 |
 |
 |
 |
 |
 |
 |
 |
 |
|
 |
SecurityDreamer. The Future of Security.
Steve Hunt, CPP CISSP, is known for nudging, prodding and sometimes kicking-in-the-seat-of-the-pants the security industry and its colorful personalities. He has worked in physical security and IT security and from 1998 to 2005 he headed the security research practices at Giga Information Group and Forrester Research. Steve was named a CSO Magazine Compass Award Winner and Security Magazine's "25 most influential" in 2006. Steve is the Founder and CEO of Hunt Business Intelligence, an industry advisory firm providing insight into trends and best practices shaping the future of technology.
Exact Name and Version of the Product: Waterfall IP Surveillance Enabler Plus - WF ISE+
Manufacturer and Website: Waterfall Solutions www.waterfall-solutions.com
Type of Product: Video Camera Security
Uses: Protect IP camera infrastructure from hackers and malware
What We Loved: Easy setup and no-nonsense architecture.
What We Didn’t: The price
Price: Prices are not available for public distribution.
Overall Rating: 4 out of possible 5
Overview
Lior and Avner took the redeye to Chicago, so when they walked in I immediately started the coffee pot. One cup to set up the equipment, another to describe the overall architecture and functionality. By the third cup of coffee, I completely understood the Waterfall technology. A single pot of coffee is the entire investment I made to qualify as a systems engineer of this elegant and useful product.
I’m a big believer in the value that IP video surveillance cameras give to large organizations. Easier video sharing, analysis and data gathering are just a few of the benefits. Unfortunately, IP cameras have a serious drawback. Not cost - prices are dropping and functionality is rising quickly enough that price doesn’t concern most buyers seeking flexibility and functionality. No, my concern is security. Security of the cameras and the network they share. Bad guys can turn a network camera into a network access point, shutting down or diverting video, or worse, connecting to internal systems and stealing corporate data. Think of the camera as a little, unprotected web server and you get the idea.
Network pros immediately think of standard IT security measures like firewalls, encryption, authentication, anti-malware software and the like. However, building that kind of infrastructure will take extensive involvement of IT professionals, and even then, the firewall may prove powerless against an internal Trojan horse.
Waterfall employs a networking concept called an air-gap to create a secure infrastructure for IP video surveillance. The IP connection from the camera is actually severed, then, reducing the payload to pure video stream in a non TCP/IP format, forwarded over a one-way optical connection to the receiver. The transmitter physically cannot receive, nor can the receiver send, so it is impossible to send any malware upstream or to divert video traffic. For those rare times when a PTZ command must be sent upstream, or when the camera needs a configuration change, the system opens a separate, firewalled, temporary connection that closes immediately after use.
This type of straightforward IT security, using standard technologies and best practices is just what the physical security industry needs to win the embrace of their IT brethren. We liked the easy setup and no-nonsense architecture. We didn’t like the price. We think the product should be priced about the same as an IT firewall protecting an equivalent number of ports. We recommend the Waterfall solution for any end user, distributor or integrator of large numbers of IP cameras.
