Traffic flow: Managing video on your IT network
Handling video on your IT network is fraught with problems, with demands made from all sides. Steve Montgomery looks at the ways to keep everyone happy
We are living in an age of video streaming. Video is rapidly becoming the communication method of choice for many workers to receive and digest information as well as communicate with their peers. The resulting demand for greater bandwidth to transport video falls on IT and network managers who have to juggle the limited capacity and ensure that data, voice and video can co-exist across their network, without loss of integrity or exposing openings that may affect the security of hosted systems.
Faced with widespread, and often conflicting demands, network managers often turn to the AV industry to advise and help them deliver solutions that enable them to meet their needs. “The greatest concerns we see from IT and infrastructure managers in relation to video distribution are potential impact on other traffic, scalability, choice of format, security, manageability and scalability,” says Chris Scurto, vice president of marketing and North American sales for ZeeVee.
“And naturally, they are constrained by budget. In terms of video distribution this forces choices to be made between certain features and characteristics of the system. There is, in effect, a triangle of trade-offs with latency, bandwidth and picture quality at the apexes. If an application requires high image quality and low latency, a network with high bandwidth is required. If high bandwidth is not available on the network, latency must be accepted and possibly lower image quality too.”
The most crucial choice they have to make is whether to allow video transmission over the existing, or proposed, data and voice network infrastructure or to designate a separate network solely for video. That choice is largely dictated by available bandwidth capacity and the need to isolate the two types of service; often influenced by a perceived security threat or need for absolute reliability of data or voice communication.
An advantage of a combined system is commonality of equipment. Scurto: “By selecting a standards based, IP video distribution architecture, IT managers are free to expand, scale and choose equipment vendors. Using standards based (IGMP) Ethernet switches allows the IT manger to redeploy or add additional services without starting from scratch each time, giving them the ability to upgrade and enhance the system in the future.
“In order to be scalable and cost effective, every content distribution system should be based on existing standards and not rely on proprietary switches, cables, and installation methodologies. By being standards based, equipment costs are driven down over time, the IT manager is using skill sets they have already invested in and equipment selection is highly flexible.”
A further aspect in an ever-changing and developing world is to ensure that the backbone wiring and network infrastructure is capable of carrying future data streams. This, says Crestron’s EMEA product manager, Sijn Ooms can be achieved: “By always using the newest available type of CATx cables. This will probably be Cat-7 these days, as this is capable of passing 600 Mhz,”
“But if it’s too expensive for the budget, alternative CATx cabling may suffice. And of course, something else that requires proper focus in any IT system is the network backbone. Large switch-frame blade systems are about as good as these can get, but again may be prohibitively expensive. In a corporate environment the requirements of the IT department need to be accommodated so this won’t necessarily be a free decision, but it cannot be overstated how important a solid and reliable network infrastructure is.”
“If the manager wants to stick with familiar and reliable IP networking, the network needs to be provisioned to handle a potentially significant new bandwidth load. If it’s new infrastructure, there are options: it can be based on a standard IP architecture or on a single-purpose proprietary infrastructure like HDBaseT,” agrees out Kamran Ahmed, CEO of Aptovision.
Network managers are familiar with the partitioning and design of network applications but must ensure that sufficient bandwidth is prioritised for essential data and voice services, at the expense of video. A well-managed system can accommodate this and there should be no reason for video transmission to swamp the network. “Aptovision’s BlueRiver NT+ always reserves a full 1 gigabit for normal network traffic,”, he says, “so the infrastructure built up to support video distribution can be simultaneously used as an expansion of the traditional data network, with no struggle for bandwidth between the two.”
In both cases, compression of the video signal enables the system to squeeze multiple channels over a single network. “This leads back to the latency, bandwidth (cost), image quality trade-off. The level of compression dictates both video quality and transmission latency. MPEG/H.264 codecs are common and their cost has fallen dramatically over the past few years. They offer high levels of compression, but at a price. If bandwidth is at a premium, and high latency and relatively lower image quality is acceptable, adding several encoders to a network is probably a non-issue as these devices create streams of only a dozen or two megabits, typically. ” Ahmed says.
“However if latency is not acceptable, as in many pro AV applications, such as live interaction with a computer desktop, an uncompressed video solution is called for. This solution requires a 10 gigabit Ethernet network to carry the full bandwidth of uncompressed 4K video. In that case, the network is expanded with new 10 Gb infrastructure to meet the needs. This is similar to adding traditional AV matrix switches in parallel with the IT data network, but allows the IT manager to “have it all” on one managed infrastructure, rather than two separate types of technology”
Currently H.264 is a dependable video format, commonly used throughout the industry. “Crestron DM, operates using H.264 video formatting, which is the best codec for finding the right issues between latency and bandwidth at the moment,” points out Ooms, “making it the right choice for low-compression, point-to-point video streaming systems. However H.265 is set to arrive, once the cost of the processing chips come down to an affordable price. H.265 operates as a low-latency, low-bandwidth format designed to stream 4K resolution images at 25MBps. By the time it becomes more common, the 2020 Olympics will be upon us, and commitments have already been made to broadcast that event in 8K.”
It is not just the consequences of AV streams saturating the network and affecting data traffic that the IT manager needs to consider. The converse situation in which video is delayed or constantly interrupted by data traffic has to considered.
Pete Putman, president of ROAM Consulting explains: “TCP/IP traffic works on the principle that, as long as all the bytes get there eventually and not necessarily in the correct order, the movement of data is successful. With video and audio, there is a specific frame sequence and order that must be followed. Using simple TCP/IP, you must allow quite a bit of buffering and latency to assure that the video and audio frames arrive in sequence. This is why there are real-time protocols like Real Time Transport Protocol and Real Time Streaming Protocol to ensure that packet orders are preserved when streaming video and audio.”
Another aspect of network management with which the network manager is acutely aware is security. Ahmed continues: “Here there isn’t much new that the IT manager isn’t already handling. Good network security practices are the same whether your network is transporting emails, files, or AV data. Physical access control, control over port and device monitoring are key areas to maintain focus on. Decades of work have gone into security best practices, and all of that thinking should be followed in the world of converged AV and IT. Meanwhile, if the network is compromised, it’s good to have extra protections for the data."
"With that in mind, it can be important to find an AV solution that has an extra layer of protection, just in case. BlueRiverNT+, for example, offers AES-128 encryption on all video traffic, all the time. So in case the network is unexpectedly compromised and an attacker records a stream of confidential video data, that data is protected by a high level of encryption that is impossible to break. An attacker should never be able to connect to your network and siphon off data, whether its AV signals or email. But it’s great to have the back up of fully encrypted video traffic as a backstop.”
Isolating the two types of network are clearly the obvious way of ensuring that security breaches cannot occur across them. However in modern business environments the need to combine them, whether for the convenience of a single network, or to support single devices with an integrated solution is often desirable. One way to isolate AV equipment is to build subnets with firewalls on either side of the AV gear. “This provides additional security, so that no one using the AV equipment could hack into the larger network,” believes Putman.
”This is a good solution for the new crop of wireless connectivity and collaboration products that are so popular. It isolates them from corporate or institutional networks, but some traffic can be allowed to pass depending on specific permissions. And it prevents BYODs and guest laptops intentionally, or unintentionally, providing a gateway into the main network.
“I don't think anyone needs to protect projectors, monitors, audio devices, cameras and on on. But within a room, they could exist on their own subnet with remote access from the main network provided for monitoring and maintenance. The wireless collaboration products are basically computers and must be treated as such with firewall and security considerations.”
Despite being a well-established and fairly mature concept, successful delivery of video streams over commercial networks is one that must be carefully considered and planned. It all comes down to the specific requirements of the installation, and balancing those usability requirements against user requirements, security issues, usability and performance. There’s no one size fits all answer to the wide range of requirements present to the industry.