The potential for IP access control at the edge has been talked about for a few years now. It has taken a while for networks to become practical for these applications, but now that they are, manufacturers predict a major change in the way access control is installed, serviced, controlled and distributed.

“Edge devices, honestly, are not that new,” says David Barnard, director of dealer development, RS2, Munster, Ind. “But they have really started to gain acceptance and traction as the IT industry has matured rapidly over the last several years, making edge devices much more viable.”

The reason for that is that IP edge devices rely heavily on the existing power over Ethernet (PoE) capabilities inherent in a company’s LAN or WAN. When this capability is there, the simplicity of plugging into the existing network – instead of running multiple wires and cables back to a central location – makes access control edge devices very attractive to dealers and their customers.


What does this mean? “Edge devices are a subset of IP access control,” says Dennis Geiszler, vice president of marketing and international sales, Keri Systems, San Jose, Calif. “They are controllers or readers that use the TCP/IP network as opposed to a traditional RS-485 network loop between controllers. They then use the Ethernet to communicate from controller to controller, or controller back to the host.”

IP devices are network-based, first and foremost, says Dave Adams, senior product manager, identity and access management, HID Global, Irvine, Calif. “What I mean by that is it is a network appliance that happens to control a door. It reads cards, opens the door and monitors the door. There are a lot of IP controllers that are really serial devices first and have been adapted to the network. True IP access is something that is designed to first be on the network.”

Rick Focke, product manager, Software House (a Tyco Int’l Company), Lexington, Mass., agrees with both statements. “IP access means the panel doing the controlling has native IP Ethernet connection. IP edge access control, by my definition, is mounted at the door doing the controlling at that door.”

Mounting is accomplished in one of two ways: either a controller/reader combination installed outside a door, or a separate controller that controls one or two doors, but is placed on the “secure” side of the door.

“There are two distinct use cases,” Focke says. “One is they want to have a secure device on the outside of the building, so they split the read head and controller device. The second is not as critical and they can put all the functionality into one IP reader that gets mounted on the outside of the door.”
There are benefits to both, Adams says. “The integrated reader/controller is a very, very slick installation, with the ability to get people up online much quicker and with lower cost of ownership. With the controller base, you have a more secure solution where you are able to put the controller on the secure side of the door and not expose that equipment to the unsecure side of the door. It takes a little more time to install.”

Either method results in the same end result, he adds: “Now you are monitoring and controlling the door strike, opener, request-to-exit all right there at the door. That is what I mean by true edge devices: doing it at the door.”


The newest IP access edge devices are smarter, more flexible, scalable and more powerful.

For example, HID’s next generation of its Edge product, EdgeEvo (scheduled for launch in 2010), is designed to be modular in design, giving dealers and end users more options but only what they need. EdgeEvo uses Hi-O bus technology to provide this modular architecture, Adams explains.

“The end user is only going to have to pay for what they have to do today,” Adams says. “They may only want basic brass-key-replacement access control, and this can be a very simple edge reader with the means to control the door strike only. If they want to add more sophistication later, they can add it right onto the device.”
infinias, based in Indianapolis, recently launched new software to control its IP edge devices. “This software offers much more scalability, says Wayne Jared, president of infinias. “It’s easier to scale up. Adding more access features and more capabilities allows them to move more up-market in terms of sophistication.”
Geiszler agrees about scalability. Keri’s new NXT controllers offer more flexibility in terms of configuration. “They have a lot of power. This is a real access control system with lots of memory, lots of card holders. They can be used for everything from simple access all the way up to enterprise class. They can use whatever suits the needs of each location. They can string hundreds of these together so as long as they can talk over Ethernet back to the host they can be connected anywhere – as long as there is a TCP/IP to get to them.”
With the recent ratification of the PoE Plus standard, systems are bound to get more powerful, as well. “PoE Plus lets you do two doors per device,” Focke says. “You can do a lot more powering of higher current read heads. Things are getting smarter. We are not having to compromise by going to small devices at the edge.”
In fact, Software House’s iStar Edge is already taking advantage of this. “It’s a two-door, two-reader device that operates on PoE Plus,” Focke says. “It has the same feature set as the iStar family we currently have so the customer doesn’t have to compromise. They can do extended card formats, anti-passback, advanced clustering be-tween controllers. There is a continuum of features.
“The first few jobs we’ve had are larger systems where they designed the building from scratch to use the net-work as a backbone. But smaller sites are interested as well, because they have networks, too.”
PoE Plus will also allow for higher outputs, Barnard says. “One common problem with edge type devices in the past is very few devices such as electric strikes or locks met the standard power requirement for the device to be able to support it. Now, with PoE Plus they are boosting that output and that opens up a window for more locks that will be compatible.”
Adams agrees that “PoE Plus is a great thing. Now we are going to be able to more cost efficiently add more services to the door. All these things take power. Now, HID Edge devices have sufficient power to be able to run the lock and the motion detector. Going high powered means we can start adding additional devices and services to the door.”


Manufacturers estimate the current market share of IP access edge devices is between three percent and 15 percent. But all agree on one thing: it is growing fast.

“I would say that about 10 percent is fairly accurate, but that is probably up from three percent two years ago,” Barnard says. “It’s definitely gaining steam. I would envision that we might see even as much as five percent growth in the next year or two.”
Jared at infinias has seen a significant change in industry mindset regarding network devices. “I have been in this industry for about four years, which is not a long time. When I entered it amazed me how little people in security thought of networks in terms of reliability. That has changed dramatically and in turn that has accelerated edge devices. Companies have spent a lot of money building solid infrastructures from an IT point of view.”
From an end user perspective, that means that the demand for edge devices can only increase, Adams says. “The idea is really starting to take hold with end users, who are now more and more saying ‘This makes sense. This is what I want. Please give it to me.’”
Future edge devices will perhaps do more than access control, in part due to PoE Plus capabilities. “I think you will see more and more functionality at the door,” Focke says. “You might see a convergence of audio/intercom systems in edge devices. Other trends include smaller and smaller devices that can be put in a lot of different flexible locations and more wireless products.”
Brian Lyle, director of sales, PCSC, Torrance, Calif., sees wireless as an emerging trend as well. “The future of IP at the door access is evolving. I think the next wave is becoming wireless at the door from the Ethernet perspective. Five or 10 years ago everything was hardwired. Now, wireless network infrastructure is more and more common. I think we will build devices to become wireless at the door moving forward.”
Doing more could include areas not access control or even security oriented, Adams adds.
“I think in the future we are going to see incredible changes in the way this is set up. Devices will be set up by systems that aren’t today really considered part of access control, like business analytics, people-counting, voice and video.
“I see us being able to monitor the health of things connected at the edge as well; for example, being able to talk to a door strike and ask how many times it has opened up that door to do preemptive maintenance. Edge devices are a great data-gathering point.”

Are IP Edge Devices Changing Traditional Access Architecture?

If IP access control edge devices fulfill their potential, the way access control systems are configured could alter dramatically. Gone are the central hosts and panels and multi-door systems. Edge devices are at heart one- or two-door systems – with the capacity to link endlessly to form an enterprise-level system.

Already some manufacturers are looking at things differently than in the past.
For example PCSC’s IP access at the door product features “fault-tolerant” architecture, says Brian Lyle, director of sales, PCSC. “Our product line takes a different look as far as the architecture of stan-dard IP at the door devices. What we have seen in the marketplace can jump on the network and feed directly back into the software: software-network-door. We have put software devices in the door for a fail-over perspective. This allows the capability of fail-over to another controller to allow it to continue to function.”
This capability could lead to a whole new way of thinking about systems, adds Dave Adams, senior product marketing manager, identity and access management, HID Global. “In the past we required a host to manage all communications between edge devices. Now access control is catching up with IT to create virtual realms of edge devices able to interact with each other.”
Rick Focke, product manager, Software House, thinks a whole new architecture is needed to manage this different type of system. “One of the side effects of these more numerous, smaller devices is that where once you had 16-reader panels and maybe 200 panels, with IP edge you may have 1,000 devices. If you have 1,000 or 5,000 readers going back to one host, that is a big bottleneck. Customers want distributed architecture of these hosts. The first step is a site server that manages a small cluster of edge devices.”
Eventually centralized control could become obsolete, says Greg Hetrick, marketing manager, PCSC. “The central controller might go away and you will have smaller door modules talking to a network. I could see central controllers vanishing.”
Adams adds: “Whether two-door controllers or one door, we are definitely seeing more and more manufacturers producing network hardware that can control that. I welcome them all because it really does support the whole notion that this architecture really is the most secure and the most resilient.”