TECH TALK: Network Interface Card in Security Camera Network Design

With this first piece, we are opening a new series of articles in this blog, which will be titled Tech Talk.
In Tech Talk, we will analyze the technical issues that every installer must face in the design of a security system: guided by our Global Technical Support team, we will provide useful tips to get the best out of a security system managed by Arteco.

Let’s start with Jeremy Franko, United States Technical Support Manager, who will tell us about the importance of the Network Interface Card in the design of a security system.

What role does the Network Interface Card (NIC) play in Security Camera Network Design?

NIC Stands for “Network Interface Card” A NIC, is a component that provides networking capabilities for a computer. It may enable a wired connection (such as Ethernet) or a wireless connection (such as Wi-Fi) to a local area network. We recommend the utilization of 2 Wired Network Interface Cards with Arteco Servers for the best performance possible.

Why would you want to have multiple NICs?

Typically, this is a requirement for Network Appliances and for VMs passing traffic from one subnet to another. Having multiple NICs enables more control, such as better traffic isolation, load balancing, and security.

Another requirement I’ve seen, typically with customers with high-security requirements, is to isolate management traffic and transactional traffic. This leads to better performance since the internal Camera traffic is isolated from the outgoing connection we use to monitor locations, view live events and pull recordings.

For instance, let’s say you have an Arteco Server with its port 7000 open to another Client location for monitoring.  Our Servers need to open ports to query the internal database for many different things. With all the camera traffic running through NIC #1, the performance is lower since the requests coming from the client PC are complex and have to fight against the constant network traffic of the cameras specifically and in most cases, are put into a short Que to be processed. This will be most noticeable when trying to open the full streams, export recordings and even viewing live footage for monitoring. The outgoing connection has to work around all of the incoming streams to process the requests.

So the way around this is to have 2 NICs.  One NIC will be used for port 7000 to be open and for monitoring and the other ports and camera traffic would be routed through NIC#2 so it does not conflict with port 7000 on the first NIC.

What other “Best Practice” recommendations do you have for Camera Network Design?

Additionally, it is recommended that the internal camera network is on a separate subnet entirely. Best practices would be to keep the camera network isolated from the rest of the internal network structure. This in turn keeps the Arteco Server isolated and keeps the everyday users from being able to access the cameras directly. This also adds a very important layer of security that most users do not think about. With all the crypto viruses and hacking going on in the world right now, do you really want the receptionist PC to have access to the camera interfaces directly? I would say definitely not.

What advice would you have for customers that may be taking over a site with pre-existing hardware?

When taking over a location that has a previous VMS system, I have found that there have been unsecured mistakes made when setting up the networks more often than not. This is a difficult point as reworking a location’s network is a lot of work, however, this is one of the biggest things to address. Often the client was having problems with streams and reliability and if not utilizing multiple network Interfaces, this client/customer may have the same network performance problems they had previously. It is important to address these issues directly and should be part of the discovery process before taking over a client.