With the spate of ransomware and crypto virus attacks on automation systems, perhaps a quick review of network security is in order:
Isolate the automation system on a separate network from the general office network and do not allow internet access on the automation system’s work stations or servers.
Use a separate switch for all automation network connections.
install a small router between the automation network and the office network. On the router, the WAN port faces outward toward the office network, make the WAN port non-pingable. Grant access from the office network for certain users; e.g. traffic, music director, etc via access lists. Open up a few ports for VNC or RDP on the router so technicians can remotely access machines to do maintenance and troubleshooting.
Use supported and up to date operating systems.
Use separate admin and user accounts, make sure that admin rights are removed from user accounts and keep machines logged in as users. This ensures that some errant DJ or other person does not install any unauthorized programs.
Install and keep up to date a good antivirus program.
Back up the data and test the backups.
The office network is more vulnerable because of the human element. Internet access is require, of course. Click on a pop up, sure! Hey, that photograph has a funny file extension, lets open it and see what it is. I never heard of this person before, but look, they sent me an executable!
Much of the office network security will rely on the quality of the router connected to the internet and the antivirus software installed. Of course, the network users have a good deal of responsibility also.
Like all data carrying technology, WLAN, or WiFi, continues to evolve into a better, faster and more robust platform. The IEEE wireless ethernet specification 802.11ac combines all of the past developments, plus some added features, into one specification. Here are some of the highlights:
Operation on 5 GHz only. Many more available channels in this spectrum than in 2.4 GHz
Increased channel bonding making wider channels carrying more data. In the 5 GHz spectrum channels are 20 MHz wide and do not overlap. 802.11ac allows for 40, 60, 80 or even 160 MHz channels. This is great for short distances, longer distances will be prone to greater interference over wider channels
Modulation schemes that allow up to 256 QAM. A 256 QAM constellation is going to look pretty crowded unless it is on a wide channel. Again, this would be good for short distances.
Increased MIMO. Up to 8×8 MIMO (Multi In Multi Out) which can greatly improve throughput. MIMO means multiple transmitters and antennas in the same unit. The first number is the transmitter count the second number is the antenna count. Thus an 8X8 system will have eight transmitters and eight antennas. This allowed beam forming by use of phased antenna arrays, which can greatly reduce multi-path
MU-MIMO (Multi-User MIMO). Basically, the access point sends the data frame only to the desired host, thus instead of acting like an ethernet hub sending the frame to every connected host, the AP is acting more like an ethernet switch.
The goal of all of these modifications is to get gigabit transfer rates over WLAN.
What does all of this have to do with radio broadcast, one might ask. That is a good question.
There are several applications that have to do with remote broadcasting. Many sports areas, night clubs, or other likely places to be broadcasting from have WIFI installed. Using a laptop with an AoIP client installed not only can connect to the studio for audio delivery, the same laptop can use RDP or VNC to control the station’s automation computer as well. This means easier integration of the remote into voice tracked or syndicated programming.
Secondly, wireless LAN bridges between studio and transmitter site can act as a STL, a backup STL, a remote control return link, bridge for a network connected transmitter, VoIP phone link, IP security camera back haul or almost anything else that can send ethernet data. I have found it useful to simply have a computer available at the transmitter site, even if it is only to download manuals and what not. We have taken several old Windows XP machines and reloaded them with a Linux variant and installed them at various transmitter sites. It saves the trouble of having to download a manual on the smart phone then page back and forth across a really small screen to read it. As for using unlicensed WiFi to link to a transmitter site; the link between the WICC studio and transmitter site runs a 78 Mbps most days. This is a two mile link over mostly water. I will say, when there is fog, the link rate drops to 32 Mbps, which is still pretty good, all things considered.
Of course, office network applications; laptop, tablet, smartphone and other personal devices.
Finally, Broadcast Engineers really need to keep abreast of networking technology. There are many, many applications for WiFi units in the broadcast industry.
I have seen many a Dell LCD computer monitor go south for want of a $0.50 part. Dell must have gotten a hold of a bad batch of capacitors, because almost invariably, the problem is with the power supply capacitors for the back light. The symptoms are; the monitor goes very dim and can only be read when shining a light on it, or the power button flashes green.
A new Dell 19 inch (E1914H) monitors runs about $90.00 – 110.00. I can repair a defective unit in about 20-30 minutes or so, which makes it worth while for the client. When repairing equipment, the cost of labor and parts balanced across the cost of new equipment should be a prime consideration. Sometimes, it is simply not worth the time to repair something. Others, like this instance, it makes sense as long as the repair is simple.
This is a Dell E198FPf LCD monitor. After the initial diagnosis:
First step is to remove the stand and the four screws behind the stand bracket.
The hardest thing about this repair is getting the bezel off. Dell uses a bezel around the monitor face that uses little plastic clips to hold it in place. To get the bezel off, one needs to press the clips toward the center of the monitor while lifting up. It requires the careful application of force.
I start on the bottom and use a small screw driver in one of the slots to get it started. I start on the bottom because if the plastic gets a little marred, no one will see it when the repair is finished. Once the first clip is released, then the others and be released by twisting the bezel carefully toward the center of the monitor while lifting.
Once the bezel is removed, the wiring needs to be disconnected. This consists of the back light, the data buss and sometimes the on/off switches, which are mounted on the bezel.
After all the wiring is removed, there are either two or four screws that hold the power supply to the monitor screen.
Finally, the power supply board is exposed. Depending on the model of the monitor, the hex head screws that hold the VGA connector may need to be taken off. Sometimes not.
Removing the screws on the back of the power supply board exposes the capacitors and other components.
And the culprit is discovered. These two bulging capacitors are causing the LCD monitor backlight power supply shut down making the monitor unusable. The larger one is a 1000 uF 25 volt and the smaller is 680 uF 25 volt. I replaced both with in kind 35 volt units. I also took the liberty of replacing the rest of the electrolytics on the power supply board (total of five additional capacitors). While the unit is disassembled, it is far easier to replace all the $0.50 components than to do it one at a time over the next few years as each fail. This monitor should be good for another 5 years of service at least. These values vary somewhat from monitor to monitor. Also, if only repairing one or two monitors, the parts can be obtained at Radio Shack for $1.99 each.
It is a good way to regenerate equipment, even if they are set aside as spares.