Access Control Specification Guide

By: Brian Rhodes, Published on May 19, 2016

This 15 page report provides the most in-depth guidance on specifying Access Control systems you will find.

Specifying Access Control correctly can be tricky, because every opening has quirks and are prone to outside factors that impact system performance. Not only this, but what you don't specify can be just as problematic as what you do.

Most access RFPs have serious problems. While they comprehensively spell out contract conditions and business terms, they are typically scant on relevant details about the system. Not only do they tend to be a random smattering of technical points, pulling them together into a cohesive system is often needlessly costly or may even be impossible to build.

The Big Mistakes

Most of the trouble specifying access has a root cause in one of the three areas below:

1. Incomplete details, where things you don't know can ruin your budget and system goals.

2. Difficult to build, where details that sound prudent may actually limit selection and significantly drive complexity to integrate.  

3. Proprietary, where even generic boilerplate writes in choices that lock you into one vendor.

In this report, we address the best strategies to avoid these problems.

Doing It Right - 18 Key Specification Areas

The good news is that you do not need to be an expert to specify great systems. In the sections below, we cover the right details to include, how to include them, and how to avoid common traps through addressing these 18 areas:

  • Is This An Expansion or New System?
  • Determining Access Security Goals
  • Establishing Monitored, Managed, or Forensic Use
  • Identifying Other System Integrations
  • Which Credentials To Use
  • Defining Doors/Opening Detail
  • Defining Turnstile Use
  • The Importance of Door Position Switches
  • Defining Existing Locks/Hardware
  • Specifying Readers
  • Deciding to Use IP or Serial based Controllers
  • How To Use PoE For Powering Systems
  • System Edge vs. Centralized Architecture
  • Is System Networking Wired or Wireless?
  • Considerations For Using Existing Databases
  • Evaluating User Management Features
  • Using Special Features Like Time and Attendance & Mustering
  • Establishing System Maintenance Expectations

**** ** **** ****** provides *** **** **-***** guidance ** ********** ****** Control ******* *** **** find.

********** ****** ******* ********* can ** ******, ******* every ******* *** ****** and *** ***** ** outside ******* **** ****** system ***********. *** **** this, *** **** *** don't ******* *** ** just ** *********** ** what *** **.

**** ****** **** **** serious ********. ***** **** comprehensively ***** *** ******** conditions *** ******** *****, they *** ********* ***** ** relevant ******* ***** *** system. *** **** ** they **** ** ** a ****** ********** ** technical ******, ******* **** together **** * ******** system ** ***** ********** costly ** *** **** be ********** ** *****.

The *** ********

**** ** *** ******* specifying ****** *** * root ***** ** *** of *** ***** ***** below:

*. ********** *******, ***** things *** ***'* **** can **** **** ****** and ****** *****.

*. ********* ** *****, ***** details **** ***** ******* may ******** ***** ********* and ************* ***** ********** to *********.  

*. ***********, ***** **** generic *********** ****** ** choices **** **** *** into *** ******.

** **** ******, ** address *** **** ********** to ***** ***** ********.

Doing ** ***** - ** *** ************* *****

*** **** **** ** that *** ** *** need ** ** ** expert ** ******* ***** systems. ** *** ******** below, ** ***** *** right ******* ** *******, how ** ******* ****, and *** ** ***** common ***** ******* ********** these ** *****:

  • ** **** ** ********* or *** ******?
  • *********** ****** ******** *****
  • ************ *********, *******, ** Forensic ***
  • *********** ***** ****** ************
  • ***** *********** ** ***
  • ******** *****/******* ******
  • ******** ********* ***
  • *** ********** ** **** Position ********
  • ******** ******** *****/********
  • ********** *******
  • ******** ** *** ** or ****** ***** ***********
  • *** ** *** *** For ******** *******
  • ****** **** **. *********** Architecture
  • ** ****** ********** ***** or ********?
  • ************** *** ***** ******** Databases
  • ********** **** ********** ********
  • ***** ******* ******** **** Time *** ********** & Mustering
  • ************ ****** *********** ************

[***************]

***** **** * **** at *** ****** ******** appear:

Common ********

**** *** ****** ******* might ** **** ***********, but **** **** *** mean **** **** *** the *** ****. **** at ***** ******** ** pulled **** ****** ****:

*** ****** ******:**** *** *************, *** risk ** ********* *** many *********** **** *********** ***** cost.  ******* **** ****** Control, *** ******** ** more ********* ****. **** this ******* **** *** Specifications ******* ****** ******'* ****** ************:

*** **** ** ******* to ***** * ***** from are ***** ** *** map *****. ** ******* regarding door/opening ****, ******** ********, how **** ****** **** to **** ****** ** what ********** ***** **** carry, ** **** *** openings ****** ** ******** are *****. *** ** mention **** ************ ** how *** *** *** system **** ** ****, or ***** ***** ******* will **** ** ********* with *** ****** ********.

*******, *** ***** ******* may ** ******** ** discovered ***** * *** walk, *** *** *** respondents *** **** * fair ***** ** ***** them ** ***** * bid. 

******** *************:******* *********** ***** ** *** inclusion ** ***** **** sound ***** ** **********, but ***** ** *********** limit ******* ** **** one ** *** ****. Take *** ******* **** a Police ********** ***:

******* *** **** ******** good ****** ********* **** descriptions *** *********, *** is *** ******. *******, due ** *** ********* in ******** '****************' *** the ******* ** * single *********** **** ** **** controller *********** ****** ****** to ********** ** **** existing ******.

******* **** ** ******** or *** ** ********* to *****, ******* ** would ** **** **** efficient *** **** *** solicitor *** *** ******* to ***** **** *********** plainly ** *****. ** the ****** **** *** realize *** *********** ****** of ****** *******, **** may ***** **** *** economically ****** ** *** existing ******** *** ******* system. *******, *** **** of ****** ******** '****************' dooms **** ******.

Technical *************

**** *** ** ********* aspects ** ******* ** every ****** *************:

Defining ********* ** *** *******

** **** ****** ***, or **** ** ** a ****** ******** ** an ******** ******? ********* this ******* **** ******* for *** ******** **** kind ** **** ** being ******. *** ** the *********** ****** ** most ****** *******, **************** is *********** ***-********, *** if * ****** ** already ** ***** *** satisfactory *** **** **** is ****** ********* **** platform. **** ** ****** the ***** ********* ****** since ********* ********* **** servers *** ******** *** be ******* ** *** needed. 

**** ****** **** ***** potentially ****** ********** ****** two ******* **** ****** *********** each *****'* *********. **** if *** **** ** abandoning ** ******** ******, recovering ** ******* **** of *** ******** ********** is * **** **** should ** **** ***** from *** *****. ******* labor ** ******** ***** may ** ****** ** transfer ******** ********** ***********, a ***** *** "********* ****** ******* *******" **** ********** ** more ******.

Security *****

****** ** ******, *** essentially *********, ** ** give * ******* *********** ** the ***** *** *** access ******. ******* "**** this ******, *** ******** wants ** ******** ***-***** staff **** ******** *** premises, *** **** *** but ******* *********** **** entering ** any ****" **** ******* assist ***** ********* * system ** ******* *** important ******** ** ***** around.

************, **** ****** ******* is ********** ** *** issue ** "**********", ******* where *** **** ********* openings *** ******* ** key **** ********** ********* ** ****** *** risk. *** ****** ********** and ****** ** **** risk, *** *** "****** ******* ******: **********" ****.

**** **** ********* ****** or ********* ** *** needed, ************ *** ***** groups **** *** ****** and ****/***** **** **** it ** *** ********** of ****** *******. ****** these ***** ***** ***** will **** ******* ****** the ***** ******** **** the ****** ***** ** assignable ******** *** *** stated ****.

********* *** ********* ***** goals **** ********* ** existing ****** ** ***** essential, ** *** ***** of ******* *** *************** can ****** **** ****. Including * ***** ********* describing '******** *****' *** refresh *** ************* ** a ****** **** ******* old.

Monitored, *******, ** ********

**** ** ** ****** how *** '*******' ******* of *** ****** **** be *******. ** *** goal ** *** ********** up *********, *** **** only ****** ** **** absolutely *********? **** ** onsite ***** ***** ******** monitor *** ******* ** events **/*/***? ** ** it ****** ** ****** oversight *** ********** ** active, *** ****** *** to * ******* ******* facility?  

******** **** *** *** system ** ***** ** be **** *** ** whom *** ******* ***** by ******** ****** ********, or ** ****** **** the ***** ****** *** manage *** ****** ** the ***** ****.

Other ******* ***********

** *** **** **** access ******* ** ** combined **** ***** ************ or ********* ******? ** you **** * **** alarm ******? ****** * point ** ***** ***** goals, ******** **** *** current ****/******/******** ** *** systems ** ** ********** help ***** ****** *** installation ***** ************.

***********

** *** ****** ** new, ********* ********* ****** not ** ******** ** the ****** *** ********. If ** ********* ** an ******** ******, *** answer ***** ******* ** made. *******, ** ****** case ********** ******** ***** credential **** ** ******* prevents ** **** ***** a ****** ******** ********.

** ***** ** **********, most ****** ******* *** contactless ***********. ** *** past, *** *** *********** have **** *** ********, but *** ** ******** concerns (**** ** **********) and ******* ******* ********, they **** **** ********** by **.** *** *****. From * **** **********, the **** ******** *********** are *** **** ***** or ******* **** ***** formats.

** ** *********** ******* exist, ******** *** ***** product ** ** **** security ****** ** ** economic ***. *** **** people **** ** ************? Should ***** *** ****** as ******, ** ** a **** ******* ****** needed? **** ***** ******* use ***********, *** ****** they ** ********?  **** about **********? **** **** mandate ******** ******* *** used?

************, ** ******** ******** codes *** ** ***, they ****** ** ***** as * ************* ** the ****** ******. *** all ******* *** **** to **** **** ******* codes, *** **** ***** detail *** ***** *********** cost ** *** **** clear.

*** **** *******, **** our ******* **:

Doors/Openings ******

********** *** ******** ** be ********** ** ******* not **** **** * design ***********, *** **** from ********* ********** *******. No *** ******** *** alike ** **** *** same ***, *** * short *********** ** ******* of *** ******* *** it ** **** **** far ** ********* **** controls.

*** *******, *** '**** entrance ** ** ****** building' ** ****** ********* like ****:

"*** **** ******** ** a *** ** ***** double ***** **** **** swing ***. ***** ***** are ******** **********, *** the ***** **** ************* opens *** ****** **** a ****** ****** ** pressed. * ****** ******** camera ****** ** ********** into *** ****** ** that *** ********* ***** are ******** ** **** enter.  **** ******** ** typically **** ** *** public ****** ******** *****, but ****** ** ****** and **** ********** ** approved ***** **** *** - *** *********. ************* 30 ****** *** **** access ****** * ******* night ****** ***** *****, including ******** ***** *** delivery ******. **** ******* shows *** *******:"

****: ****** **** ** annotation, **** * **** clean **** ** *** opening ** ** ******.

***** *** *********, *** information ******** ***** ***** insight **** ****** ** observed ****** * ***** job **** *** ******** door ****, **** ********, security ****, **** *******, and ********* ****** *********** (video). ***** ****** ********* is *** ******, ******* on ***** ******* ********* guesswork.

*** **** ****** ** how ** ******** ******** openings, ******* **** *** doors, *****, ** **** turnstiles, ***** *** ******** below:

Door ******** ********

*** ** *** **** useful, *** **** ********* aspects ** ****** ******* are *** ******* **** indicate ******* *** **** is **** ** ****. While **** **** *** as ** '*****', ***** remains ** **** ********* or *********** *** ** monitor *** ******* ***** of *** ******* **** these *******.

***** **** *** ****** by **** ** '********', solicitors ****** ********** ***** they **** ***** ******* included. ***** *** "*** ********" *** **** ******. For ******** ** *** biggest ******* ** ********** use ** *** ********, read "********* **** **** ********" ** ***** *** subtle ******** **** ******* undermine *** ****** ******.

Existing *****/********

**** *****, ****** ***** detail ** *** ********, but ***** ************ *** useful. ***** ****** ******* interoperates **** ******** ********** locks, *** ***** ********* of *** **** ******* is ********* ** ********** to ******** *** **** method ** *******.

*** **** ****, * ******* or ***** ******* *********** is ******: "*** **** **** ** a ***** (*****) **** currently **** ****** **** a ***** ***. *** door ****** *** *** has ** '****' ******* above **. *** **** can ** ****** ** unlocked **** *** ******* of *** **** ** a *** **** ****** to ********. *** ******* for *******:"

*** ******* ******* ** describing ***** ** *** to ****** *** ***** type *** ******** **** access ****, *** ***** posts:

Choosing *******

********* *** ***** ****** is *** ****** ** which *********** *** **** and ***** *** ******* is *******. **** *** written ************ *** ****** of *** *****/*****, **** decisions *** ** **** what **** ** ******* and *****. 

******* ********** *** ******** where******** ************** ************* ** **** **** ****** the ***** ****** ** specified ** ******* *** credentials ****** ** **** spot. 

*** ******* ********** *** more ****** ** ******** readers, ***** *** ****** below:

IP ** ****** ********* *******

*** ******* **** **** a ****** ******** ****** be ********* ** ******** cabling ** *** ****** be ****. **** ********** one **** **** *** other *** ** ****** if ********** ** *** strong, ******** **** ****** systems *** ** ******** as *** ******* ******, a ***** **** **** continue.

** ******** ******** *** to ** ****, ****** the ********* ** ******** switch ***** ***** ****** guesswork ** ********* **********. Marking * *** ** floorplans **** ******* ***** positions **** ** **** specification ** *****:

** *** ** ********* networks *** ******, ****** note ** *** *******, main ***** *****, ** access ****** ******** **** new ***** **** *** concurrent **** ********.

Edge ** *********** ************

** * ****** ******, specifying ***** **** ******* takes ***** ** *********. Most ****** ******* *** a **** ** **** controller ******* **** *** opening, *** ********** *********** location ** ****** ********** could ************* ***** ***** costs ** ****** ** older ******* ***** ***.

**** ** '****' ******* are ****, *** ********* can ** ********* ****** locked ******* ** ******* enclosures. *******, ****** **** enough ***** ** ********* for ***** ******* ** commonly ********** *** *** drive ***** ** *** properly ********** ****** **** writing. ***** ******* ******* more ****** *** *******:

Using ***** **** ********

** **** *****, ******** 802.3 **/** *** *** be **** ** ****** power ** **** *********** and ************ ********* ******* like ******* *** *******. Using *** ** ********* more ********** *** ****** online ********** **** ********, stand ***** ***** ******** typically ** ***.

*******, ***** *** *** limit *** ***** ** connected ******* ***** ** 'total ****-*******' ***** *********, which ** ******* *** mA ** ****, *** the *** ****** ** doors ** * ****** PoE ******* ********** *** limited ** ***.  ***** factors ** ******** ******* the ****** ** *** controller ********, *** *********** against ******** ******** ** a ******** ***** **** a *** ********** *** common.

****** ******* ****** ******* Guide ******** ** **-***** **** at *** *******.

Wired ** ********

**** ** ***** ** controlling ****, **** ************* of ***** ******* *** cause ****** ** ********* for ****** ** **** to ***** ********. ********** if ***** ***** *** not ******* ****, *** electronic ******* *** ******* is *********, ******** ***** wireless *** '*****-*****' ****** of *****.

***** *** **** **** may ** **** *** a ****** ******** ****, the ******* **** ** connecting ******** ******* ******** via * **** ******* run ***** ** **** expensive. ***** *** ******* price *** *********** ********** with ******** ***** (**: replacing *********) ***** ** prohibitive *** ****** *******, they ***** ***** ** economic *** ** **** of *********** ***** ******* expansion. *** **** ** these ************, *** *** "******** ****** ******".

Using ******** *********

********** *** ******, *****-**** systems, *** ******** *** bring *********** ****. ******** the **** ********** ****** **** be **** ** ******* unless *** ************* ********** states ***** ******** ******** may ******* ** *********. Our "****** **** ** ******: Database" ***** ****** **** point, *** *** ****** options, ** *****.

User **********

******** ****'* ***** *** a ******** ****** ** the *************, *** *** where ********* ******** **** be ********* ** *********. Spelling *** ******** '**** ****' and ********** ******* ***** ********* specify *** ********* *** right ********. ** ********* need ** ****/****** ***** in **** ****, ****** activity ******* *** ** be *******, ** ** the ****** ****** ****** integrate **** *** ***** surveillance ******, ***** ************ should ** *****.

**** *** ******* **** are *** ******** *******, if ***** **** '****** access' **** *********** ** inclusion ** '** *****' creation *******, ** ****** not ** ******* ** will ** ******** ****** stated.

****, ** ******** ************ are ** ** **** for ******* *******, *********** of ***** ******** *** build ************** ****** ** listed ** ********* *** system ** ********* ** confirmed. *** **** ******* on *** ******** ********** piece *** ************ ** the ******* ******** *******, see *** ********* *****:

******* ********:****** ******* ** ****** for **** **** **** unlocking *****. **** ******* include ******* *** '**** and **********' ******* **** essentially ******** * **** clock, ** '*********' **** grants *** ******* ********* that **** ******* * roster ** ********* ** a ********** ****.

** ***** ******** *** desired, ** *** ***** integrations ******* ******* *** core ****** ******* *********, effort ****** ** ***** defining *** ******* ****** in ************* *********.  ***** posts **** **** ******* what ** *** *** and *** ** **** the ************:

Maintenence *****

*******, ************** ****** ***** out *** ******* ****** software *********** ***** *** any ********** ******* ******** required ** **** *** system ******* *** ***********. Some ********* **** ** ongoing *********** ****, ***** others ******* * ****** plan *** *** *** prioritize ******* ** **** support ** *** *******.

*** **** ** **** maintenance ****** ****** **** system *********, ** * system *** ** ********* less **** ********* *********, but *** ********* ** unrealized ***** ** ********** years. 

Access ******* ************* ****

*** ********* ******* ******** a ******* ** **** requirement *** ****** ******* to ********. ** ********* you **** *** ***** this **** **** *** documents *** *** ** as * ******** ***** in ******** *** ************ for **** ****** *******.

Opening/Door ****: Often best depicted in a picture. If not permitted, a short written description describing: Steel, wood single or double door? Right, left, or swing ‘reverse’. Glass opening? Turnstile?

Users *** ****: Average number of users during busy times, so that cycle times of locking hardware can be sized accounting to the busiest period the door permits access.

Opening's ******** *****: The high-level purpose of access control: “Restrict unapproved users from entering during overnight hours” or “Only residents with current rent payments should be allowed to use gym facility.”

Other ********* ** *** ****: Often best expressed in a picture, a snapshot or written description of the other hardware devices hung on the opening. Examples: “Closer on upper hinge side, vertical rod on upper strike side, and an exit device hung on the inside. Outside keyed access.”

Reader ****/******** ********: On the door frame (mullion), or on an adjacent wall?  Are mounting surfaces suitable? Are they protected/sheltered from ice and snow? Can someone is a wheelchair or with limited range of movement reach the reader, per ADA (or similar)?

Credentials ** ***/******** ************** ******: Common Choices: 125 mHz, 13.56 MHz contactless. HID format, MiFARE/DESFire? 26,33,34,35 bit cards? Facility code needed? Is more than one credential needed at the door to verify the user?

Intercom ******?: If a user cannot enter the door, or if a visitor request entrance, can they page help or an attendant? Two two-way conversations need to be supported?

Lock **** ******: Choices- typically electric strikes or maglocks, but dictated by building code, AHJ preference, and type of hardware existing on the door.

System ******* ****: TCP/IP, Serial hardwire, wireless, or stand alone locks? If IP, are existing LAN segments available? Are cable pathways and data closets marked? If wireless, the signal strength at doors verified?

Controller *****: Choices- Edge or Centralized? Standalone or host dependent?

Critical **** ********** ********: What real-time features required? What type of reporting is needed? Will users need access from a browser or mobile devices? Are client workstations available?

Server *****/**********?: Do you have available resources in the server stack? Are they physical or virtual? Do you need your servers to host access locally or remotely? Including this ensures no ugly incompatibilities happen at the last minute. If a new server is used, will local IT resources be familiar with configuration and support?

Database ******** ******: Does you enterprise already use a standard database platform like SQL? If so, make note so the access system can plan to make use of existing rather than purchasing new or using a proprietary platform.

Special ********: Do you need Time & Attendance or Mustering? If so, does your hardware design support those features? Make note of the ‘other systems’ you would like access control to feed into or use like video surveillance or intrusion alarm.

[****: **** ***** *** originally ******** ** **** but *** ******* / improved ** ****.]

Comments (0)

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

Suprema Biometric Mass Leak Examined on Aug 19, 2019
While Suprema is rarely discussed even within the physical security market, the South Korean biometrics manufacturer made global news this past...
Installation Course - Register Now on Aug 15, 2019
Register Now for the September 2019 Video Surveillance Install Course. This is a unique installation course in a market where little practical...
Biometrics Usage Statistics 2019 on Aug 13, 2019
Biometrics are commonly used in phones, but how frequently are they used for access? 150+ integrators told us how often they use biometrics,...
Milestone "GDPR-ready" Certification Claim Critiqued on Aug 12, 2019
Milestone is touting that its latest XProtect VMS is "GDPR-ready" with a 'European Privacy Seal'. However, our investigation raises significant...
ProdataKey (PDK) Access Company Profile on Aug 09, 2019
 Utah based ProdataKey touts low cost cloud access, wireless controllers, and no dealer required national distribution availability.  But how does...
Axis Door Station A8207-VE Tested on Aug 07, 2019
Axis newest door station, the A8207-VE, claims to deliver "video surveillance, two-way communication, and access control" in a single device. But...
Avigilon Blue VSaaS Tested on Aug 05, 2019
Avigilon says Blue is a "powerful integrator cloud service platform", easy to set up and configure, quickly scale business, by leveraging cloud...
Mobile Access Control Shootout - Farpointe, HID, Openpath, Nortek, Proxy on Jul 29, 2019
One of the biggest rising trends in access control is using phones as credentials but which offering is best? IPVM has tested five of the...
Siklu $400 Compact 60GHz Radio on Jul 24, 2019
Siklu first entered the video surveillance market with a $6,000 per link solution, is now aiming down market with their newest 60GHz wireless...
Responsibility Split Selecting Locks - Statistics on Jul 22, 2019
A heated access debate surrounds who should pick and install the locks. While responsible for selecting the control systems, integrators often...

Most Recent Industry Reports

Uniview Beats Intel In Trademark Lawsuit on Aug 19, 2019
Uniview has won a long-running trademark lawsuit brought by Intel, with Beijing's highest court reversing an earlier Intel win, centered on...
Suprema Biometric Mass Leak Examined on Aug 19, 2019
While Suprema is rarely discussed even within the physical security market, the South Korean biometrics manufacturer made global news this past...
Verkada People And Face Analytics Tested on Aug 16, 2019
This week, Verkada released "People Analytics", including face analytics that they describe is a "game-changing feature" that "pushes the...
Dahua OEM Directory 2019 on Aug 16, 2019
US Government banned Dahua OEMs for dozens of companies. The following directory includes 40+ of those companies with a graphic and links to...
Installation Course - Register Now on Aug 15, 2019
Register Now for the September 2019 Video Surveillance Install Course. This is a unique installation course in a market where little practical...
Axis Suffers Outage, Provides Postmortem on Aug 15, 2019
This week, Axis suffered an outage impacting their website and cloud services. Inside this note, we examined what happened, what was impacted...
Hikvision Scrutinized In The Netherlands on Aug 15, 2019
Hikvision is facing unprecedented scrutiny in the Netherlands, at the same time the US government ban has taken effect. This week, a Dutch...
Axis 4K Camera Shootout 2019 on Aug 14, 2019
Axis' 4K Q3518-LVE claims the "best video quality possible", with Lightfinder super low light performance, Axis' high end Forensic WDR, and...
CheckMySystems Company Profile on Aug 14, 2019
CheckMySystems says that too many users respond, "I get an email when something is wrong" when talking about their video system maintenance plan,...
Hikvision OEM Directory on Aug 13, 2019
The Chinese government-owned and US-government banned Hikvision has become the world's largest video surveillance manufacturer and generally hidden...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact