AVoIP and security concerns
A new networked world is bringing new challenges to AV integrators. Ian McMurray looks at how we got to where we are today.
“Only connect!” E.M. Forster exhorted us in his masterpiece, Howards End.
“Live in fragments no longer,” is heroine Margaret Schlegel’s call to action. It’s a recurring theme throughout the novel – the ideal world of making connections, contributing to an enrichment of everything, and the frustrations the real world throws in our path that prevents those connections being made.
Who knew that E.M. Forster was predicting the advent of AVoIP?
But enough of the literary stuff. Let’s do some history instead. It almost certainly seems strange to a whole generation that there was a time when computers didn’t connect. They just sat there, in glorious isolation. I well recall buying the family’s first PC. A Gateway – remember them? – with an 8086 processor and 64MB – or was it 64KB? – of memory. I pondered long and hard whether I should add the optional modem: “Why on earth would we need a modem?” Not least because it would add to the £1,600 (that would be £3,500 today – $A6,500) I’d already spent…
I added the modem but, even now, I’m not sure we ever used it. We used MS Office 97 and played some games (Rebel Assault brings back fond memories, but none of us ever completed it) – and that was about it. Going online – at 56Kbps dial up, and thus preventing both incoming and outgoing phone calls – didn’t happen, I don’t think, until our second PC. Did we have Norton or Avast or Malwarebytes installed? I don’t think so. I’m sure trojans and worms and whatever had been invented back then, but they didn’t happen to people like us. Back in those heady days, network security really didn’t seem to be an issue.
Back then, I used to travel to the US just about every month, and one of my favourite ways of spending time was to search shops selling remaindered books looking for books with website links in them. Yes, there were such things, dedicated to gardening or cookery or whatever. It’s hard to overestimate the transformation Google brought about.
But even the internet and Google pale into insignificance when you think about the universal connectivity we pretty much take for granted these days. I wrote in a previous column about the importance of having the right cables – serial cables, printer cables, VGA cables, modem cables, audio cables, USB cables.
And while that’s still at least somewhat true, we now – to return to literature again – have the one ring to rule them all: IP. Now, we can send virtually anything we like – audio, video, graphics, text, photos of cats – using a single communications medium. Even better: we can send it from any device we like. That is, in effect, what AVoIP is all about.
It’s more or less true to say that AVoIP is the apotheosis of the convergence between AV and IT: AV content being distributed via the corporate network. And here’s the thing: if you read the AV press, you’d have thought that it was only AV professionals who were worried about the coming together. Nothing could be further from the truth: IT professionals are no less concerned.
There are many reasons for the latter – among them, bandwidth consumption. Outweighing that consideration, though, is security. The concept of anyone being able to attach anything to the network and transmit what they damn well please is anathema to the typical network management team.
Jumping through hoops
The situation is somewhat exacerbated by the fact that, historically in the AV world, security was not a high priority (other than fitting Kensington locks to anything with a propensity to – er – ‘walk’). That changed over time as AV became more mission critical – but still not at the level routinely deployed for the IT network. There was always the issue that, while users of corporate data are well used to having to jump through numerous security hoops in order to get access, that’s not something that the average presenter has ever had to worry about.
The stakes, however, have got progressively higher – and it was probably around the time of ISE this year that we started to see the AV world really start to embrace the security measures and functionality necessary to reassure their counterparts in the IT industry. Crestron had, however, announced its DM NVX Series enterprise room solution the previous year. Its security features include 802.1x authentication, Active Directory credential management, PKI authentication, AES encryption, TLS, SSH, HTTPS and secure CIP.
Unsurprisingly, AMX has a similar offering with its NX Platform. With the NX, permission groups – which can contain multiple levels of access – can be customised according to organisation security policies. It also creates event logs that meet IT industry security standards, such as ISO 27000. Like the DM NVX, it supports secure encrypted protocols such as HTTPS and Secure Shell.
Today, increasing numbers of networked AV products have inbuilt security capabilities, and AV signals pass through dedicated encoders and are received by decoders connected to the display or speaker. Atlona’s OmniStream AV decoder with selectable AES128 encryption comes to mind, as does Gefen’s equivalent.
You’ll almost certainly find that the majority of your prospects implement a ‘defence in depth’ approach to security which sees multiple layers that include firewalls, user privileges, passwords, authentication and encryption.
Brave new world
What does all this mean for the AV integrator? First: in this brave new world (another literary allusion…) of AV/IT integration and AVoIP, cognisance of the importance of network security and its fundamentals is step one. Taking simple precautions like changing default user names/passwords for anything that will be attached to the network and locking down all protocol ports are just basic measures. But then: it was ever thus.
Step two, with any prospect, is to understand his security pre-requisites and specify only equipment capable of meeting those requirements. It’s widely considered to be best to address network- and security integration from the beginning. Here, as always, it’s a question of knowing your products – but it just got more complicated. The good news is: there’s a growing number of manufacturers designing for the AV/IT world, implementing specific protocols and security features. It’s a question of keeping abreast of the latest developments.
If IT people were twitchy about security before, they’re no less so in an AVoIP world that is as challenging to them as it is to us. What they see is a perfect storm of collaborative applications, mobile devices, social media integration, potential DDoS attacks and unaware users – all capable of advertently or inadvertently breaching an organisation’s defences. Awareness of, and empathy with, the challenges they face will always be well received.
By the conclusion of Howards End, Margaret Schlegel, by following her own “Only connect!” mantra, has brought all the disparate elements peacefully together. So: just like AVoIP, then.