Building Enterprise-Class Access Control Solutions

Most technologies that communicate or transmit data are either moving onto IT networks or have already done so. Campus access control is no exception.

Because there are no wires to run for network or power connections and the reader/locking device are fully integrated, there is significantly less labor and material per door for a wireless access point. A typical wireless router can support 12 to 25 access points and can be installed much faster than the associated wired door panel components.

Some manufacturers’ products are so installation friendly that you can have an access point installed and fully operational on the wireless network in 30 minutes. The beauty of wireless is that it lends itself to much of the installation convenience of a standalone lockset while also enabling the centralized management convenience of being on the network.


If needs change, locks/readers can be easily relocated to another area with minimal labor costs. Also, for applications where a combination of networked and standalone locks are in use, there are wireless systems that allow you to manage wireless locks on the network and standalone locks off the network with the same software.

Wireless is not feasible or desired in some installations since for a wireless access point to be operational, wireless routers must be placed within range (e.g. every 50-300 feet depending on obstacles, wall construction, etc.). However, wireless may be the optimum solution for historical buildings and other retrofit applications where creating cable routes is not practical.

Smart Cards Are Smart Alternative
A virtual smart card network is a great compromise between a wired and wireless network that can provide much of the same functionality of both options with some additional advantages. The deployment of smart card technology like Mifare and DESFire (large memory, secure, read/write cards) using radio frequency identification (RFID) interfaces (as opposed to chip contacts) has made a virtual smart card technology network viable.

This differs in philosophy from traditional wired, standalone or even wireless system design in that the access control device responds to the role on the card, as opposed to the user ID on the card. This means that access points never have to be updated as campus populations change. Updates are accomplished by one or more wired access points that also serve as “charging” stations. They can be placed at staff entrances, break rooms, etc. As users move throughout a building, updates and audit logs are regularly transferred to/from the database via online and offline access points.

A smart card can also function without any wired access points. In this scenario, a bidirectional reader plugged into a PC serves as the charging station to read/write to the cards. Some systems offer higher levels of data encryption on the card to prevent data tampering; this is very important as once the card is charged, campus users must rest assured that nothing fraudulent can happen. Roles that are put onto the cards and digitally signed can be set to expire after a predefined time, forcing the person to go back to a charging station and refresh his/her roles and get any changes that have been made. This is a tradeoff between convenience and security.


The key advantages of this type of network are that you can centrally manage online panels, edge readers and intelligent offline locks from one application. The number of intelligent offline doors is unlimited.

The typical architecture of data on a smart card network consists of a network appliance, one or more wired bidirectional readers and an indefinite number of intelligent offline locks. The network appliance includes an operating system, database and Web server. It is preconfigured to be up and running in minutes with a Web browser. 

The smart card network approach is also a great solution for remote applications. Privileg
es can be written to the card at a central office location, and then when the respective user visits a remote site, the lock on that door will read the card and determine if access should be granted. If necessary, information can be transferred to an access point via smart cards in the network to no longer allow access for a particular card (e.g. employee is terminated).

From an installation perspective, the intelligent offline locks are even easier than a wireless network as there are no concerns about strength of RF signals, router locations, interference, etc. The incremental cost of adding an intelligent offline access point to the smart card network is only the self-contained lock itself.

Monitoring for wired access points is real-time, but is obviously not for the intelligent offline access points. However, for many applications this blend of wired and offline access points networked via a smart card is a very practical and affordable option.

Related Articles:

You Physical Access Control Cheat Sheet

Mark Allen is Marketing Manager for Winston-Salem, N.C.-based Kaba Access Control ( He can be reached at

Get Our Newsletters
Campus Safety Conference Ed Spaces Registration Open Promo Campus Safety HQ