, there are the so-called Wi-Fi
bridges, which are a pair of transceivers with narrow beam antennas. The
Wi-Fi bridge allows organization of the wireless connection at a distance of
several kilometers! Antennas should be placed in the line of sight to each
other. The speed of transmission over a Wi-Fi bridge can be up to
100Mbits/s.
Figure 6.20: Example of using a Wi-Fi bridge.
The wireless connection, apart from its obvious advantages, has some very
significant disadvantages:
Poor connection. If necessary, the radio signal can be suppressed using a
simple device that generates harmful interference in a certain frequency
range. This means that even before the attacker gets into the field of view of
the cameras, the server stops receiving a video signal.
Complexity of calculating the transmission speed and maximum
distances. The transmission speed strongly depends on the external
conditions. So, when you install Wi-Fi in the room, the speed will be
influenced by the location of antennas in the room, thickness and type of
walls, and presence of other radio sources. When using Wi-Fi on the street,
you need to take into account the weather conditions: rain or fog can greatly
reduce the operating range of the network. In other words, at the design stage
it is difficult to determine the speed and stability of the connection at a
particular location of the cameras and access points.
Speed is shared between the connected devices. The Wi-Fi network is
arranged so that at one time the data transfer can be performed by one device
only. If, for example, two IP cameras begin to transmit the stream, in fact
they will do so alternately, sharing the total bandwidth between themselves.

Example. We installed 5 wireless IP cameras. The connection speed

onsite was 20Mbits/s. This means that each camera has only 20/5 =
4Mbits/s. In fact, the camera will be able to confidently transmit the
stream with the speed of about 2Mbits/s instead of 4Mbits/s as most of
the stream will be filled with the service information.

Network equipment
To interconnect the cameras, servers and workstations, in addition to cables,
we need switching equipment: hubs, switches, and routers. All of them
transmit the data from one device to another. In this case, how do these
devices differ?

Hub
Hub is the simplest device. It only works with the electrical signals (OSI
level 1) and knows nothing about the addressing. When the signal comes to
the hub, it just duplicates it simultaneously to all its ports without worrying
about who the signal is intended for. A computer that was waiting for this
information will receive it. The rest of the computers that are waiting for this
data just ignore it.
Now hubs are practically no longer in use - they have been replaced by
switches.

Switch
The switch is a more sophisticated device. In contrast to the hub, the classic
switches are on the second (data link) OSI level, that is, despite the fact that
they still know nothing about the IP addresses, they can determine by the
MAC address who the specific data is intended for within a single network.
That is, within the same LAN, they can effectively switch the data streams by
sending them to the port, which the receiving computer is connected to.
Figure 6.21: Switch connects devices within a single network.

Router
The next complex device is a router. This device works on the third
(network) OSI level, that is, it perceives the passing data not in the form of
electrical impulses as the hub does, and not in the form of segments with the
MAC addresses (frames) as the switch does, but as full-fledged IP packets
with IP addresses. Using the IP addresses, the router can transmit the data
from one LAN to another. The main task of the router is the arrangement of
connections between the different networks.
Figure 6.22: Router connects the networks.
Wireless access point
The wireless access point works in a way similar to the hub, only for
signaling it uses not wires, but a radio channel. In addition to the wireless
part itself, at the present time a large number of the access points have built-
in switches with multiple ports, and also have the functions of the router.

Selecting the switch

Classic switches differ in their number of ports and data transfer speed. At
present, however the professional switches, in addition to a simple switching,
take on many additional functions, including the functions of the routers. So,
let’s discuss in detail the characteristics of the professional switch.

Number of ports
The number of the ports is a key parameter that indicates how many devices
you can combine with this switch. Different switch models may have from 5
to 48 ports.

Data transfer speed

The data transfer speed, that is, the maximum speed at which each port of the
switch operates. Nowadays switches with ports of 100Mbits/s and 1Gbit/s are
commonly used. There are also models with ports of 10Gbits/s, but they are
rarely used in CCTV.

Internal capacity
It is important to know that the capacity of the switch depends on the
performance of its processors. It should in no way be taken as the sum of
speeds on all ports. For example, a switch for 8 ports of 1Gbit/s each is not
always able to pass the total stream of 8Gbits/s. The performance of its
switching processor can be, for example, only 4Gbits/s. This means that at
peak load, the switch cannot provide the gigabit speed simultaneously to all
ports.
If you are choosing a switch to connect the camera, then the internal capacity
can be ignored. The cameras operate with the streams on an average of up to
10Mbits/s, and therefore cannot give the peak load even for a 100Mbit-port.
However, the internal capacity is important in large systems when choosing a
central switch to which the other edge switches are connected.
Also, be aware that in practice the actual internal capacity does not always
correspond to the value declared in the specification.

Availability of the optics connection

Typically, to connect the optics, the SFP module is installed into a special
switch expansion slot.
Figure 6.23: Switch with the ability to connect the optics.

It is important to verify the compatibility of the selected optical SFP module

and your switch model, as they are not always compatible.

Power over Ethernet (PoE)

This technology allows transfer of power to the network devices over the
twisted pair, together with the data. In IP video surveillance systems, PoE is
often used to power the cameras. By installing an IP camera, you simply
connect a twisted pair over RJ-45 - and that's it! The camera is powered and
transmits the data to the switch. The maximum length of twisted pair can still
reach 100 meters.
Figure 6.24: Powering the camera from a switch with PoE.

To arrange the power supply over PoE it is necessary for both cameras and
switches to support this technology. If the switch does not support PoE, then
in order to power the camera, you can install additional PoE injectors.
Figure 6.25: Powering the camera from PoE injector with PoE.

Let us examine in a little more detail what happens when you connect the
camera to a PoE switch. First of all, the switch must determine whether the
connected device supports PoE, and whether it should be powered or not. For
this, it applies a voltage of 2.8-10V and determines the input resistance. If the
test is passed, then the switch increases the voltage up to 14.5-20.5V and
measures the power consumption to determine the class of the PoE device.
Class Power Comments
0 0.44 – 12.95 W Unclassified Device
1 0.44 – 3.84 W Main Class
2 3.84 – 6.49 W Main Class
3 6.49 – 12.95 W Main Class
4 12.95 – 25.50 W High Power Device
There are three main classes, from first to third and two additional classes: 0 -
unclassified devices and 4 - high power devices. At the stage of
classification, the switch tries to determine the class and to reserve the
appropriate power for the device. If the device cannot be classified, then the
switch assigns it class 0 and reserves 12.94Wt for the device. After the
classification, the switch goes into operation mode, and applies full voltage of
48V.
When choosing the camera and switches, it is important to pay attention to
their power to prevent situations where a switch cannot provide the necessary
power and the camera ends up without power.

Size of MAC addresses table

As we recall, the switches work on the second (data link) OSI level and
transfer the data to the MAC addresses. The switch saves a table in its
memory, in which the MAC-addresses of all devices connected to the LAN
are matched up with the switch ports numbers. If the number of devices on
the network is bigger than the size of the table, some addresses are not stored
in the table. In this case, the switch sends the data to all ports just like the
simplest hub. Modern switches can store thousands of MAC addresses, which
in most cases is more than enough to meet the needs of IP video surveillance
systems.

Switch level
The classic switches operate at Layer 2 (L2), that is, at the data link layer.
However, nowadays the switches, which operate at Layer 3 (L3), are widely
used. These devices actually combine the functions of the switch and the
router and allow management of network streams with much more flexibility.
However, when choosing the switch in the first place, pay attention not to its
level, but to the specific functions that this level can implement.

Managed or unmanaged
Unmanaged switches just perform the data transfer between the devices.
Managed switches, in addition to the data transfer, can perform a number of
additional features, such as, for example, DHCP, QoS, STP, Mulicast, and
VLAN. Let us examine in more detail what these letters mean.

DHCP support
DHCP allows automatic assignment of IP addresses to the connected devices.

For more information refer to the section "DHCP".

DDNS support
If we want to connect remotely to the video surveillance system over the
Internet, but our ISP does not provide a static IP address, then we can use
DDNS. DDNS converts the dynamic IP address in the constant domain name.
Figure 6.26: Remote connection to the IP camera over the Internet.

That is, to connect, we will specify not the IP address but the name, for
example: cameradom-1.dyndns.org.
 For more information refer to section "DNS and DDNS".

NAT support
NAT means Network Address Translation. This mechanism works as
follows:
Suppose that a packet for the socket 85.05.45.11:50001 arrives at a router.
According to the set rules, the router translates the socket
85.05.45.11:50001 into 192.168.0.151:80, thus broadcasting a packet to a
particular device.

We remember that the socket is a combination of the IP address and the

port.
Why do we need it? If we have a network of, say, three cameras and we want
to be able to connect to them remotely over the Internet, in this case NAT is
necessary. Let us consider an example:
We have an external address 85.05.45.11, which is singled out by our ISP.
In order to access each of these cameras, we go into the router menu and
configure NAT as follows:
Translate 85.05.45.11:50001 into 192.168.0.151
Translate 85.05.45.11:50002 into 192.168.0.152
Translate 85.05.45.11:50003 into 192.168.0.153
Figure 6.27: Translating the IP addresses with NAT.
Now the requests for 85.05.45.11:50001 will be redirected to the first
camera with the internal address 192.168.0.151. In other words, typing
85.05.45.11:50001 in the browser, we will see an image from the camera.

If you work at home and are connected to the Internet through your
router, then try to configure NAT. First of all you need to know your
external IP address. The easiest way to learn this is to go to the address
http://who.is/, which will display your IP. Then go to this IP address
through a browser - you should see the web interface of your router. Go
to the NAT settings and add an entry in the table, redirecting the packets
from the port, say, 50000 (chosen randomly) to the IP address of our
camera.

Priority tags
In the specifications for the switches you can sometimes encounter the
feature Priority tags, or QoS (Quality of Service). This feature allows you to
manage the priorities. For example, you can configure the switch so that the
video stream from the cameras will be transmitted with the highest priority,
and then, all other data - only provided that they do not interfere with the
primary task.
Loop protection STP (RSTP and MSTP)
Local Ethernet networks can be built only according to the tree topology.
Figure 6.28: Network tree structure.

Note that in this case, if the central switch is damaged, the entire video
surveillance system will fail. To ensure the efficiency of the IP video
surveillance, a fault-tolerant topology with duplicated switches and
communication lines is used.
Figure 6.29: Duplicating the central switch and communication lines.

However, this topology is contrary to the basic principle of building Ethernet

networks, as loops appear in this case. The danger of loops is that the same
packets will be transmitted endlessly in circles, which breaks down the
system.
Figure 6.30: Loops appear between the switches.

This is called a broadcast storm. The switches with STP (Spanning Tree
Protocol) automatically detect the loop and block one of the lines, relegating
it to the reserve. If the main line ruptures, the switch activates the blocked
line and directs the stream through this line. To relegate the stream to a
secondary line of STP usually requires 30 to 60 seconds. RSTP and MSTP
are improved versions of STP and require less than one second to relegate the
stream.

Working with Multicast streams (IGMP)

We examined the principle of the data transfer at Multicast in more detail

in the section "What are Unicast, Broadcast and Multicast".
To arrange the multicast system, we may need two types of devices: a
multicast router and an intermediate switch.
Figure 6.31: Scheme of Multicast broadcast using an intermediate switch.
In the first case, the device is either a router or a switch with the function of a
router. It is important for the device to support IGMP, that is, it can manage
the distribution groups of the multicast streams.
The intermediate switch must have IGMP snooping, that is, it must be able
to recognize the recipients of the IGMP traffic.

Internal firewall
The firewall passes or blocks the IP packets, depending on the address which
they came from and what computer or program they are addressed to. If you
are looking for a router or a routing switch, through which the internal
network will be connected to the external networks, the presence of a firewall
is more than justified.

For more information on firewalls refer to section "What is a Firewall".

Support for VPN connections

VPN, or virtual private network, is a technology that allows establishment of
an encrypted connection between two computers or networks. Let us examine
the following example:

We have two offices. IP cameras and recording servers are installed in

each office.
Figure 6.32: Combining two networks over the Internet.

We need to make sure that staff in one office can access the video
surveillance systems in the second office.
To achieve this, the office IP video surveillance networks connect to the
Internet through the VPN gateway, the role of which can be played by both
router and computer. Next, using VPN, the secured connection is established
between the office networks, or the so-called tunnel. Before leaving one
office network, the data is encrypted. At the other end of the tunnel, in
another office, the data is decrypted.
Figure 6.33: Creating a VPN tunnel between two routers.
Thus, in fact we are working through the Internet, but due to the VPN tunnel
the data is protected as securely as if we had a leased line connection between
the offices. If a router or a routing switch acts as the VPN gateway, it must
have the support of VPN.
You should also understand that VPN is a common brand name for a
connection technology. Each particular connection is based on a specific
protocol. This may be one of the following:

IPSec (IP security) — commonly used over IPv4.

PPTP (point-to-point tunneling protocol) was developed jointly by
several companies, including Microsoft.
PPPoE (PPP (Point-to-Point Protocol) over Ethernet)
L2TP (Layer 2 Tunnelling Protocol) used in the products of Microsoft
and Cisco.
L2TPv3 (Layer 2 Tunnelling Protocol version 3).
OpenVPN SSL VPN with open source.

Each protocol has a different level of security, as well as a variety of

connectivity options. For example, the provider doesn’t allow a VPN
connection to be stablished via PPTP, but if we use a different protocol, e.g.
OpenVPN, the system will work.

VLAN support
To clearly understand what this technology is, let’s look at an example.
Figure 6.34: Users connected to the same switch form a single network.
All users on the network can share data. In order to divide the users into
groups and physically restrict the access, you must connect them to different
switches.
Figure 6.35: Two independent networks.

In this case, we have LAN 1 and LAN 2.

VLAN allows you to divide a common network into several LANs,
regardless of how the network devices are connected physically.
Figure 6.36: Creation of two independent networks with VLAN.
Note: the common network is divided into two local networks. Users from
different networks cannot see each other, do not interfere with each other, and
also are better protected against unauthorized access.
Here is an example of how to use VLAN in building IP video surveillance
systems.
Figure 6.37: Division of the common network to limit the access to the VIP
cameras.
 In this case a group of cameras installed in the VIP-rooms is combined
into a separate virtual network. You can access these cameras and the
server only from the VIP workplace. Note that the same device can
belong to multiple networks simultaneously. In our case the VIP
workplace belongs to VLAN 1 and VLAN 2. Therefore, with this
workplace you can connect to any device in the video surveillance
system and view any camera.

There are several types of virtual networks:

Port-based VLAN. The administrator binds a specific switch port to a
specific VLAN. For example, the ports from first through tenth are assigned
to VLAN 1, and the rest – to VLAN 2. Port-based VLAN is very easy to
configure. Its disadvantage is that the VLAN cannot be extended to multiple
switches, that is, you cannot build a single VLAN out of the devices
connected to two or more switches.
Tag-based VLAN 802.1Q is a virtual network based on standard IEEE
802.1Q. This standard allows switches to share data on the belonging of an
IP-packet to a certain VLAN. This allows combination of the devices
connected to the different switches into a virtual network.
There are also less common types of VLAN: based on the MAC-address and
high-level protocols.

Stacking
Stacking means combining several switches into one logical device to get a
virtual switch with more ports. That is, using a special high-speed bus, the
switches are combined with each other and can easily pass the data among all
of their ports.
In the field of IP video surveillance, stacking is quite rare, since most of the
switches are located in more than one server room, separated from each other
over long distances and interconnected by optics.
In addition to their functionality, the switches vary in their hardware design.

Temperature mode
Any switch can be set in the server room with air-conditioning. However, in
the field of IP video surveillance you may often be faced with the need to
install switches in unheated rooms or sealed enclosures.
For this purpose, there are industrial switches with passive cooling that do not
use fans. The operating temperature range of these devices is sometimes even
greater than -40°C – +70°C.

Built-in lighting protection

When installing cameras on the street it is important to remember that when
lightning strikes, the induced high voltage pulse can damage both the IP
camera and the switch. To avoid this it is necessary to install lightning
protection devices on both ends of the line.
Figure 6.38: Using lighting protection.
Some switches have a built-in lightning protection. In this case, the lightning
protection device must be installed on the side of the camera only.

Choosing a wireless access point

First of all, we are interested in parameters that affect the speed and radius of
the network coverage.

Wi-Fi standards
The maximum speed depends on the standard in which the wireless devices
work. Currently, there are three common Wi-Fi standards:
Standard Speed
802.11b Up to 11Мbits/s
802.11g Up to 54Мbits/s (up to 108 Мbits/s with MIMO)
802.11n Up to 600 Мбит/c
Despite the rather widespread popularity of 802.11n, most cameras operate in
802.11g, so in most cases, you should focus on a maximum speed of
50Mbits/s. Remember that this speed does not account for each camera, and
will be divided among all the cameras, connected to a single access point.
Also, note that many manufacturers of Wi-Fi equipment achieve higher
speeds than specified in the standards, with the help of internal technologies.
However, the speed data is achievable only when using the manufacturer’s
equipment on both the transmitting and receiving sides.

Transmitter power
Both radius of coverage and ultimately the speed of data transmission depend
on this parameter. Most often, the level of the transmitter power is not
measured in watts, but in decibels - dBM. Power of a typical access point is
about 20 dBM.

Antenna gain
In addition to the power of the transmitter, an important role is played by the
antenna gain, which is measured in isotropic decibels dBi. This parameter
determines how much greater the power of the antenna radiation in a certain
direction is than the power of radiation from an isotropic antenna.

Isotropic radiator is an imaginary antenna that radiates equally in all

directions.
The standard antenna of a typical router has a gain of 3 - 4dBi. The externally
directed antennas that allow establishment of a connection at a distance of a
mile in the line of sight, have a gain of 10dBi or more.

Antenna directional pattern

Antennas radiate energy in all directions unevenly. A graphical representation
of how the antenna gain depends on the direction is called a directional
pattern.
Figure 6.39: Antenna directional pattern.

Typically, the narrower the antenna directional pattern, the higher the gain.

Number of antennas
Depending on the technology used, the use of multiple antennas can either
improve the stability of the connection, or increase the speed by channel
spacing.

For more information on Wi-Fi refer to the section "Hints".

WEP, WPA, WPA2 encryption

To prevent strangers from connecting to the wireless network, there are
different algorithms for encryption: WEP, WPA, and WPA2. The most
secure are the last two algorithms. Most of today's Wi-Fi-devices support
these two.

Other features
As we have already seen, the access point often has features of the router.
Therefore, it may have such network functions as DHCP, VLAN, VPN, and
IGMP.

We have analyzed what these functions are in the section "Selecting the
Switch".
 Chapter 7
Examples of the IP video
surveillance systems

In this chapter, we examine:

Video surveillance in an apartment

IP video surveillance in a house
Surveillance in the parking lot of an apartment building
IP video surveillance system in the supermarket
Surveillance in a shopping center
Arrangement of a perimeter IP video surveillance system
Video surveillance system in a bank
Integrated video surveillance system for a chain of restaurants

So we have examined each component of the IP video surveillance system in

detail, as well as its design and functionality. Now it’s time to talk about how
to build a well functioning system out of separate components.
Each system has its key features. For example, a home video surveillance
system needs access to the cameras over the Internet. For a perimeter system
it is important to choose the network equipment to organize the connection
via optics. For shopping centers with large numbers of cameras it is necessary
to develop a fault-tolerant network topology and functionality of the video
monitoring points.
In this chapter we will examine different schemes for building the systems,
and we will do it, as always, using examples.
Note that we won’t provide any guidelines for specific models. IP video
surveillance technology is developing very fast. Today one manufacturer’s
cameras may be well suited to performing a specific task, and tomorrow –
another manufacturer will provide you with the best solution. We will focus
on determining the key parameters. You will need to make your own choice
regarding specific models.

IP video surveillance in an apartment

Let’s begin building the IP video surveillance system with the simplest option
– with arrangement of the video surveillance in an apartment.

Task
To monitor the apartment when the owners are out.

Solution
In our case one can enter the apartment either through the entrance door or
the balcony. So for reliable protection, we are going to need two cameras.
Before installing them, we need to determine how we are going to transmit
the signal from the cameras for viewing and recording. Typically it is quite
difficult to draw additional wires in an apartment with a fine finish. Therefore
the best solution is to use Wi-Fi wireless cameras. In this case the only wires
we need are those for power supply from the nearest socket.
The next issue is the arrangement of the video recording. Typically it is too
expensive to buy a separate recorder, or a server for two cameras. If we
decline the recorder, the following options will remain:

To record to the built-in memory card of the camera

To record to the home computer. Note that in this case the computer
must be on both in the daytime and at night.
To record to a remote server at a third company (SaaS). Some
companies provide the recording as a service. That is, they provide their
servers for remote recording of the IP cameras over the Internet.

For more information on SaaS refer to the section "Video Recording".

The easiest option is to record to the memory card of the camera. But here it
is important to understand that if the intruder detects the cameras, he will
either destroy them or take them with him along with the recordings. To save
the required frames we can offer the following option: to set, in the camera,
sending of alarm messages via e-mail every 5 seconds. In this case when the
motion detector actuates, the individual frames will be sent to our email. Now
even if the cameras are stolen, a number of the required frames will be saved.
There is one important thing to remember: the camera detects any motion in
the frame, including you, when you are walking in the apartment. And in
order to prevent the camera sending hundreds of messages with your face to
your mail, you need to do the following:

To turn off the cameras physically, that is, to remove power from the
cameras, when you are home.
To set up a timetable determining when the camera has to record and
when it doesn’t have to. This feature is not present in every camera.

Figure 7.1: Video surveillance system in an apartment.

Equipment
So to build the system, we need the following equipment.
Device Quantity Key parameters and comments
IP 2
cameras
Camera with the built-in Wi-Fi interface.
 In order that the system is not very expensive let’s
decide in favor of a resolution of 640х480 up to 1
megapixel, with CMOS. Remember that the
resolution of the camera does not always indicate
its quality. Before buying the camera try to view
the images it takes.
Camera has to have a built-in mask motion
detector with adjustable sensitivity.
Camera has to be able to perform event-driven
recording to the memory flash card.

Nowadays, most of the cameras have such functionality,

so it won’t be difficult to find the appropriate model.
Wireless 1 For this case, any Wi-Fi access point will fit.
access
point
Computer Setting and viewing of the archives can be performed
from any computer via web browser.

Additional features
You can adjust the system so that you can connect to the cameras remotely
over the Internet and view the current conditions. For this purpose the Wi-Fi
router has to have two functions, which are by the way present in all modern
routers:

1. NAT to convert the network addresses;

2. DDNS that translates the dynamic IP address into the invariable domain
name.

Figure 7.2: Remote connection to the home video surveillance system.

 For more information on NAT and DDNS refer to the section "Network
equipment".

IP video surveillance in a house

The next option that we are going to examine is an IP video surveillance
system for a country house. The functionality of this system is similar to the
previous example with the only exception that to protect the house we need to
combine more cameras.

Task
We need to provide a twenty-four-hour monitoring of the internal premises,
as well as the adjacent territory. There is no video surveillance post. The
system has to operate independently – to perform recording when the motion
appears in the frame and to store these recordings for two weeks. Access to
the live video will be carried out with the home computer, as well as remotely
over the Internet.

Solution
To protect the house we need 5 outdoor and 9 internal cameras. So as not to
disturb the interior design, we will choose tiny domes as the internal cameras.

It is important to understand that on one hand, the tinier the camera, the
less it disturbs the interior design, and on the other hand, the tinier the camera
lens, the more difficult it is to get a high-quality picture.
All our cameras will have the resolution of 1 megapixel. On the street, the
installed box cameras will be enclosed in sealed housings.
Now let’s determine how we will connect the cameras to the central
equipment – by wires or via Wi-Fi. Let’s compare the following options:
Wire
Wi-Fi
connection
Advantages We can We can install cameras almost anywhere
connect regardless of whether there are embedded
cameras of parts or not.
different Due to the absence of wires we can
resolution and significantly reduce costs on mounting.
in any number.
Disadvantages We need Typically the Wi-Fi connection does not
structured allow data transfer with the total speed of
cabling. 20Mbits/s. In our case if we share 20Mbits
If the fine among 9 internal cameras, the maximum
finish has stream from the camera will be of about 1-
already been 20Mbits/s. But for high-quality megapixel
performed, we video, we need a capacity of 4-6Mbits.
wouldn’t
always be able
to use the wire
connection.
Suppose that in our house the fine finish has not been performed yet and we
can lay the twisted pair. Therefore we choose the wire connection option. The
structure of our system will be as follows:
Figure 7.3: Video surveillance system in the house.

As we see, the central element will be a switch. The cameras and server are
connected to this switch. Also, a Wi-Fi router will be installed in the house to
connect the laptop and Internet output.
Number of ports. We have 14 cameras, a server and a switch, that is, 16
devices. We can install a 16-port switch, but typically the switches are
installed with future extensions in mind. Therefore we will choose the 24-
port option.
Capacity. The ports for connection of the cameras can be of 100Mbits/s.
However, the port, which the switch is connected to, has to be a gigabit port.
Cameras with 1 megapixel resolution will form the stream of 4-6Mbits/s.
Therefore the total stream equals 14x6 = 84Mbits/s. If we take into account
that the capacity will be calculated with a minimum 30% margin, then
100Mbits/s for this stream will not be enough.
PoE. We will power all the internal cameras from the switch, which means it
always has to have the PoE support. The external cameras could also be
powered from the switch, but there’s no sense in doing this, if we need to
supply power to heat the housing. Therefore we will power the outdoor
cameras along with the housings.
Let’s examine the issue of the video recording arrangement.
As the video recording devices we install the server with the appropriate
software. To determine the required power of the server we contact the video
recording software developers and specify the models of the cameras and
their number. In response, we need to get the requirements for the server
hardware and confirmation that the camera models are supported by the
program. The important point is the integration degree of the IP camera. We
can significantly reduce our costs on the hardware if the software supports
the motion detector, operating on the side of the camera.

We have examined this issue in more detail in the section "Supported

cameras".
In addition to the power, we need to know the required capacity of the disks.
For this purpose, convert the stream units from megabits to megabytes, and
multiply that number by the number of cameras and archive storage time:
6Mbits/s / 8 x 14 x 3600 x 24 x 14 = 12,700,800 Mbytes or 12.7
terabytes.

Taking into account that the cameras will be recorded not permanently, but
by the motion detector, divide 12.7TB approximately by 2. That is, we will
need 6.35 terabytes. To have some margin, set 8 TB – 4 disks 2 TB each.
The functionality of the software will not be considered, since this issue is
very individual. We will only say that for a home video surveillance system,
remote monitoring plays an important role, namely, such features as the
automatic sending of the alarm frames to email, sending SMS, the ability to
re-code the stream to work over low-speed connections.
But as for the requirements for the Wi-Fi router, they will be the same as for
the video surveillance system in the apartment. That is, important functions
for us are DDNS and NAT, which allow connection to the server over the
Internet.
Device Number Key parameters and comments
Internal IP 9
camera
Dome camera
1 megapixel with CMOS
PoE support

Outdoor IP 5
camera
Box camera day-night
1 megapixel preferably CCD or sensitive CMOS
Preferably with noise-canceling function 3DNR

Video 1
recorder
Video server with software
4 disks 2Tb each

Switch
24 ports
At least one port of 1Gb/s
PoE support

Wireless 1 In our case, any Wi-Fi access point will fit with
access point DDNS and NAT.
Computer Setting and viewing of the archives can be performed
from any computer via web browser.

Additional features
Sometimes it happens that the country house cannot be connected to the
Internet, but remote viewing is still required. In this case, you can use GSM.
Instead of our router, we connect the GSM modem to the server, and now the
server can send the alarm reports to our email. If we want to connect to the
server over the Internet to view the video archive, DDNS has to be set up on
the server. In addition, it is important to understand that the speed of the
connection through the cellular networks may be tens or even hundreds times
lower than standard fixed-line channels.

For GPRS/EDGE the maximum transfer speed is 256kbits/s

3G (HSDPA / UMTS) allows transfer of the data with a maximum speed
of 7.2Mbits/s.

These are the maximum values determined by the technology used. In real
conditions, the speed will be much lower. First, external factors such as
noise, signal stability and the like have an influence. The worse the signal,
the lower the speed is. Second, if we want to get video from a server that is
connected to the Internet via GSM modems, then we are interested not in the
receiving speed, but in the data transmission speed. The speed of data transfer
itself is several times lower than the rate for the reception.

Thus, in the real conditions the speed of video transmission in the

network when using GPRS/EDGE will rarely exceed 50kbits/s, and when
using HSDPA/UMTS – 500kbits/s.
To work with the video data in such conditions, we need a stream with a
resolution of up to 640x480. To do this, the server must have the function of
re-coding video from the megapixel format to the format with the lower
resolution and higher compression ratio.
If the server is not able to re-code, you can try connecting not to the server,
but directly to the cameras. Most modern IP cameras have a dual stream
function. That is, one stream can be megapixel for recording, and the other
one - 640 x 480 - just for transmission over low-speed networks. To connect
to the cameras, you will need to configure the VPN connection on the server,
which in this case will act as a router.
Figure 7.4: Remote connection to the video surveillance system via GSM.
In this case, we establish the VPN connection and enter into our video
surveillance network as if we were at home.

The market offers programs that allow you to establish the VPN
connection without requiring the configuration of VPN and routing. These
programs establish connections almost automatically and can make life easier
for the novice system administrator.

Monitoring the yard and parking lot of an

apartment building
Let us consider another interesting variant of the video surveillance system in
the house. Only this time we are dealing not with a cottage, but with a large
block of apartments with the adjacent territory on which the parking lot and
playground are situated.

Task
We need to monitor the parking lot and the playground. Live video from the
surveillance cameras will be available to all tenants.

Solution
In this example we need to connect ten megapixel outdoor IP cameras. The
standard box cameras are enclosed in the sealed housings and connected to
the central switch. The server, which performs recording of all video streams,
is connected to the same switch. This part is standard. However, the most
interesting part of this system is providing access to the live video from the
cameras for all tenants. And here we will focus on the multicast transmission.
As we recall from the theory, when broadcasting in multicast mode, the
camera transmits the stream not to a specific client, but to a special multicast
address. A client, if he wants to watch the video, should subscribe to this
stream by sending a specific request from the computer.

For more information on Multicast refer to section "What are Unicast,

Broadcast and Multicast".
The multicast router manages the subscriptions and sends the streams to the
clients. Therefore, the role of the central switch will be played not just by an
ordinary switch, but by a routing switch with IGMP. The connection diagram
is as follows.
Figure 7.5: The video surveillance system in an apartment building.
So the cameras transmit the streams to the multicast router. The stream is not
transmitted to the IP address of the recipient, but to a Multicast address, such
as 224.10.0.10. Each camera sends its stream to its Multicast address.

Pay attention to the features of cameras and recording server. Can the
server receive the Multicast stream from the cameras? If not, can the camera
transfer the Multicast stream to the tenants and Unicast to the server
simultaneously?
Tenants should have access to our multicast router. To ensure this we will
need to negotiate with the ISP to connect to the LAN of the building. Once
the connection has been established, the client can watch our cameras with a
program for watching IP TV, for example by using VLC Media Player. To
do this it is necessary to specify a multicast address of the desired camera
along with a port number in the box Open URL, e.g. udp ://@
224.10.0.10:5004. Of course, for convenience, you can put the address data
in the form of tabs or a playlist, or, for example, make a special web page,
through which the streams will be broadcast.
Device Number Key parameters and comments
Outdoor 10
IP
cameras Box camera day-night
1 megapixel preferably with CCD or sensitive
CMOS.
Preferably with noise-canceling function 3DNR
Multicast support

Important! The security IP cameras are rarely used in the

Multicast mode. Even if the camera supports Multicast,
we recommend to pre-test it, because the cameras do not
always work in this mode as required.
Video 1
recorder
Video server with software
4 disks 2Tb each

Switch 1
as a
multicast 16 ports
router Minimum 2 ports 1Gbit/s
IGMP support

Provider The switches connecting the multicast router with the

switches clients’ computers must have the support of IGMP
snooping.

Additional features
If the ISP provides the digital television service in the house, we can try to
connect our cameras as additional digital channels. Digital TV uses the same
multicast transmission with the same multicast router and the programs for
watching. So instead of setting our own multicast router, we can try to
negotiate with the ISP and send the streams from our cameras to their router
or multicast server. In this case, the user, having opened the list of digital
channels, will see our cameras among them. In this case the connection
diagram will look slightly different.
Figure 7.6: Connection of the video surveillance system through digital
television channels.

IP video surveillance in a supermarket

Our next example is an IP video surveillance system in a supermarket.

Task
We need to monitor the sales areas, checkout counters, parking lot and
adjacent territory. The video archive should be stored for 7 days. We need to
organize the operative surveillance post for one guard.

Solution
To perform the tasks we need the following cameras:

8 outdoor cameras
20 internal cameras to monitor the sales areas
35 internal cameras to monitor the checkout counters
6 high- speed PTZ dome cameras

The cameras will be connected to 3 switches installed in different parts of the

building. The structure of the connection in this case is as follows:
Figure 7.7: Video surveillance system in a supermarket.
Each group of cameras is connected to its own switch, which in turn is
connected to its own server. Each of these three bonds - camera, switch, and
server – does not affect the others and can work independently. We chose this
structure to provide a fault tolerance for the system. In case of failure of one
group of cameras, the remaining groups will continue to be recorded.
So the problem of recording is solved. Now we should bring the video to the
observation post. To do this, we will organize a separate independent
network. We connect the second network port of the server to a different
gigabit switch, and broadcast the streams through it to the operator
workstation.
Here you may have a question: Is it possible to connect the workstation to
one of three main switches? Answer: You can do it, if these switches have
free gigabit ports.
In general, this connection scheme is attractive in its simplicity. First, it is
easier to calculate the capacity required, as the streams to record and display
are separated. And second, it is easier to provide the necessary level of safety:
you do not have to divide the networks with VLAN, as they are already
physically separated by the server.
Now let’s turn to the organization of the observation post. Only one security
officer will continuously work with the video surveillance system. He must
assess the operational situation and monitor the actions of any suspicious
visitors. For this purpose, the system should provide the following:

Playback of live video at 25 FPS

Easy navigation and switching between cameras to be able to follow the
movements of visitors
Easy management of PTZ cameras

Let us examine each of these items separately.

Real time display. In order to display the streams in real time it is necessary,
first, for the camera to transmit the stream at the speed of 25 FPS. Usually,
cameras with a resolution of no more than 2 megapixels, transmitting the
stream over RTP in the streaming formats MPEG4 or H.264, can work at
such speed.
Second, the computing power of a workstation should be enough to decode
the required number of cameras. It's time to decide how many cameras we
need to be displayed on the monitors. At the observation post we will install
three monitors:

View monitor - 9 cameras, which give a view of the situation in a

particular sector
Main monitor - 1 to 4 cameras. This monitor displays a close-up view of
the cameras to follow the suspicious visitors.
Monitor with an interactive plan of the object.

Figure 7.8: Connecting monitors to the operator workstation.

There is no sense in installing and displaying a larger number of monitors,
because one person cannot pay attention to more than 15 - 20 cameras.
Instead, it is better to consider mechanisms for easy switching between the
cameras or groups of cameras to monitor various situations.
In our case all 3 monitors can be connected to a powerful workstation. The
configuration of the workstation should be agreed with the developer of the
software, specifying the number and parameters of the displayed streams.
The next point is easy navigation. To enable the guard to quickly switch
over different cameras, you need to pay attention to the ergonomics of the
software, as well as the presence of such features as, for example, the ability
to logically group the cameras and the ability to set any random sizes to multi
screens and to combine the cameras into panoramas.
Easy control of PTZ cameras. It should be remembered that, unlike in
analog systems, there is always a delay when transmitting video over the
network. That is, it may take from a few tens of milliseconds to several
seconds between the moments when we wave our hand in front of the camera
and when the wave is displayed on a computer screen. This delay does not
play a big role when working with stationary cameras. However, in the case
of PTZ cameras, the long delays can make the job intolerable.
The total delay time is formed of several parts:

Coding of the video stream on the camera. Coding takes a few

milliseconds and does not significantly affect the final result.
Transmission over the network. If the network operates normally and no
 packet loss occurs, the data transfer also takes a few milliseconds. The
best protocol in terms of time delays is UDP. Unlike TCP, it can
transmit the data without taking the time to open the session and confirm
the delivery of the packets.
Decoding of the stream on the workstation. The decoding process has
the greatest influence on the delay. Therefore, to ensure the most
comfortable operation of PTZ cameras, you should use the most
powerful computer or decode the PTZ cameras with separate hardware
decoders.

In addition to the issues related to the delay, you need to pay attention to the
connectivity of the proportional joystick or the convenience of controlling the
camera with the mouse.
Device Number Key parameters and comments
Internal IP camera (sales 20
areas)
Dome camera
1 megapixel
PoE support

Internal IP camera 35
(checkout counters)
Box camera
1 megapixel
PoE support

PTZ IP camera 6 High-speed PTZ dome IP camera

Outdoor IP camera 8
Box camera day-night
1 megapixel preferably with CCD
or sensitive CMOS
Preferably with noise-canceling
function 3DNR

Video recorder 3
Video server with software
 4 disks 2Tb each

Switch 24 ports 3

24 ports
Minimum 1port 1Gb/s
PoE support

Switch 8 ports 1
8 ports 1Gb/s

Workstation 1 Powerful computer with the ability to

connect three monitors.

Additional features
As an addition you can install several large monitors on the trading floor and
display the image from several cameras so that visitors see that all their
actions are being monitored. To do this we need the decoders, which will
receive the video stream either from the camera or from the servers and
display it on the screen. The connection diagram in this case is as follows:
Figure 7.9: Video surveillance system with extra decoders.
In general, you can configure the decoder using its web interface and
determine which stream it should decode. If the central software supports the
function of the decoder control, instead of a strict peg of the specific camera
to the specific monitor, you can choose to display any cameras on the
monitor, or, for example, set up an automatic paging of the cameras.
Surveillance in a shopping center
The shopping center is an area of special interest. Usually there are hundreds
of cameras installed here. Therefore, if we decide to build a surveillance
system based on IP technology in a shopping center, particular attention
should be given to the competent construction of the network infrastructure.

Task
We plan to install a total of 250 cameras in the shopping center. The
recording has to be conducted with an archive depth of 14 days. It is also
necessary to organize the observation post, which will be operated by six
people.

Solution
We begin, as always, with the issue of the cameras connection. The most
convenient is to power the internal IP cameras directly from the PoE
switches. Therefore, let’s install the 24-channel PoE switches in different
parts of the building and connect all of our cameras to them. Then our
switches distributed around the building need to be combined. There may be
several options. For example, one way is to establish the star-type connection
of all peripheral switches with a single powerful central switch. This is the
most common topology, since it is easy to set up and calculate.
Figure 7.10: Star-type network topology.
The second option is a series connection of switches in line. Depending on
what switches will be connected with each other, we can get either a tree or a
ring.
Figure 7.11: Tree-type and ring-type network topologies.

Here the problem of the capacity calculation is somewhat more complicated

than in the previous star-type version. Combining the switches in line, we
must remember that each subsequent switch will pass through its port not
only the streams from its cameras, but also the streams of all other switches
connected further along the chain.
Figure 7.12: Series connection of switches.

In our case, when combining all five switches, each of which has 24 cameras
connected to it, the last switch in the circuit will have to transmit the stream
from all 120 cameras (24 x 5) through its port. The camera transmits video at
6Mbits/s, so the total stream is 6 x 120 = 720Mbits/s, which is a large stream,
even for a gigabit port.
Since we have not 120 but 250 cameras, we are not going to experiment with
the tree- and ring-type structures, and instead, will choose the clear star-type
topology ". In this case, our system is as follows:
Figure 7.13: Video surveillance system in a shopping center.

The peripheral switches are connected with the central switch through the
gigabit ports. Through each of these ports the stream from 24 cameras, i.e. 24
x 6 = 144Mbits/s, is transferred. Here the only limitation is likely to be the
total capacity of the switch. In our example, the total stream passing through
the central switch will not exceed 2 GB. (240 cameras x 6Mbits/s =
1440Mbits/s plus the stream from the servers on the monitoring station).
Here, you will likely have a question regarding the fault-tolerance of the
system. The bottleneck in this case is a powerful central switch. If it fails, the
whole network stops working, that is, the servers will not record, and the
video will escape from the operators’ monitors.
To insure the system against such risks, instead of one central switch, you
need to install a pair of identical switches, which will duplicate each other’s
functions. In this case, the connection diagram is as follows:
Figure 7.14: Duplication of the central switches.

As can be seen in the diagram, one redundant switch is installed along with
the main switch and duplicates connection to the peripherals. That is, each
peripheral switch is now connected not with one, but with two central
switches. If one of them fails, the stream will be transmitted through the
second one.
However, if we look closer into this diagram, we see that a loop is formed in
this connection. And we remember that the Ethernet topology should not
have any loops, because through the loops the packets will be transmitted in a
circle, resulting in a broadcast storm.
Figure 7.15: Transmitting the broadcast IP packet between the switches in a
circle.
Therefore, for this scheme to work, you need to use switches with loop-
protection function STP (RSTP, MSTP).

For more information refer to the section "Loop protection".

So, we have decided on the network. Now let’s build a star-type system with
duplication of the central switches.
The issues of organization of recording and displaying remain. We will
perform recording to the servers with 16 cameras each, i.e. to 16 servers. We
will install 6 workstations at the surveillance post, and connect 2 monitors to
each of them. One monitor displays up to 16 cameras, and the second one
displays the interactive graphical plan of the object.
Our final diagram is as follows:
Figure 7.16: Video surveillance system in a shopping center. Final diagram.
Device Number Key parameters and comments
IP camera 220
Dome camera
1 megapixel
PoE support

Outdoor IP 20
camera
Box camera day-night
1 megapixel preferably with CCD or sensitive
CMOS
 Preferably with noise-canceling function
3DNR

Video recorder 16
Video server with software
6 disks 2Tb each
RAID 5
2 ports 1Gb/s

Switch 24 11
ports
24 ports
2 ports 1Gb/s
PoE support

Central switch 2
48 ports 1Gb/s
STP (RSTP, MSTP) support
DHCP support

Workstation 6
Powerful computer with the ability to connect
two monitors
2 ports 1Gb/s

Surveillance along a perimeter

Now, let’s move from the shopping center with lots of cameras to a
completely different type of object - a perimeter. The peculiarity of an IP
video surveillance system at a perimeter is that the cameras are distributed
over a large territory, and because of the large distances it is quite difficult to
connect them to the central switch. To organize the relevant data transfer
channels, additional equipment is required. The second important aspect is a
careful selection of the IP cameras themselves. So, let us discuss these issues
using the example of a small perimeter.

Task
Here we have a perimeter 2 km long. The cameras must be installed every 70
meters. One security guard will work at the observation post. He will
constantly monitor the ten most important cameras. If the detector actuates,
he will automatically get an image of the corresponding area.

Solution
First of all, let’s examine the matter of building the network.

Network
The most extensive line of the perimeter is a side A. Its length is 700 meters.
Taking into account that the cameras are installed every 70 meters, we have a
total of 11 cameras on this side.
Figure 7.17: Video surveillance system along a perimeter.

We remember that the maximum length of UTP cable from the camera to the
switch cannot exceed 100 meters. Therefore, we will put one simple switch in
the sealed enclosure next to each camera.
Figure 7.18: Cameras connection.
We will connect switches consistently through each other. Having combined
five cameras in this way, we connect our line to the grouping switch, which is
connected to the central switch though optics.
Likewise, we will connect five cameras, located to the right of the grouping
optical switch.
Now, let’s answer some frequently asked questions.
Why can’t we draw the optics directly to each camera?
First, this would be much more expensive, as the optical switches and media
converters can be ten times more expensive than the regular UTP-operating
switches. In addition, the creation of a large number of optical connections is
difficult in terms of installation.
Can we put not five switches in line, but, say, 10 or 20?
In a series, you can connect quite a lot of switches. The main limitation is the
capacity. The regular switches, which we put next to each camera, operate at
a speed of 100Mbits/s. In this case, the last switch in the chain passes through
its port 5 cameras x 6Mbits/s = 30Mbits/s. We can increase the number of
switches to, say, ten, that is, to the stream of 60Mbits/s at the extreme switch.
It is clear that we cannot transfer 20 cameras over a single line.

When working at the perimeter, pay special attention to the quality of the
cables and the quality of their installation. If you use poor quality cable, place
it along with other cables, causing interference, or perform a careless
crossing, you may face a lack of connection or a connection at a speed of
10Mbits/s instead of 100Mbits/s.
Choosing cameras
Having dealt with the network, let’s move to the issue of choosing the
cameras. The main requirement imposed on the perimeter camera is a good
light sensitivity. So first we look for day-night cameras, sensor type - CCD or
modern expensive CMOS, minimum illumination - 0.01 lx, with an advanced
noise reduction system. It is very desirable in this case to pre-test the camera,
that is, to make a test recording of moving objects in low light conditions.
As a rule, the sensitivity of the IP megapixel cameras is lower than the
sensitivity of analog cameras. So using the additional IR illumination will not
be superfluous. Here, however, special attention should be paid to the quality
of the lens and the ability to use a model with the high-quality IR correction.

Integration with security alarm

The last question we are going to discuss in this example is the integration of
the video surveillance system with the security alarm so our guard will
automatically receive the appropriate image when the detector actuates.
Solution 1
Almost all IP cameras have dry contacts, so we can connect them to the
security loop. In this case, when any detector triggers in the loop, a group of
cameras goes into the alarm mode. To make the system work, we need to
meet two conditions: first, the video surveillance system software should be
pretty tightly integrated with the cameras and be able to recognize the alarm
condition of the camera, that is, to understand when the dry contact is closed,
and when it is not. Second, in case of emergency, the software should be able
to automatically simultaneously display a number of alarm windows with the
cameras monitoring the corresponding area of the perimeter.
Solution 2
A more advanced solution is the integration of the software that manages the
security alarm, and video surveillance system software. In this case, the
information is transferred from one program to another, which then has to
respond accordingly.
Device Number Key parameters and comments
Outdoor IP 30
cameras
Box camera day-night
 1 megapixel resolution, preferably with CCD
or sensitive CMOS.
Sensitivity of 0.01 lux
Preferably with noise-canceling function
3DNR
High-quality megapixel lens with IR
correction

Video 1
recorder
Video server with software
6 disks 2Tb each
RAID 5

Switch located 20
next to the
camera 4-6 ports
The switch is installed outdoors in the sealed
enclosure, so it should be without fans and
with extended temperature range

Grouping 3
switch
4-6 ports
At least one port for optics connection
The switch is installed outdoors in the sealed
enclosure, so it should be without fans and
with extended temperature range

Central switch 1
4-6 ports
At least 2 ports 1Gb/s
At least 3 ports for optics connection

Workstation 1 Powerful computer with the ability to connect two

monitors
Surveillance in a bank
Our next target will be a bank. In this example, we will examine issues of
fault tolerance, and possible measures to protect against intrusion into the
system.

Task
In total, we will install 160 cameras in our bank. They will be located along
the perimeter of the building, in the storage, at ATMs, as well as in the
banking hall and hallways. Only guards will be able to view the live video
from the camera and the archive records. The exception will be 10 cameras in
the banking hall. The staff involved in assessing the quality of the customer
service should have access to these cameras.

Solution
As we said earlier, the basic requirement for the video surveillance system
will be its fault tolerance. Let us examine this question in detail.

Fault tolerance
What is meant by this concept? The ideal fault-tolerant system maintains its
performance even in the event of failure of any of its components. Imagine:
for example, one of the servers goes down, but the system continues to
operate, all cameras are recorded, all the multi screens are displayed, and
operators work properly!
You ask: How is that possible? Here is an example of constructing such a
system.
Figure 7.19: Fault-tolerant system for IP video surveillance.
The cameras and workstations, as always, are connected to the LAN
switches. The servers in our case do not perform the recording.
The task of the servers in the system is the management of all the other
devices. When the operator at his workstation selects a camera, say, number
30, the command is sent to the server, which directs the stream of the
respective camera to a given computer. If the operator requests the archive
records, the server sends him to appropriate records from the storage device.
That is, the server itself does not generate any streams - it only manages
them. Recording is carried out to the dedicated network storage devices. If
one of the arrays fails, the management server automatically distributes the
streams among the remaining devices or redirects them to a dedicated spare
array.
Each server can handle a fairly large number of cameras and workstations. In
our system there are 160 cameras, and one server is enough to manage them.
To provide fault tolerance the servers are duplicated, that is, one more server
is installed in addition to the server. This second server monitors the state of
the main server and if the main server stops responding, it automatically takes
over its functions. Note that not only the servers, but also the connection is
duplicated. The servers are connected to the LAN switches simultaneously
through two ports, which provides protection against failure of one of the
central switches.

For more information on the fault-tolerant network topology refer to the

section "Loop protection".
Thus, in our case, the system will remain fully operational even if the server,
central switch or disk array fails. In addition to fault tolerance, such systems
are extremely flexible in configuration and they scale very well.
Unfortunately, despite its obvious advantages, this type of video surveillance
system is used very rarely. Why? First, the cost of such a solution is
significantly higher than the cost of the standard options. And second, in
order to run such a system, you need a professional with extensive knowledge
in information technology, trained by the manufacturer.
A more common variant of the bank surveillance system looks like this:
Figure 7.20: Typical video surveillance system.

In this case, each server records its cameras to the internal disks. In the event
of failure of one of the servers, the most that can be done is to change the
configuration of the remaining servers to make them record the most
important neighbor cameras, in addition to their own cameras.
Providing external users with access to the cameras
Remember that ten cameras installed in the banking hall should be accessible
to external users. In other words, we must organize a secure connection to an
external network.
For a secure connection, the first thing we need to do is to install a firewall.
In our case it will be a separate computer, which in addition to its firewall
functions will act as a router.
Figure 7.21: Organizing secure remote access to the video surveillance
system.

A firewall is an effective means of protection against intrusion. With it, we

will block all passing packets except those that come from the surveillance
programs from several pre-defined computers, and are addressed only to the
server No.1, which records the cameras in the banking hall.
The second safeguard is to divide the surveillance network into two
independent parts using VLAN. In our case, we will organize two virtual
networks VLAN1 and VLAN2. The router will belong to VLAN1, and all
other devices – to VLAN2. The server that records the cameras in the
banking hall will belong to both networks.
Figure 7.22: Using VLAN to restrict access to the video surveillance
devices.

The users coming from the external network through a router will be in
VLAN1. As we may remember, if we are in one network, the second network
simply does not exist for us. Therefore, for external users the video system
will consist of a single server. The rest of the video surveillance network
infrastructure will be unavailable to them.
 For more information about VLAN refer to the section "VLAN support".
Further access restrictions should be performed at the level of the video
surveillance software. In order for external users to access all 16 but only 10
cameras of the server, the video surveillance software must have a function
for managing access rights individually for each camera.

Protection against intrusion from the inside

In addition to protection against intrusion from the outside, you need to take
care of the intrusion from the inside. What does intrusion from the inside
mean?
This is the case when, for example, an attacker finds a free Ethernet socket
and connects his laptop to our network. If, however, in our system there are
no free sockets, he finds the IP camera, disconnects it for a second and
connects in its place a small switch. He then connects the IP camera back
through the switch, and connects the laptop to the available port of the
switch.
Having connected his laptop to the network, the attacker can do almost
anything. For example:

Having scanned the network to identify the numbers of the IP and MAC
addresses of the cameras, he can pass himself off as one or several
cameras, sending a false video to our servers. You say: What about
passwords? After all, you need to know the password for access to our
cameras. The fact is that most of the cameras run under HTTP and
transmit passwords in a clear text, that is, if necessary the password can
be intercepted.
At the right time, he can start sending broadcast requests, thereby
violating the network. That is, at a particular moment, all our cameras
will cease to transmit video.
He can launch his own virus program.
He can provide a hidden remote access to our system by installing, for
example, a small computer unit with GSM modem connected to our
network behind the false ceiling.
So how can you protect against the connection of unauthorized devices? The
easiest way is to pre-determine the devices that will work in our network. We
register the MAC address of all the cameras, servers and computers on the
switches. Then, using the switch function Port Security we block the ability
to connect devices that are not included in our list. In case of an unauthorized
connection attempt you may, in addition to the notice to the administrator,
automatically block the port to eliminate the possibility of even a short-term
unauthorized connection.
The video surveillance system, in contrast to the corporate networks, is a
closed system, with a minimum number of users and running programs.
Therefore, it is relatively easy to ensure the security of the network. Having
configured the firewalls and blocked the access of the unauthorized devices,
we get rid of 99% of potential threats.
It is also worth noting that as a rule the most vulnerable is not the network
and the network technologies, but the surveillance software. Despite the fact
that video surveillance is related to security systems, protectability of many
software packets is poor. So, very often, with the help of simple actions we
can change the configuration of the server, or even delete the records without
having the rights of the administrator.
Device Number Key parameters and comments
130
IP cameras
Dome camera
1 megapixel
PoE support

Outdoor IP 30
cameras
Box camera day-night
1 megapixel, preferably with CCD or sensitive
CMOS
Preferably with noise-canceling function 3DNR

Video 10
recorder
Video server with software
14 disks 2Tb each
 RAID 6

Switch 7

24 ports
At least 2 ports 1Gb/s
PoE support
Port Security

Central 2
switch
48 ports 1Gb/s
STP (RSTP, MSTP) support
DHCP support

Firewall 1 Computer with two network cards and special

software that performs packet filtering.
Workstation 2 Powerful computer with the ability to connect two
monitors.

Surveillance for a chain of restaurants

It often happens that you want to install only a few cameras on the site. But
the difficulty lies in the fact that there are dozens of such sites, they are
located far away from each other and this requires the creation of a single
surveillance post for all sites. Let’s examine such a scenario of a distributed
IP video surveillance system using the example of a chain of small
restaurants.

Task
There are 40 restaurants, and we need to install 3 cameras in each of them.
The video surveillance system is created to address three objectives:
assessing the quality of customer service, resolving disputes, and getting
additional evidence in the investigation of incidents.
Solution
Taking into account the fact that every restaurant has only 3 cameras, instead
of installing a separate video recorder, we will record to the internal memory
cards of these cameras. We will transmit video over Wi Fi – this greatly
simplifies the installation. For each restaurant, we need three cameras with
built-in Wi-Fi transmitter, plus Wi-Fi router.
Next, we need to connect LANs of all the restaurants to the central office
network. For this purpose, we will use the existing Internet connection and
VPN tunnels.
The diagram is as follows:
Figure 7.23: Integral video surveillance system of a chain of restaurants.
In our case each router creates a permanent secure VPN connection. It is
desirable for the routers to have allocated IP addresses. Otherwise, you can
either set up the already familiar DDNS, and connect through the constant
domain names, or use the services of companies providing VPN connection
without the use of permanent IP-addresses.
 For more information on VPN refer to the section "Support for VPN
connections".
You also need to configure a firewall on all routers to block any unauthorized
access to the internal networks. Thus, the central office will be permanently
connected to all the restaurants in the same manner as if the restaurants had a
direct connection to the central office. With the help of special software, or
just through a browser, a staff officer can get a video from any camera, and
download files.
As for the calculation of the network capacity, basic requirements are
imposed on the traffic upload speed provided by the ISP when connecting the
restaurants to the Internet. If you use megapixel cameras the stream can be
6Mbits/s. Therefore, while viewing remotely the total upload speed should be
at least 6 x 3 = 18Mbits/s. When using the standard resolution cameras, each
stream will be equal to 1 Mbit /s, that is, totally - 3Mbits/s.
To exclude the possibility that, in the event of a robbery, a criminal will take
video cameras with recordings with him, you can provide a fallback choice
for recording. To do this, we will install a small server in the central office,
which in case of a security alarm in a restaurant, will start a parallel recording
of all cameras that are there.
There are several options for transferring the signal from the security system
to the video recording server in the central office. For example, you can
programmatically integrate one system to another. Or you can connect the
dry contacts of the security system to the input contacts of the camera and
configure the server so that when the contacts close on the camera the
recording starts automatically.
Device Number Key parameters and comments
IP 2
cameras
Camera with built-in Wi-Fi interface.
In order to prevent the system from becoming very
expensive let’s decide in favor of resolution
640х480 up to 1 megapixel, with CMOS.
Camera has to have a built-in mask motion detector
with adjustable sensitivity.
Camera has to be able to perform the event-driven
 recording to the memory flash card.

1
Wireless
access Router function
point VPN connection support
Configurable firewall

Central 1
switch
Router function
Support of at least 40 simultaneous VPN tunnels
Configurable firewall

Video 10
recorder
Video server with software
Ability to connect to 120 cameras
Ability to turn on the recording when the alarm
system triggers at the remote site.

Computer Setting and viewing of the archives can be performed

from any computer via web browser.
 Chapter 8
Video analysis

In this chapter, we examine:

How is video analysis arranged

What types of detectors are there
How to build a surveillance system with video analysis

The modern video surveillance system can not only record frames but can
also act as an observer, assessing the situation. Imagine: the system itself
constantly monitors the events developing in the field of view of the cameras,
evaluates them and informs the security guard if the situation seems
suspicious.

How is video analysis arranged?

The basis of video analysis is its points comparison. In simple terms, it looks
like this: for example, 30 points in a certain part of the frame at first were
light, and then became dark. This means that there was a movement in the
frame. This is how a simple motion detector works. If you monitor the group
of changing points as a whole, then we have an objects detector. It is much
more interesting to work with objects than with just movements. Objects can
be assessed by their size and proportions. For example, an object of 200 x 50
points is likely to be a car, and 30 x 70 – a person. This is how the objects
classifier works. Then you can calculate the number of objects, measure their
speed and determine the direction of motion.
With these characteristics the detector can quite accurately determine whether
a situation is abnormal. For example, in a banking hall, people usually walk
slowly. A situation where someone is running around the room is clearly
suspicious. So we set up a detector to the maximum speed of movement, and
if someone runs, the guard will automatically receive an alarm message with
the corresponding video segment.

What types of detectors are there?

Here are the most popular types of detectors.

A motion detector is a basic tool that is present in all video surveillance

systems. This detector is used, as a rule, only to save space on the disk -
the system does not record video if there is no movement in the frame. If
there is a constant source of background movement in the frame, for
example a window through which a constantly swaying tree can be seen,
then the window is blocked by a dead zone, a mask, to which the
detector will not respond.
Calculation and classification of objects detects moving objects in the
frame, calculates their number, and classifies them according to size and
proportions.
Determination of speed and direction of movement of the object
selects a moving object and follows it, remembering the trajectory and
the movement speed.
Detection of abnormal behavior for some time records the direction of
movement and speed of the objects in the frame, and then creates for
itself an idea of how the objects move normally. If later an object’s
movement does not match the stored pattern, the detector will alert the
operator. For example, in a shopping center hallway, people leisurely
walk or relax on benches. If the detector notices that in the corner of the
hall, where there is usually no one, a man has been standing for a long
time, the operator will be notified.
Detector of left objects alerts if an object appeared or disappeared in
the frame. For example, the camera looks at railway station hall. If a
visitor has left a bag next to the bench on which he sat, the detector will
outline this bag with a box and warn the operator. However, a problem
lies in the fact that the detector can take the person sitting on the bench
for the left object. For partial redemption of such incidents there is a
detector that classifies objects.
 A masking detector is used to receive an alarm when the camera is
covered with paint or moved in a different direction. The detector stores
the frame structure and if it has been changed gives a notification.
Detection of license plates allows you to single out plates of passing
vehicles in a video stream and put them together into a database. From
that point on, it will be enough to indicate the license plate or a part of
the vehicle you are interested in, and the system will find the footage
with the wanted vehicle in the archive. Or you can pre-specify the plate
you are interested in, and if the vehicle gets into the field of view of the
camera, the system will instantly notify you of its appearance.
Face detection allows you to automatically single out people's faces and
compare them with a pattern. For example, you upload a picture of a
wanted person in the system. From this moment on, the program begins
to compare all faces entering the frame with the loaded picture, and if a
match is found, you will be notified. Despite the fact that face detection
algorithms have been developed for many years by different companies,
stable operation still cannot be achieved.
Automatic object tracking using PTZ camera. The detector sees a
moving object in the field of view of the PTZ camera and turns the
camera so that an object at all times remains in the frame.

While choosing the required functions of the video analysis, you need to
pay attention to the quality of detection. The reality is that most detectors on
the market work reliably on the display stand only.

How to build a surveillance system with

video analysis?
During the system design phase, we must first decide where the detection will
take place. The algorithm that analyzes the video stream can run on the IP
camera itself, on the video recording server or on a separate analyzing server.
Let us examine each of these cases separately.

Detection is carried out by the video recording server

Initially, the motion detection function was carried out by the video recorder.
But with the advent of megapixel IP cameras, that function was more often
handed over either to IP cameras, or individual computers, leaving servers
with the function of recording. The main reason for this is a big load on the
server processor. And this load is caused not by detection only, but also by
pre-decoding of the video stream coming from the cameras. So even turning
on a simple mask motion detector, we will see a big CPU load.

Detection is carried out by the IP camera

We are used to the fact that all IP cameras have a standard mask motion
detector. However, from year to year, cameras are being equipped with more
powerful DSPs that allow you to upload complex and resource-intensive
recognition algorithms. Nowadays some IP cameras can classify objects,
determine their number and movement direction, and identify the left objects
on their own.
Building a surveillance system in which the analysis functions are transferred
to the IP cameras is very efficient. First, recording servers are not loaded, and
second, the detection is based on uncompressed images of the highest quality.
The difficulty with implementing this scheme lies in the fact that sometimes
improvements in the video surveillance software are required in order to
receive information on the detected objects from the camera.

Detection carried out by a separate video analysis server

There are detectors that cannot be transferred to the IP camera. For example,
the functions of face or license plate detection involve algorithms that are
quite complex and require significant computing power. Therefore, usually a
separate server is allocated for them.
It must be remembered that in this case the camera should transmit the video
to the recording server, and a separate stream to the video analysis server.
The easiest way to get a separate stream is to use a camera with a dual
stream.
Finally it is worth noting that the stability of recognition, as a rule, largely
depends not on the level of algorithms, but on the quality of the original
image. Most detectors are very sensitive to the level of noise, image contrast,
size of detected objects, and so on. The slightest deviation from the
recommendations of the developers can significantly reduce the stability of
recognition. Therefore, when building a surveillance system with video
analysis you should pay special attention to the issue of choosing a high-
quality camera and its correct disposition.
 Chapter 9
Hints

In this chapter, we examine:

Checking network connection

Crimping the twisted pair
Organization of the wireless Wi-Fi connection
Components of the sealed enclosure for outdoor IP camera

During the commissioning of the IP video surveillance, experts can face a

number of typical problems. For example: "a camera is connected, but there
is no connection;" "there is a connection, but no video;” "100-megabit
interface, and the real speed is only 10 megabits/s." The last chapter provides
the solutions to the most frequently encountered problems.

Checking network connection

It often happens that one device cannot connect to another device, for
example, a workstation cannot connect to the server. There are several
reasons for the lack of connection. Let’s examine a series of commands that
will help find and fix those causes.
Before we begin, let's say that all of the specified commands are run on
Windows systems in the command line mode. To go to this mode, choose
menu "Start - Run" or press the key combination "Win-R" and type the
command "CMD" in the window that appears.

Ping
If you experience problems with your network connection, the first thing that
must be checked is the ability to send and receive IP packets. To do this, use
the command "Ping".
1. Checking the operability of the network interface. Type the command
ping 127.0.0.1. The computer tries to send the IP packets over the network
interface to itself.
C:\Users\Alex>ping 127.0.0.1
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

If there is no answer, then either the computer network interface is disabled,

or there are problems with its driver, or some program or service is
interfering with its normal operation.
2. Checking the connection to the gateway. Next, check the availability of
the gateway. To do this, type ping "address of the main gateway". If
there is no answer, then either there is no physical connection (a cable is not
connected), or the IP addresses are incorrectly assigned, or the gateway does
not work or an invalid address is specified.
3. Checking the connection to the nodes of another network. If our
computer has to be connected to the other networks, for example to the
Internet, the next step is to test the routing. Type ping "address of the
remote computer". If the gateway can be seen, but there is no answer from
the remote node, then it indicates a problem in configuring the network
devices between our nodes.
4. Checking the DNS operability. Sometimes it happens that if we request
the remote server via its IP address, there will be an answer. And if we
request it via its domain name there will be no answer. Type ping
google.com. If there is no answer, then the computer cannot convert the
domain name to the IP address, which means that the IP address of DNS is
set incorrectly in the configuration of the network adapter.
 If you type ping -t "IP-address", the test packets will be sent until you
manually stop the testing by pressing "CTRL-C".

IPConfig
Using the command ipconfig you can find out the configuration parameters
of the computer network interfaces.
C:\Users\Alex>ipconfig
Windows IP Configuration
Ethernet adapter Local network connection:
Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::1cb:cc77:3551:f9ce%10
IPv4 Address. . . . . . . . . . . : 192.168.10.101
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.10.1

If you type ipconfig /all in the command line, the detailed information on all
interfaces will be displayed.
C:\Users\Alex>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : Alex-Micro
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Подключение по локальной сети:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NVIDIA nForce 10/100/1000
Mbps Ethernet
Physical Address. . . . . . . . . : 00-13-20-28-DE-56
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . :
fe80::1cb:cc77:3551:f9ce%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.10.101(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.10.1
DHCPv6 IAID . . . . . . . . . . . : 244382630
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-0D-60-49-90-
FB-A6-84-2C-72
DNS Servers . . . . . . . . . . . : 192.168.10.1
NetBIOS over Tcpip. . . . . . . . : Enabled

According to this report you can find the errors in the network adapter
configuration. For example, if your computer has an IP address that matches
the address of another network device, the subnet mask will have a value of
0.0.0.0.

If the network interface is configured to automatically obtain configuration

from the DHCP server, and at the same the DHCP server is not found, the IP
address will remain unassigned, which means it will have a value of 0.0.0.0.
If the IP address starts with 169.254.x.x, and the subnet mask is
255.255.0.0, it could also mean that the network interface is configured to
automatically obtain the configuration from the DHCP server, which for
some reason was not found. In this case the address 169.254.x.x was
assigned by the operating system itself.

PathPing
If there are several commuting or routing devices between the nodes, it is
important to check the connection parameters for each sector. To do this, you
can use either the command tracert, or pathping. The report allows you to
see the entire route of the packet from the sender to the recipient along with
the response time for each sector and the packet loss level.
C:\Users\Alex>pathping google.com
Tracing route to google.com [173.194.69.102] over a maximum of 30
hops:
0 Alex-Micro [192.168.10.101]
1 192.168.10.1
2 62.84.96.31
3 62.84.97.61
4 193.232.246.232
5 72.14.236.248
6 216.239.43.251
7 72.14.236.93
8 209.85.242.187
9 209.85.240.88
10 173.194.69.102
Computing statistics for 250 seconds...
Source to Here This Node/Link
Hop RTT Lost/Sent=Pct Address
0 Alex-Micro [192.168.10.101]
1 1ms 0/100 =0% 0/100 = 0% 192.168.10.1
2 1ms 0/100 =0% 0/100 = 0% 62.84.96.31
3 6ms 0/100 =0% 0/100 = 0% 62.84.97.61
4 8 ms 0/100 =0% 0/100 = 0% 193.232.246.232
5 33ms 0/100 =0% 0/100 = 0% 72.14.236.248
6 --- 100/100=100% 30/100 = 30% 216.239.43.251
7 --- 100/100=100% 30/100 = 30% 72.14.236.93
8 --- 100/100=100% 30/100 = 30% 209.85.242.187
9 --- 100/100=100% 30/100 = 30% 209.85.240.88
10 71ms 70/100 = 70% 0 100 =0% 173.194.69.102
Trace complete.

For example, the command ping showed a high percentage of packet loss
when requesting one of the IP cameras. After typing pathping "address of
the camera" we will see between which nodes we should look for the cause
of the unstable connection.

Netstat
After typing the command netstat you can see all the current network
connections of the device.

Route
If your computer or server operates as a router, that is, the packets pass
through it from one network to another, it is important to know the routing
configuration. To view these settings you need to type the command route
print.
IPv4 Route Table
=====================================================================
Active Routes:
Network
Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.10.1 192.168.10.101 276
=====================================================================

In this example, the only route is the redirection of the packets to the router
192.168.10.1, which is our only gateway on default.
For example, our server has two network interfaces: one is connected to the
internal video surveillance network 192.168.1.0, and the other one- to the
external corporate network 10.0.0.0. If we want to connect to the external
network node from the internal network, we need to specify the appropriate
route. The packet has to go through the following nodes: sender's computer
-> server -> external network router -> receiver’s computer. To configure
the route run the following command:
route ADD -p 10.0.0.0 MASK 255.0.0.0 10.120.30.1

where 10.0.0.0 is the address of the receiver, that is, any computer with an
address 10.x.x.x, and 10.120.30.1 is the address of the external network
router, where the packet will be forwarded to.

ARP
As we know, within the local network the switches use the MAC addresses to
transfer data between the nodes. Compliance of MAC addresses and IP
addresses is stored in a periodically updated table. This table can be seen by
typing arp -a.
C:\Users\Alex>arp -a
Interface: 192.168.10.101 --- 0xa
Internet Address Physical Address Type
192.168.10.1 00-14-d1-bc-cd-dd dynamic
192.168.10.110 00-22-43-0a-b8-bf dynamic
192.168.10.201 1c-4b-d6-aa-a0-0a dynamic
192.168.10.255 ff-ff-ff-ff-ff-ff static
224.0.0.2 01-00-5e-00-00-02 static
224.0.0.22 01-00-5e-00-00-16 static
224.0.0.252 01-00-5e-00-00-fc static
224.0.0.253 01-00-5e-00-00-fd static
239.255.255.250 01-00-5e-7f-ff-fa static
255.255.255.255 ff-ff-ff-ff-ff-ff static

In rare cases, this table may be damaged and because of this, the connection
with the external devices may be lost. That is, the computer pings its own
address only. You can update the table with the command "netsh interface ip
delete arpcache".

Checking the ports

Sometimes it happens that the command ping shows that there is a
connection, but the video transfer is not happening. One reason for this may
be that the video transfer is carried out at a specific port, which in turn is
blocked by a firewall.
Therefore, in addition to the standard checking of the connection it is
sometimes necessary to check the possibility of transferring data at a specific
port.

For more information on the ports, refer to the section "IP addresses,
packets, sockets".
To check the availability of a specific port, you need to use a separate utility.
One such utility is a free program called NMAP. In the camera or server
settings, we figure out which ports are used, and then check the availability of
these ports.
To check the availability of the port 554 (RTSP) NMAP open NMAP and
type in the command line:
nmap -p 554 "address of the server"
Nmap scan report for 192.168.10.110
Host is up (0.0030s latency).
PORT STATE SERVICE
554/tcp filtered rtsp
MAC Address: 00:22:43:0A:B8:BF
Nmap done: 1 IP address (1 host up) scanned in 1.15 seconds

As we see in the report, port 554 is "filtered", which means that the packets
are blocked by a firewall, router rules, or computer security filters.

For more information on firewalls, refer to the section "What is a

Firewall".

Crimping the twisted pair

To connect a twisted pair to the network devices we use RJ-45 connector.
When using Gigabit Ethernet 1000BASE-T all eight wires of the cable,
which have to be connected to the contacts inside RJ-45 according to a
strictly defined pattern, are used.
There are two types of connection cable and, respectively, two options for
crimping RJ-45 connectors:

Straight cable or a patch cord to connect a computer or a camera with a

switch
Crossover cable to connect two network devices directly without using
an intermediate switch.

Patch cord
Figure 9.1: Patch cord crimping diagram.
Both ends of patch cord follow the same wiring format.

Crossover
Figure 9.2: Crossover crimping diagram.
The crossover ends have different wiring order.
If the network device is pinged when connecting to the switch, and is not
pinged when connected directly to the computer, then most likely the
problem is in the wrong crimping of the cable.

Organization of the wireless Wi-Fi

connection
In order for the Wi-Fi connection to work stably and at high speed, you
should pay attention to a number of important points. First of all, consider the
optimal arrangement of the antennas.

Antenna arrangement
To get a steady high-speed connection the transceiver antennas should be
arranged in the line of sight, that is, in other words, there should be no
barriers between the antennas. Almost all types of barriers that are in the way
of the radio waves cause a significant attenuation of the signal, and the
reinforced concrete walls and floors present an insurmountable barrier for the
high-frequency Wi-Fi radiation.
It is important to know that there should be no barriers, not only in a straight
line between the antennas, but also in the area adjacent to this straight line.
The radio waves propagate not in one line, but occupy a certain area around
the line of sight. This area is called the Fresnel zone.
Figure 9.3: Fresnel zone between the antennas.

Objects falling into the Fresnel zone may significantly weaken the radio
signal, and therefore you should avoid all possible barriers located at a short
distance from the line of sight. The width of the Fresnel zone depends on the
distance between the antennas, as well as the frequency of the signal.
Table. The Dependence of the Fresnel Zone Radius on the Distance between
the Antenna
Distance Radius of the first Fresnel Radius of the first Fresnel
between zone at a frequency of 2.4 zone at a frequency of 5
antennas GHz GHz
50 m 1,2 m 0,9 m
100 m 1,8 m 1,2 m
500 m 3,9 m 2,7 m
1 km 5,6 m 3,9 m
3 km 9,7 m 6,7 m
5 km 12,5 m 8,7 m
10 km 17,7 m 12,2 m

If a lot of objects that cause a strong attenuation of the signal fall in the
Fresnel zone, you should either move the antennas, or use an intermediate
retransmitter.

Antenna directivity
When establishing the wireless connection, you should pay attention to the
directivity of the antennas. As we know, there are two basic types of
antennas: omni-directional and directional.
Directional antennas usually have a large gain in a certain area and should be
quite accurately directed at each other. The correctness of the installation is
determined by the signal level at each of the access points.
Omni-directional antennas, installed on most wireless cameras and home
access points, are vertically mounted rods that relatively evenly radiate in a
horizontal plane through 360 degrees. However, it should be remembered
that in the vertical plane of the omnidirectional antennas tend to capture only
a small sector.
Figure 9.4: Radiation sector on the horizontal plane.

So if, for example, the camera will be located on the ground floor of one
building and the access point antenna on the roof of the neighboring building,
their directivity diagrams on the vertical plane will not intersect and no
connection will be established.
When installing the antenna in addition to the directivity you should consider
the polarization parameter. Most Wi-Fi antennas have either a vertical or a
horizontal linear polarization.
Figure 9.5: Horizontal and vertical polarization of the antennas.
When installing, you should see to it that the transmitting and receiving
antennas have the same polarization direction.
If both antennas are simultaneously turned through 90 degrees, you can
change the plane of polarization, for example, from vertical to horizontal. By
performing this simple procedure in some cases, you can get rid of
unnecessary radio interference.

Cables to connect the antennas

When using the external antennas you should pay special attention to the
quality of the cable through which the antenna is connected to the access
point. Wi-Fi operates at very high frequencies, so the loss in the cable and
connectors can be very significant. In order to minimize losses you should
use high-quality cables of a minimal length, avoiding bending or distorting
them, as well as monitor the quality of the detachable joints installation.

Choosing the channel

For Wi-Fi operation you should use a specific frequency range, which is
divided into the channels. Each channel has its own frequency.
If an established connection is unstable, it is possible that other nearby
equipment is using a frequency of your channel. So the first thing you should
do in this case is to try switching to another channel.
If your network uses several access points, to avoid mutual interference you
should either set them to different channels, or locate the antenna so that their
directivity diagrams do not intersect.

Ping
In order to assess the stability of the connection you can use the command
Ping.
Type in the console mode ping -t "IP address of the camera".
If no packet loss is observed, and the response time is few milliseconds, then
the connection is stable. The next thing to check is the connection speed. To
do this you need to play back the live video simultaneously from all cameras
that are connected through this Wi-Fi channel and see the network load, for
example, through the Windows Task Manager.

Windows Task Manager can be called up using the key combination "Ctrl
+ Shift + Esc"

Lightning protection
When using the external antennas you need to protect the access point against
damage caused by the static discharge during a thunderstorm. For this
purpose the antenna coaxial cable is connected to the access point through the
compact lightning protection device of the antenna feeder system.
When using the outdoor access point connected to the switch with a twisted
pair, you need to use the lightning protection designed to protect the Ethernet
lines.

Components of the sealed enclosure for an

outdoor IP camera
For the construction of an IP video surveillance system, besides the cameras,
servers and computers, you need a fairly large amount of additional
equipment. Let us examine what additional devices must be installed on the
cameras when arranging outdoor video surveillance. As a basis, we take the
example of IP video surveillance already familiar to us from the seventh
chapter.
Figure 9.6: Installing IP cameras at the perimeter.

We examined this perimeter schematically in terms of its network structure.

Now let’s analyze what equipment has to be enclosed in the sealed enclosures
located next to the cameras.
In our case, there are two types of sealed enclosures:

Sealed enclosure with a standard switch.

Sealed enclosure with a grouping switch and an optical distribution
frame.

Sealed enclosure with a standard switch

The key component of the sealed enclosure is a switch, providing
connectivity of the cameras with the central server equipment. It is most
preferable to use industrial fanless switches with an extended temperature
range and mounting on the DIN rail.
To provide the switch and the camera with power you need to connect a
220V line to the sealed enclosure. To protect the equipment against induced
pulses you need to install a lightning protection device for the 220V lines.
After that, the cable can be brought to the circuit breaker and then on to the
PSU.
In addition to installing lightning protection on the lines of 220V, it is
necessary to protect the network Ethernet ports. To do this, all the extended
lines of a twisted pair have to be connected to the switch through a special
lightning protection device. In our case, two lines of 70m each from the
neighboring sealed enclosures are connected to the switch through the
lightning protection.
All the equipment is installed in the sealed enclosure, which depending on the
climatic conditions may or may not have heating and a temperature
stabilization system.
The power to the IP cameras can be supplied either from the existing PSU
through a separate line, or from the switch through the Ethernet twisted
according to the PoE technology.
Figure 9.7: Sealed enclosure with a standard switch.

1. Ethernet switch
2. Power supply unit
3. Circuit breaker for the line 220V
4. Lightning protection device for the power line
5. Lightning protection device for the Ethernet line
6. Temperature stabilizer
 7. Sealed enclosure
8. Magnetic tamper for opening control
9. Terminal blocks

Sealed enclosure with a grouping switch

The grouping switch combines the streams from all the standard switches and
sends them to the server room via a dedicated fiber optic line. In this
example, we use an industrial fanless switch with six ports to connect the
twisted pair and two gigabit ports for connection of the optical fibers.
The power is supplied as in the previous example: the 220V line is connected
to the PSU through the lightning protection device and the circuit breaker.
To protect the switch ports against high-voltage pulses, two Ethernet
lightning protection devices are also used.
In addition, to connect one of the main cores of the optical trunk cable to the
switch, the optical distribution frame is required.
Figure 9.8: Sealed enclosure with a grouping switch.
 1. Ethernet switch
2. Power supply unit
3. Circuit breaker for the line 220V
4. Lightning protection device for the power line
5. Lightning protection device for the Ethernet line
6. Optical distribution frame
7. Temperature stabilizer
8. Sealed enclosure
9. Magnetic tamper for opening control
10. Terminal blocks
 Alexander Lytkin

IP Video Surveillance
An Essential Guide

Feel free to ask questions and make comments on the book’s website
http://ipvideosystemdesign.com/
 Table of Contents
IP Video Surveillance
Introduction
About the Author
Who this book is intended for
Structure of the Book
Notations
Understanding IP Video Surveillance
What Do These Two Letters Mean?
Advantages of IP video surveillance
Are there other ways of transmitting megapixel resolution besides
networks?
What does an IP video surveillance system consist of?
IP Cameras
How the IP camera is arranged
IR-Cut filter
Sensor
Video signal processor
Compression processor
Camera CPU
Network interface
How to choose the IP cameras
What is a video streamer?
Lenses
Lens Resolution
Lens types
Focal distance or view angle
Aperture ratio
Focus quality
Asphere
IR correction
Depth of field
Other characteristics of the lens
Format
 Mounting
Aperture control
Video Recording
Where is the video stream from the IP camera recorded?
How the process of getting the video stream is arranged
How does a computer-based video recorder work
CPU
Video recorder hard disks
Network interface
Random access memory
Operating system
Software for video surveillance
What is the difference between the video recorder and
computer?
How to choose the best recorder or server
Number of connected cameras
Supported cameras
Number and maximum capacity of disks
Reliability of the hardware
Software features
Video playback
All you need to know about the monitors
Choosing the monitor according to the features
How many monitors do we need?
Decoding
What do the monitors in the IP video surveillance system
connect to?
Comparison of compression standards in terms of decoding
Graphic accelerators and CUDA
Network
How is the network arranged?
IP addresses, packets, sockets
Networks, subnet mask, routing
DNS and DDNS
OSI Levels
More on addressing
What is a Firewall?
 What are Unicast, Broadcast and Multicast?
Transmission medium
Copper cable
Fiber optics
Equipment for fiber optic networks
Wireless connection
Network equipment
Selecting the switch
Choosing a wireless access point
Examples of the IP video surveillance systems
IP video surveillance in an apartment
IP video surveillance in a house
Monitoring the yard and parking lot of an apartment building
Surveillance in a supermarket
Surveillance in a shopping center
Surveillance along a perimeter
Surveillance in a bank
Surveillance for a chain of restaurants
Video analysis
How is video analysis arranged?
What types of detectors are there?
How to build a surveillance system with video analysis?
Hints
Checking network connection
Ping
IPConfig
PathPing
Netstat
Route
ARP
Checking the ports
Crimping the twisted pair
Organization of the wireless Wi-Fi connection
Antenna arrangement
Antenna directivity
Cables to connect the antennas
Choosing the channel
 Ping
Lightning protection
Components of the sealed enclosure for an outdoor IP camera
IP Video Surveillance