Network security is a frequent topic of discussion lately. Tales of high-profile data breaches and sensitive information landing (whether intentionally or accidentally) in the wrong hands are a common feature on the nightly news. People are rightfully concerned about the safety of their personal information and whether anything can be done to protect it. You know who’s even more concerned about network security? Every IT professional on the planet.
There’s a reason IT departments are so protective of their networks and the data that travels across them. One wrong move, and a company’s sensitive information can be stolen, or unauthorized devices or programs can be added, putting the entire company at risk.
It’s no wonder that IT professionals are wary of networked AV devices and are reluctant to allow these devices onto their networks. In addition, unlike computers and VoIP telephones, AV equipment often lacks the security protections designed to prevent unauthorized devices from accessing a corporate network. That means a person with nefarious intentions could potentially use an unsecured AV device as an entry point to cause damage to a corporate network. This is the kind of scenario that keeps IT professionals up at night.
In order to communicate successfully, AV equipment is absolutely necessary for performing day-to-day functions such as conducting conference calls, broadcasting video content from one location to another, or making announcements over a PA system. IT departments have to support AV equipment in order to keep these operations running properly, which frequently means making security exceptions to allow AV products into their network environments.
With this security paradox, is it possible for AV and IT to ever live in harmony? We think so. As part of our ongoing commitment to security, we designed the Tesira platform with several attributes that make data streams practically impossible to access.
- AVB streams are not sent to ports unless the device on that port is AVB “capable” and has indicated to the AVB talker that it’s ready and expects to receive a stream. Therefore, AVB traffic would be “invisible” to hackers by default.
- The negotiation/handshake that occurs between AVB talkers and listeners for characteristics such as video stream parameters follows a precise protocol. If a non-AVB element is inserted into the transmission path — whether it’s a non-AVB switch or “man in the middle” hack — the stream will not transmit.
An unauthorized party would require intimate knowledge about the installed Tesira system’s configuration, and the hijacking device would need to actively participate in the protocols necessary to establish a connection masquerading as a Tesira AVB endpoint. Running a passive “network capture,” which is how most network capture tools operate, would be insufficient to gain access to Tesira’s media streams. In short, accessing these data streams would require supervillain-level skills and knowledge, and there aren’t a lot of supervillains on the loose these days.
Rest easy, concerned IT folks of the world. We’re here to help you achieve audio visual bliss. Securely.