FIELD GUIDE TO ACCESS CONTROL: ENTERPRISE NETWORK ACCESS CONTROL: Integration Solutions & Options
September 1, 2007
One of the growing trends in the physical security world is the integration of surveillance video, access control, motion and alarm detection, intercoms, and other building functions. The goal of this amalgamation of different sensor technologies and systems is to provide building management and operators with immediate notification of a variety of building and personnel issues, while enabling global and/or granular control of building security functions.
EVOLUTION OF COMPUTERIZED ACCESS CONTROL SYSTEMSBefore delving into the wide range of options for access control integration, it’s important to understand how our industry’s products have evolved to fully exploit network devices and connectivity.
First-generation computerized access control systems used mini-computers connected to remote panels, using a non-Ethernet communications protocol such as RS-485. The mini-computer, such as a DEC PDP-11, provided all decision-making processes. These systems worked fine for single-location/building systems, but any failure of the computer head-end would cause the remote panels to operate in a degraded mode, often allowing access to any and all doors for users holding cards with the building’s specific “facility code.” As computer failure was a common occurrence, access control card manufacturers took great pains to segregate common facility codes, so that a card issued for a system located at 1515 Main St. was not the same facility code as another system situated at 1520 Main St.
As enterprise computer networks moved away from the mainframe/terminal model to the PC/server format, access control systems were developed that used these devices to monitor and manipulate access control systems. Generally a single PC was programmed with specific software allowing that computer to function as a data server that provided periodic updates for the remote access panels that perform the decision-making process. Because these systems put the decision-making on the “edge” of the access system, head-end computer failures do not necessarily cause a potential security breach, as the remote panels can handle their own connected readers, door strikes, REXs, etc.
Computer failure is still a problem, as a disk-drive failure might require the complete reinstallation of the client software and database, assuming that the database has been regularly and properly backed up. Many of these older client/server access systems still use serial protocols such as RS485, while later versions will communicate using TCP/IP on the network. Systems using TCP/IP provide the ability to connect remote buildings to the access control PC/server over WAN connections.
Many systems like those detailed above are still in use, and provide excellent upgrading opportunities.
THE NEW GENERATIONThree factors have played a prominent role in the evolution of the latest form of networked access control. The widespread enterprise deployment of LAN/WAN TCP/IP connectivity throughout client buildings has created a standardized platform for the connection of all types of physical security devices, including surveillance cameras, access control panels, intrusion alarm panels, intercoms, and other related building sensors and controls. Using “relay magic” any device that has either voltage/relay outputs or inputs now can be connected to the LAN. Many vendors produce network-enabled devices for industrial processing and monitoring which can be used easily for physical security connections.
The second factor driving the new generation of access systems is the potential problems that occur if and when an access control head-end PC fails. Desktop computers and servers consist of a number of discrete components such as the motherboard, cooling fan, CPU, and hard drives.
Security installation companies must consider a simple fact: computer-related devices that have moving parts, such as hard drives and cooling fans, will fail. It’s only a question of when, and how the failure will affect the client’s system and security. So the reliance on typical desktop or server model network computers is most likely a guarantee of future system failures.
The third factor driving the new generation of networked access control systems is the wealth and breadth of inexpensive computer components available for product designers. Processor chips, flash memory, motherboards, and connective devices are now inexpensive enough to be included in remote access control panels, allowing the development of full-blown network computer control boxes that are connected to the access hardware (readers, strikes, door contacts).
THIRD-GENERATION ACCESS INTEGRATION SYSTEMSThe access control product lines that will allow our industry to install fully integrated physical security systems are here today. Third-generation access control panels are complete computers, with an operating system, memory, TCP/IP network connectivity, and related hardware. Now all decision-making processes are performed by the remote panels, eliminating the possibility of high-security access systems falling into a default mode if there’s a central server or network connectivity failure.
Placing full-blown computers within remote access panels might appear to increase the potential for system failures, but these panels generally use all solid-state components, with no moving parts. Hard drive storage is replaced with flash memory, and power usage is reduced so cooling fans are not needed. By eliminating moving components, the realistic mean time between failures and service life is greatly increased. Reduction of power requirements means that some products can be operated using network-delivered standardized Power over Ethernet (PoE).
While the component and power issues may seem rather mundane, the true power of third-generation access systems is that each remote panel is a Web server, and holds all operational software for the particular system. No longer do user PCs need to have vendor-specific software loaded into them, and upgraded when necessary. Authorized users just aim a typical Web browser, such as Firefox or Internet Explorer, at the IP address of a target remote panel, and the panel delivers any and all control, monitoring, and manipulation capabilities to the user’s PC.
This is truly a revolutionary technology that needs to be fully appreciated. No longer will physical security contractors have to contend with the individual characteristics of a specific user’s PC, loading on software that might not function due to that PC’s particular settings or capabilities. When access system software needs to be upgraded or patched for network security purposes, the upgrades are accomplished on the remote panels. The authorized user’s PC need not be touched. This also means that users can control the access system from any machine on the enterprise network, or over the Internet from their home or remote office. If a user’s PC fails, his or her new computer will provide the exact same system control capabilities as they had with their old machine, provided the new PC has one of several available Web browser programs installed.
Putting the power of the PC onto the edge of the access control grid means that these systems are infinitely expandable and scalable. A single panel can control one or several doors, while more panels can be added around a building (or around the world) to grow a system. No longer is our industry tied to systems that are encumbered with a ceiling of how many readers, doors, or users can be operated simultaneously. Some vendors are taking the same “blade” expansion approach as is used in high-end network servers; remote access panel boxes are cans with multiple card slots available for the type and number of access control boards needed for a particular system situation. One slot holds the primary PC card, while other cards contain the number of inputs, relays, and door strike power outputs required.
THIRD-GENERATION SOFTWARE INTEGRATION FEATURESTo achieve true integration, the latest access control systems embrace the concept of open standards. Just as enterprise network computers can readily share data across different manufacturers of machines and operating systems, access control databases can be exported/imported to and from legacy systems, human resources (HR), and other enterprise systems. Now when an individual’s employment is terminated by the HR department the information can be transmitted instantly to the access control system to disable the former employee’s access privileges. Network-based databases can be interlinked using the standardized ODBC (Open Data Base Connectivity) method. Access databases can be stored on standard NAS (network attached storage) or other enterprise network storage drives, which can include critical access control information in system-wide data backup operations.
One primary security advantage of these edge access control panel/computers is that they typically use an embedded operating system, usually a derivative of Linux. These devices do not accept the downloading of any software programs outside of the specific access system manufacturer’s software upgrades. As we have all experienced, the installation of a new software program into a PC can affect existing programs. While a second-generation PC/server access control user’s PC might become unstable when an unrelated software program is installed, third-generation access control systems are immune to the potential of unrelated software mischief.
To enable the interfacing to computerized HVAC, lighting controls, and other building systems, third-generation access control systems provide software interfaces called APIs (application programming interfaces). These standardized interfacing tools allow programmers to craft custom communication methodologies between software-based systems, such as a new access control system with a legacy building automation system.
Communication of access system alarms and messages must be integrated with the enterprise network’s typical messaging methods. Third-generation access systems provide interfaces into the enterprise’s e-mail and instant message servers, and can stay on time by using network (or Internet) NTP (Network Time Protocol) servers.
SECURED NETWORK COMMUNICATIONSA key element of network-based access control systems is the security of the communications between authorized users and the access system’s controlling computers/panels, and the security of the communications between the remote devices themselves. The theft of an authorized user’s user name and password can result in a system compromise, or if a signal from a credential reader can be intercepted and interpreted, an opportunity exists for rogue signals to be generated in an attempt to fool the system.
There are two recognized issues pertaining to secured network communications â€” authentication and encryption. Authentication is the verification that a remote user or device is truly whom they identify themselves as. To disguise communications over a network, data is encrypted, which is a process of scrambling transmitted data that can only be unscrambled using a decryption key which has been previously transmitted to the authorized receiver of the data.
The common Web server protocol to achieve both authentication and encryption is Secure Socket Layer, or SSL. SSL provides encryption of all data flowing between a Web server and a Web browser that’s communicating with it at a particular time. When your PC is connected to a Web site using SSL, such as for online banking, a small yellow lock appears on the Web browser screen and the address line changes to “https:” instead of the unencrypted “http.” The encryption of the data is typically industry-standard AES, using 128-bit encryption keys. Encryption keys and authentication information is sent from the Web server to the browser within a certificate. Access control systems using SSL can have their certificates authenticated by a recognized CA (Certificate Authority).
THIRD-GENERATION ACCESS CONTROL FEATURESAll of the integration and networking features built into this latest generation of access control systems need to have substantial user benefits, because there is no point to upgrading an existing system. What features can we expect from these systems, and how will they make our client’s integrated physical security systems quicker, faster and better?
While specific vendors will tout their system’s unique qualities, there are some general features that will prove beneficial for your clients.
Automatic Report Transmissions
Unauthorized access attempts, alarm point activations, system troubles and the like can now be generated automatically and transmitted to their intended viewers via enterprise-based e-mail and/or instant messaging. Most systems will produce reports in standardized spreadsheet formats for manipulation ease.
Integration of Alarm/Event Outputs
A system-generated event, old-school relay or voltage trigger can cause programmed events to occur across the network. So the presentation of a valid access card at the back door can turn on the lights between the access door and the person’s office, while the activation of a toxic substance detector might close all doors into the affected area, with the access system now only allowing those authorized to deal with such a spill into the affected area.
Video Recording Triggering by Access Events
Valid or invalid credential presentations, alarm point activations, and other activities can trigger pan/tilt/zoom presets, video recording, and tagging of surveillance video files. Administrators can view a log of events, click on a suspect transaction, and view the video clip of a person entering/leaving a room at the time of the transaction.
Photo ID and Video Verification
When a user presents his or her access credential, live video can be immediately compared with the user’s photo ID picture on file. Do the faces match up?
System-wide Threat-Level Variables
In a similar fashion to the Department of Homeland Security’s color system of national terrorist threat levels, access system administrators can set global and granular presets, activating them via keyboard commands or other device activations. A red mushroom button can be placed in the security director’s office. When an emergency, such as a fire alarm activation, occurs, pressing the mushroom switch could possibly open all doors simultaneously, disable door contact alarms, and perform other life safety functions. If an armed, disgruntled employee is seen entering the building, security personnel can use a single command to lock down building areas.
Multiple Access Card Formats
Reissuing possibly thousands of existing access control cards already in the hands of employees is one of the key difficulties in upgrading access control systems. Third-generation systems from vendors can support a wide variety of existing access credential formats, and can accept different format cards swiped at the same reader. Let’s say that a client has two locations, with two separate access control systems that use two distinct formats of access cards. For those employees who need controlled access to both locations, the system can be programmed to accept those current access control cards at specific entry points at either building. Assuming that the old access databases can be imported into the new system, conversion to the new system requires no physical reissuing of access cards. This breakthrough technology can eliminate the costs associated with purchasing a new batch of cards, and also greatly reduce the cumbersome process of providing new access cards.
Some other access control features to consider are interfacing to elevator control, user-defined data fields, and the ability to enter cards either from a reader or by coding the cards’ format into a computer keyboard. Some systems provide a card format decoder, so existing cards can be read for their specific coding.
OPERATOR INTERFACING AND ALARM MONITORINGThe keys to client satisfaction with an integrated physical security system are reliability and ease of use. A properly configured system should provide security personnel with critical security information in a simple-to-interpret format that allows pre-emptive actions that can reduce negative impact on employees and enterprise property. Below are some features that can make a difference in third-generation integrated access systems.
Automated Scenario Responses
Live and recorded video can be pushed immediately to a guard’s PC screen or PDA, along with access and/or alarm activations. The integration of alarm inputs with access and building control systems means that if a specific event occurs, such as a high-security door being forced open, multiple commands to security-related devices can be transmitted automatically or on a guard’s command. The ability to pre-program system responses when specific events occur is critical, as upper-level security personnel can set particular response scenarios to their liking, and not totally rely on a highly stressed human guard to make the right decisions when a potentially dangerous situation occurs.
E-mail and SMS Event Notification
Most people, and all responsible security management personnel, are connected to the electronic world via their cell phones and PDAs. Guard service personnel shouldn’t have to go it alone when the physical security system goes into alarm. Third-generation systems can be programmed to deliver e-mail, voice mail, and text messages automatically when specific events happen, so that upper-level security personnel can be notified immediately of critical events. The beauty of Web-browser-based systems is that upon an emergency notification, management can access the physical security system from any Internet-connected PC, review an event or view real-time video, and control responses from anywhere in the world. If a building has been evacuated due to a terrorist or bomb threat, remote viewing and control of the security system is readily available.
Variable Alarm Responses Based on Threat Level
Simply put, as a situation occurs, the levels and types of responses to specific types of system activities can produce different responses. The detection of a secured door being improperly opened might cause a lower level of automated response during normal conditions, while the severity of response can be increased if the enterprise has received a bomb threat. Different sets of response characteristics can be applied to certain sections of a building, types of protected areas, or to individual input/output devices.
Temperature and Environmental Alarm Inputs
If we accept the fact that an enterprise’s most valuable asset is its data, then we also need to consider the multiple ways that the devices storing and manipulating the data can be slowed or damaged. Environmental issues are extremely important within telecommunications closets, where network switches, servers, and other devices are located. Sensors are available that can report the temperature, humidity, airflow volume, and the presence of primary AC power. These environmental sensors are then connected to the alarm inputs on access control panels, and appropriate responses can be programmed. Most UPS systems also can provide outputs for monitoring by an integrated physical security system.
VIDEO MANAGEMENTSurveillance video, whether live or recorded, is a critical component of an integrated physical security system. The latest generation of systems allows the full and seamless viewing of security camera views, while performing an important editing function. When properly configured, security personnel will only be presented with live video images or recorded clips at the instant they need to be viewed.
Integration with NVR Software Programs
To achieve a use-friendly integrated physical security system, security personnel must be able to view all access, alarm point, and live or recorded surveillance video from a single computer screen. Crucial responses to emergencies will be delayed if, for example, a system operator receives an alarm notification on the access control screen, and must take valuable seconds to call up a screen from the NVR to perform video verification. While the guard station may have a monitor array displaying various surveillance camera views, one computer screen must contain all current security system activities to enable prompt security decision-making by security personnel.
The access control system chosen for inclusion in an integrated security system must be compatible with a specific manufacturer and model of NVR to provide the one-screen scenario detailed above.
Network video recorders (NVRs) are software programs that accept IP video feeds, direct their storage to a hard drive array, and allow viewing access to authorized users. While some NVRs are appliances with the operating system, software, and disk drives housed in one or several boxes, some NVR systems are purely software run on a network PC or server with video storage directed to the enterprise network’s network attached storage (NAS). In either case the access control screen must have the ability to view live and recorded video, drawn from the NVR system.
With the marriage of the access control system and the NVR complete, security personnel can have one-click call-up of video cameras; with on-screen pan/tilt/zoom control buttons for moveable cameras. Access and/or alarm events can automatically bring up specific cameras viewing the location of a violation, and video analytics can also provide triggers for automated viewing of unusual occurrences.