The Linux Advantage
Filed under: Hybrid NVRs, Cybersecurity
Many of us may not put much thought into our computer’s operating system (OS) beyond its user-friendliness or what we’re accustomed to – and therefore comfortable with – using. But for larger technological applications, there’s a lot of debate as to which OS is better and why?
When it comes to your video surveillance system, some of the advantages of choosing Linux include increased security and reliability, and, due to recent technological advances, unprecedented scalability.
Customizable and with unprecedented scalability
This is perhaps one of Linux’s greatest advantages. It is an open-source product that can be customized (see more details on this below), which includes increasing its scalability. For example, the latest release of March Networks Command™ Recording Software (CRS) works with a Linux-based OS and offers an unprecedented ability to support up to 3,000 IP channels on one server.
This scale has been achieved by leveraging Docker™ container technology, an open source platform that can speed the delivery of cloud-based applications, centralized video storage, and cloud recording – all elements of the March Networks video management software (VMS) roadmap.
With a Linux VMS that scales to support so many cameras, it’s possible to lower your video surveillance infrastructure costs with fewer servers. You could, for example, choose to move toward a centralized storage model by streaming your cameras to just one server in an on-site data center.
Security and reliability
The debate over operating system (OS) security is both complicated and typically takes on a certain intensity, depending on your perspective. Regardless of your position, there are several key factors that in our opinion improve the security of Linux.
As previously mentioned, it is open-source software, meaning its source code is openly shared so users can inspect, modify, and enhance the program as they wish. This differs from an OS such as Windows, which is proprietary or closed-source software, meaning users don’t have access to the source code and, therefore, can’t modify it.
It can be argued that video recorders embedded with Linux, for example, are more secure because the ability to customize enables engineers to remove any extraneous code and strip out any unnecessary applications. By doing so, they’re also removing potential security vulnerabilities, since the majority of computer viruses and hacker attacks are designed to target the most common OS services and server and desktop applications. And since the OS isn’t constantly executing unnecessary application code because fewer things are running, there’s less opportunity for issues to arise, resulting in greater reliability.
Additionally, the large developer pool working with Linux’s open source OS code results in a higher likelihood that any security loopholes will be caught faster. Furthermore, there is less opportunity for users to have “root” privileges, which provides tighter control over what an application has access to, and the impact it can have on the system. This tighter control makes it more difficult for malicious software to gain access to key systems.
The removal of unnecessary services (e.g., email, web browsers, and social media apps) adds further protection and reduces the services in Linux that are available for attack by malicious software. Additionally, the removal of unwanted services leads to a smaller kernel size. Since the kernel is stored within non-volatile flash ram, rather than on a spinning disk, the reduced size means the flash memory can be smaller, resulting in reduced unit costs (which can be passed on to customers).
Removing non-critical modules leads to a reduced number of code paths within the application. Not only does this decrease the total volume of the code, but it also contributes to a reduction in the volume of interactions between modules. Removal of code results in fewer areas where defects can be introduced, leading to enhanced reliability. In addition, all non-essential network ports can be/are removed or locked.
Finally, by developing a custom OS kernel, developers (like ours here at March Networks) can take direct control over device drivers, updates and patches. There is no reliance on fixes coming from third-parties, and there is no possibility that an auto-applied system update will have a negative impact on the system.