The last major design I did was for an all IP access control system with "edge" controllers at the door. Two reasons: 1) this facility had a real shortage of space for mechanical and electrical equipment and there was literally no place to put centraliized controllers/power supplies; and 2) this facility will be owned and operated by multiple entities, each which may want their own separate access control systems in the future.
By using edge controllers, we can divvy up the doors between owners by IP addressing rather than through hardwiring or using some elaborate partitioning scheme. (or at least that's what I hope...:)
Not that I do a lot of work with access controls (little bit here and there), but all of what I've done to date has been with standard direct-connected setups.
To me, one of the major benefits of IP video is the flexibility it gives you in the infrastructure - no requirement to home-run every line, primarily. The ability to decentralize cabling and control. And in a pinch, the ability to simply plug into existing infrastructure, which while generally not desireable, highlights the core benefit: MORE OPTIONS in how to do things.
I see the same benefits to IP access controls :not needing to run EVERY. FREAKING. WIRE. all the way back to one central location, the ability to use existing networks (less of an issue as traffic will be negligible), and so forth. On other words, MORE OPTIONS.
Michael's example highlghts that as well - FAR greater control on a per-door/per-reader basis, and in fact, the ability to change that control on the fly, without the need for complex programming changes, or worse, physical wiring changes. Again, MORE OPTIONS.
I agree with reduced cabling costs and increased flexibility. Reduced costs: utilize the existing investment in ethernet. Where the client already has switches in the field you can run IP to them and rs485 to other components in that sector. Increased flexibility: with IP traffic you can use a hybrid network of ethernet cabling, point to point links and 3G modems to build your network.
The best advantage that we see for IP Access control is First - if the products can be powered over the ethernet as well. If the POE aspect of the lock controllers can also control the maglocks and door locks then this saves on electrical work required.
Second - if the access control is on the network and can integrate with other components of the building - such as lights and speakers then a policy can be created which means that sharing the network allows integration between these components. So for exmple a visitor arrives at the office. Lights are automatically turned on or increased in brightness and welcome announcement can be made through the speakers etc.
Third - With the IP Access control on the network - this can be integrated also with IP Surveillance and IP Telephony system (open and close doors from say a Cisco Phone menu after viewing mages from a camera and adding door open options in the phone's menu).
Fourth - When access control is on the IP network you can control entry to remote buildings from a central monitoring centre using video and door controls over the Broadband network with IP addressing.
It is all available right now - and with case studies at the netgenium.co.uk web site.
Most of this is installed usually by network and data installers as they understand structured cabling and POE infrastructures etc. They do not need qualified electricians for a deployment which means they can add other products into their typical bag of network and IP offerings.
The migration of PACS to IP strikes me as inevitable. Five years from now we’ll look back and chuckle at the old school serial protocols and home run configurations. When all the installers are kids who only know IP, and their buddies run IT, it may even be hard to find guys who know how to service the old 20th century PACS stuff. RS-232 and RS-485? Is there an app for that?
Can we back up and define what's meant by "IP access control" here? Are we talking "edge" controllers or are we simply talking about systems which connect to the server via Ethernet?
I'm curious who's still out there installing RS-485 based systems. The company I worked for pretty much stopped that in 2005-2006, latest. Were we really just that ahead of the curve?
Based on the pricing comparisons I've done in the past, edge systems with single door controllers are cheaper than centralized, at least if you look simply at the access hardware. HOWEVER, and that deserves all caps, because it's been an afterthought in a lot of edge systems I've seen, if you want battery backup, you're looking at either a large UPS or power supplies with batteries, adding cabling and/or hardware cost. Of course if you're using maglocks additional power supplies are often required (though I've run Securitron M62s off of HID Edges for years without issue).
All that being said, I still generally prefer the distributed system, powered over Ethernet. Installers just need to be aware of the drawbacks and potential security/life safety issues, which I don't think a lot of IT-centric integrators are.
You want IP because you don't ever want to here this:
"You want me to go into the CIO's office after I finish the VoIP phone audit and ask him for a million bucks for somebody to pull serial cables to run the door locks. I guarantee the CIO is going to ask why don't you ask the structured cabling vendor who just finished the phone install if they can handle it."
And I own 5 RS-485 USB converters all attached to Virtualbox Linux VM's and Raspberry PI's. Not an app, but quite sufficiently close to have street cred in the twitterverse.
You want the appriate infrastructure for the situation, and the default answer is IP, even when you have to explain you can only run RS-485 out to the front gate (unless they want to spend an extra $97k on that one door lock.) You have to be literate about that "default answer is IP" bit. I realize all you badass physical security people in this form know lots more than I about front gate door lock options.
Brian, (Disclosure: My Firm, The Centurion Group represents ISONAS)
IP based Access Control Systems such as ISONAS have multiple justifications for an end user to implement such as:
Reduced installation cost, no panels to cut in or extra wires.
More advanced technology, IP based readers are directly connected to the network and are able to "Call Home" from remote locations.
Strong VMS integration
Connect Directly to your existing network.
The biggest attribute customers like about IP based systems is there is no extra labor/product cost for composite wire, panels, powers supply's and transformers. I have found that most organizations IT departments typically prefer an IP based system because their buildings have an existing network infrastructure that an IP Based Access Control System will connect to with relative ease.
IPVMU Certified | 02/24/14 05:31pm
Hello Dan, I have a few followup questions/comments for you:
- "Reduced installation cost, no panels to cut in or extra wires."
I still have to find a place to stick my controller and cable them together agreed?
- "More advanced technology, IP based readers are directly connected to the network and are able to "Call Home" from remote locations."
"Advanced technology" sounds like blibbety blab sales speak. Even serial-based systems can be connected to the ethernet through inexpensive devices and are remotely accessible through standard VPN or remote access utilities. No magic 'IP-only' properties here.
Again, this is not guaranteed by using IP based systems nor is exclusive to IP access.
- "The biggest attribute customers like about IP based systems is there is no extra labor/product cost for composite wire, panels, powers supply's and transformers. "
I think what you mean is 'there is no separate network/cabling needed aside from an existing LAN with PoE', but calling it 'no extra cost' is not accurate since access control consumes infrastructure that would otherwise not be needed. Does that sound right?
Every Access Control System requires the installer to "stick the reader and cable together," with ISONAS there is only (1) ethernet cable per reader meaning no extra wire runs back to a panel or power supply. No panels, modules at the door etc. are another key component to a Pure IP Based Access Control System, with ISONAS an installer can put in 7, 70 or 700 readers without cutting in any panels. When integrators install larger projects, the more panels, "inexpensive devices" and wire runs to power supply's start to add up to a typically higher installation cost.
The "magic" is in the reader, one of the main components of the ISONAS patent are the ability for each individual reader to work in local mode if the network goes down. Each reader also supply's 600Milliamps of power so that most electronic locks/strikes and some mag locks can be powered directly at the door.
Yes, there is no seperate network/cabling needed aside from an existing LAN with POE. This infrastructure cost is often very minimal due to so many end users having existing equipment/network connections available.
These claims are not exclusive and the redundancy and pass through power are just components of their patent as mentioned before. Since you deemed my information was a "naively spun sales pitch" then please accept my apologies yet end users do care about what I listed above.
There are several distinct features of the product I spoke about above in respect to the question's asked. And no, other manufacturers do not have all of the same features. Your question is easy, here is the answer.
Please name one or a few IP Access Control manufacturer's that can do all of the below:
A. Handle 7, 70 or 700 readers without the use of a panel/multiple panels/module above the door and works both indoors and outdoors.
B. Do not charge for software or have license fees.
C. Supplies 600 Milliamps, .6 Amps of power at the reader.
D. Works completely POE, no need for an outside power supply.
E. Works in local mode if the network connection is lost
F. The Reader/Controller/Power is in (1) Device.