Cart   |   Sign In

Landro Enterprise Edition Support

 
 

What IT Needs to Know
about Landro Enterprise

This document outlines some of the particular details of Landro Enterprise that are important to an Information Technology staff.

Similarities and Differences

Any discussion of the IT issues surrounding Landro needs to start with the fact that Landro, as a video distribution system, is both similar to and different from an ordinary computer network. A Landro network uses computers, network hardware and operating systems that are typically already familiar to an IT staff, which means there isn't a lot of new things to learn, and the existing IT support infrastructure can provide the first and best support for any difficulties outside of the Landro software. However, these similarities can cause IT staffs to overlook some essential differences in a Landro network.

Landro Enterprise Edition software creates a video distribution network. It is responsible for recording and playing back video, on demand, with full random access of playback, in real time. The network, and the computers participating in the task, must be able to transfer all of the data associated with video and audio at a sustained rate of greater than 5Mb/s for each data stream, despite the conflicting traffic of other recordings and/or playbacks going on. It took Landro some extensive engineering to accomplish this using conventional PCs, because Windows is not a Real Time operating system. In a typical PC application on a typical data network, things run as fast as they can, but if slow equipment, background processes, network traffic, virus scanning and such introduce delays, it simply results in a less responsive application: possibly annoying but not critical. In a video distribution system like Landro, if the data rate cannot be maintained, the video becomes choppy or unwatchable, and recordings become corrupted and unusable. And a video system that can't reliably record sessions (where there is no possibility of a re-do) is essentially worthless.

Landro computers work cooperatively to handle the load on standard PCs. In a typical PC environment, most of the work happens on just the user's PC, with occasional retrieval of data from network servers as needed. But in Landro, more computers are involved in getting the job done. There is the Landro central server, which manages the entire system and directs the traffic. There are encoder servers with specialized hardware to capture video and audio data with high quality compression technology. There are media servers which store the video files, similar to conventional file servers except for the need to save and retrieve the data at no less than real-time speeds. And then there are the client PCs running the Landro software that lets users view the live sessions and/or the stored recordings. The recording process requires the coordination between central, an encoder to capture and compress the video and audio, and a media server to save the compressed content to a hard drive. The playback process requires the coordination between the client PC, central, and the media server that is streaming the video data to the client according to the playback controls chosen by the user. The live viewing process requires the coordination between the client PC, central, and the encoder capturing that video feed. And any combination of these processes can be going on all at the same time! So an essential element of the Landro network is uptime - if one piece of the network shuts down or restarts for any reason, it can interrupt a lot of different activities.

The network connecting the Landro computers uses heavy network bandwidth. Networks for universities and other large organizations are based on the assumption that while there will be bursts of heavy traffic, the average traffic is low, and it is not hard to provide "good enough" responsiveness to client PCs. In many cases, the network may enforce bandwidth limits on a PC to ensure that it does not unduly clog the network with traffic. However, on a video distribution network like Landro, large amounts of data need to move between PCs without interference. A single client PC with the "Live Analysis" feature may be receiving over 20Mb/s for hours at a time. An encoder server could be emitting over 5Mb/s for each video capture card, for as long as anyone is recording or watching. And the media server has both the incoming traffic for any streams it is recording and the outbound traffic for every stored video it is being asked to play back. All of this traffic cannot run on a standard university data network: the video traffic would be crippling to the data network, and bursts in the data traffic would be equally crippling to the Landro system.

What Landro needs

Because of the real-time requirements of Landro, it is important that the network, and the computers chosen as servers, not introduce any delays. We publish requirements for the Landro hardware and network (see the Installation Guide). All of the PCs and servers involved in Landro should be using Gigabit Ethernet, and sharing a single Gigabit Ethernet switch. No other computers should be on that network, to eliminate unnecessary traffic. The computers acting as Landro servers (central, encoder or media servers) should be running a standard install of Windows XP Pro (the only version of Windows presently certified for Landro) and the Landro components, and no other software (applications or services).

The Landro servers need to run the Landro software as an application. This means that it is necessary for these computers to automatically log in as some user, or the Landro functionality will not be running. This is in contrast to most servers, whose core functionality runs as "services" that don't need the server to be logged in. This can mean that the server is vulnerable to unauthorized use for anyone with physical access; this consideration should guide the decision of where the servers are located.

The Landro video distribution network should be isolated from the usual data network. In an ideal case, there would be no connection at all: the Landro network and its computers would serve as purely an A/V system, unrelated to any other computing uses. In most cases, our customers don't want to be quite that isolated, preferring that the Landro client PCs are able to access university network resources and the Internet. This is accomplished by a single gateway from the Landro LAN to the univeristy WAN: a connection point (often an inexpensive home Internet gateway appliance!) that condenses all of the Landro PCs behind a single firewalled IP address on the university network. There is no data path from the university network into the Landro network, except any port tunnelling that IT chooses to set up for their needs (and, during installation, for remote access by Landro staff).

The Landro network should be kept as small as possible, ideally with all computers connected to a single Gigabit Ethernet switch. The computers all need to see UDP broadcasts from each other, which is typically much harder to accomplish if there are multiple routing hops between equipment.

The Landro network needs to do machine name to IP address resolution in order for the various components to communicate. While this functionality is generally already available in the university network, it needs to also happen in the isolated Landro network. There are several approaches to this, including setting up a WINS server or using "lmhosts" name lookup files. The important thing is that each Landro computer should be able to resolve the names of the other computers using a command like "ping machine_name" (even if the computers are not configured to respond to pings, the host should be found.

It is also important to realize the strain video distribution places on hard drives. The hard drives on video servers spend long periods of time transferring data with rapid seeks as the same server is simultaneously recording and/or playing multiple files at widely separated locations on the drive. This is a much heavier work load than typical PC drives experience. These drives will fail. It pays to invest in "Enterprise Class" hard drives for the media servers, and to use removable drive bays for easy replacement when the inevitable failures occur. Some Landro users arrange RAID storage to provide redundancy; others institute a backup policy; still others view the loss of videos over time as acceptable and only make manual archives of the important videos. How you approach this is up to you; simply be aware that even with the sophisticated caching techniques proprietary to Landro, media server hard drives will fail sooner than you would otherwise expect.

Lastly, if the Landro servers are to be racked together in one location, do yourself a favor and install a KVM switch to give easy access to each machine with a common monitor, keyboard and mouse. Provide each server with a desktop "wallpaper" that identifies, at a glance, which console is being displayed.

What Landro needs to not have

Landro needs to not have servers shut down or restart. As outlined above, everything the Landro system does involves multiple computers working cooperatively, and for one of those computers to go down is a system failure, not a local nuisance. For this reason we strongly recommend no automatic updates. Windows recommends that it automatically check for and install updates; however, because of the possibility of restarts, we recommend that Windows check for updates but wait for manual approval to install them. Landro includes a Monitor application that lets IT (or anyone) see at a glance whether the system is busy, and whether it will cause a problem for machines to go down for needed maintenance. Automatic updates have no way of knowing whether they will break anything.

The encoder and media server computers have an extensive amount of data flowing over their network adapters and to and from their hard drives, made possible by our sophisticated media caching system. Our exchange of data between the drives, caches and the network requires a maximum of throughput. Because of the real-time requirements of these processes, it is essential that these computers have no invasive anti-virus scanning of disk activity or network port activity. Most IT departments have policies requiring the latest and most stringent virus checking, for excellent reasons, but the best such tools intercept disk activity and/or network traffic in their search. Such interference with the streaming of data by anti-virus scanning services will create problems with data throughput, successful recording and system stability that are difficult to pinpoint or resolve. We have seen the problems that occur when this requirement is ignored, and we cannot support Landro under those circumstances.

IT policy violations?

We wrote this document, in part, in self-defense, because almost every Landro customer has at one point or another told us that our requirements were unacceptable. The automatic login requirement, the no automatic updates requirement and the no virus scanning requirement all generally violate IT policies. In some cases we have even been told that these requirements violate laws (or at least interpretations of laws). At a minimum, these Landro requirements all go against well-established IT Best Practices for a computer network. And in fact, we agree with those Best Practices, for a computer network. However, they are not appropriate practices for a video distribution network, which is what we're talking about.

We want our systems to keep running without corruption from viruses and the like. In fact, because of the interconnected nature of the Landro system and the performance needs, it would be fair to say that we probably worry about it more than a typical IT staff does. We have a number of recommendations to go with this, and many of them should complement IT guidelines, or at least provide a workable alternative to the IT guidelines we can't allow.

Protect the client PCs just like you would protect any other network PCs, with any anti-virus and update approaches you need. These computers are just as vulnerable to malware through ordinary application and Internet use as any other, and should be protected. A restart of a client PC because of updates would not be an unexpected event, and doesn't compromise the Landro servers in any way. Similarly, if some active virus scanning reduces the performance of the client PC such that its video playback or live analysis suffers, it at least in no way hurts the rest of the Landro system. For these systems, there should be no Landro requirement that stands in the way of IT policies.

Don't allow anything on the Landro servers. Viruses and other malware get on computers in either of two ways: unintended execution of outside code (trojans) or exploits of network vulnerabilities (much more rare in current Windows versions). Landro servers do not execute any code from outside themselves, with the sole exception of our mechanism for installing our updates to the server code (which, by the way, is a manual operation). Thus, if you keep the servers physically isolated from users, there should be no mechanism for malware to get on the servers in the first place. The vulnerability is very low. In fact, since the only likely method of contracting a virus would be through a user at the console or through Remote Desktop, it is the IT staff that poses any risk.

Use Windows Firewall. There is no reason for a Landro server to receive network traffic except on the ports that Landro registers with Windows Firewall. This is a good defense against external exploits; be sure to use it.

Keep Windows up to date. If a vulnerability is dicsovered in the operating system, Microsoft tries to quickly patch it. Remember, we are not at all opposed to updates; rather, we want to be sure that they are applied when the system won't be compromised by a restart. We recommend the setting where updates are downloaded automatically but installed manually. Landro servers are able to start up in any order and still connect and cooperate correctly.

Non-invasive virus scanning is fine. Our risk of virus on the servers is very low, but there's no need to trust that. Every virus scanning tool on the market that we know of has the ability to run a manual scan of files and registry and processes on demand. By all means feel free to do this! Just like the updates, our only concern is that the system not be in use (no recording, live viewing or playback underway), which is quickly determined by a glance at our Monitor application. Again, we are not opposed to a requirement for virus scanning; we are opposed to an active process always running on the computer that intervenes in network port traffic and/or disk accesses. Be aware, too, that the seemingly random nature of compressed video and audio data can occasionally present "false positives" to a virus scan (manual or invasive)... so a possible virus signature within a ".landromedia" file is not cause for alarm.

Final thoughts

We recognize that it causes some problems for organizations when a product demands that IT policies be broken. We don't do this lightly. IT policies are set up for good reasons that apply broadly to computer data networks. Our policies are set up for good reasons that apply specifically to video distribution networks and the Landro system. Despite similarities in hardware and operating systems, these are not the same thing, and not all of the same security approaches can work.

IT should also be aware of the quirks of Landro server software running as an application. You need to take care to neither log out that automatic login session, nor start another login that will launch a second copy of the server application. On Windows XP Pro, a Remote Desktop login using the same user/password as the automatic login will "take" that session away from the desktop, still running; if you do this, you must not log out of that session as you normally would, but rather just "disconnect" the session, leaving it still running. On Windows Server, on the other hand, Remote Desktop logins start new sessions until the terminal services session count is reached; on such systems, you should move the Landro server startup from the "All Users" Startup folder to the Startup folder used by the automatic login user, and then not authorize that same login for Remote Desktop.

Landro's specialized design certainly involves some special considerations in how it is used. Not every standard IT Best Practice can apply to this system. It is best to think of Landro not as some computers in your network, but rather as an entirely different piece of equipment - it really is - which just happens to use hardware and software IT recognizes in order to be affordable, and maintainable. There are professional video distribution systems far more expensive than Landro that don't use standard hardware, operating systems or tools in order to get the necessary performance... and guess what? They can't run your favorite anti-virus software either.

 

If you have any questions about the Landro requirements, please contact us at support@landro.com.

 
 
Can't find the answers you need? Send your questions to support@landro.com
 


Copyright © 2010, IRIS Technologies, Inc.   |   Terms of Use   |   Privacy Policy Contact us