View: AV-Over-IP Boosts Broadcast Security
Broadcasters will be busy in 2020. Primary elections, active worldwide political news and one the world’s largest multisport events taking place in Japan are combining to create a situation where it is safe to say all eyes will be on live TV.
Broadcast organizations are also facing new challenges as they enter the busy year. Editorial staff is on alert as nefarious actors seek to undermine legitimate coverage with altered content and digital attacks. Operations teams are in a battle to keep eyes tuned in, and dead air has never been more devastating as consumers today have an abundance of live options to choose from.
Both sides should be wary of actions that can take down a system entirely, whether from a malicious actor or a well-meaning, but misinformed staff member.
There are many areas worthy of consideration when discussing how best to protect a broadcaster’s brand. And as IP signals continue to become more common in the broadcast space, serious consideration must be given to how we manage them — both for quality and security purposes.
The AV-over-IP stack may not be the area where content is fact-checked nor the primary cause of broadcast faults, but it is a growing function of the broadcast business, and it simply can’t be overlooked or ignored when it comes to management, observability, quality of signals and security.
There are several key considerations into AV-over-IP management that can add robustness to a broadcaster’s security narrative.
The Critical Security Layer
“Security” often means different things for different groups. In traditional point-to-point connected AV, it has more often than not simply meant “don’t touch that.”
AV networks are different as they are based upon standard computer networking. In that world, there is an awareness of authority (or the lack thereof) and limits put in place to prevent user actions from damaging configurations or accessing protected areas. This is necessary because the very nature of networks is to connect all devices along a common fabric, a structure that by itself promotes tremendous flexibility but also allows access to everything, all the time.
The most important element of network security is user authentication. If you know who is using the network, then you know what they can do. Domain manager software provides user authentication and is linked to existing directory mechanisms like LDAP or active directory. This allows administrators to control who can access the system at all and what users can do once they’ve logged in.
The Control Layer And What’s Important To Broadcasters
The control layer of the AV-over-IP stack goes beyond just transporting signals. It includes adding and removing devices, naming and labeling devices, establishing clocking configuration, setting sample rates and defining signal routing between devices.
Control over an AV-over-IP system must be carefully designed to show clear information and to avoid the complexity that encourages human error. Where automation saves time and increases clarity, it should be used. When details aren’t necessary, they should be kept out of sight to provide users with the most important information. When details are needed, they should be accessible.
Finding a domain manager solution that exemplifies this thinking is key to managing these AV-over-IP signals in house. Broadcasters should seek out a system that displays intuitive grids of automatically discovered devices and channels. They should ensure they can be connected with a single mouse click, while also containing all the tools needed for more complex configuration.
The Administration Layer And Security Support
Administration is an umbrella term for the suite of and information that managers need in order to keep systems running as desired. In AV-over-IP, this covers parameters related to devices, users and network topology.
Organization is key. A large AV-over-IP network quickly becomes difficult to manage due to the number of devices. A proper administrative system allows these devices to be organized into the functional domains they represent. This clarifies the system for users and reduces errors by restricting actions to the defined domains.
Controlling devices is key. An understandable fear for managers is that of “rogue devices” that may be added to the network without their authority, introducing unknowns and possibility doing harm. The administrative system should prevent this from happening and provide a process by which devices are authorized to be in specific domains.
Controlling users is key. As mentioned above, any good network management entails user authentication. The system should permit user privileges to be defined by the administrator, restricting users to specific domains and actions.
Visibility is key. Things go wrong, and the administrative layer should be able to keep managers informed of any unwanted changes such as loss of clock and failure of a device. Real time alerts are required to ensure that people have the information to act as quickly as possible.
The good news is the future isn’t endlessly complex or dependent upon a small number of hyper-specialists. But it does require vigilance and a good domain manager suite to ensure you have complete observability, management, control and security. That is mission-critical to protecting broadcast in 2020 and beyond.
Brad Price is senior product manager at Audinate.