Security for AV over IP

As we have seen over the last 5 years or so, AV has been moving more and more onto the network. While we have had control for quite a while, we are now seeing more and more of the actual traffic moving onto the network as well. And while the audio side of things has been a pretty seamless transition, it is not without its’ issues and concerns. Video on the other hand has ensured that these concerns are front and center.

When we first started putting AV onto the network, it was largely done in seemingly the only way the industry knows how… more boxes. And while this has worked very well, and is absolutely needed for many sources, we have moved to a point where we need something that is not a box, or a local solution for a conference room. The fact of the matter is that moving forward, the only solutions that will be able to meet all our needs are enterprise grade platforms that allow you to share content directly from your device across the network. And this is where Jupiter’s Canvas product comes into play.

If there is one thing that we can all agree on in the post-covid era is that business continuity does not mean what we once thought it did. If we need to meet with colleagues and share content, we can’t just count on HDMI cables or some local sharing solution. We need anyone anywhere to be able to see whatever we need them to see. And even beyond that, as enterprises evolve from a “share my screen” mentality to a “collaborate and work together” mindset, we need to deploy enterprise grade solutions like Canvas.

When looking to deploy anything on the network though, we always have to be aware of the gatekeeper… in other words, the network security (NetSec) team. Simply stated… if NetSec doesn’t approve of the solution… it WILL NOT be going on the network. What many folks fail to understand is that there are two very important factors at play.

  1. NetSec is responsible for keeping the entire network safe. That is their sole job. So, if they don’t like your solution, it will not be happening.
  2. Almost all IT departments are ‘No’ first organizations, especially NetSec teams. Enterprise level features and integrating into the workflow is essential. It is critical that your security posture is enterprise grade.

When it comes to security on a platform like Canvas, there are three things to be aware of. The first thing is the access to the application in a secure manner. What protocols and what level of encryption is in place to control/manage access to the application then comply with the access control rules. The gold standard is using Active Directory to delegate authorization functions. So this means that you have both the ability to sync with AD, but also have the ability to get sufficiently granular in application permissions so that you can create enough groups to limit all levels to wherever the NetSec folks want and need. Now that NetSec is happy with access control, the next question is what are you using to secure that actual transmission/access to the video. Jupiter makes use of standard web technologies like IIS so it can be managed directly by the IT organization for total control. Finally, understanding the traffic impact is also critical. Having the ability to adjust bandwidth is key. In many cases we just can’t use the same bandwidth for a person sharing their screen via the VPN as we do for a person who is physically onsite. So, the ability to make adjustments and control the network traffic impact is also key.

In the end, the secret to success is leaving all the access and security in the hands of the IT department. By leveraging AD and making use of enterprise standards ensure that the NetSec team will find few things to fault when looking to approve your solutions. Jupiter Systems has always taken this approach. Based on many of the environments that we have been deployed in all over the world, we learned this early on and have been at the forefront. Not all “AV over IP” solutions can say the same. Jupiter is the trusted leader for large scale secure display solutions. Take a close look at Canvas and you will see that it is just following in the same traditions.