Video-Centric Security Operations Centers (SOCs)
An Architecture to Accommodate Change
On TV, Security Operations Centers (SOCs) look impressive, like in CBS’s popular crime series, NCIS. In practice, SOCs are often a mishmash of legacy systems. As security needs evolve, the ability to leverage existing systems cost-effectively while integrating newer ones is a challenge, especially in a world of shrinking budgets.
While custom software solutions exist to bridge disparate security systems and provide a unified system of control, they are typically costly and challenging to deploy. They also tend to require buy-in from the IT department, which is often wary about adding new systems onto the corporate network. Worse, these solutions may become outdated as new security systems become available but cannot be integrated.
A more useful solution would enable security operators to leverage existing assets while integrating new systems as security needs evolve. This requires an architecture that can accommodate change, one based on a common denominator between legacy and new systems. That common denominator exists – it is video. Virtually every legacy and contemporary system that finds its way into a SOC delivers its information visually, via video output. These video outputs typically live on a dedicated monitor, with separate controls. But do they need to be self-standing, tethered to their own displays? What if they could instead be aggregated, switched, controlled and displayed?
Today it is possible to use a video-centric approach to integrate disparate systems over baseband video or IP (LAN/WAN), present operators with a common user interface, and offer shared control using keyboard-video-mouse (KVM) technology. For collaborative work environments, this allows multiple operators to share control of systems with a new level of simplicity using a single keyboard and mouse.
A video-centric control room system architecture can offer a number of benefits, including a growth strategy that can leverage existing systems while allowing for new systems to be brought online and integrated more easily. The benefits of a modern video-centric system are significant:
- Collaboration – real-time signal processing allows all operators to view video and graphic feeds simultaneously with no encoding delay or degradation.
- Simplicity – advanced features that are simple-to-use empowers employees of all skill levels.
- Economical – fast integration and ease of use results in cost savings for installation and upgrades as well as reducing operator training time.
Another advantage of a video-centric system involves the CIO’s ease of mind. Frequently, unified systems require the scrutiny of the IT department’s security team, who are justifiably concerned about bringing new systems onto the networks they supervise. With a video-centric system, the integration can utilize an “air gap” technique which separates operator stations from the systems they control as well as keeping systems separate from each other, thus reducing the possibility of infection by malware or other viruses.
For multi-user environments, a video-centric architecture can offer sophisticated arbitration features to allow operators to share control of system resources. Administrators can configure the system to restrict operator access levels and, if desired, a hierarchical level of control favoring local or remote supervisors.
A well designed SOC provides operators with a unified graphical control interface. Through live thumbnail representations of the video output from source systems, operators can view a visual representation of each system and then dynamically scale the output of that video to any display in the SOC that any authorized operator can control. Display possibilities include any video output from any system in a scalable window on any monitor or any video wall, at any size or resolution.
This video-centric approach to the modern SOC delivers a much higher level of support for collaborative decision-making, ideal for a wide range of mission-critical applications. It allows real security operations professionals to enjoy the same efficiencies and decision support technologies depicted for years by the actors who play them on TV.