It may not have the severe impact of video on a network, but IP-based access control systems can have a major impact on security application budgets, functionality and installation. As with all other converged technologies, the ability to utilize the IP network to any degree is a great benefit to integrators and end users alike.
Let’s take a look at a couple of different types of IP access control systems.
Network Footprint Is Small
The biggest difference between IP access control and IP video is the amount of bandwidth utilized by each. Because we are only sending small bursts of data back and forth (card holder credentials, door status, unlock commands, etc.), IP access control plays much friendlier on most networks.
Access control systems, even though used constantly, don’t really generate that much data on a regular basis, unlike streaming video. There will usually be some polling at regular intervals, and some bidirectional activity on a card read/door unlock. Most of the traffic generated by access control systems will come at programming time, as users are added and deleted, permissions and schedules change, etc. Even then, in most circumstances that traffic is limited.
There are a few types of IP systems to discuss: the IP-based controller, the hosted system and the fully distributed system. Theoretically, the latter would send the most traffic, as individual door controllers would all need to be updated. Still, it’s nothing to worry a network admin.
IP-Based Controller Type Systems
The IP-based controller type system is most like a traditional access control system. The central “can” on the wall hooks to the network, while the individual door readers and hardware still connect via Wiegand, RS422 or RS485 data links.
That “can” is usually the master controller/server, and readers can connect to it. In some products, the central controller hooks, via IP network, to sub-controllers or nodes, which in turn accommodate the individual readers. This distributes the the system farther out into the facility. These sub-nodes will also connect to the devices at the door.
The big attraction to IP-based access control is its use of Web- or HTML-based user interfaces. Instead of having software to install on a PC, these systems allow the use of most popular Web browsers. This reduces software and hardware costs, and provides flexibility on the type of PC hardware that can operate the system. Two popular systems that fall into this category would be S2 Security’s Netbox and IEI’s Emerge.
The Host With the Most
As with the IP-based controller type, a hosted access control system has a hardware controller on the wall to connect the readers and door devices, but it takes IP convergence a step further. Rather than a locally installed application for a user interface, the hosted solution sends all critical software components offsite, to a remote location or co-location (co-lo) facility, and provides a Web browser based interface.
Although remote hosting of data has already been embraced by financial institutions, large data firms like Google and Web site admins, it is a relatively new idea for access control. Benefits include labor and time savings by not having to install and configure software and set up databases. Also, the hosting provider will probably have proper environmental conditions in place, and robust backup, security and redundancy solutions.
Reach Systems’ ReachNet product provides this hosting functionality utilizing the software-as-a-service (SaaS) model. This concept has a software application hosted on servers on the Internet (as opposed to being installed on a local PC). This means while a user can have full access to the application as if it was installed locally, updating and maintaining is handled by the hosting provider. While the application itself is hosted on Reach Systems’ servers, access is provided via Web browser, in a similar manner to the systems we discussed earlier.
The last type of system takes advantage of the IP network farther out to the edge than the other types. I would call this a fully distributed system. This system eliminates the central controller device. Thus modules located at each door connect right to the network and communicate directly with one another.
Just as the hosted system provides labor and time savings with SaaS, the fully distributed system provides labor and cabling savings with the elimination of a central controller. The door modules connect right to the network and are Power over Ethernet (PoE) capable — meaning the only cable you run to the door is a single Cat-5e or -6. All other devices are wired locally at the door.
In this configuration, all modules talk to each other (for functions such as anti-passback) and retain a local copy of the database, and user interface is done by either an installed software application or, for very small systems, Web browser to individual modules. The Intelli-M system from Pelco offers this distributed model for 1-32 doors.
All of the above systems offer benefits for the integrator and end user alike. But no matter what the hardware configuration looks like, it is the use of the network that sets all of them apart.
Aside from the hosted product, remote access can be accomplished via several methods. If the controlling site is located across the private WAN, then contact with the system should be no more complicated than adding any other computer to the network. Technologies such as DHCP and Windows™ domain login can be fully taken advantage.
If the remote site where the system will be administered and monitored is via the Internet, a VPN (virtual private network) can be used. In some cases, a free dynamic DNS service can be used to allow connections no matter the IP address of the local system.