Dell EMC Storage with Verint NextivaReference ArchitectureSafety & Security

H13493.6

Abstract

This document provides an architectural overview of the Dell EMC Safety & Security solutionthat provides a general-purpose platform for integrating legacy and state-of the-art safetyand security infrastructures.

Dell Technologies Solutions

April 2019

Notes, cautions, and warnings

NOTE: A NOTE indicates important information that helps you make better use of your product.

CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the

problem.

WARNING: A WARNING indicates a potential for property damage, personal injury, or death.

© 2010 - 2020 Dell Inc. or its subsidiaries. All rights reserved. Dell, EMC, and other trademarks are trademarks of Dell Inc. or its subsidiaries. Othertrademarks may be trademarks of their respective owners.

Chapter 1: Overview........................................................................................................................4Document purpose................................................................................................................................................................ 4Solution purpose.................................................................................................................................................................... 4Business challenge.................................................................................................................................................................4Technology solution...............................................................................................................................................................5

Chapter 2: Key Components............................................................................................................ 6Introduction............................................................................................................................................................................ 6Dell EMC storage...................................................................................................................................................................6VMware vSphere...................................................................................................................................................................6VMware Horizon View.......................................................................................................................................................... 7Dell EMC Unisphere...............................................................................................................................................................7Block data compression........................................................................................................................................................ 7Dell EMC PowerPath.............................................................................................................................................................7SmartQuotas.......................................................................................................................................................................... 7SmartConnect........................................................................................................................................................................ 7Isilon NIC aggregation........................................................................................................................................................... 7

Chapter 3: Physical Architecture......................................................................................................8Verint Nextiva........................................................................................................................................................................ 8

Digital video systems....................................................................................................................................................... 9Master server................................................................................................................................................................... 9Recorder server............................................................................................................................................................... 9

Validated environment profile.............................................................................................................................................. 9

Chapter 4: VMware Architecture..................................................................................................... 11VMware View overview....................................................................................................................................................... 11

Hypervisor....................................................................................................................................................................... 12VMware View connection server................................................................................................................................. 12View security server.......................................................................................................................................................12

Chapter 5: RSA Domain Security.....................................................................................................13Domain secured by RSA ..................................................................................................................................................... 13

Chapter 6: Conclusion....................................................................................................................14Summary............................................................................................................................................................................... 14

Contents

Contents 3

OverviewThis chapter provides information on the purpose and business challenge of this solution:

Topics:

• Document purpose• Solution purpose• Business challenge• Technology solution

Document purposeThis document provides an architectural overview of the Dell EMC Safety & Security solution that is enabled by Dell EMC Unity, Dell EMCSC series, Dell EMC ECS object storage, Dell EMC Isilon, VMware ESXi, and Verint Nextiva.

This document also discusses the architecture of Verint Nextiva with selected Dell EMC storage arrays.

Solution purposeThis solution enables a security team to view real-time video streams while also receiving policy-based and anomaly-based alerts. Verint'ssophisticated software analyzes data from remote locations and historical archives, and generates alerts based on your criteria.

Also, you can deploy VMware Horizon as part of this solution. VMware provides a platform for integrating legacy and state-of-the-artsafety and security infrastructures, while using virtualization technology to:

• Increase resource utilization• Decrease the number of servers and their associated costs• Maximize server manageability

Business challengePrivate businesses and public entities generally respond to the rising concerns about theft, fraud, and terrorism by sharpening their focuson safety and security systems. Organizations such as retailers, casinos, financial institutions, higher education institutions, transportationcompanies, law enforcement, school systems, prison systems, and government agencies all need to manage and protect their ever-growing volume of physical security information.

The ability to access the right data at the right time from anywhere is crucial to supporting safety and security needs. However, thefollowing factors can hinder achieving a comprehensive solution:

• Proprietary software• Closed hardware platforms• Lack of manageable archival capabilities• Data-retrieval wait times• Lost data• Unproven content authenticity• Information management limitations

The high expansion costs of legacy safety and security video systems based on CCTV, digital video recorders (DVRs), or networked videorecorder (NVR) technologies, and nonintegrated IT and physical security systems amplify these limitations.

Once the information is captured-and throughout the initial response, detection, legal, judicial submission, and the data disposal processes-information management, availability, security, and protection are the core capabilities that are needed for tamper-proof evidencecollection, increased conviction rates, and asset protection.

1

4 Overview

Technology solutionDell EMC Safety & Security Labs create proven solutions. These validated solutions provide a tested infrastructure for the flexibility tocontrol safety and security video and analyze security incidents in real time, collect evidence faster, and easily review archived data fromanywhere.

Dell EMC storage arrays provide quality storage for the smallest to the largest customers by using a variety of storage topologies includingSAN (FC and iSCSI) and NAS (NFS and CIFS).

Dell EMC Networking designs switches that meet requirements from a small office, home office (SOHO) deployment to enterprise scaledata centers. Adding the leading Dell EMC PowerEdge servers to this network ensures a successful implementation.

Virtualization with VMware consolidates the number of Verint Recorders that are required at a particular site. Aggregating multiplevirtualized Verint Recorders onto VMware ESX/ESXi hosts enables more bandwidth per physical host than is normally available from aphysical host.

The Dell EMC Safety & Security Lab primarily uses VMware ESXi, Dell EMC storage arrays, Dell EMC servers and Dell EMC Networking.The lab therefore provides tested architectures and solutions that are optimized for various implementation tiers.

Overview 5

Key ComponentsThis chapter provides information on the key components used in this solution architecture, including:

Topics:

• Introduction• Dell EMC storage• VMware vSphere• VMware Horizon View• Dell EMC Unisphere• Block data compression• Dell EMC PowerPath• SmartQuotas• SmartConnect• Isilon NIC aggregation

IntroductionAn incumbent physical security system typically consists of legacy analog monitoring capabilities, analog cameras, and IP cameras. Videoencoders convert standard NTSC/PAL video from analog cameras to a digital video stream over TCP/IP.

You can also deploy customer-furnished IP cameras in this solution. Each camera is capable of producing a digital video stream overTCP/IP. This solution uses Dell EMC storage platforms to provide single-tiered or multitiered storage architectures for centralized ordecentralized enterprise requirements. Dell EMC PowerPath® multipathing software provides channel failover on Nextiva servers for bothFC and physical adaptor iSCSI connectivity options.

Dell EMC storageThis reference architecture uses Dell EMC Untiy, Dell EMC SC, Dell EMC SC ,and Dell EMC Isilon storage platforms. However, you canintegrate different Dell EMC storage platforms and array sizes with Verint Nextiva to provide a physical security solution to meet therequirements of any size application.

The following Dell EMC storage platforms are compatible with Verint software for physical security:

Unity and SCseries

The solution supports unified storage Unity and SC series storage arrays. Unified storage topologies include FC,iSCSI, and SMB2 (CIFS). When a unified Unity or SC series array is used for an FC or iSCSI attachment, theimplementation bypasses the Data Mover.

Isilon An Isilon cluster is a storage array made of a minimum of three or four Isilon nodes, depending on the node model.Any Isilon cluster capable of supporting the Isilon operating system OneFS 7.0 or later may be used. OneFS 7.0 orlater supports Omnicast version 4.8 or later and Security Center 5.1 or later.

Elastic CloudStorage (ECS)

ECS is a complete software-defined cloud storage platform that supports the storage, manipulation, and analysisof safety and security video and unstructured data on a massive scale on commodity hardware. ECS is specificallydesigned to support the mobile, cloud, and Big Data workloads that are similar to large-scale workloads.

VMware vSphereVMware vSphere is a virtualization platform that is used across thousands of IT environments around the world. VMware vSphere cantransform or virtualize computer hardware resources, including CPU, RAM, hard disk, and network controller, to create a fully functionalvirtual machine (VM) that runs its own operating systems and applications like a physical computer.

The high-availability features of VMware vSphere coupled with VMware vSphere Distributed Resource Scheduler (DRS) and VMwarevSphere Storage vMotion enable the seamless migration of virtual desktops from one ESXi server to another with minimal or no impact tothe customer's usage.

2

6 Key Components

VMware Horizon ViewVMware Horizon View is the leading desktop virtualization solution that enables desktops to deliver cloud computing services to users.

VMware Horizon View integrates effectively with vSphere to provide:

Networkperformanceoptimization

Blast Performance is a comprehensive set of technologies available with Horizon 6 that are designed to ensurethat users have a consistently great experience across devices, locations, media, and connections.

Virtual San Supports the usage of different tiers of storage to maximize performance and reduce cost.

Thin provisioningsupport

Enables efficient allocation of storage resources when virtual desktops are provisioned. This results in betterutilization of the storage infrastructure and reduced CAPEX/OPEX.

Dell EMC UnisphereUnisphere provides a flexible, integrated experience for managing and monitoring several Unity and SC series storage systems through asingle interface. You can also access the entire file and block environment with a single sign-in.

Block data compressionDell EMC unified storage introduces block data compression, which enables customers to save and reclaim space anywhere in theirproduction environment with no restrictions.

This capability makes storage even more efficient by compressing data and reclaiming valuable storage capacity. Data compression worksas a background task to minimize performance overhead. Block data compression also supports thin LUNs, and automatically migratesthick LUNs to thin during compression, which frees valuable storage capacity.

Dell EMC PowerPathDell EMC PowerPath® software provides channel failover on all Verint application servers for both fiber and iSCSI (with hardwareinitiators) connectivity options.

SmartQuotasSmartQuotas allows administrators to limit the storage used for each Verint Recorder and presents to the Recorder a view of availablestorage based on the assigned quota. SmartQuotas allows each Recorder to calculate its available disk space and react correctly.

SmartConnectSmartConnect provides load balancing of connections to the Isilon cluster as well as failover handling of connections. With SmartConnect,all Verint Recorders use a single fully qualified domain name (FQDN) or universal naming convention (UNC) path for video storage access.Using this network name provides load balancing when the connection to the cluster is made and simplifies installations.

Isilon NIC aggregationTo increase network resilience we recommend using NIC aggregation in an active/passive or active/active configuration. Active/Passiveis ideal for either Windows Server 2008 or 2012. Active/Active can be used with the SMB3 multi-path feature in Windows Server 2012R2and above.

Key Components 7

Physical ArchitectureThis chapter provides information about the architecture for this solution:

Topics:

• Verint Nextiva• Validated environment profile

Verint NextivaTo successfully design and implement a Verint Nextiva system, you need to consider many aspects of the system, including networks,cameras, storage, and more. This section presents storage considerations and recommendations you should consider when deploying aVerint Nextiva system on Dell EMC storage platforms.

The safety and security solution components typically comprise legacy analog monitoring capabilities, analog cameras, and IP cameras.

Nextiva encoders convert standard NTSC/PAL video from analog cameras to a digital video stream sent over TCP/IP. Nextiva IP camerasor customer-furnished IP cameras can also be deployed. Each IP camera can produce a digital video stream that is sent over TCP/IP.

This reference architecture includes Unity, SC series, ECS Object Storage, and Isilon storage platforms. You can integrate Dell EMCstorage platforms and array sizes with Verint Nextiva to provide a physical security solution to meet the requirements of applications ofany size.

Unityand SC seriesEMC support unified storage solutions. Unified storage topologies include FC, iSCSI, and SMBx (CIFS). These arrayscan be configured as block storage only (FC and iSCSI) or unified storage to include SMB protocols.

Dell EMC Isilon Scale-Out storage using SMBx provides enterprise class network attached storage (NAS) for centralized or decentralizedenterprise requirements. An Isilon cluster is modularly scalable from terabytes to petabytes of storage.

The following figure depicts the overall physical architecture of the solution.

Figure 1. Solution architecture

3

8 Physical Architecture

Digital video systemsThe Nextiva recorder server application captures digital video streams over TCP/IP and writes them to Unity, SC series, Isilon, or ECSObject Storage.

NOTE: The Nextiva recorder application supports only the Dell EMC E-Lab™ Interoperability Navigator SAN and DAS

configurations.

Master serverThe Nextiva Master Server application provides access to Nextiva video recordings, authenticates users, and manages events. You caninstall the master and recorder server applications on a single server as required. This configuration is called a master recorder server.

Recorder serverThe Nextiva recorder server application captures live video streams to storage volumes for archiving. The recorder application keeps aseparate index for all captured video and acts as the source for video playback and review requests.

Validated environment profileThis solution integrates Dell EMC and Verint technology in a virtualized architecture to create our test environment.

Hardware resourcesThe following table lists the hardware used in this solution:

Table 1. Solution hardware

Hardware Configuration

Any Dell EMC and Verint approved 1U, 2U, or blade server. Per master server application

Per recorder server application

Per Enterprise Storage Managerapplication

Unity. SC series, Isilon, and ECS See the Dell EMC Storage with Verint Nextiva: ConfigurationGuide for more information. If you do not have access to thisdocument, see your Dell EMC representative.

Nextiva Review and Nextiva ControlCenter workstations Specified in the Verint Nextiva documentation

Software resourcesThe following table lists the software used in this solution:

Table 2. Solution software

Software Version Configuration

Windows Server 2008 Windows Server2012

32/64-bit Operating system for Nextiva servers andworkstations

Nextiva Master Server 6.3 SP2 and 6.4 SP1 or later Windows 2008 x32 and x64, not R2 (Verinttested)

Local disk drive installation for all nonbootfrom SAN configurations. Minimum drivespecs: C: 35 to 45 GB; D: 10 GB; E: 70 GB

Physical Architecture 9

Table 2. Solution software (continued)

Software Version Configuration

Nextiva recorder server 6.3 SP2 and 6.4 SP1 or later Drive specs: C: 35 to 45 GB; D: 10 GB; E: 70GB

Nextiva ControlCenter 6.3 SP2 and 6.4 SP1 or later Administrator interface

Nextiva Review 6.3 SP2 and 6.4 SP1 or later User interface

Verint Nextiva with NAS support 6.3 SP2 and 6.4 SP1 or later Installed on Nextiva servers

Dell EMC PowerPath Latest GA version Installed on Nextiva servers

EMC Naviagent Latest GA version Installed on Nextiva servers

10 Physical Architecture

VMware Architecture

This chapter provides information on the VMware configuration for this solution:

Topics:

• VMware View overview

VMware View overviewVMware Horizon View delivers rich and personalized virtual desktops as a managed service from a virtualization platform built to deliverthe entire desktop, including the operating system, applications, and user data.

VMware Horizon View provides centralized automated management of these components with increased control and cost savings.VMware Horizon View improves business agility while providing a flexible high-performance desktop experience for users across a varietyof network conditions.

To provide a virtual desktop experience, VMware Horizon View uses various components, each with its own purpose. The componentsthat make up the View Environment are:

• Hypervisor• View Connection Server• View Agent• View Client• View Administrator• vCenter Server• View Composer• View Transfer Server• View PowerCLI• View Security server• Supported database server like Microsoft SQL Server• ThinApp

The following image shows the VMware components used in this solution.

4

VMware Architecture 11

Figure 2. VMware components

HypervisorHypervisor is used to host the virtual desktops. To get the most out of its features, Dell EMC recommends that you use VMware vSphere5.x or greater. The vSphere 5.x features such as vSphere API for Array Integration (VAAI), Memory Compression, and Ballooning help tohost more virtual desktops.

VMware View connection serverThe VMware View connection server hosts the LDAP directory and keeps the configuration information for VMware View Desktop Pools,associated virtual desktops, and VMware View.

This data can be replicated to other View connection replica servers. The connection server also acts as a connection broker thatmaintains the desktop assignment. It supports an SSL connection to the desktop using RDP or PCoIP. It also supports RSA SecurID two-factor authentication and smart card authentication.

View security serverThe View security server is a different type of View connection server. It supports two network interfaces-one to a private enterprisenetwork and another to the public network. It is typically used in a DMZ and enables users outside the organization to securely connect totheir virtual desktops.

12 VMware Architecture

RSA Domain SecurityThis chapter provides information on securing a domain with RSA:

Topics:

• Domain secured by RSA

Domain secured by RSAThis Verint Nextiva solution, installed with RSA's secured domain, increases Windows and Nextiva security. RSA authentication, whichuses constantly changing RSA tokens, increases the user's Nextiva experience by providing a single login structure for accessing multipleNextiva applications.

About this task

For more information, refer to the Dell EMC white paper entitled Dell EMC Physical Security-Enabled By RSA SecurID Two-FactorAuthentication with Genetec Omnicast Client Applications.

Steps

1. The login request using RSA authentication (token) sends the request to the RSA SecurID appliance.

2. If the user credentials are correct, the RSA SecurID appliance proxies the login to Active Directory, and Active Directory authenticatesthe login into the requested Windows domain.

3. The Windows domain server completes the login.

4. The user accesses the requested application.

The user may be required to press Enter before continuing into the application (this is application-specific).

5. User credentials are verified to ensure that the user has access rights for the requested application.

Example

The following figure shows the login process:

Figure 3. RSA login process

5

RSA Domain Security 13

ConclusionThis chapter summarizes this reference architecture:

Topics:

• Summary

SummaryDell EMC Safety & Security enabled by Dell EMC storage arrays, optional RSA security, and Verint Nextiva products are an ideal solutionfor safety and security management and IT infrastructure. The solution provides a flexible and highly scalable infrastructure that can meeta broad range of demanding physical security requirements.

By leveraging the best-in-class safety and security management software from Verint and advanced IT infrastructure components fromDell EMC, customers can maximize the return on their investment in these crucial platforms.

RSA provides best-in-class user authentication that is compatible with single login domain security. In addition, VMware ESXi reduces thefootprint required for our implementation. As requirements change and become more sophisticated, customers can be assured that theDell EMC Safety & Security Solution's flexibility and modular architecture can be designed to meet their needs.

6

14 Conclusion