Access Control Specification Guide

By: Brian Rhodes, Published on May 19, 2016

This 15 page report provides the most in-depth guidance on specifying Access Control systems you will find.

Specifying Access Control correctly can be tricky, because every opening has quirks and are prone to outside factors that impact system performance. Not only this, but what you don't specify can be just as problematic as what you do.

Most access RFPs have serious problems. While they comprehensively spell out contract conditions and business terms, they are typically scant on relevant details about the system. Not only do they tend to be a random smattering of technical points, pulling them together into a cohesive system is often needlessly costly or may even be impossible to build.

The Big Mistakes

Most of the trouble specifying access has a root cause in one of the three areas below:

1. Incomplete details, where things you don't know can ruin your budget and system goals.

2. Difficult to build, where details that sound prudent may actually limit selection and significantly drive complexity to integrate.

3. Proprietary, where even generic boilerplate writes in choices that lock you into one vendor.

In this report, we address the best strategies to avoid these problems.

Doing It Right - 18 Key Specification Areas

The good news is that you do not need to be an expert to specify great systems. In the sections below, we cover the right details to include, how to include them, and how to avoid common traps through addressing these 18 areas:

  • Is This An Expansion or New System?
  • Determining Access Security Goals
  • Establishing Monitored, Managed, or Forensic Use
  • Identifying Other System Integrations
  • Which Credentials To Use
  • Defining Doors/Opening Detail
  • Defining Turnstile Use
  • The Importance of Door Position Switches
  • Defining Existing Locks/Hardware
  • Specifying Readers
  • Deciding to Use IP or Serial based Controllers
  • How To Use PoE For Powering Systems
  • System Edge vs. Centralized Architecture
  • Is System Networking Wired or Wireless?
  • Considerations For Using Existing Databases
  • Evaluating User Management Features
  • Using Special Features Like Time and Attendance & Mustering
  • Establishing System Maintenance Expectations

***** **** * **** at *** ****** ******** appear:

Common ********

**** *** ****** ******* might ** **** ***********, but **** **** *** mean **** **** *** the *** ****. **** at ***** ******** ** pulled **** ****** ****:

*** ****** ******:**** *** *************, *** risk ** ********* *** many *********** **** *********** drive ****. ******* **** Access *******, *** ******** is **** ********* ****. Take **** ******* **** the ************** ******* ****** ******'* ****** ************:

*** **** ** ******* to ***** * ***** from *** ***** ** the *** *****. ** details ********* ****/******* ****, existing ********, *** **** people **** ** **** access ** **** ********** types **** *****, ** when *** ******** ****** be ******** *** *****. Not ** ******* **** descriptions ** *** *** who *** ****** **** be ****, ** ***** other ******* **** **** to ********* **** *** access ********.

*******, *** ***** ******* may ** ******** ** discovered ***** * *** walk, *** *** *** respondents *** **** * fair ***** ** ***** them ** ***** * bid.

******** *************:******* *********** ***** ** the ********* ** ***** that ***** ***** ** economical, *** ***** ** essentially ***** ******* ** just *** ** *** bids. **** *** ******* from * ****** ********** RFP:

******* *** **** ******** good ****** ********* **** descriptions *** ********* *** is ***-******. *******, *** to *** ********* ** defining '****************' *** *** listing ** * ****** proprietary **** ** **** controller *********** ****** ****** to ********** ** **** existing ******.

******* **** ** ******** or *** ** ********* to *****, ******* ** would ** **** **** efficient *** **** *** solicitor *** *** ******* to ***** **** *********** plainly *******. *** ****** does *** ******* *** proprietary ****** ** ****** systems, **** *** ***** they *** ************ ****** to *** ******** ******** for ******* ******. *******, the **** ** ****** defining '****************' ***** **** option.

Technical *************

**** *** ** ********* aspects ** ******* ** every ****** *************:

Defining ********* ** *** *******

** **** ****** ***, or **** ** ** a ****** ******** ** an ******** ******? ********* this ******* **** ******* for *** ******** **** kind ** **** ** being ******. *** ** the *********** ****** ** most ****** *******, **************** is *********** ***-********, *** if * ****** ** already ** ***** *** satisfactory *** **** **** is ****** ********* **** platform. **** ** ****** the ***** ********* ****** since ********* ********* **** servers *** ******** *** be ******* ** *** needed.

**** ****** **** ***** potentially ****** ********** ****** two ******* **** ****** incorporate **** *****'* *********. Even ** *** **** is ********** ** ******** system, ********** ** ******* some ** *** ******** components ** * **** that ****** ** **** clear **** *** *****. Special ***** ** ******** tools *** ** ****** to ******** ******** ********** information, * ***** *** "********* ****** ******* *******" **** ********** ** more ******.

Security *****

****** ** ******, *** essentially *********, ** ** give * ******* *********** of *** ***** *** the ****** ******. ******* "With **** ******, *** facility ***** ** ******** off-shift ***** **** ******** the ******** *** **** all *** ******* *********** from ******** at *** ****" **** greatly ****** ***** ********* a ****** ** ******* the ********* ******** ** build ******.

************, **** ****** ******* is ********** ** *** issue ** "**********", ******* where *** **** ********* openings *** ******* ** key **** ******************* ** ****** *** risk. *** ****** ********** and ****** ** **** risk, *** *************: ****** ******* ************.

**** **** ********* ****** or ********* ** *** needed, ************ *** ***** groups **** *** ****** and ****/***** **** **** it ** *** ********** of ****** *******. ****** these ***** ***** ***** will **** ******* ****** the ***** ******** **** the ****** ***** ** assignable ******** *** *** stated ****.

********* *** ********* ***** goals **** ********* ** existing ****** ** ***** essential, ** *** ***** of ******* *** *************** can ****** **** ****. Including * ***** ********* describing '******** *****' *** refresh *** ************* ** a ****** **** ******* old.

Monitored, *******, ** ********

**** ** ** ****** how *** '*******' ******* of *** ****** **** be *******. ** *** goal ** *** ********** up *********, *** **** only ****** ** **** absolutely *********? **** ** onsite ***** ***** ******** monitor *** ******* ** events **/*/***? ** ** it ****** ** ****** oversight *** ********** ** active, *** ****** *** to * ******* ******* facility?

******** **** *** *** system ** ***** ** be **** *** ** whom *** ******* ***** by ******** ****** ********, or ** ****** **** the ***** ****** *** manage *** ****** ** the ***** ****.

Other ******* ***********

** *** **** **** access ******* ** ** combined **** ***** ************ or ********* ******? ** you **** * **** alarm ******? ****** * point ** ***** ***** goals, ******** **** *** current ****/******/******** ** *** systems ** ** ********** help ***** ****** *** installation ***** ************.

***********

** *** ****** ** new, ********* ********* ****** not ** ******** ** the ****** *** ********. If ** ********* ** an ******** ******, *** answer ***** ******* ** made. *******, ** ****** case, ********** ******** ***** credential **** ** ******* prevents ** **** ***** a ****** ******** ********.

** ***** ** **********, most ****** ******* *** contactless ***********. ** *** past, *** *** *********** have **** *** ********, but *** ** ******** concerns (**** ** **********) and ******* ******* ********, they **** **** ********** by **.** *** *****. From * **** **********, the **** ******** *********** are *** **** ***** or ******* **** ***** formats.

** ** *********** ******* exist, ******** *** ***** product ** ** **** security ****** ** ** economic ***. *** **** people **** ** ************? Should ***** *** ****** as ******, ** ** a **** ******* ****** needed? **** ***** ******* use ***********, *** ****** they ** ********? **** about **********? **** **** mandate ******** ******* *** used?

************, ** ******** ******** codes *** ** ***, they ****** ** ***** as * ************* ** the ****** ******. *** all ******* *** **** to **** **** ******* codes, *** **** ***** detail *** ***** *********** cost ** *** **** clear.

*** **** *******, **** our ******* **:

Doors/Openings ******

********** *** ******** ** be ********** ** ******* not **** **** * design *********** *** **** from ********* ********** *******. No *** ******** *** alike ** **** *** same ***, *** * short *********** ** ******* of *** ******* *** it ** **** **** far ** ********* **** controls.

*** *******, *** '**** entrance ** ** ****** building' ** ****** ********* as ****:

"*** **** ******** ** a *** ** ***** double ***** **** **** swing ***. ***** ***** are ******** **********, *** the ***** **** ************* opens *** ****** **** a ****** ****** ** pressed. * ****** ******** camera ****** ** ********** into *** ****** ** that *** ********* ***** are ******** ** **** enter. **** ******** ** typically **** ** *** public ****** ******** *****, but ****** ** ****** and **** ********** ** approved ***** **** *** - *** *********. ************* 30 ****** *** **** access ****** * ******* night ****** ***** *****, including ******** ***** *** delivery ******. **** ******* shows *** *******:"

****: ****** **** ** annotation, **** * **** clean **** ** *** opening ** ** ******.

***** *** *********, *** information ******** ***** ***** insight **** ****** ** observed ****** * ***** job **** *** ******** door ****, **** ********, security ****, **** *******, and ********* ****** *********** (video). ***** ****** ********* is *** ******, ******* on ***** ******* ********* guesswork.

*** **** ****** ** how ** ******** ******** openings, ******* **** *** doors, *****, ** **** turnstiles, ***** *** ******** below:

Door ******** ********

*** ** *** **** useful, *** **** ********* aspects ** ****** ******* are *** ******* **** indicate ******* *** **** is **** ** ****. While **** **** *** as ** '*****', ***** remains ** **** ********* or *********** *** ** monitor *** ******* ***** of *** ******* **** these *******.

***** **** *** ****** by **** ** '********', solicitors ****** ********** ***** they **** ***** ******* included. ***** *** "**** ******** ******** (***) For ****** ******* ********" *** **** ******. For ******** ** *** biggest ******* ** ********** use ** *** ********, read "********* **** **** ********" ** ***** *** subtle ******** **** ******* undermines *** ****** ******.

Existing *****/********

**** *****, ******-***** ****** is *** ********, *** basic ************ *** ******. Often ****** ******* ************* with ******** ********** *****, and ***** ********* ** how **** ******* ** appointed ** ********** ** choosing *** **** ****** of *******.

*** **** ****, * picture ** ***** ******* description ** ******: "*** **** **** ** a ***** (*****) **** currently **** ****** **** a ***** ***. *** door ****** *** *** has ** '****' ******* above **. *** **** can ** ****** ** unlocked **** *** ******* of *** **** ** a *** **** ****** to ********. *** ******* for *******:"

*** ******* ******* ** describing ***** ** *** to ****** *** ***** type *** ******** **** access ****, *** ***** posts:

Choosing *******

********* *** ***** ****** is *** ****** ** which *********** *** **** and ***** *** ******* is *******. **** *** written ************ *** ****** of *** *****/*****, **** decisions *** ** **** what **** ** ******* and *****.

******* ********** *** ******** where******** ************** ************* ** **** **** ensure *** ***** ****** is ********* ** ******* all *********** ****** ** that ****.

*** ******* ********** *** more ****** ** ******** readers, ***** *** ****** below:

IP ** ****** ********* *******

*** ******* **** **** a ****** ******** ****** be ********* ** ******** cabling ** *** ****** be ****. **** ********** one **** **** *** other *** ** ****** if ********** ** *** strong, ******** **** ****** systems *** ** ******** as *** ******* ******, a ***** **** **** continue.

** ******** ******** *** to ** ****, ****** the ********* ** ******** switch ***** ***** ****** guesswork ** ********* **********. Marking * *** ** floorplans **** ******* ***** positions **** ** **** specification ** *****:

** *** ** ********* networks *** ******, ****** note ** *** *******, main ***** *****, ** access ****** ******** **** new ***** **** *** concurrent **** ********.

Edge ** *********** ************

** * ****** ******, specifying ***** **** ******* takes ***** ** *********. Most ****** ******* *** a **** ** **** controller ******* **** *** opening, *** ********** *********** location ** ****** ********** could ************* ***** ***** costs ** ****** ** older ******* ***** ***.

**** ** '****' ******* are ****, *** ********* can ** ********* ****** locked ******* ** ******* enclosures. *******, ****** **** enough ***** ** ********* for ***** ******* ** commonly ********** *** *** drive ***** ** *** properly ********** ****** **** writing. ***** ******* ******* more ****** *** *******:

Using ***** **** ********

** **** *****, ******** 802.3 **/** *** *** be **** ** ****** power ** **** *********** and ************ ********* ******* like ******* *** *******. Using *** ** ********* more ********** *** ****** online ********** **** ********, stand ***** ***** ******** typically ** ***.

*******, ***** *** *** limit *** ***** ** connected ******* ***** ** 'total ****-*******' ***** *********, which ** ******* *** mA ** ****, *** the *** ****** ** doors ** * ****** PoE ******* ********** *** limited ** ***. ***** factors ** ******** ******* the ****** ** *** controller ********, *** *********** against ******** ******** ** a ******** ***** **** a *** ********** *** common.

****** ******* ****** ******* Guide******** ** **-***** **** at *** *******.

Wired ** ********

**** ** ***** ** controlling ****, **** ************* of ***** ******* *** cause ****** ** ********* for ****** ** **** to ***** ********. ********** if ***** ***** *** not ******* ****, *** electronic ******* *** ******* is *********, ******** ***** wireless *** '*****-*****' ****** of *****.

***** *** **** **** may ** **** *** a ****** ******** ****, the ******* **** ** connecting ******** ******* ******** via * **** ******* run ***** ** **** expensive. ***** *** ******* price *** *********** ********** with ******** ***** (**: replacing *********) ***** ** prohibitive *** ****** *******, they ***** ***** ** economic *** ** **** of *********** ***** ******* expansion. *** **** ** these ************, *** *** "******** ****** ******".

Using ******** *********

********** *** ******, *****-**** systems, *** ******** *** bring *********** ****. ******** the **** ********** ****** will ** **** ** foolish ****** *** ************* explicitly ****** ***** ******** platform *** ******* ** available. *** "****** **** ** ******: Database" ***** ****** **** point, *** *** ****** options, ** *****.

User **********

******** ****'* ***** *** a ******** ****** ** the *************, *** *** where ********* ******** **** be ********* ** *********. Spelling *** ******** '**** View' *** ********** ******* helps ********* ******* *** configure *** ***** ********. If ********* **** ** lock/unlock ***** ** **** time, ****** ******** ******* are ** ** *******, or ** *** ****** system ****** ********* **** the ***** ************ ******, these ************ ****** ** clear.

**** *** ******* **** are *** ******** *******, if ***** **** '****** access' **** *********** ** inclusion ** '** *****' creation *******, ** ****** not ** ******* ** will ** ******** ****** stated.

****, ** ******** ************ are ** ** **** for ******* *******, *********** of ***** ******** *** build ************** ****** ** listed ** ********* *** system ** ********* ** confirmed. *** **** ******* on *** ******** ********** piece *** ************ ** the ******* ******** *******, see *** ********* *****:

******* ********:****** ******* ** ****** for **** **** **** unlocking *****. **** ******* include ******* *** '**** and **********' ******* **** essentially ******** * **** clock, ** '*********' **** grants *** ******* ********* that **** ******* * roster ** ********* ** a ********** ****.

** ***** ******** *** desired, ** *** ***** integrations ******* ******* *** core ****** ******* *********, effort ****** ** ***** defining *** ******* ****** in ************* *********. ***** posts **** **** ******* what ** *** *** and *** ** **** the ************:

Maintenence *****

*******, ************** ****** ***** out *** ******* ****** software *********** ***** *** any ********** ******* ******** required ** **** *** system ******* *** ***********. Some ********* **** ** ongoing *********** ****, ***** others ******* * ****** plan *** *** *** prioritize ******* ** **** support ** *** *******.

*** **** ** **** maintenance ****** ****** **** system *********, ** * system *** ** ********* less **** ********* *********, but *** ********* ** unrealized ***** ** ********** years.

Access ******* ************* ****

*** ********* ******* ******** a ******* ** **** requirement *** ****** ******* to ********. ** ********* you **** *** ***** this **** **** *** documents *** *** ** as * ******** ***** in ******** *** ************ for **** ****** *******.

Opening/Door ****: Often best depicted in a picture. If not permitted, a short written description describing: Steel, wood single or double door? Right, left, or swing ‘reverse’. Glass opening? Turnstile?

Users *** ****: Average number of users during busy times, so that cycle times of locking hardware can be sized accounting to the busiest period the door permits access.

Opening's ******** *****: The high-level purpose of access control: “Restrict unapproved users from entering during overnight hours” or “Only residents with current rent payments should be allowed to use gym facility.”

Other ********* ** *** ****: Often best expressed in a picture, a snapshot or written description of the other hardware devices hung on the opening. Examples: “Closer on upper hinge side, vertical rod on upper strike side, and an exit device hung on the inside. Outside keyed access.”

Reader ****/******** ********: On the door frame (mullion), or on an adjacent wall? Are mounting surfaces suitable? Are they protected/sheltered from ice and snow? Can someone is a wheelchair or with limited range of movement reach the reader, per ADA (or similar)?

Credentials ** ***/******** ************** ******: Common Choices: 125 mHz, 13.56 MHz contactless. HID format, MiFARE/DESFire? 26,33,34,35 bit cards? Facility code needed? Is more than one credential needed at the door to verify the user?

Intercom ******?: If a user cannot enter the door, or if a visitor request entrance, can they page help or an attendant? Two two-way conversations need to be supported?

Lock **** ******: Choices- typically electric strikes or maglocks, but dictated by building code, AHJ preference, and type of hardware existing on the door.

System ******* ****: TCP/IP, Serial hardwire, wireless, or stand alone locks? If IP, are existing LAN segments available? Are cable pathways and data closets marked? If wireless, the signal strength at doors verified?

Controller *****: Choices- Edge or Centralized? Standalone or host dependent?

Critical **** ********** ********: What real-time features required? What type of reporting is needed? Will users need access from a browser or mobile devices? Are client workstations available?

Server *****/**********?: Do you have available resources in the server stack? Are they physical or virtual? Do you need your servers to host access locally or remotely? Including this ensures no ugly incompatibilities happen at the last minute. If a new server is used, will local IT resources be familiar with configuration and support?

Database ******** ******: Does you enterprise already use a standard database platform like SQL? If so, make note so the access system can plan to make use of existing rather than purchasing new or using a proprietary platform.

Special ********: Do you need Time & Attendance or Mustering? If so, does your hardware design support those features? Make note of the ‘other systems’ you would like access control to feed into or use like video surveillance or intrusion alarm.

[****: **** ***** *** originally ******** ** **** but *** ******* / improved ** ****.]

Comments (1)

Great Article! Really takes into account all the things, large and small, that must be thought when bidding or planning a job. I think this article should be helpful for people trying to grasp AC( and what's involved) for the first time, or a pro getting ready to set up a new system or refurbish an older one. Very insightful!! Thanks for the write up!

Read this IPVM report for free.

This article is part of IPVM's 6,536 reports, 881 tests and is only available to members. To get a one-time preview of our work, enter your work email to access the full article.

Already a member? Login here | Join now

Related Reports

Door Fundamentals For Access Control Guide on Aug 24, 2020
Doors vary greatly in how difficult and costly it is to add electronic access...
Exit Devices For Access Control Tutorial on Aug 25, 2020
Exit Devices, also called 'Panic Bars' or 'Crash Bars' are required by safety...
Drain Wire For Access Control Reader Tutorial on Sep 23, 2020
An easy-to-miss cabling specification plays a key role in access control, yet...
Mobile Access Control Usage Statistics 2020 on Sep 21, 2020
Most smartphones can be used as access control credentials, but how...
Use Access Control Logs To Constrain Coronavirus on Apr 09, 2020
Access control users have included capabilities that are not commonly used...
Keypads For Access Control Tutorial on Jul 28, 2020
Keypad readers present huge risks to even the best access systems. If...
AHJ / Authority Having Jurisdiction Tutorial on Aug 06, 2020
One of the most powerful yet often underappreciated characters in all...
Access Visitor Management Systems Guide on Jul 22, 2020
"Who are you, and why are you here?" Facilities that implement Visitor...
Remote Network Access for Video Surveillance Guide on Jul 27, 2020
Remotely accessing surveillance systems is key in 2020, with more and more...
Forced Door Alarms For Access Control Tutorial on Aug 17, 2020
One of the most important access control alarms is also often ignored....
Verkada Falsely Claims "First Native Cloud-based Access Control and Video Security Solution" on Jun 18, 2020
Verkada's false claims continue, this time to be the first native cloud-based...
Free Online NFPA, IBC, and ADA Codes and Standards 2020 on Sep 03, 2020
Finding applicable codes for security work can be a costly task, with printed...
Vehicle Gate Access Control Guide on Mar 19, 2020
Vehicle gate access control demands integrating various systems to keep...
Verkada Access Control Tested on Sep 09, 2020
Verkada raised $80 million earlier in 2020, expanding from video into access...
The Problem With Fever Detecting Thermal Sunglasses on Apr 15, 2020
While the media has promoted using thermal sunglasses to detect fevers, this...

Recent Reports

New Products Show Fall 2020 Starts Tomorrow! on Sep 27, 2020
Tomorrow, IPVM's sixth online show will feature New Products from over 25...
OnTech Smart Services Partners With Google and Amazon To Compete With Integrators on Sep 25, 2020
A pain point for many homeowners to use consumer security and surveillance is...
The Future of Metalens For Video Surveillance Cameras - MIT / UMass / Immervision on Sep 25, 2020
Panoramic cameras using 'fisheye' lens have become commonplace in video...
Hikvision Sues Over Brazilian Airport Loss on Sep 24, 2020
Hikvision was excluded from a Brazilian airport project because it is owned...
China General Chamber of Commerce Calls Out US Politics on Sep 24, 2020
While US-China relations are at an all-time low, optimism about relations...
Verkada Disruptive Embedded Live Help on Sep 24, 2020
Call up your integrator? Have someone come by the next day? Verkada is...
IP Networking Course Fall 2020 - Last Chance - Register Now on Sep 23, 2020
Today is the last chance to register for the only IP networking course...
Drain Wire For Access Control Reader Tutorial on Sep 23, 2020
An easy-to-miss cabling specification plays a key role in access control, yet...
Norway Council of Ethics Finds Hikvision Human Rights Abuses "Ongoing" on Sep 23, 2020
Hikvision's involvement in "serious human rights abuse" in Xinjiang is...
IPVM Camera Calculator User Manual / Guide on Sep 23, 2020
Learn how to use the IPVM Camera Calculator (updated for Version 3.1). The...
Installation Course Fall 2020 - Save $50 - Last Chance on Sep 22, 2020
This is a unique installation course in a market where little practical...
SimpliSafe Business Security Launched Examined on Sep 22, 2020
SimpliSafe has launched "SimpliSafe Business Security" that the company...
FLIR CEO: Many New Fever Entrants "Making Claims That The Science Just Won't Support" on Sep 22, 2020
FLIR's CEO joins a growing number calling out risks with fever / screening...
China Bems Temperature Measurement Terminal Tested on Sep 22, 2020
Guangzhou Bems (brand Benshi) is the manufacturer behind temperature...