The Integrator’s Guide to Cloud Video

0
293

There probably is not a person in the security industry today that has not heard the term cloud – just look at the cover of this magazine! That said, hearing and reading about it vs. doing it are very different. Part of that relies on education. There are many in our industry who do not know what the cloud is, or how to sell it, or deploy it. Those who do are probably early adopters of most technologies.

Why does cloud adoption matter? The simple reason is that corporate IT departments have been doing this for a while and are providing internal regulation to companies to move to the cloud. It is based around subscription services that are counted per head in the company. Microsoft 365 costs $12 per head, Adobe costs $20, and so on. The spend is quantifiable.
Security departments now are faced with transitioning video from an on-premises capital expenditure to a subscription-based model. No longer is video surveillance being sold only by the security integrator – now but droves of IT vendors have jumped into the VSaaS market because they have been selling cloud IoT sensors for years. After all, a camera is just an optical IoT sensor.

The cloud is just a server in another company’s datacenter – with the appeal to lease the space at a fraction of a cost of owning while paying for it out of an operational budget. Security continues to fall under IT more each day, requiring compliance to both company IT architecture as well as purchasing requirements.

VSaaS solutions are fairly new to an already mature IT market; thus, it requires integrators to know what type of VSaaS solution will be successful for the end-user. Video Surveillance as a Service or VSaaS is an umbrella term for all cloud video surveillance. At this point, every Video Management System (VMS) manufacturer either has a cloud offering or has it on the roadmap to deliver within the next 18 months. The majority of the services are offered in Microsoft Azure, Amazon Web Services (AWS), Google Cloud, or Wasabi.
VSaaS consists of two primary types: cloud-hosted and cloud-managed. Both offer hybrid solutions that involve a version of onsite recording and the cloud.

Cloud-hosted video involves edge cameras or edge devices recording directly to the cloud via a network connection (wired, wireless or cellular). Most cloud-hosted providers have their own brand of cameras that will record directly to the cloud, or a gateway device – with or without onsite storage – to take traditional IP cameras and transmit them to the cloud.
If your customer has been mandated to go to the cloud, cloud-hosted video is a good solution to avoid having to rip and replace the entire camera system. That said, cloud-hosted video has limitations –primarily bandwidth consumption and cost.

Internal camera networks can be segmented and run on their own fibre network, but once that video leaves the site, it has to travel securely across leased lines that carry all inbound and outbound data from the company. This can include traditional web traffic, but also Point of Sale (POS). Too much bandwidth usage can cause latency in other systems, which can be hazardous to business.

Cloud-hosted costs are similar to server and service level agreements (SLAs) broken up over a period of years. To avoid significant cloud costs, most of the cloud-hosted providers have limitations on resolution, frame rate, and retention in the cloud.

Cloud-managed video is edge recording – either to an edge server or to a surveillance-grade SD card in the camera, and then managed through a cloud interface. These edge cameras or servers record everything on the device, and typically have a video analytics package built-in to provide intrusion or object detection video analysis (sending only the analyzed video to the cloud).

Similar to cloud-hosted, cameras provided by the cloud-managed manufacturer are typically cloud-enabled and do not require any additional onsite hardware, while cloud-enabled servers with an analytics package store traditional IP video at the edge, and send only the analysed video to the cloud. Video sent to the cloud is managed through a central VMS, but each connected device is recording locally.

Cloud-managed video typically has a set amount of cloud storage for bookmarked or saved video. Since cloud-managed video is recorded at the edge, each camera can be set up with different variables, with analysed video receiving a higher resolution and frame rate than non-analyzed video. There is a trade-off between edge hardware and cloud storage costs to be considered, based on the end-user’s requirements and budget.

One thing that regularly gets overlooked with edge recording to surveillance-grade SD cards is that flash recording is not designed for continuous streaming video. Any camera solution using SD cards, no matter what grade, should include replacement of the SD card (if possible) once every year to prevent video retention failure.

Today, almost every integrator/end-user conversation turns to VSaaS. While that does not mean that every end-user is ready for a cloud deployment, as an integrator, it is critical to know the end-user’s use-case and regulatory demands.

For example, cities require video to be Criminal Justice Information Services (CJIS) compliant. Regulated by the FBI, all video used by public safety entities must meet CJIS compliance to be used in court. To meet this requirement, video must be controlled – easy for on-premise solutions, not so easy for cloud. There are very few clouds that comply with CJIS, and even fewer CJIS-compliant VSaaS solutions. Why does this matter if you are not selling to public entities? Well, many corporate security teams came from the public sector, and will require this level of confidence.

Additionally, as more cloud solutions come available, adoption is going to continue. In the last 18 months, AWS has changed their stance from not being CJIS compliant to helping cloud providers hosting in AWS to be CJIS compliant.

Another obvious concern is cybersecurity. While most cloud providers have statements and third-party penetration testing performed, it is important that the VSaaS solution be able to provide its own cybersecurity policies and adherence to best practices. Most VSaaS providers have some version of this, but not all are the same.
Credits: ProTecht Solutions Partners