Access Control Specification Guide

•Published May 19, 2016 13:39 PM

This 15 page report provides the most in-depth guidance on specifying Access Control systems you will find.

Specifying Access Control correctly can be tricky, because every opening has quirks and are prone to outside factors that impact system performance. Not only this, but what you don't specify can be just as problematic as what you do.

IPVM Image

Most access RFPs have serious problems. While they comprehensively spell out contract conditions and business terms, they are typically scant on relevant details about the system. Not only do they tend to be a random smattering of technical points, pulling them together into a cohesive system is often needlessly costly or may even be impossible to build.

The Big Mistakes

Most of the trouble specifying access has a root cause in one of the three areas below:

1. Incomplete details, where things you don't know can ruin your budget and system goals.

2. Difficult to build, where details that sound prudent may actually limit selection and significantly drive complexity to integrate.

3. Proprietary, where even generic boilerplate writes in choices that lock you into one vendor.

In this report, we address the best strategies to avoid these problems.

Doing It Right - 18 Key Specification Areas

The good news is that you do not need to be an expert to specify great systems. In the sections below, we cover the right details to include, how to include them, and how to avoid common traps through addressing these 18 areas:

Is This An Expansion or New System?
Determining Access Security Goals
Establishing Monitored, Managed, or Forensic Use
Identifying Other System Integrations
Which Credentials To Use
Defining Doors/Opening Detail
Defining Turnstile Use
The Importance of Door Position Switches
Defining Existing Locks/Hardware
Specifying Readers
Deciding to Use IP or Serial based Controllers
How To Use PoE For Powering Systems
System Edge vs. Centralized Architecture
Is System Networking Wired or Wireless?
Considerations For Using Existing Databases
Evaluating User Management Features
Using Special Features Like Time and Attendance & Mustering
Establishing System Maintenance Expectations

***** **** * **** ** *** common ******** ******:

Common ********

**** *** ****** ******* ***** ** well ***********, *** **** **** *** mean **** **** *** *** *** done. **** ** ***** ******** ** pulled **** ****** ****:

*** ****** ******:**** *** *************, *** **** ** including *** **** *********** **** *********** drive ****. ******* **** ****** *******, the ******** ** **** ********* ****. Take **** ******* **** *** ************** section ****** ******'* ****** ************:

IPVM Image

*** **** ** ******* ** ***** a ***** **** *** ***** ** the *** *****. ** ******* ********* door/opening ****, ******** ********, *** **** people **** ** **** ****** ** what ********** ***** **** *****, ** when *** ******** ****** ** ******** are *****. *** ** ******* **** descriptions ** *** *** *** *** system **** ** ****, ** ***** other ******* **** **** ** ********* with *** ****** ********.

*******, *** ***** ******* *** ** released ** ********** ***** * *** walk, *** *** *** *********** *** have * **** ***** ** ***** them ** ***** * ***.

******** *************:******* *********** ***** ** *** ********* of ***** **** ***** ***** ** economical, *** ***** ** *********** ***** choices ** **** *** ** *** bids. **** *** ******* **** * Police ********** ***:

IPVM Image

******* *** **** ******** **** ****** including **** ************ *** ********* *** is ***-******. *******, *** ** *** ambiguity ** ******** '****************' *** *** listing ** * ****** *********** **** of **** ********** *********** ****** ****** to ********** ** **** ******** ******.

******* **** ** ******** ** *** is ********* ** *****, ******* ** would ** **** **** ********* *** both *** ********* *** *** ******* to ***** **** *********** ******* *******. The ****** **** *** ******* *** proprietary ****** ** ****** *******, **** may ***** **** *** ************ ****** to *** ******** ******** *** ******* system. *******, *** **** ** ****** defining '****************' ***** **** ******.

Technical *************

**** *** ** ********* ******* ** include ** ***** ****** *************:

Defining ********* ** *** *******

** **** ****** ***, ** **** it ** * ****** ******** ** an ******** ******? ********* **** ******* will ******* *** *** ******** **** kind ** **** ** ***** ******. Due ** *** *********** ****** ** most ****** *******, **************** ** *********** non-existent, *** ** * ****** ** already ** ***** *** ************ *** best **** ** ****** ********* **** platform. **** ** ****** *** ***** expensive ****** ***** ********* ********* **** servers *** ******** *** ** ******* an *** ******.

**** ****** **** ***** *********** ****** mistakenly ****** *** ******* **** ****** incorporate **** *****'* *********. **** ** the **** ** ********** ** ******** system, ********** ** ******* **** ** the ******** ********** ** * **** that ****** ** **** ***** **** the *****. ******* ***** ** ******** tools *** ** ****** ** ******** existing ********** ***********, * ***** *** "********* ****** ******* *******" **** ********** ** **** ******.

Security *****

****** ** ******, *** *********** *********, is ** **** * ******* *********** of *** ***** *** *** ****** system. ******* "**** **** ******, *** facility ***** ** ******** ***-***** ***** from ******** *** ******** *** **** all *** ******* *********** **** ******** *****> ** *** ****" **** greatly ****** ***** ********* * ****** in ******* *** ********* ******** ** build ******.

************, **** ****** ******* ** ********** by *** ***** ** "**********", ******* where *** **** ********* ******** *** located ** *** **** ******************* ** ****** *** ****. *** deeper ********** *** ****** ** **** risk, *** *************: ****** ******* ************.

**** **** ********* ****** ** ********* is *** ******, ************ *** ***** groups **** *** ****** *** ****/***** they **** ** ** *** ********** of ****** *******. ****** ***** ***** goals ***** **** **** ******* ****** the ***** ******** **** *** ****** level ** ********** ******** *** *** stated ****.

********* *** ********* ***** ***** **** expanding ** ******** ****** ** ***** essential, ** *** ***** ** ******* and *************** *** ****** **** ****. Including * ***** ********* ********** '******** goals' *** ******* *** ************* ** a ****** **** ******* ***.

Monitored, *******, ** ********

**** ** ** ****** *** *** 'control' ******* ** *** ****** **** be *******. ** *** **** ** set ********** ** *********, *** **** only ****** ** **** ********** *********? Will ** ****** ***** ***** ******** monitor *** ******* ** ****** **/*/***? Or ** ** ****** ** ****** oversight *** ********** ** ******, *** farmed *** ** * ******* ******* facility?

******** **** *** *** ****** ** going ** ** **** *** ** whom *** ******* ***** ** ******** unused ********, ** ** ****** **** the ***** ****** *** ****** *** system ** *** ***** ****.

Other ******* ***********

** *** **** **** ****** ******* to ** ******** **** ***** ************ or ********* ******? ** *** **** a **** ***** ******? ****** * point ** ***** ***** *****, ******** with *** ******* ****/******/******** ** *** systems ** ** ********** **** ***** design *** ************ ***** ************.

***********

** *** ****** ** ***, ********* decisions ****** *** ** ******** ** the ****** *** ********. ** ** expansion ** ** ******** ******, *** answer ***** ******* ** ****. *******, in ****** ****, ********** ******** ***** credential **** ** ******* ******** ** from ***** * ****** ******** ********.

** ***** ** **********, **** ****** systems *** *********** ***********. ** *** past, *** *** *********** **** **** the ********, *** *** ** ******** concerns (**** ** **********) *** ******* storage ********, **** **** **** ********** by **.** *** *****. **** * cost **********, *** **** ******** *********** are *** **** ***** ** ******* than ***** *******.

** ** *********** ******* *****, ******** the ***** ******* ** ** **** security ****** ** ** ******** ***. How **** ****** **** ** ************? Should ***** *** ****** ** ******, or ** * **** ******* ****** needed? **** ***** ******* *** ***********, and ****** **** ** ********? **** about **********? **** **** ******* ******** factors *** ****?

************, ** ******** ******** ***** *** in ***, **** ****** ** ***** as * ************* ** *** ****** system. *** *** ******* *** **** to **** **** ******* *****, *** this ***** ****** *** ***** *********** cost ** *** **** *****.

*** **** *******, **** *** ******* on:

****** ********** **** ****** *****
************ *** ****** *******?
******** ****** ************** *****

Doors/Openings ******

********** *** ******** ** ** ********** is ******* *** **** **** * design *********** *** **** **** ********* management *******. ** *** ******** *** alike ** **** *** **** ***, and * ***** *********** ** ******* of *** ******* *** ** ** used **** *** ** ********* **** controls.

*** *******, *** '**** ******** ** an ****** ********' ** ****** ********* as ****:

"*** **** ******** ** * *** of ***** ****** ***** **** **** swing ***. ***** ***** *** ******** accessible, *** *** ***** **** ************* opens *** ****** **** * ****** button ** *******. * ****** ******** camera ****** ** ********** **** *** system ** **** *** ********* ***** are ******** ** **** *****. **** entrance ** ********* **** ** *** public ****** ******** *****, *** ****** be ****** *** **** ********** ** approved ***** **** *** - *** overnight. ************* ** ****** *** **** access ****** * ******* ***** ****** those *****, ********* ******** ***** *** delivery ******. **** ******* ***** *** opening:"

IPVM Image

****: ****** **** ** **********, **** a **** ***** **** ** *** opening ** ** ******.

***** *** *********, *** *********** ******** gives ***** ******* **** ****** ** observed ****** * ***** *** **** and ******** **** ****, **** ********, security ****, **** *******, *** ********* system *********** (*****). ***** ****** ********* is *** ******, ******* ** ***** details ********* *********.

*** **** ****** ** *** ** properly ******** ********, ******* **** *** doors, *****, ** **** **********, ***** the ******** *****:

**** ***** ******
***** ***** *** ****** *******
********** *****
**** ****** *******

Door ******** ********

*** ** *** **** ******, *** most ********* ******* ** ****** ******* are *** ******* **** ******** ******* the **** ** **** ** ****. While **** **** *** ** ** 'extra', ***** ******* ** **** ********* or *********** *** ** ******* *** current ***** ** *** ******* **** these *******.

***** **** *** ****** ** **** as '********', ********** ****** ********** ***** they **** ***** ******* ********. ***** our "**** ******** ******** (***) *** ****** Control ********" *** **** ******. *** ******** on *** ******* ******* ** ********** use ** *** ********, **** "********* **** **** ********" ** ***** *** ****** ******** that ******* ********** *** ****** ******.

Existing *****/********

IPVM Image **** *****, ******-***** ****** ** *** required, *** ***** ************ *** ******. Often ****** ******* ************* **** ******** mechanical *****, *** ***** ********* ** how **** ******* ** ********* ** invaluable ** ******** *** **** ****** of *******.

*** **** ****, * ******* ** basic ******* *********** ** ******: "*** **** **** ** * ***** (steel) **** ********* **** ****** **** a ***** ***. *** **** ****** out *** *** ** '****' ******* above **. *** **** *** ** locked ** ******** **** *** ******* of *** **** ** * *** only ****** ** ********. *** ******* for *******:"

*** ******* ******* ** ********** ***** or *** ** ****** *** ***** type *** ******** **** ****** ****, see ***** *****:

************* **** *********
********** **** *****
******* ********* *****
******** ****** ********* *****

Choosing *******

********* *** ***** ****** ** *** result ** ***** *********** *** **** and ***** *** ******* ** *******. From *** ******* ************ *** ****** of *** *****/*****, **** ********* *** be **** **** **** ** ******* and *****.

******* ********** *** ******** ************* ************** ************* ** **** **** ****** *** right ****** ** ********* ** ******* all *********** ****** ** **** ****.

*** ******* ********** *** **** ****** on ******** *******, ***** *** ****** below:

****** ****** ********* *****
****** ****** ********

IP ** ****** ********* *******

*** ******* **** **** * ****** together ****** ** ********* ** ******** cabling ** *** ****** ** ****. Hard ********** *** **** **** *** other *** ** ****** ** ********** is *** ******, ******** **** ****** systems *** ** ******** ** *** primary ******, * ***** **** **** continue.

** ******** ******** *** ** ** used, ****** *** ********* ** ******** switch ***** ***** ****** ********* ** expensive **********. ******* * *** ** floorplans **** ******* ***** ********* **** of **** ************* ** *****:

IPVM Image

** *** ** ********* ******** *** needed, ****** **** ** *** *******, main ***** *****, ** ****** ****** confirms **** *** ***** **** *** concurrent **** ********.

Edge ** *********** ************

** * ****** ******, ********** ***** door ******* ***** ***** ** *********. Most ****** ******* *** * **** of **** ********** ******* **** *** opening, *** ********** *********** ******** ** system ********** ***** ************* ***** ***** costs ** ****** ** ***** ******* being ***.

**** ** '****' ******* *** ****, all ********* *** ** ********* ****** locked ******* ** ******* **********. *******, making **** ****** ***** ** ********* for ***** ******* ** ******** ********** and *** ***** ***** ** *** properly ********** ****** **** *******. ***** reports ******* **** ****** *** *******:

*********** ** ******* ******
******** ****** ******* *******

Using ***** **** ********

** **** *****, ******** ***.* **/** PoE *** ** **** ** ****** power ** **** *********** *** ************ connected ******* **** ******* *** *******. Using *** ** ********* **** ********** and ****** ****** ********** **** ********, stand ***** ***** ******** ********* ** not.

*******, ***** *** *** ***** *** range ** ********* ******* ***** ** 'total ****-*******' ***** *********, ***** ** usually *** ** ** ****, *** the *** ****** ** ***** ** a ****** *** ******* ********** *** limited ** ***. ***** ******* ** consider ******* *** ****** ** *** controller ********, *** *********** ******* ******** maglocks ** * ******** ***** **** a *** ********** *** ******.

****** ******* ****** ******* ************* ** **-***** **** ** *** subject.

Wired ** ********

**** ** ***** ** *********** ****, hard ************* ** ***** ******* *** cause ****** ** ********* *** ****** or **** ** ***** ********. ********** if ***** ***** *** *** ******* used, *** ********** ******* *** ******* is *********, ******** ***** ******** *** 'stand-alone' ****** ** *****.

***** *** **** **** *** ** high *** * ****** ******** ****, the ******* **** ** ********** ******** devices ******** *** * **** ******* run ***** ** **** *********. ***** the ******* ***** *** *********** ********** with ******** ***** (*.*., ********* *********) could ** *********** *** ****** *******, they ***** ***** ** ******** *** in **** ** *********** ***** ******* expansion. *** **** ** ***** ************, see *** "******** ****** ******".

Using ******** *********

********** *** ******, *****-**** *******, *** database *** ***** *********** ****. ******** the **** ********** ****** **** ** made ** ******* ****** *** ************* explicitly ****** ***** ******** ******** *** already ** *********. *** "****** **** ** ******: ********" ***** ****** **** *****, *** the ****** *******, ** *****.

User **********

******** ****'* ***** *** * ******** aspect ** *** *************, *** *** where ********* ******** **** ** ********* is *********. ******** *** ******** '**** View' *** ********** ******* ***** ********* specify *** ********* *** ***** ********. If ********* **** ** ****/****** ***** in **** ****, ****** ******** ******* are ** ** *******, ** ** the ****** ****** ****** ********* **** the ***** ************ ******, ***** ************ should ** *****.

**** *** ******* **** *** *** actively *******, ** ***** **** '****** access' **** *********** ** ********* ** 'ID *****' ******** *******, ** ****** not ** ******* ** **** ** included ****** ******.

****, ** ******** ************ *** ** be **** *** ******* *******, *********** of ***** ******** *** ***** ************** should ** ****** ** ********* *** system ** ********* ** *********. *** more ******* ** *** ******** ********** piece *** ************ ** *** ******* features *******, *** *** ********* *****:

****** ********** ******** *****
*********** ****** *******

******* ********:****** ******* ** ****** *** **** than **** ********* *****. **** ******* include ******* *** '**** *** **********' logging **** *********** ******** * **** clock, ** '*********' **** ****** *** special ********* **** **** ******* * roster ** ********* ** * ********** area.

** ***** ******** *** *******, ** any ***** ************ ******* ******* *** core ****** ******* *********, ****** ****** be ***** ******** *** ******* ****** in ************* *********. ***** ***** **** help ******* **** ** *** *** and *** ** **** *** ************:

**** *** ********** ********
********* ********

****************

*******, ************** ****** ***** *** *** ongoing ****** ******** *********** ***** *** any ********** ******* ******** ******** ** keep *** ****** ******* *** ***********. Some ********* **** ** ******* *********** plan, ***** ****** ******* * ****** plan *** *** *** ********** ******* or **** ******* ** *** *******.

*** **** ** **** *********** ****** figure **** ****** *********, ** * system *** ** ********* **** **** initially *********, *** *** ********* ** unrealized ***** ** ********** *****.

Access ******* ************* ****

*** ********* ******* ******** * ******* of **** *********** *** ****** ******* to ********. ** ********* *** **** and ***** **** **** **** *** documents *** *** ** ** * starting ***** ** ******** *** ************ for **** ****** *******.

Opening/Door ****: Often best depicted in a picture. If not permitted, a short written description describing: Steel, wood single or double door? Right, left, or swing ‘reverse’. Glass opening? Turnstile?

Users *** ****: Average number of users during busy times, so that cycle times of locking hardware can be sized accounting to the busiest period the door permits access.

Opening's ******** *****: The high-level purpose of access control: “Restrict unapproved users from entering during overnight hours” or “Only residents with current rent payments should be allowed to use gym facility.”

Other ********* ** *** ****: Often best expressed in a picture, a snapshot or written description of the other hardware devices hung on the opening. Examples: “Closer on upper hinge side, vertical rod on upper strike side, and an exit device hung on the inside. Outside keyed access.”

Reader ****/******** ********: On the door frame (mullion), or on an adjacent wall? Are mounting surfaces suitable? Are they protected/sheltered from ice and snow? Can someone is a wheelchair or with limited range of movement reach the reader, per ADA (or similar)?

Credentials ** ***/******** ************** ******: Common Choices: 125 kHz, 13.56 MHz contactless. HID format, MiFARE/DESFire? 26,33,34,35 bit cards? Facility code needed? Is more than one credential needed at the door to verify the user?

Intercom ******?: If a user cannot enter the door, or if a visitor request entrance, can they page help or an attendant? Two two-way conversations need to be supported?

Lock **** ******: Choices- typically electric strikes or maglocks, but dictated by building code, AHJ preference, and type of hardware existing on the door.

System ******* ****: TCP/IP, Serial hardwire, wireless, or stand alone locks? If IP, are existing LAN segments available? Are cable pathways and data closets marked? If wireless, the signal strength at doors verified?

Controller *****: Choices- Edge or Centralized? Standalone or host dependent?

Critical **** ********** ********: What real-time features required? What type of reporting is needed? Will users need access from a browser or mobile devices? Are client workstations available?

Server *****/**********?: Do you have available resources in the server stack? Are they physical or virtual? Do you need your servers to host access locally or remotely? Including this ensures no ugly incompatibilities happen at the last minute. If a new server is used, will local IT resources be familiar with configuration and support?

Database ******** ******: Does you enterprise already use a standard database platform like SQL? If so, make note so the access system can plan to make use of existing rather than purchasing new or using a proprietary platform.

Special ********: Do you need Time & Attendance or Mustering? If so, does your hardware design support those features? Make note of the ‘other systems’ you would like access control to feed into or use like video surveillance or intrusion alarm.

[****: **** ***** *** ********** ******** in **** *** *** ******* / improved ** ****.]

Comments (5)

Tim Sisk

•May 13, 2014

IPVMU Certified

For pro-members how can we get a PDF copy of this Guide?

Ryan Sawicki

•May 04, 2020

IPVMU Certified

Great Article! Really takes into account all the things, large and small, that must be thought when bidding or planning a job. I think this article should be helpful for people trying to grasp AC( and what's involved) for the first time, or a pro getting ready to set up a new system or refurbish an older one. Very insightful!! Thanks for the write up!

Reactions:

Ng Choy Mei

•Oct 20, 2020

IPVMU Certified

A comprehensive write-up of the access control spec.

Reactions:

Jay Garner

•Apr 06, 2021

IPVMU Certified

This article proved to be a great help in a recent RFP I was responding to. The RFP was badly worded and many sections very vague. This should be required reading by every design/planning professional.

Reactions: