Access Control Upgrade

i would appreciate your advice on the access controllers and readers choice.

In general, a platform using Mercury Security controllers avoids some risk of lock-in to a single platform due to a huge swath of the access market using it.

Our post Axis vs HID vs Mercury Access Controllers may be useful to get an idea of options using that hardware, including this chart:

In terms of BLE/NFC readers, migrating to HID iClass is common per our survey results Favorite Access Control Reader Manufacturer 2018.

One note though, is the several respondents mention the BLE module in iClass readers can be problematic. Not all report problems, but especially with early models it was an issue.

This is where many will disagree but with this many branches and users I would personally use a true server/database system. Now that doesn't mean a box stored somewhere in an IT closet either. Use a system with Mercury controllers as well. Not sure what systems you can sell though. Lenel for instance now officially supports Microsoft Azure but could be used with Amazon AWS. Using IaaS then your chance of downtime goes to a minimum. With the BlueDiamond readers and credentials you will have better success than say HID Bluetooth when you finally implement the mobile credentialing part of the system.

With all that being said you will need to be a Lenel dealer.

Hi Dennis,

We did a college with 20 sites and around 1,500 users using ICT (https://www.ict.co/Solutions). Their card readers are MiFare/Desfire and you can get readers that do both MiFare/Desfire and 125kHz to bridge people over. It also has the capability to be a security system to house both systems on the same platform.

The furthest site is 350 miles away from the main server, all communication is over WAN. Each site has a controller with expanders.

Another idea is OpenOptions (https://www.ooaccess.com/). They are Mercury-based, the software is pretty good and you can use HID readers for MiFare/Desfire. I have yet to use them, but they have made pretty good pitches and are willing to work with you quite readily.

Best of luck!

the only concern with the SaaS-based systems I have is if they go bankrupt, I'm screwed. With the old-style client-server system, the customer can at least keep using the installed system. Yes, no support from the vendor, but parts will be available from ebay, for example.

You could go cloud with one of the vendors that offers the same software for on-premise that runs in the cloud. that way if they go bankrupt, you can still carry on.

Have you considered or spoken to anyone with ISONAS, we just rolled out a 32 location system, the client loved it and the system performs fantastic. Especially since every reader and/or IP bridge used for Wiegand Readers, automatically connects to their Pure Access Cloud platform that is hosted on AWS with no port forwarding. They too, offer the same software that can be hosted locally or on the clients own instance of AWS.  The 3 Floor Elevator Access Control using there IP Bridge (3 Door) version worked flawlessly.  Overall, I was extremely pleased, as was my clients, with the overall Solution that they provided! 

Happy New Year, This is my last rant on IPVM for all trunk slammers and design-o-saurs.

Since everyone is yapping about Mercury systems I thought I would be the DA(Deviant Advocate). Here is some brief, Beer felt notes along with some circles and sticks to indicate another approach to the all in one NVR kit, lenel(lol VMSer) /security slammer.

Most importantly, this is all in fun and I want you to have this perspective. So I will depict a simple MSP end-to-end ACS/VMS solution for a small customer that only needs 3-7 readers along with 5-12 cameras nationwide at 50 locations. The point is..BYON.

Build Your Own Network. Sell those IT services. This is just a generic model, it is simple dead network WAN. Here are some notes, diagram below. 

For all of you MR50, MR52....RS-485 splicing add on boards. PFFT. Shame on you. The below is a proprietary system, it can easily be a Mercury platform(so everyone can compete on it). However it is just a thought, a simple system at the end of the year for all you mercury lovin nerds to hate on. 

You will find the future of installation technicians is going to be IT. That dolphin splicing, can't wire a relay to save his life will no longer be sought after.

Before hating on proprietary systems, understand someone has to bring the alternative since the rest of the thread(s) here and elsewhere are usually mercury favored. Cheers, this 12 pack of tasty IPA is all but done and I will see you in 2019! (UD#5).

1.       PACS runs entirely off LTE. LTE can be dual WAN such as Verizon, AT&T (failover redundancy).

2.       Integrator maintenance performed via LTE, diagnostics, SMTP, SNMP, Firmware etc.

3.       LTE network is private, the connections are PACS data source = NIC #2 of iStar Ultra Network and NIC #2 of local VMS server. Local VMS NIC #1 is the only remote connection to the Corp WAN, this is for streaming/accessing live/recorded video from the remote location.

4.       This is for a small site, say 8 readers and 10 cameras. No massive VMS Xeon Gold needed to process 5-10 cameras. NAS storage is cheap and easy to build and the integrator should learn how to do it. It is an option rather than using an all in one unit or a VMS server building vendor.

5.       Integrator manages the VMS, NAS, Private Network Switch, LTE routers, IP-ACMS, IP Cameras and all other devices added to the network.

6.       Scale the system as needed. A local hardwired panel can be installed for elevators, gates, maglocks. A more powerful VMS server can be installed to support 100+ cameras, Analytics etc. Make sure all devices can be managed remotely down to power cycle reboot over the WAN via power strip or smart power supply modules, Lynx, Life Safety Power or Netbotz.

7.       Add Raspberry Pi for more network diagnostics tools such as nmap or wireshark.

8.       As the integrator scales into IT adding and supporting stronger firewall rules even further security configurations are possible, you just need to learn how to do it.

I currently manage a large system in the midst of an upgrade to multifunction reader technology, we have 35000 employees and 3000 readers. This said do your home work I mean look at who has the best customer service reputations, easy to support yourself in-house. Systems don't necessarily need to circle the earth but yes get the job done.

I have several systems of the same you describe heterogenous. This is the problem I face,  who do you go with, who will be here 10 years from today.  I selected one badge the HID SEOS I-Class, it has multiple technologies on it and might even be able to run on some of the systems you have until they get changed out. The smart phones etc. will also take a credential from HID. The technology is the latest HID has.

I have one access control system that is centralized, it can be utilized at each of the facilities if need to be. User friendly been around many years but not utilizing the cloud like some of the others talk about, so what  the cloud brings its own risk to your system.