SVC Podcast – Show Notes – Show 154-2
In this special Infocomm edition of the SVC Podcast, SVC Contributing Editor Bennett Liles talks with experienced InfoComm instructor Paul Zielie. At this year’s show he will be teaching courses on Networked AV Systems, Network Traffic Analysis, AV/IT Security Needs Analysis and USB Technology: Analysis and Troubleshooting. These courses will go into the OSI Model, the security issues for networked AV and some of the valuable tools, such as Wireshark, available for maintaining a sound AV environment
Links of interest:
- The InfoComm Education and Show Planner
- OSI Model’s Seven Layers Defined and Functions Explained
- Wireshark Network Analysis Tool
Download Podcast Here:
From Sound & Video Contractor Magazine, this is the SVC Podcast with Paul Zielie. Show notes for the podcast are on the web site of Sound & Video Contractor Magazine at svconline.com.
Does IT want to take over AV? When they work together, who does what? Where’s the boundary between the two or has it disappeared? How much does each need to know about the other? Paul Zielie will be teaching courses at InfoComm to answer all of those questions and more. He’s here to give us the news on it coming up on the SVC Podcast.
Paul, thanks for taking time out to be with us on the SVC Podcast. You’ve got a pretty full plate at InfoComm with courses on Networked AV, Network Traffic Analysis, AV/IT Security Needs Analysis and USB Technology: Analysis and Troubleshooting. USB is going to be with us for a good while so that’s a safe bet. That’s a pretty heavy course load.
This is actually a bit of a down year for me at InfoComm. I’m teaching less than I did last year. I have been teaching the networked audio video systems course for five years now. We’re in the second iteration of it. It’s very interesting in working on content development within InfoComm. They’re not used to technology that changes where they put together a three-day course and three years later you’re starting to say okay, can we re-write this now? Audio technology changes over 20 years, video technology changes relatively slowly, and network changes very quickly. What we’ve found is that, as you said, it’s very important for the AV industry to understand networking because they have to work with another trade that does not necessarily know what they’re doing and it’s very important that we have a common vocabulary with them and that we can set the expectations as to what types of services and bandwidths and requirements our products need as well as to make them comfortable that we’re not going to break their network. If you think it’s bad having a video conference drop while the president of the company is there or having a projector go out, try taking down a company’s email server and see how popular you are. So it’s really important. So the NAVS course, which is a three-day course, is kind of a comprehensive introduction to network theory and interaction. So we spend a lot of time with how the networks actually work and with the various AV applications and how things are specified and what you have to think about it and how they communicate those needs back and forth with the network providers. It’s interesting because within the InfoComm we’re talking about communications with the service providers. I’m starting to work with CEDIA, and CEDIA in the residential market, the AV installers are actually installing the network. So it’s a different skill set in what’s required sometimes between the various trades. Not that you wouldn’t be able to install a network after the NAVS, but a lot of it is based on the communication that has to occur and to make sure that you’re on that common ground with vocabulary and communicating the requirements for getting what you need as well as troubleshooting. [Timestamp: 3:27]
And one of the more interesting applications used in network traffic analysis is one called Wireshark. What will the course attendees learn about that?
Wireshark is within our network traffic analysis. We touch a little bit on it in the Network AV course, but there’s a lot of interest in troubleshooting. So Wireshark is essentially a network recorder. All the traffic that goes across the network at a point that you’re touching, it’s recorded onto your PC and then you can go down and sort and follow and look at the traffic. So you can understand is a message not getting through? What’s happening? You can see the error messages or see what kind of communication is happening for packets dropped or various other things so you can troubleshoot the applications on the network. So for instance, if I was going to Wireshark for voice or video conferencing, I would be looking at the whole setup. There’s going to be a discovery and a handshake and it’s going to pass back and forth, and I can look at all those things that are happening on one end or the other and maybe get an idea of why my call is not happening. We’re trying to talk two different protocols or I’m not connections to their registrar or their proxies and passing it. It’s a big shortcut to just trying to click every button on the setup menu until something finally works, which is kind of what you have to do blind. So we look at the tool, how to sort it, continue on talking about some common AV troubleshooting applications and how to follow that network conversation through so that you can resolve whatever are in the network. It’s a very handy tool and it’s free, which everybody always likes. [Timestamp: 5:07]
Can’t beat free! And one thing that is obvious as you look through the courses being offered at the show, particularly the one on network traffic analysis is that those attending this one and some of the others are going to jump right into the deep end of the OSI Model. How far do you go into that?
Everything I do in all my classes is OSI based and that’s for a couple of reasons. One, it is the language of the network people, so being comfortable with how they talk about networks and where problems are is very important. Second is it really is a logical mechanism to help you determine where to look in troubleshooting and problems. So you know if there’s a problem on Layer 2 that is happening within the local network. I don’t have to worry about routers. I don’t have to worry about internet. I don’t have to worry about IP addresses. It’s something on my physical switches. Likewise, if my problems are Layer 3, I don’t have to look on the switch. It’s a Layer 3 problem. I have to look on the router at how the internet is working. So it becomes a really good thought pattern for being able to break up that signal flow and understand where I need to apply configurations or where I need to look for things. So we use the OSI model extensively in NAVS, we use it in Wireshark, and we also use it quite a bit in the security because security has applied it in different places, but it still follows that same paradigm of the OSI model whether you’re applying it at the application or at the network or at the switch with something like 802.1X, which is actually happening at the Ethernet layer. So Security can be applied in a bunch of different places and it very naturally follows that OSI model as well.
And another big topic at the show will be Security for AV systems. What do you see as the trend on that? Things look to be changing pretty fast.
It’s required. I work for Harman Professional and a lot of what I deal with is security. And we are seeing organizations that have had AV attached to their network for five or six years. And over the last year or two, suddenly they’re failing security audits. And the reason is in the past they kind of said, “Oh, that’s an AV system. It’s not really a computer. We’re not sure what it is, so we’re just going to ignore it and not add it to the audit.” But since the Target breach and some other high-profile breaches, it’s no longer acceptable to just kind of ignore that as that’s an appliance, that’s not really a computer, and we don’t have to think about it. Everything is looked at. So we’re seeing even products that have been installed for years, they’re coming back with security questions and almost inevitably in any large organization, there is very early in the process a security discussion on how we’re going to deal with this. This large organizations want the systems tied to their network because they want to be able to centrally manage them. They want to be able to schedule them. They want to be able to have remote diagnostic capabilities. All those things require the network. Additionally, in the world of traditional VTC, it’s getting very hard to find a device in the VTC world that has an RS232 port on it. So you’re now communicating with these other devices via the network and so we’ve got this issue. And the network role in the security world kind of has this default deny, proof to me that it’s going to be okay before you put it on my network, which is a very reasonable request as the network is a mission-critical asset of an organization. So way more time is spent on the security aspects during the design phases than I’ve ever seen before and that’s really the genesis of this course because once again, going back to the communications, how do you communicate with the organization or security people who have practices and policies in place? Find out what their requirements are and tell them in language that they can understand and is standardized that this application is going to be okay to put on their network. And so the needs analysis really goes into how to discuss with them how to find out what their requirements are because you can’t say this is how I configure this device for security because customers have different needs. I could have two identical systems, say streaming video. One is installed in a sports bar so that people can watch whatever hockey game they want to at their table, and the other is installed in the boardroom of an investment bank so that they can periodically do room overflows or corporate announcements or other things. Those two organizations are going to have vastly different security requirements for the same equipment. The sports bar, the worst thing that’s going to happen is somebody watches the hockey game on their iPod. The investment bank, somebody browses for stock tips and people go to jail for insider trading, you lose customer confidence. Potentially there’s millions of dollars and jail time at stake. So you can’t just say oh yeah, that’s secure. Now that’s really owned by the customer and you have to be able to understand that and that’s really what we’re seeing in security on an almost job-by-job basis. [Timestamp: 10:25]
AV and IT managers are going to have to devise ways to work together rather than being rivals on this thing.
Yeah. And they aren’t rivals. Network people don’t want to be AV people. They’ve already got really good jobs and it’s hard. At InfoComm we really looked at AV education and it was a lot of debate going on when we were starting the network education whether InfoComm had any business teaching network. They thought maybe we’ll be better off going to network people and teaching them how to do AV. As it turned out, the network people stayed away from AV education in droves and the AV people who wanted to continue to be employed said oh, we need to pick up this network skill. And I think it really works well because a lot of it has to do with the personalities and the way the jobs work. They tend to very narrowly self-specialize. So you go into what you would call an IT guy, but they’re going to be specialized. They’re switch guys and they’re router guys and they’re server guys. And the server guys are application sever guys versus infrastructure server guys. And the security guys are applications server or network security people who are dealing with ports and protocols versus applications security people who are dealing with user names and passwords. They’re very specialized. None of them really know a huge amount of what the other IT people are doing. Whereas the AV integrator has to touch all of those. They don’t have to know as much about any given subject, but they have to know a lot of subjects and interoperate with all those different areas across the IT. And that’s not what IT people are trained for. It’s also a measure of why it’s appropriate for InfoComm to teach IT because it’s very easy to go on Google and say I want to become a Cisco switch specialist. You’ll find a million different people who are willing to sell you a curriculum and take you right down that path, you know, “This is what you’re going to be studying and doing for the next 10 years as you work through your certifications.” But it’s very difficult to go out there and say I need to be a generalist. I need to know just enough to get the job done about a whole bunch of different things, which is the reality of what the AV business is. And AV people who have been successful have been very good at saying, “Oh, no. I need to install one of these tomorrow. I don’t even know what it is. I’d better figure this out.” And they go and figure it out and get the job done. And the IT facet of this is just another extension of that same thing they’ve been doing is they’ve been learning DSP’s and wiring standards and mixing boards and electrical contracting and acoustics and all of these other things. They seem to be predisposed to being a generalist, which is one of the things I really like about the AV industry. And so I don’t think there’s any need to think that the IT people really want to do that and there is good reason to get along because it’s going to ultimately make your job easier. You come in and you might know what you’re doing, but you’re using a different vocabulary or calling something different than what they call it. You’re suddenly an outsider and if you make a mistake in that one thing that you know, they potentially question everything you know. So it becomes important once again to have that relationship and use the right terms and go forward. And I don’t think there’s a whole lot of danger of a mass exodus of IT people wanting to take over the AV industry. But there seems to be a lot of fear that that’s going to happen, but a lot of that is just fear of change. I’m an old guy. Twenty years ago I was selling video conferencing and I was making a lot of money as a distributor because the AV dealers didn’t care about video conferencing. They were willing to give the whole thing away because all they cared about was all the money they were making on selling a projector. And as far as they were concerned, me getting video conferencing in there was a way for them to sell another projector. That market changed. Nobody’s making any money on projectors outside of the very high end now. But that conferencing projector used to be the goal of the sale. Things change and some people fear change and some people thrive. This is another evolution of what’s happening as the industry evolves. [Timestamp: 14:48]
Well, the change-thrivers are going to be at the show and the epicenter for that whole movement is going to be where you are: Networked AV Systems, Network Traffic Analysis, AV/IT Security Needs Analysis and USB Technology: Analysis and Troubleshooting. Paul, you may feel like you’re throttling back but this sounds like a lot to me. It’s been wonderful having you here and thanks for the preview.
Thank you very much. Any time.
Thank you for joining us here for the SVC Podcast with Paul Zielie. Show notes are on the website of Sound & Video Contractor Magazine at svconline.com. Be back with us again right here next week for the next SVC Podcast.