Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Huawei eSight Video Surveillance Technical White Paper HUAWEI TECHNOLOGIES CO., LTD. Huawei eSight Video Surveillance Technical White Paper Contents Contents 1 Customer Challenges ................................................................................................................... 1 1.1 Higher Management Costs Due to a Great Diversity of Devices.................................................................................. 1 1.2 Increased Management Difficulty Due to a Massive Number of Devices .................................................................... 1 1.3 Increased Management Difficulty Due to the Scalable Deployment Scheme............................................................... 1 2 Video Surveillance Device Management Solution ................................................................ 2 2.1 Powerful Device Management Capabilities .................................................................................................................. 2 2.2 Easy Device Access ...................................................................................................................................................... 2 2.3 Cost-Effective Deployment Schemes ........................................................................................................................... 3 2.4 Service Quality Monitoring .......................................................................................................................................... 3 2.5 Active Fault Detection .................................................................................................................................................. 3 3 Hefei Safe City Success Story ..................................................................................................... 5 3.1 Introduction .................................................................................................................................................................. 5 3.2 Challenges .................................................................................................................................................................... 5 3.3 Solution ......................................................................................................................................................................... 6 3.4 Customer Benefits ........................................................................................................................................................ 7 4 Appendix ........................................................................................................................................ 8 4.1 SNMP ........................................................................................................................................................................... 8 4.1.1 SSH/SFTP .................................................................................................................................................................. 8 4.1.2 FTPS .......................................................................................................................................................................... 9 4.2 More About eSight ........................................................................................................................................................ 9 Huawei eSight Video Surveillance Technical White Paper 1 Customer Challenges 1 Customer Challenges To protect the public against social security threats, Huawei rolls out its comprehensive and intelligent video surveillance solution. This solution provides a wide assortment of platform and Peripheral Unit (PU) products and well satisfies diversified surveillance demands in different scenarios, for example, safe city, traffic surveillance, emergency command, and campus security. However, challenges also emerge. 1.1 Higher Management Costs Due to a Great Diversity of Devices To maximally meet customer demands in different scenarios, the Intelligent Video Surveillance (IVS) solution provides a wide range of video surveillance and sensor devices, including third-party devices. However, the diversity of devices also creates a challenge to device management. 1.2 Increased Management Difficulty Due to a Massive Number of Devices Some video surveillance devices, such as cameras, are large in number, especially in safe city and traffic surveillance projects. Besides, the devices are often dispersed, making device management more difficult. 1.3 Increased Management Difficulty Due to the Scalable Deployment Scheme Video surveillance devices can be deployed on a single node, in a centralized manner, or on a large multi-level network based on the site requirements. The scalable deployment scheme places higher device management requirements. Huawei eSight Video Surveillance Technical White Paper 2 2 Video Surveillance Device Management Solution Video Surveillance Device Management Solution 2.1 Powerful Device Management Capabilities eSight can manage a variety types of devices, including hosts, gateways, routers, application services, and terminals, as well as many third-party devices. eSight supports different protocols, allowing the adaptation of management functions for different devices, thereby achieving end-to-end device management throughout the video surveillance solution. 2.2 Easy Device Access eSight can manage a device only after the device is connected to eSight. To improve device access efficiency and reduce management costs, eSight can also connect to devices in batches through the uniform operation & maintenance agent (UOA). The UOA is used to connect network elements (NEs) to eSight. eSight communicates with the UOA using the Simple Network Management Protocol (SNMP). The video surveillance solution provides various types of application servers and cameras. The application servers feature strong service scalability and can be deployed based on customer requirements. The UOA enables eSight to automatically detect and connect deployed application servers and adapt management functions for them based on their types. Huawei eSight Video Surveillance Technical White Paper 2 Video Surveillance Device Management Solution The cameras, however, are first connected to the video surveillance platform, which communicates with eSight through the UOA. Then eSight can manage the cameras and process information, for example, alarms, related to the cameras. 2.3 Cost-Effective Deployment Schemes eSight can be deployed in the Windows and Linux operating systems and support the Oracle, SQL Server, MySQL, and gauss db databases. In terms of reliability, users can also deploy eSight in a single-node system, in a local two-node cluster, or in a remote disaster recovery system. The flexible combination of different deployment schemes can minimize deployment costs and well meet costs requirements of projects of various scales. 2.4 Service Quality Monitoring eSight can monitor video surveillance services in a comprehensive way and allows users to view and analyze service data through alarm management, performance management, and topology management. If a service exception occurs, eSight sends an email or Short Message Service (SMS) message to notify users of the exception. 2.5 Active Fault Detection eSight can enable its active fault detection function to obtain results of signaling tracing between servers. The signaling tracing results allow users to know signaling interaction conditions among the video surveillance components, and the abnormal interactions points marked by eSight help users locate faults more quickly. Huawei eSight Video Surveillance Technical White Paper 2 Video Surveillance Device Management Solution The following describes the procedure for locating a fault: Step 1 Create a signaling tracing task. A service tracing task is created for the service NE module to report tracing messages. eSight supports the tracing of PU registration or deregistration, live video viewing, video download, video playback, and real-time video recording. Step 2 Display tracing results. eSight can display tracing results in tables, sequence charts, or tree diagrams. Users can save, query, and delete tracing results. Step 3 Analyze the signaling. eSight analyzes the service flow to locate faults. eSight analyzes the reported message content and allows users to view and export the message content. ----End Huawei eSight Video Surveillance Technical White Paper 3 3 Hefei Safe City Success Story Hefei Safe City Success Story 3.1 Introduction The Hefei Safe City project needs to integrate peripheral systems, such as Police Geographic Information System (PGIS) and intelligent traffic, resulting in large scale and high costs. How to integrate multiple systems to achieve unified operation and maintenance is a major challenge in project delivery. 3.2 Challenges The customers are professional. They realize that the safe city construction does not simply refer to deploying a single video surveillance system but instead the establishment of a comprehensive service application system aiming for instant response and accurate processing. In addition, they know that the system robustness and efficiency can be ensured only with the use of advanced technologies, such as the high-speed network, massive storage, cloud computing, and intelligent control. The customers want to rent the system for five years. They hope that the system can run stably during the five years and can constantly integrate new functions and technologies at low costs to ensure that the system is up to date. The project will integrate third-party systems, and the operation management must be performed in a centralized manner. Huawei eSight Video Surveillance Technical White Paper 3 Hefei Safe City Success Story 3.3 Solution Security Different from other security vendors who can ensure only the security of individual devices, Huawei ensures the security of data, network, and services by using the platform-level service control in combination with the network and security system, storage and computing system, and terminal management system. Intelligence The "intelligence" here refers not only to the intelligent analysis software, but also to the intelligent hierarchical processing across the PUs, cloud nodes, and surveillance centers; that is, the intelligence throughout the system. Cost-effectiveness Huawei's system saves customers the costs in project construction, deployment, operation, and maintenance. For example, the device investments are 30% lower than those of other vendors. High-efficiency Huawei provides customers with a dedicated cloud storage, cloud computing, and intelligent analysis system based on video surveillance services, which outperforms the general cloud system developed by other vendors based on a third-party software system in terms of security and efficiency. In-depth integration − Unified presentation: SUNCREAT can quickly integrate IVS video capabilities to its service interface through Object Linking and Embedding Control eXtension (OCX) controls or application platform interfaces (APIs). − Unified access: Users can access service, GIS, and surveillance data in any integrated system. − Unified operation and maintenance: Unified operation and maintenance interfaces are provided for resource control and maintenance. Huawei eSight Video Surveillance Technical White Paper 3 Hefei Safe City Success Story 3.4 Customer Benefits eSight enables unified operation and maintenance of the Hefei safe city service system and surveillance platform. All devices can be automatically or manually connected to eSight easily during project deployment and expansion, which facilitates unified device management and quick fault locating and greatly reduces device maintenance costs. In the future, the safe city project can be expanded to an integrated, coordinated, efficient, and comprehensive city management and emergency command platform. eSight promises to smoothly scale the safe city project to more fields. Huawei eSight Video Surveillance Technical White Paper 4 Appendix 4 Appendix 4.1 SNMP SNMP is a component of the Internet Protocol Suite as defined by the Internet Engineering Task Force (IETF). It is used mostly in network management systems to monitor network-attached devices for conditions that warrant administrative attention. It consists of a set of standards for network management, including an application layer protocol, a database schema, and a set of data objects. Net-SNMP: http://www.net-snmp.org/ Net-SNMP on sourceforge.net: http://netsnmpj.sourceforge.net/ SimpleWeb: http://www.simpleweb.org/ RFC1157: A Simple Network Management Protocol (SNMP): http://burks.bton.ac.uk/burks/internet/rfcs/rfcs/57/rfc1157.htm CISCO SNMP: http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/snmp.htm RFC3411: An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks: ftp://ftp.rfc-editor.org/in-notes/rfc3411.txt RFC3584: Coexistence between Version 1, Version 2, and Version 3 of the Internet-standard Network Management Framework: ftp://ftp.rfc-editor.org/in-notes/rfc3584.txt RFC3512: Configuring Networks and Devices with Simple Network Management Protocol (SNMP): ftp://ftp.rfc-editor.org/in-notes/rfc3512.txt OpenSNMP: http://sourceforge.net/projects/opensnmp/ SNMP FAQ part 1: http://www.snmp.com/FAQs/snmp-faq-part1.txt SNMP FAQ part 2: http://www.snmp.com/FAQs/snmp-faq-part2.txt Cisco SNMP repository and documentation: http://www.cisco.com/go/mibs SNMP4J - Free Open Source SNMP for Java: http://www.snmp4j.org/ 4.1.1 SSH/SFTP Secure Shell (SSH) is a cryptographic network protocol formulated by the Network Working Group of IETF for secure data communication, remote command-line login, remote command execution, and other secure network services between two networked computers. Traditional network service programs, such as RSH, FTP, POP, and Telnet, are insecure in nature, because they transmit data, accounts, and passwords in plain texts, which is vulnerable to man-in-the-middle attacks. The man-in-the-middle attack is a form of active eavesdropping Huawei eSight Video Surveillance Technical White Paper 4 Appendix in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. SSH is more reliable. It is used to prevent information disclosure during remote management. All data to be transmitted can be encrypted in SSH mode to protect the data against domain name server (DNS) and IP address spoofing. In addition, SSH transmission can be faster by compressing the data before transmission. SSH is an equivalent to Telnet and can also establish a secure channel for FTP, POP, or even PPP transmission. SSH Communications Security Corporation: http://www.ssh.com/ OpenSSH: http://www.openssh.org/ IANA: http://www.iana.org/ RFC4251: The Secure Shell (SSH) Protocol Architecture: ftp://ftp.rfc-editor.org/in-notes/rfc4251.txt 4.1.2 FTPS FTPS is an extension to the commonly used File Transfer Protocol (FTP) that adds support for the Transport Layer Security (TLS) and the Secure Sockets Layer (SSL) cryptographic protocols. RFC-265: File Transfer Protocol (FTP): http://tools.ietf.org/html/rfc265 The SSL Protocol, Feb. 9th, 1995: http://www.mozilla.org/projects/security/pki/nss/ssl/draft02.html RFC draft, Secure FTP Over SSL, revision 1996-11-26: http://tools.ietf.org/id/draft-murray-auth-ftp-ssl-00.txt RFC-4217: Securing FTP with TLS: http://tools.ietf.org/html/rfc4217 4.2 More About eSight http://enterprise.huawei.com/en/products/network-management/management-systems/index.ht m