Networked Access: A Logical Progression

Along with the logical convergence of video and IP networking, another systems technology is rapidly leaving the traditional hardwired realm for the IP network -- access control.
Published: June 20, 2010

Electronic access control is yet another technology that lends itself well to a network infrastructure, even more so than video in some ways, as we’ll see.

Panel Concept Expands to Edges
The first generation of IP access control products basically took a standard system and added a network interface jack to the panel, allowing them to attach to the network and communicate with the database server, instead of using another hardwired data connection. Things changed relatively quickly.

One of the reasons access control plays so well on a network is because of its small bandwidth requirements. Access control systems send relatively small amounts of data, and only when necessary. Simply verifying that a set of credentials is allowed to open a certain door doesn’t take much space on a network. By contrast, a digital video system is pumping large amounts of video constantly.

One of the big problems with a traditional access control system is what to do if a central panel dies. If the database server goes offline the panels usually store some level of information so the doors and readers can still be used. If a panel dies, however, all bets are off. Most traditional readers are not equipped with built-in intelligence to allow the units to continue functioning.

——Article Continues Below——

Get the latest industry news and research delivered directly to your inbox.

With an IP network, however, more information can be pushed out to the edge, or endpoints of a network. Instead of an RS-485 type of data bus out to the door, you can now have the full capacity of an Ethernet network. Now the information needed for the system to make access decisions can be right at the door, a concept called distributed intelligence.

Distributed Intelligence Devices
One of the first products to take advantage of distributed intelligence and edge network processing is the Intelli-M module, by Infinias. Intelli-M originally was a small device connected by a data bus that went out at each door and had all the database information contained within each unit, meaning a central panel was not needed. All of the hardware could be connected directly to this module at each door, which limited the cabling to each door to just power and data bus.

Intelli-M was a natural choice for IP networking. At some point in its evolution, an Ethernet jack replaced the data bus connection. It was also powered by power over Ethernet (PoE), so all you had to do was run a single Category-6 cable out to each door, attach the module and hook the door hardware up to it.

This elimination of miles of cabling was one of the biggest benefits of a converged IP/access system. Of course, more IP enabled products weren’t far behind.

HID Global, was quick to answer with a full line of IP access control products, including the EdgeReader. The PoE-capable device has all the connections for door hardware built-in, like the Intelli-M module only everything is integrated into the reader itself.

Another unique entry comes from Paxton Access, with its very cool line of wireless controllers – the Net2Nano. These products use a secure, proprietary wireless protocol similar to Bluetooth to link door controllers together and then back to a wireless bridge at the database server.

These systems have one major thing in common: All of the intelligence is out as close to the door as possible, eliminating major central points of failure. The key concept is even if the network goes down, all of these door modules and controllers retain local copies of the access control database, so (barring power issues) the doors will still function. No changes can be made until network connectivity is restored, but the building will still function.

Upgrading Easy, Benefits Many
The migration of a traditional access control system to an IP-based system can also be pretty simple. Assuming the existing readers use a common standard like Weigand data codes, the existing panels can be replaced with IP access controllers fairly easily. You wouldn’t get the benefit of the distributed intelligence at the edge, but having an IP-based system would make it easier to do advanced functions like integration with IP video systems and multisite anti-pass-back, which means a single credential can’t be used to enter a building in two different places until that same card is used at an exit reader.

As with IP video, networked access control gives us another benefit that had been very difficult with traditional systems: the ability to control and manage a system (or multiple systems) across the Internet. If a user in New York needs temporary access to a location, permissions can be given from Los Angeles. Using secure connections like virtual private networks (VPN), a multisite organization can very easily concentrate its access control monitoring to a central location. Even if the systems have different hardware, if they meet certain standards, there is a good chance the equipment can be upgraded or might just work as is.

With IP access control, costs decrease and benefits increase, especially as more centralized, software-based video and security management systems see implementation. Moving the intelligence for access decisions out to the edge gives you a more resilient, flexible and affordable system. Once the core system is in place, new features such as visitor management, vehicle tracking and smart card point-of-sale can usually be added as software plug-ins.

This article originally appeared in Security Sales & Integration magazine, a sister publication of Campus Safety magazine.


Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series