Upcoming Access Control Class - Your Input Needed!

We are planning to run an IPVMU session on Electronic Access Control this Spring. As we work to finalize content and the topics covered, we'd appreciate your feedback on the outline for the class:

Here is our notional outline:

1. Life Safety Rules / Regulations / Codes (1 session): General overview of the code fundamentals that dominate system designs and specification.
2. Door / Locking Hardware (3 sessions): Discussion of EAC electrified locking components of door hardware.
3. Readers (1 session) - Discussion of the reader types available, and how they are best used.
4. Controllers (1 session): Discussion on the function of door controllers and how they integrate into network/power utility.
5. Credentials (1 session): Overview of the major types used in EAC systems, including emerging types like NFC.
6. Networking (1 session): Review of wired/wireless connectivity, and the role of cabling types.
7. Site Surveys (1 session): How to properly evaluate a facility for installation of an EAC system.
8. Access Control Management Software (3 sessions): Overview of the different parts of a typical management system, general function of each, how they interoperate, and the resulting impacts to the end-user.
9. Upgrading / Migrating Systems (1 session): What happens when the end-user wants to change or migrate to a different system? This session covers the scope of that task.
10. Biometrics (1 session): Discussion on biometric credentials/reader types, their relative advantages/disadvantages compared to other readers, and where they are best applied.
11. Managed/Hosted Access (1 session): Review of the structural differences between managed/hosted access and traditional 'panel based' counterparts.
We would like you to review and offer your thoughts on the range of topics, and give suggestions on what you think should be added.
Thanks!

cloud based access control system / visitor management

Hello, Velayuthan:

Thank for the suggestions. We plan to cover cloud basted access, also called 'hosted/managed' by many vendors during our class.

However, we will not be covering visitor management systems in depth. What about those systems in particular are you most interested in? How they integrate to access systems? Design criteria?

Thanks,

Hello Brian,

Visitor management system can be integrate with access control system in many ways...

online visit booking / visitor's cards will be ready in advance / saves times where huge number of visits

staff can send visiting person info to security control room in advance to prepare the visiting card in advance

can send msg/mails to the visiting person well in advance if online booking

Even for meeting room booking also can done through access control system

I am glad this is coming...

Sure you have following covered among topics but just wanted to give you some suggestions.

1. What is the objective of the course (Video course aimed to infuse expertism in video surveillance); personally prefer depth in subjects to a level required by designers, and also sufficient troubleshooting content required by support engineers.

2. Assoiated protocols (RS485), Wiegand, F2F, etc

3. Smart card technologies (mifare, hid, etc)

4. Different Access Control Systems (e.g. Salto SVN)

5. Common faults in access control hardware (locks, controllers, readers, cards, etc)

6. High availability in access control systems (back up servers, etc)

7. Interfacing and integrating with different security systems (fire, video, etc)

8. Door types/frames, locking/egress hardware and how to select

9. Acees control hacking and avoidance

Hello, Heron!

The objective for the course is to provide a general overview on the major components used in an access control system, a look at major installation/design considerations, and a survey of major credential types.

We will also take a look at operational 'best practices' and even the steps to take when faced with an upgrade/changeover.

It is not the point of this class to take a deep technical look at vulnerabilities like 'hacking', or to take a deep look at individual systems.

This class will be structured similarly to our 'Advanced Video Surveillance' offering that has shown to have a high degree of value to a wide swath of our readers. We certain have already discussed 'mini-sessions' that cover particular elements in greater depth - but for this access control class, we are covering a broad range of subjects.

For example, I expect this class covers your #2, #3, #5, #6, #7, and #8 points, but not #4 or #9 in detail.

Thanks for the great questions!

Hi John,

I would find value in a topic like 'Leveraging Access Control Systems' It could explore ways to give the customer a value add by utilizing the system for more than just security. Items to address could include:

1. Integrating Time & Attendance

2. Child care check in and check out

3. Billing customers based on their time in and time out.

Just a thought.

Brian S, Brian R, certainly we should do posts on these topics. Whether or not we can fit it into an N week course we can decide later.

Integration would be interesting if it isn't already considered. Great topic btw!

Hello, Brian:

I agree that those 'other applications' are the source of untapped value for many EAC systems. Once people realize they have a set of permissions-based I/O at their disposal, they start thinking of all sorts of integrations. I've seen endusers use their systems to dispense gasoline, control industrial machines, issue medical supplies, and even use EAC as a form of maintenance 'lock-out' padlocks.

I think our plan is to have a short series on these special applications, but our basic class will only touch on the concept.

Brian,

My first reaction was Life Safety rules, but I see you have that covered. Is one day enough? I would like to see VERY in depth coverage on that topic.

Hello, James

The logistic problem with Life/Safety is that we will have a significant number of attendees from outside the US. Their respective regulations will be close in intent to NFPA/IBC/UL etc, but it does seem unfair to many to test on regs that may not be adopted in their local area.

I totally agree with you, and think an in-depth look at regs and rules would be useful. However, I think that deeper look may come in a smaller type of seminar that we offer later.

For this class, we will cover the 'intent' of Life Safety regs, but the deeper look will come in a more region-specific and more focused offering.

Thanks for the feedback! I hope to see you in the class.

James, I am sure Brian is thrilled to hear you say that! We've been discussing that internally and he's been strongly in favor of more time on it.

Brian, it might be worth opening a discussion about what the life/safety codes/regulations are outside the US? We have thousands of members outside the US, we'd likely get a few good responses that would help us understand differences.

Good idea. I've created a new topic asking that question: Life Safety Regulations: Who governs your area?

Brian,

I'd just teach to the most restrictive code on a particular topic (be it US or non-US). We could discuss specific derivations that we know of in class, and test questions could just be phrased "some AHJs require that you [requirement] because [intent]", etc.

It might also be worth talking to some manufacturers that have international reach.

Also, you should get Lori Greene's input on the curriculum.

Mustering and/or roll call features: use cases, how to set up, error rate/risks

That's a good topic, Melissa. I know of several mines and industrial facilies that use EAC for mustering. One uses EAC as an extension of official 'lock out/tag out' procedures. Do you have specific examples from your job?

Brian,

I'll jump in with several of the previous posts with my vote. Roll Call/Mustering/Who's In? reports are a common function of most EAC systems but rarely used because they are misunderstood by end users which leads me to suspect that it is a lack of education by the sellling installer/integrator. I think time and attendance can be thrown into the same hat as being usually available and rarely used because of the lack of knowledge on both ends. In both cases the issue is usually not understanding and properly implementing anti-passback settings, again due to lack of knowledge usually by the installing dealer or integrator or both.

I see the same issues with linking functions in EAC systems. Too many of us don't understand why and when to use them so they simply don't get used or worse, they are used improperly and cause code violations that sometimes seem impossible to solve.

I know that these subjects may be deeper and more technical than you intend to delve, however, I think they are worth mentioning just so your students know they exist and have some perception of the pitfalls related.

Now, this is where you would normally start to ignore me and begin writing on the white board.......in a previous life........so go ahead.

I am looking forward to your class.

Mike

Thanks for the feedback, Mike. I agree that 'advanced functions' are very powerful, and they are relegated to the fringe often because of how complex they might be to configure. In the way that API is complex, so are many EAC integrations.

We will touch on linking functions and special functions like Time & Attendance use in class, but our indepth look will likely happen in a focused seminar at a later date.

What about a FIPS201/HSPD 12 topic for the course? Surely this is driving a lot of the market in access control.

Also, mobile access control should be discussed.

Hello, Michael. First, thanks for the feedback.

Re: FIPS201: We've published several pieces about FIPS 201, and the fact is it is not driving substantial business anywhere. (See our FIPS-201 Failure report) Compliance with FIPS-201 has happened incrementally, but is subject to funding, and most importantly: punitive enforcement. Unless funding is threatened, no one seems eager to make changes.

There has been widespread reissuing of PIV cards to meet the standard, but this is akin to giving someone a new high-tech key that works in the old-fashioned locks. Its an easy, rather inexpensive, and highly visible step to take, so most everyone seems content with the pace of adoption. However, nothing meaningful to site or system security has been improved.

I'm not against discussing this in class, but I do not think it will be a topic all it's own. It will be included in discussions of TWIC and other credentialing standards.

When you mention 'mobile access', do you mean credentials on mobile devices?

Thanks!

I think this is great. I have been an under-equipped Sales Engineer scoping and proposing Video and Access Control solutions for 9 months.

This Video Surveillance course and the associated discussions have been exceptionally valuable. The Access Control topics you plan on addressing are comprehensive. I'm excited.

I will be attending.

Great feedback so far. We've taken your suggestions and added or expanded the class in some areas. Recent examples: mustering, lockdown, and 'advanced topics' like Time & Attendance/Guardtour use.

Please, if you have feedback let us know. We are getting close to nailing this down and finalizing the content.

Just wonder if Alarm Monitoring and available options (protocols) will be considered for inclusion. Reckon this is more related to IDS, but most of the Access Control Systems have IDS/Alarm Module integarted, don't they Brian

Undisclosed,

I'm not Brian but I will answer for or in addition to his answer. He can choose to disagree with me which he does often.....this has been the root of both our ongoing educations for some years now.

Yes, most access control panels or controllers have alarm inputs and outputs in the form of dry contacts or open collectors. These are not meant to be used as intrusion detection devices but rather to cause the access control system to react to another action. Such as unlocking all doors when a fire alarm sounds or triggering recording in the surveillance system when a door opens or a panel is tampered with.

Would these I/O relays function as an intrusion alarm system? Not dependably because they are too susceptible to mistakes in configuration. Thus one of the reasons that UL will not list most EAC panels/controllers for Alarm.

Having said all that, there are some alarm panels that will function as door controllers. It has been my experience that they don't do this very well......but then I'm old school and until someone proves to me differently, an alarm panel is an alarm panel and a door controller is a door controller. They can talk to each other and react to one another but should not be dependent on each other nor their host.

Thnaks Mike...I wanted to know if Central Monitoring side will be considered for training...seems we'll have to have an Alarm Monitoring Class...We are using both GE Challengers and Gallagher as mixed access/alarm panels

Hello, Heron:

You are correct in assuming that Central Station Monitoring of access/Intrusion integration will be touched on, but not deeply addressed. While combo systems exist, and are good fits for certain applications, access control is a separate system for many end users and is a substantial topic all its own.

Trying to cover both systems in one class would short-change both systems! I appreciate Mike's statements and agree that sharing contacts/hardware/sensors can be done, but is not the right answer in all (many) situations, especially where code compliance comes into play (often).

Thank you Brian..you are very diplomatic aren't you?

Yes, he is very diplomatic. No matter how hard I try to step on his toes by butting in his business.....

A sign of maturity and good ethics......but don't tell him I said so.