Add to collection(s) Add to saved
  1. No category
Uploaded by jebovi5715

Secure-Remote-Camera-Control-Solution-Datasheet 

SECURE REMOTE CAMERA CONTROL SOLUTION
Security cameras are an increasing part of
today’s society, however these cameras are
typically located in insecure public areas, but feed
the vital imagery back to secure control rooms.
BUSINESS BENEFITS
• View CCTV video from
unsecured environments and
networks in a secure operation
room
• Reduce cost by monitoring
domains from a central location
• Control the pan, tilt and zoom of
the cameras whilst managing risk
of data loss from the operational
network
Cameras are often used by civil authorities to protect public spaces, police
for law enforcement and the military for force protection. In the control
rooms operations staff and intelligence officers monitor the images for
signs of wrong-doing. This often involves the desire to pan, tilt or zoom
(PTZ) the camera to take a close look at a suspected security event.
A simple networking configuration is often used, which introduces
vulnerabilities into the control system network: Can an adversary supply
false imagery, use the network to mount a denial of service attack, launch
malware or even access the intelligence information?
NEXOR SOLUTION
The Nexor Secure Remote Camera Control Solution mitigates these risks.
Our solution package includes data diodes and content checking software,
to ensure only video images flow into the secure network and to ensure
only PTZ data can flow out. A recent implementation has been accredited
and deployed in a high assurance environment, to provide robust
protection of a classified network.
• Power and space saving from the
ability to aggregate information
from different intelligence
sources without the need for air
gapped systems
• Support of multiple camera types
- no vendor lock-in
• Delivered as appliances to
enable a simple and fast setup
THREAT MITIGATION
• Prevent exploitation of known
vulnerabilities in the secure
network, whilst enabling the
import of live video
• Prevent data leakage via PTZ
controls from classified to
insecure networks
• Prevent network-based attacks
on the secure network
SECURITY MODEL
• Confidentiality: protect
confidentiality of information in
the secure network
This approach using our Secure Information Exchange architecture and
CyberShield Secure methodology ensures interworking between networks
of different security levels, whilst preventing data loss and promotes
collaborative working by building solutions to enforce corporate security
policies.
• Integrity: Validation that the video
and PTZ data streams conform
to the schema rules expected
• Availability: high availability
configurations available
SOLUTION ARCHITECTURE
A key feature of the Nexor solution is the use of two back-to-back data
diodes with content filtering. This approach provides a high assurance
solution that alternatives such as a firewall cannot deliver.
One data diode / guard pair ensures that video, and only video can come
into the network. The other data diode / guard pair ensures that PTZ
controls, and only PTZ controls, can leave the secured network. This
means that delivery of video and PTZ control data are physically
separated, preventing risks of cross contamination.
COMPONENTS
• Two Nexor Data Diodes providing
a secure one-way function,
assured to Common Criteria
EAL7+
• Nexor Guardian providing realtime content filtering; running in a
hardened Red Hat Linux
environment (Operating Systems
and hardware platform assured
to Common Criteria EAL 4)
• Professional Services to provide
integration with the secured and
unsecured networks
SOLUTION OPTIONS
Key features of the architecture:
• Hardware-based flow enforcement preventing application and
network level threats to the higher domain;
• Multicast / UDP video for multiple destinations;
• Full content and protocol scanning of control data;
• High performance and extensible to allow future expansion.
Our Secure Remote Camera Control solution can be used in any
environment where remote control is required of devices in a network of
differing security classification. This applies to many areas of Secure
Process Control, CCTV management and device management.
ASSURANCE
Critical to any security solution is gaining the confidence that it meets the
security claim. Nexor’s solutions are designed to meet the most demanding
accreditation needs. Specific measures that support this are:
• CyberShield Secure development
services to customise any
component of the solution to
enable tailoring to specific
environments and threat profiles
• Professional Services to
architect, test and deploy a full
solution
• Integration of further video
integrity validation
• Implementation of SELinux
controls for additional hardening
• Supply of a Risk Management
and Accreditation Documentation
Set (RMADS)
• Operating Systems and hardware are Common Criteria certified;
• Software is developed using our CyberShield Secure development
process, which is conformant to Microsoft SDLC, CMMI and
TickITplus standards;
• Use of threat modelling during development of the solution;
• Hardened operating environments.
SIXA SOLUTIONS
This Nexor cross-domain solution is implemented using our Secure
Information eXchange Architecture (SIXA). This is based on a modular
design that offers both security and flexibility, whilst aligning to architectural
patterns from the National Cyber Security Forum (NCSC), the UK National
Technical Authority for Information Assurance.
L-0048-0517
Nexor®, SIXA® and CyberShield Secure® are registered trademarks of Nexor Limited.
Related documents
presentation
presentation
Introduction to cctv
Introduction to cctv
The Integrators' Manufacturer
The Integrators' Manufacturer
Download