Preferably Lenel so we don't have to retrain alot of people... and yes I used the search function first... nothing popped up. Is Lenel not offering hosted service? Two integrators I've talked to are wishy washy on the subject.
Subscriber Discussion
Cloud-Based Hosted Solutions For Lenel, Or Other Access Control?
Brian Rhodes
Apr 05, 2019Lenel's 'hosted' approach for OnGuard is to 'roll your own', meaning you must locally set up a cloud-based instance of the platform.
The integrators you talked to are likely wishy-washy in part because of uncertainty in how to monetize the approach, as service and subscription fees are significantly based on how the system is installed.
It looks like UTC first announced this in v7.4 of OnGuard.
UE
Undisclosed End User #1
Apr 05, 2019Thanks, in my specific context, it is a Lenel system already existing, but instead of having to maintain our own server, we want to not maintain our own server. All the hardware and whatnot is already in place. The controllers and all that is already there. We just want to make that server go away.
U
Undisclosed #5
Apr 09, 2019Or you can go with Software House. See bland-basic AWS and UPD Hole Punching Network. The integrator owns the entire thing, the IT guys only worry about the Access and Video Thick/Thin/Mobile clients.
U
Undisclosed #2
Apr 05, 2019The cloud is just a computer somewhere else. Find a COLO, setup a VPN, and give them money every month.
UE
Undisclosed End User #1
Apr 05, 2019U
Undisclosed #5
Apr 09, 2019You make reoccurring revenue maintaining your deployments, integrations and services whether physical or cloud based.
UE
Undisclosed End User #1
Apr 09, 2019U
Undisclosed #5
Apr 09, 2019Unfortunately nothing is for free. Have your integrator breakdown a cost comparison between physical servers and cloud servers. If you are a large end user, your IT should have recommendations or build standards you might need to follow. Good Luck!
UE
Undisclosed End User #1
Apr 09, 2019Oh, I intend to pay for it, make no mistake. I intend for it to cost more than if I actually maintained my own server. Regarding my IT, they are the specific reason for me searching for this solution. That's as much as I'm willing to say while typing on their computer.
U
Undisclosed #5
Apr 09, 2019Yes the cloud is just someone else's machine but it still does not mean you can own it. See above post.
UE
Undisclosed End User #3
Apr 08, 2019If getting rid of the physical server isn’t the objective, rather everything that a server represents, what you’re looking for is ACaaS ... Access Control as a Service. This is essentially a cloud solution (no physical hardware aside from clients and feild devices) where the vendor or integrator maintains the virtual server for you, including software and OS patching/updates.
If Lenel doesn’t offer this, you can deploy in the cloud to get rid of hardware, pay your SSA for software support and then depending on the competency of integrators, contract out regularly occurring maintenance.
I’m going to be finding myself in a similar boat shortly, depending on which panels you’re using...if you stayed non-proprietary (not a Facility Commander migration), you could always consider switching to a software which offers ACaaS.
UE
Undisclosed End User #1
Apr 09, 2019If getting rid of the physical server isn’t the objective, rather everything that a server represents, what you’re looking for is ACaaS ... Access Control as a Service. This is essentially a cloud solution (no physical hardware aside from clients and feild devices) where the vendor or integrator maintains the virtual server for you, including software and OS patching/updates.
^^^^ This exactly.
UE
Undisclosed End User #3
Apr 09, 2019From the author of the comment you quoted above...
As an enterprise-level deployment when it comes time to replace my Lenel-family system, I’m seriously considering Genetec despite the cost that l’ll represent.
Reasons...
They’re one of the only offerings (I’m aware of) that actually offer a fully hosted and managed solution.
If you’re willing to invest and have executive support, they’ve got some impressive integrations and offer a unified UX so you don’t have to worry about a patch of one system breaking the API to another.
They’re a privately held company so you don’t have to worry about shareholders or multi-national conglomerates making business decisions which negatively affect your systems.
Canadian company vs outside of North America.
Open architecture and cyber security by design.
Have many enterprise, government and Critical Infrastructure clients...some with deeper pockets and stricter regulations than I...so they’re always beefing up the product with big-boy features that may be suitable to the little(r) guy.
If you have an idea for an enhancement, if they think they can commercialize it to their larger client base, they’re develop it and only charge you the purchase cost of the new feature.
U
Undisclosed #5
Apr 09, 2019Sounds like Genetec is your golden goose. Regarding cyber security by design, does anyone know if their Cloud Link Controller is still a windows embedded device? I thought there was a rumor this was getting flipped to a Hardened Linux Based OS. If so kudos to Genetec.
Has Genetec reached full penguin status? Anyone willing to donate a cloud link controller to defcon 27 this year?
UE
Undisclosed End User #3
Apr 09, 2019As for the golden goose, we’ll see, simply stating some of the benefits that appeal to me beyond simply buying a PACS and selecting the winner based on a miopic view and lowest cost.
UD5, any other cloud/managed solutions on the market your aware of? The industry is starving for this and I know I’m eagerly anticipating LenelS2 roadmap to see what they bring to the table.
Regardless of what product you pick, Cyber design is only as good as the application of good cyber principals and I personally wouldn’t trust a vendor on their word...prove it...at Defcon in a typical client deployment.
U
Undisclosed #5
Apr 09, 2019IPVM has many good reviews on access control systems, some which are easily retrofitted to the cloud. Either way you still have to estimate the current and future scale of your system along with all software/hardware dependencies such as other integrations/APIs/Hardware in production now or on the horizon. Is your system centralized or global? Global is a huge administrative question for both the end user and integrator support to deal with remote locations and time-zone differentials.
Is there a possibility you can deploy a pilot segment of your infrastructure for a real world analysis before making the leap?
All of the large hardware server based PACS; Lenel, Software House, Genetec are capable hosting in the cloud, with a technical nudge. Additionally there are technology designs that allow security integrators to encrypt all of the security platform to the cloud without relying on corporate IT resources or consulting. This is used in conjunction of the security manufacturer's hardware to route the system to the cloud.
There are turnkey cloud solutions, however I have never had any hands on experience with a cloud global enterprise system such as brivo or feenics with 2500+ card readers. Migrating Ccure 9000, Onguard to the cloud seems familiar as many of us have already been running in VMs for years. We killed the physical server and dongle keys in 2006.
The biggest problem I have with cloud systems adoption is the security hardware itself. For instance the access control panels have limited access and remote diagnostic utilities. Does not matter if it is Linux(Istar Ultra) or a windows embedded controller(old Istar Pro, Genetec Cloud Link) the issue is not have full access to the OS. I would like full SSH root access to all hardware, and not a LCD screen that stuck on reboot, hence technician truck roll. In the worst case if the budget is there, toss in a web controllable relay to RTFM with a altronix Linx, Lifesafety smart power supply etc.
Drifting off here so will end at this. I wish we could converge more applications to a single appliance with full replication to the cloud with either location able to run without the other for maintenance and unforeseen failure. Security as it's own network as it will never be secure when you allow entire workforce coexisting, I would rather have an encrypted demarcation between the two, less over night verkada systems that claim too much with no skin in the game.
Good Luck with your Genetec deployment.
Ryan Kaltenbaugh
Aug 02, 2019Hello! Interesting thread and topic. You stated you were “eagerly anticipating LenelS2 roadmap to see what they bring to the table.” Are you currently a OnGuard user? If so, we’d be happy to update you on where we are with this topic and we’re we are headed. Feel free to email me and I can connect you with the right individual. Ryan.Kaltenbaugh@LenelS2.com
SD
Shannon Davis
Apr 08, 2019Lenel fully supports moving the server to Microsoft Azure. Of course this isn't truly a cloud solution, merely IaaS. As of now the customer has to pay for the Azure connection. I have heard through the grapevine though there is a full cloud product is coming and being announced at ISC this week.
Rick Caruthers
Apr 08, 2019There are many ACS manufacturers that offer true "hosted" solutions. Make sure that you are not just being asked to have your server in the cloud with you maintaining the software and services. Look for those that offer complete hosting with all software support and upgrades as well as data retention and failover in one cost structure. If you cannot find what you are looking for let me know and I could recommend one...hint, hint....
U
Undisclosed #4
Apr 08, 2019You are sort of asking for two different things here.
1.) You're outright asking for a "cloud-hosted access control service." There are a few of these, but as far as keep your Mercury hardware you have at least two options that I'm aware of -- Genetec Synergis "Access Control as a Service", which is a fully-hosted cloud access control system where the database and everything sits in the cloud, and Brivo OnAir. However, buyer beware with the Brivo<>Mercury solution, as it is quite limited, to say the least.
2.) What you seem to be asking for is getting rid of the server. This is really "Infrastructure as a Service", which is Amazon AWS or Microsoft Azure. Put the server itself in the cloud and let Amazon/Microsoft handle your "server" going forward. There are other considerations to dig into before going that route, but it's a solution that works and solves the problem of having a bare metal server or a shared VM on a customer site. Also allows you full remote management of the system without requiring access directly to the customer's network -- but again, a lot of things to consider there.
UE
Undisclosed End User #1
Apr 09, 2019I am not asking for #2. I want no server to maintain, physical nor virtual. The existing one now is already a VM. All I want is an application interface, with someone else to be 100% in charge of maintaining the server, physical or otherwise.
#1 is right up my alley. Lenel has nothing like this? I remember in the IPVM AC class, there was discussion that these were becoming popular. Did IPVM learn me wrong?
Matt Leonard
Apr 10, 2019Have you looked at Feenics? They are cloud based and hosted...no server or software to maintain. I know they have a some former Lenel people on staff and could help with a conversion.
UM
Undisclosed Manufacturer #6
Aug 02, 2019Averics is a fully hosted option that might be worth evaluating. Also, I think Arcules is rolling this out very soon but not sure.
New discussion
Ask questions and get answers to your physical security questions from IPVM team members and fellow subscribers.
Newest discussions