When designing a network for physical security, things to think about

When designing a network for physical security, there are critical considerations to ensure reliability, scalability, and performance. Here are key areas to focus on:

1. Equipment Scale and IP Management

First, determine the total amount of end equipment to be deployed. This drives several decisions:

• IP Range & Subnets: Don’t squeeze hundreds of devices into an unmanaged network. Conversely, creating multiple subnets for a handful of devices (e.g., separating cameras, PA, and access control when there are fewer than 10 total) overcomplicates management.
• Super-netting: When planning IP ranges, structure them for super-netting. For example, 192.168.0.0/24 and 192.168.1.0/24 can be super-netted to 192.168.0.0/23. This streamlines routing and firewall rules from two lines down to one, improving network responsiveness.

2. Physical Placement and Switch Selection

Once quantities are known, map out equipment placements to dictate your networking infrastructure:

• Switch Types: Use 24-port PoE switches for offices, or 4-port PoE+ industrial switches for outdoor perimeters.
• Topology: Placement drives wiring architecture (ring, star, or daisy-chain).
• Spare Capacity: Always reserve 10%-20% spare ports on switches for future expansion or amendments.

3. Right-Sizing Network Equipment

Match your switch grades to your deployment scale and requirements:

• Small scale: Pure unmanaged switches may suffice.
• Medium scale: Web-smart or basic L3 switches are necessary, especially if combining different equipment classes is not recommended by manufacturers.
• VLAN Segmentation: For medium and large deployments, VLANs are recommended to optimize traffic and prevent single-device failures from bringing down the entire network.

4. Manufacturer-Specific Networking Requirements

Always verify specific protocol needs with your equipment manufacturers:

• Multicast: Often required for CCTV routing.
• QoS & EEE: Essential for Public Address (PA) systems.
• These requirements dictate whether you need switches with fine-tuned QoS classifications or multicast capabilities.

5. Power and Bandwidth Constraints

Physical security devices are power and data hungry. Pay close attention to constraints:

• PoE Budgets: Verify the maximum power a switch can supply. Can it deliver full PoE+ power simultaneously across all ports if needed? There is a reason some PoE switches are cheaper than others.
• Uplink Bottlenecks: When utilizing daisy-chain or ring deployments, watch your uplink bandwidth. Chaining too many switches together frequently leads to traffic bottlenecks, mac-address table limits, or multicast group exhaustion.