The availability of IP network-based video surveillance systems has transformed the way in which businesses are able to make the best use of resources in ensuring that their assets are protected and that staff can work in a safe and secure environment.
A key feature of Video-over-IP technology is the end user’s ability to control cameras and view live or recorded images from anywhere on the network. This means that a security manager can be based anywhere in the world and yet have immediate access to very high resolution images, in turn allowing them to analyse any incident and, if appropriate, pass the evidence gathered to the police service for prosecution purposes.
With HD IP network cameras and domes increasingly being used by host organisations to capture evidence grade images of activity at their head offices and branches, there’s the potential for would-be fraudsters to gain access to valuable and confidential information.
Deployment of external IP cameras requires the provision of an external network connection to the IP camera device. Such external connections could be subject to malicious tampering such that the perpetrator might gain access to a company’s internal network. Although much can be done to secure and isolate network connections with a fully-managed network switch, and even deploying an entirely separate network for the surveillance system, there are still risks associated with such approaches.
These concerns are particularly relevant where it might theoretically be possible to disconnect an externally-mounted IP camera, access the network through this connection and potentially detect and disable the other cameras and/or the network video recorder itself.
If the surveillance network is bridged to – or is indeed part of – the main network, it might even be possible for a well-prepared, highly-skilled attacker to access or otherwise disrupt other systems on that network.
Technology to the rescue
Fortunately, there’s now a solution available that stops dead any attempt by those with criminal intent to hack into a network via an IP network-based video surveillance system.
Manufactured by UK-based Veracity and available exclusively via Samsung Techwin Europe, LINKLOCK provides a total barrier to all unauthorised network access by fully blocking connections to any cable or equipment that has been tampered with or disconnected.
It works by completely disconnecting data and power from the coaxial cable link, thereby providing complete isolation of the affected link. This makes it an ideal protection measure for security-critical installations in banks, for instance, where network cabling or video surveillance equipment might be located externally in order to detect, monitor and record evidence of criminal activity such as vandalism, ATM skimming and armed robbery, as well as to remotely monitor premises outside of normal business hours.
Available as an option on Veracity’s HIGHWIRE Powerstar range of Ethernet and PoE over coax adaptors, LINKLOCK may be deployed with any make, model or type of IP camera.
On a standard video surveillance system, having a secure or encrypted link over the coax alone does not prevent intrusion as the Ethernet link to the camera would still be open and unsecured. The HIGHWIRE coaxial connection uses a secure proprietary baseband protocol which is point-to-point only.
PoE over coax powers the HIGHWIRE adaptor at the camera end and the camera itself. However, any attempts to ‘tap into’ or disconnect the coax or network connections is detected by the LINKLOCK base unit which immediately disables PoE and data. As a direct result, all external equipment is immediately and completely isolated from the internal LAN.
Added security for end users
The LINKLOCK blocking mode cannot be reversed through the external network or coaxial interface. To return to normal operation, the HIGHWIRE LINKLOCK base unit inside the building must be physically reset by a contact closure switch across screw terminals on the unit itself.
This protection does not depend on the IP camera being powered by PoE. If powered by a local power supply, the IP camera will still operate when the LINKLOCK blocking mode is triggered, but there will be no communication whatsoever through the coaxial cable.
The blocking mode will still work even if a given camera is externally powered by an attacker before they attempt to tamper. This is because the Ethernet signal or the HIGHWIRE coax signal must still be physically re-connected or ‘tapped into’ to connect a third party (ie attacker) device. This will be detected as normal and will subsequently trigger the blocking mode.
In short, LINKLOCK affords an easy-to-implement and effective solution for businesses (and particularly those with a Duty of Care towards the protection of sensitive data) that wish to capitalise on the benefits of a Video-over-IP system but without creating an opportunity for criminals to hack into the network.