Camera Surveillance at Logan International Francis Anglin BOS ACI BIT Committee September 25, 2010
Camera Systems Have Proliferated Historically, systems have accompanied individual facilities projects New Tower cameras Parking garages New Terminal A general surveillance Customs & Border Patrol Command Center TSA Checkpoints Logan Office Center North and South airfield gates Roadways (Logan Modernization and MassDOT) 2
Pre 9 11, Camera Systems Management was Fragmented Each system was standalone Facilities and Operations Centric Events of 9 11 spurred growth Standalone analog cameras and DVRs at checkpoints, exit lanes Need for cameras on security doors/portals Need for access control integration and central management became evident 3
ACS Evolution Old ACS System No Cameras 399 Portals No Baggage Doors Card & PIN, No Biometric New ACS System Central DVMS: DVTel v 3.5 811 Cameras 761 ACS Portals Bag, Hatches and Roll Ups Card, PIN and Biometric Implementation Cost: $26 Million total $12 Million IT portion 18 Months Design 18 Months Construction 4
Video Integrated with Access Control Design Issues: Continuous (heavy volume doors) vs. Event Recording (camera deploys on breach) Post event forensics 30 day storage goal View, classify & display multiple events at once on operator screens in the Ops Center Fixed, PTZ cameras Bosch Axis Encoders Separate switched ethernet network for ACS/video ACS secured MDF/IDF facilities 32 telecom rooms conduit to switch cabinets new construction Integrator: Schneider Electric (TAC) DVMS: DVTEL Network Switches: Enterasys 5
ACS Network with Video 10 gb Backbone switch to switch, dual ring topology Security applied at multiple layers MAC address authentication for cameras, workstations, controllers Cameras limited to certain ports QOS traffic shaping Tag every packet with priority level Prioritize traffic Encoders analog required 6
Large Scale Forced Policy Decisions Bandwidth Storage $$ Image quality (compression) vs days of storage MPGE4 compression less bandwidth consumption, resolution not as sharp 10 frames per second 1 CIF Continuous and event recording H.264 compression better resolution at low bandwidth Governance: Corporate Security; Aviation; State Police; Capital Programs; IT 7
Video Storage Access Control Raid 5 storage HP Recover 1 drive failure Throughput 1gb server drive Goal 30 days 7 10 actual General Surveillance Raid 6 EMC NAS NSN60 Recover 2,3 drive failure Throughput 8gb More efficient, flexible storage allocation Virtualized servers VMWare Configuration & consolidation 200 servers virtualized overall 12 video Increased staff productivity 8
Beyond ACS: Impetus for a Separate Consolidated Camera Surveillance System Because it was available, ACS had grown to include some general surveillance Other general surveillance systems were still standalone TSA and Massport desired video surveillance expansion Curbside at Terminals Terminal interiors Checkpoint expansion Baggage screening TSA Admin staff 9
A Managed Video Solution was sought for diverse video systems Consolidated Camera Surveillance System (CCSS) project defined Partnered with TSA $6.9 mil Overall Objectives: Expand camera surveillance at Massport facilities Consolidate diverse camera surveillance systems on a common digital video management system (DVMS) for use Massport wide Ensure uptime and monitoring by centralizing systems 10
Operational Agreements Needed TSA Participated in financing IT owns, operates, and maintains system TSA provided access to most views Video recorded as opposed to real time monitoring CBP 120 cameras within FIS space Negotiating access to these camera views FBI Joint Terrorism Task Force, BPD, State Department, Multiple State and Federal agencies 11
Networks Access Control 10 GB switches Analog cameras encoders General Surveillance Upgraded edge switches 10 GB Core switches 20 GB New IP cameras POE Cat 6e ethernet cable No power supplies, less labor cost H.264 compression Security applied at multiple layers of OSI model. QOS traffic shaping. 12
VMWare Virtualization Software The Consolidated Camera Surveillance System s servers will consist of 12 virtual servers added to our new VMware Infrastructure. Our new VMware Infrastructure consists of 142 virtual machines running on 21 physical servers which were designed to accommodate a total of 210 virtual machines. Benefits of Virtualization : Fewer physical systems to maintain/support saving staff time and warranty costs. Increased reliability of virtual machines over traditional servers (99.9999% uptime). Efficiencies gained in deployment time for new server requests. Efficiencies gained in disaster recoverability of virtualized systems. Reduced energy consumption/carbon footprint on server power & cooling (Green IT). Fewer /less costly datacenters to maintain across the Authority. End of the traditional hardware lifecycle and acquisition routine. 13
HP Blade Server Hardware C Class Blade Server Systems from Hewlett Packard Designed around converged infrastructure, ease of expandability, reduced power and cooling requirements, reduced datacenter footprint. Each VMWare server can host 10+ traditional server guests (consolidation ration of 10:1) 16 VMWare hosts or 160 virtual servers can be contained in only 10 U s of rack space. 14
CCSS Project Elements Underway Verint Nextiva DVMS system selected through RFQ process: Complete Verint brand solution offered Nextiva DVMS IP Cameras Encoders Analytics EMC 2 Partner (Massport s SAN and VMWare contractor) DHS certified System Integrator selected via RFP process to: Install core Nextiva system Install 150+ new general surveillance cameras Migrate 200+ surveillance cameras from ACS system to CCSS Train administrators and users and maintain system 24x7 Separate construction bid will provide conduit and cabling needed to extend main business network infrastructure for CCSS use 15
CCSS Project Related Policy Decisions Make CCSS general surveillance available on main business network Keep ACS network physically separate In preparation for CCSS, perform in house upgrades: Provided 20 GB network backbone Provided 400 TB of SAN storage expandable to 2 PB Set goal of 30 day on line video retention at H.264 compression Types of cameras Axis Indoor PTZ Pelco Outdoor PTZ Verint Fixed Indoor 16
ACS Upgrade in Parallel Standardizing on current Verint Nextiva system Adding redundant system head end at diverse location Transitioning to blade based virtual servers and SAN storage, consistent with CCSS design Planned replacement of existing Biometric readers scheduled for CY 2011 Use of security checkpoint readers Use of portable verification readers 17
Maintenance 2 FTEs Access Control + General Surveillance, 2 2 1 on shifts 4 year contract with Schneider Electric (TAC) Multiple facilities Logan Seaport Hanscom Cruise terminal Worcester When to increase staffing 250 1550 cameras Consolidation of disparate existing systems allows for economies of scale for management and maintenance Stakeholders: State Police, TSA, CBP, Aviation Ops & Security Legal and Insurance 18
Video Surveillance Lessons Learned Design excess capacity it will get used Contracting services is an effective staffing model flexible, adjustable to changing needs and growth Do not underestimate SOO response planning work Check camera functionality daily at least Rapid expansion of system : people and systems 19