Dahua Access Control Tested

Published Oct 10, 2017 15:25 PM

Can Dahua become a major force in access control? We bought Dahua's ASC1202B [link no longer available] to find out.

We tested Dahua access and its management application to see how it stacks up to competitors in the security space.

With this report, we cover these findings and more:

  • 4 key strengths and 5 key weaknesses
  • The biggest disruptive element of Dahua's access control
  • Dahua-only compatible elements of the platform
  • A teardown view image showing the inside of the Controller
  • 4 video screencasts explaining how Dahua's management client works
  • Comparison of Dahua's Controller to Axis, HID and Mercury
  • Examination of video verification strengths and weakness
  • Challenges with system reporting
  • Initial cybersecurity review

Inside, we detail our findings on how well the system operates, where it is weak, and how it compares to other access systems.

[Note: We have bought and are testing Hikvision's access control offering as well, expect that report later in October.]

Key Tested Strengths 

Our tests reveal Dahua's key strengths could be challenging for incumbent providers who frequently charge 5 times more for their controllers / software:

  • Reliable Function: Despite being low priced, no bugs, hangups, or confusing verbiage was apparent.  In our test, cards always read and lock relays unlocked, even when multiple controllers were connected. While software interface performance slowed down by three to five seconds as the number of enrolled users/schedules increased, the hardware controller never slowed operations, locked up, or failed to perform it's basic access control function.
  • Highend Power Features: We tested Dahua's 'Emergency Lockdown', 'Two-Man Unlock', and 'First Card Disarm' features, and they worked reliably. While many small, basic access systems will not use these, the fact they are included in this low-cost platform for free while others charge thousands could make Dahua an appealing option for some.
  • Badge Picture Overlays: Dahua access displays the photo ID thumbnail registered with a badge scan, so it is possible to visually confirm credential holders are indeed the ones using issued badges at a glance and not unauthorized individuals.

Biggest Strength Is Disruptive Price

Dahua's biggest disruptive factor is not a tested value, but a steep pricing difference. The strongest differentiation Dahua offers is low price. A two door controller has a street cost of ~$150, a fraction of the $500 - $600 cost of mainstream competitors. This means that an installed Dahua access system can hit near or even below price points for many incumbent access platforms.

For example, Dahua is ~70% less expensive than Axis or HID. For example, Dahua's 2 door IP controller at a price of ~$150 versus the Axis A1001 at a price of ~$515 and Dahua's Combo Keypad RFID Reader at ~$80 versus an HID RPK40 for ~$250.

For more pricing analysis against incumbent four-door system kits, see our Dahua and Hikvision Entering Access Control post.

Key Tested Weaknesses

However, our test reveals and reinforces key drawbacks to Dahua access:

  • Free, but Unreliable, Video Verification: The base free system includes integration of video feeds associated with access events. However, the process can take over 30 seconds to connect when a card is scanned and sometimes 'times out' with no displayed video. While this represents a powerful integration not available in many other free or low-cost access platforms, the slow performance means that entire events have passed by the time video connects.
  • Power Supply Extra, No PoE: We needed to furnish our own power transformer, as none is sold with the unit. While 12 VDC power supplies are not difficult to find nor expensive at less than $10, the fact Dahua neither furnishes one, nor does the unit support PoE, power supplies are an extra part installers need to remember. The lack of PoE support also means that electrical infrastructure needs to be run to the door, a costly and often expensive consideration not needed with PoE controllers.
  • Dahua Software Only: The controller is only managed via Dahua's free Smart PSS software, and the controller cannot be connected or managed through any other platform. This essentially means only Dahua IP cameras can be used for some of the most powerful features, like video verification.
  • Software is Sluggish: Smart PSS becomes slow when switching between function tabs when more than one controller is being used. Even when performance specs for the Smart PSS station far exceed the minimums stated in the manual, performance is sluggish and while activity at the door is responsive, updating the monitoring software with alerts or video feeds can take more than 30 seconds.
  • No Reporting: Another big omission - no printable reports. Events are logged, but they must be manually filtered by fixed data fields and are not exportable or printable. Most access systems, even ones targeted to small populations of doors typically include basic reports.  
  • Only Wiegand or RS485 Readers: We connect several types of readers, including Dahua's own branded models, and HID 125 kHz or 13.56 MHz models.  The only option for connecting most of these units was basic, unidirectional, unsupervised Wiegand. Many smaller systems now support OSDP as an option to increase security of the reader bus, but Dahua's platform neglects it.
  • Confusing Device Labeling: In our test, wiring the controller was confused by the fact no clear 'Door #' labels are available. In order to determine which set of input contacts belong to Door 2 and which outputs belong to Door 1, some trial and error was needed. Novice installers could be confused easily by the lack of clear contact labels.

Compatible With Only Dahua Software

The biggest showstopper for many is the locked down nature of Dahua Access controllers to only work with Smart PSS, which will likely limit the takeover appeal and market success into anything but small and new install systems. The access controller works with Smart PSS, which in turn only works with Dahua IP cameras, so existing equipment cannot be installed into the application.

While the application is free and no additional software licensing is needed to use hardware once installed, the fact is only works with Dahua hardware is going to turn away many.

In contrast to 3rd party controllers, Dahua operates with 1 platform, while Mercury Security works with 20+, HID VertX with 10+, and Axis with 8+ different systems.

Controlled Though Smart PSS Management Applicaton

Dahua's free management software combines both video, access, video intercom features together. 

Our test indicates overall performance of the software will vary widely on the specs of the parent workstation and how many IP cameras/doors the app is controlling.

Our test workstation far exceeded Dahua's minimum specs [link no longer available] in terms of both CPU power (our test station has an i7 CPU vs Dahua's minimum i3), 6X the minimum 2GB RAM spec, and several hundred GBs of free HDD space. However, even with just one connected IP camera and two different controllers, some software functions were slow and took 10 seconds or longer to complete. The maximum number of connected devices is pegged at 256, so for a four-door system the max will be ~1,000 doors, but slow system performance is likely an issue well before the max.

In terms of feature support, Smart PSS includes basic scheduling, mapping, integrated video/access event bookmarking, and manual door 'unlock' and 'lock' controls similar to other small access platforms.

However, some features are missing, such as no ID Badge Printing, provisional reports, and no easy multisite or multi-location management.

Access Controller Physical Overview

In terms of device construction, the video below illustrates the size and build quality of the controller.
The controller is designed for DIN rail or wall mounting, but lacks an enclosure like many other systems, and connected device wiring is exposed if mounted outside of an additional enclosure not included.

Teardown View

Inside the controller's housing, a standard field replaceable CR-2032 clock battery, bank of relays, and various 'TI' (Texas Instrument) logo-ed chips are present. (Larger version here):

No Web Interface For Configuring Controllers

Device discovery uses a Dahua utility called 'ACSConfig', which must be used as the actual controller does not include a webserver on board, unlike most other door controllers.

The discovery tool is similar to those used on other IP devices. Once a static or permanent IP is assigned, the application is no longer used in operation:

Once addressed, devices are searched from inside Smart PSS, and added for use without additional licensing or provisioning:

The process is similar to adding Dahua's IP cameras, but unlike other access platforms that may require specific sites to be built inside the system before adding doors, or where adding readers takes place but not controllers. The video below demonstrates the process in greater detail:

Door Controller Side-by-side Comparison 

One big departure Dahua employs in controller design is the controller supports direct DIN rail mounting typically used in industrial environments. Mounting on a rail usually takes place in a large metal enclosure, so the controller itself is not weather sealed and has exposed wired connections.

From a size perspective, the controller itself is rather larger. The Dahua two-door and four-door models share an identical chassis, but the overall footprint is bigger and takes more space than other similar one/two door controllers, as shown in this image:

The large size of the controller will likely be even larger if mounted in a separate enclosure box, and the DIN compatibility will not likely be useful for the majority of deployments choosing to wall or enclosure mount devices.

Vague Controller Wire Labels

For installers not used to putting in access control, Dahua's controller wiring ports are not labeled with helpful tags. For example, knowing which connector group belongs to Door Reader #1 is unclear from the printed readouts. In contrast, other 'video-centric' brands understand that installers benefit from extras like color-coded connector banks, so that knowing where to wire different components is more easily understood.

In the image above, contrast in label language, appearance, and grouping is compared to Axis A1001 which is much easier and faster to wire for 'occasional' access installers than the Dahua unit.

Dahua's User Management Interface

Testing shows Dahua's access interface to be comparable with other small access platforms, including features live pushed status events, manual access controls, and door controller and user management features included. In our test, all features functioned correctly, and not crashes or unforced trouble events were noted. The video below shows off the basic structure and features of Smart PSS's management interface:

The process of adding cardholders and provisioning access is similar to most access platforms, and unlike free embedded access platforms, features like thumbnail ID pictures are included:

The video below displays cardholder and user profile creation in depth:

Integrated Video Verification Included, But Marginally Useful

One 'tight' integration within Smart PSS is the combination of Dahua IP cameras to specific doors.  However, performance of the feature is slow, and the length of time needed to connect feeds will be longer than the actual event in the majority of cases.  In our test with one connected test camera, performance in bringing up video streams took around 40 seconds and sometimes timed out with nothing more than a blank window, meaning the feature will outright miss most access events that only take a few seconds to happen in realtime.

The animation below gives an example of the 'popup' window display which happens within a second, and ends showing the 'searching video' message that displays while connections are being made:

The image below shows the same overlay once cameras connect:

Building the association between doors and cameras is straightforward as an 'Event', and options range from video popping up for every event, or only on security critical events like forced door or invalid credentials being used:

3rd Party Reader Compatibility Is Basic

In the video below, we look at attached readers including Dahua branded 13.56 MHz, PINpads, and Fingerprint models. We also tested HID Multiclass models using Wiegand integration, and found the controller equally supported reads from those units.

The biggest omission from Dahua's reader support is no OSDP, which offers only a basic unencrypted method of handling reader communication. We also confirmed function and enrollment of Dahua's companion ~$120 fingerprint reader and found performance on par with other inexpensive fingerprint units.  Our full detailed report on pros vs cons of the device is following in a separate report.

Platform Has Weak Reporting

One aspect that tested poorly was the ability to query and print or export database records. Aside from provisional searches on dates/ card numbers/ and doors, no other specific or custom searches are supported. Moreover, once the basic searches are done, printing them or exporting them from within the application is not supported, and outside tools or utilities are needed.  We detailed this in the video below:

Other basic and free access platforms support exporting to .TXT or .CSV files, or reports are formatted for batch printing in internal modules. Dahua access does not offer any of these.

Common Dahua Cybersecurity Exploits Not Immediately Found

One aspect of Dahua's performance we examined was how 'open' the devices are on networks, and how vulnerable they are to current common Dahua exploits.

We did a port scan, and found the controller uses a Dahua common control port, 37777, for both inbound and outbound operation. The device itself has no webserver, and while indexed via IP address, all device configuration and management occurs in SmartPSS.  We did not find Dahua's common backdoor accounts on the device.

Because device configuration and management takes place externally, the current common vulnerabilities with Dahua DVRs and IP cameras were not apparent.  In addition, packet sniffing command traffic showed data not be 'open text' and is obscured against command line spoofing:

Indeed, the controller uses default usernames and passwords during install, and unless specific attention to paid to changing them, the platform enforces no changes or warning against them.

Our review of the unit's security was superficial and did not include formal penetration testing or sophisticated examination of device security, and given the vulnerabilities of Dahua devices, no guarantees of hardened or secure design should be expected. 

 

Comments are shown for subscribers only. Login or Join