Replacing Access Control Systems

Author: Brian Rhodes, Published on Feb 20, 2013

Q: What's rarer than a two-headed penny? A: An end user who replaces their access control system. Well, maybe it isn't so absurdly rare it never happens, but end users hold on to access control systems for as long as they can bear, often decades, before they make a switch. What finally pushes them to change? We answer these questions and more in the following note.

Sticking with Their Systems

**** ** *** ******* ****** *** ****** ******* ******-***** *** uncommon? ****** ******: ***** ** ** ******** ****** ** ******. Take *** ******** ***** ******** ****** ***** ** *******:

*** *** **** ****, *** **** ******** ** ** ****** control ****** *** ******* ********* **** *** **** ** *******. As **** ** ******* ****** *** **** ** ********, *** goal ** *** ****** *** **** *********.

******, ********** **** *** ***** ************ ******** **** ******** ****** performing, *******, *** ****** ********** ******* ** * ******* *****, the ****** ******* ******** ********* ****** ************ ***** ** * snail's ****.

*** **** ******** ***********, ******* ** ***** *** ***** ** seldom ***** ******* *****. **** *** ******** ****** ****** *** stable *********** ** **** ****** ******* *******, ******* ** ******** to **** ******** ***** ** **** ** ***** ******* ******.

No '********* **********' *** ******

**** **** *** ******** ************ ** '***** **' ****** *******, most ** *** ******** ***** **** ***** ************* ************** ** ***-***** *************. ** **** *****, ***** ******* *** ** ********** ****** for ********** ** **** **, *** ******** *** ***** ** *** great ****** ** ****** **********'***********' ********* ** ****** ***** ****** **** *** ******* **** money **** *********** ******* *** ***** ********** ******.

*** *** ******? **-***** ******* ** *** ***** ****** ********** new ********** ** ******* ******** *******. *** ***** *** *** industry ** *********** '******* *** *********' ** ****** ******* ** ********, *** ******** ****** **********, *****.

Why ******* ******?

** **** *** *** ** ****** ****** ******* *****? *** our **********, ***** ******* **** **** ******* *** ********** ** analog ***** ************ ******* ** ***** ****:

  • **** ** *******/ ****** ******:**** ******* ****** ** * *********** ** *********. **** ************* cut **** **** *** ************ ** '*** ** ****' *********, ***** **** ******* **** ******* * ****** *** ******* and ****** ********** *** ******** **** '******** *************' ** ****, the **** ** * ****** ****** ******* ********* ** **** passes. ******* ** ** ******* ***** ***** ****** ********* ** procure, ** **** ********* ******* ***** ****** ** **** ******* platforms, *** ***** **** ****** ******* ** ** ******* ** an ********* ****** ** *******.
  • *** *********:***** ****** ******* ******* ******* ***/** ********, *** *** *********** need ** ********* **** ***** ******* ******* ** ****** **** remotely ****** **** *******. *** *********** ** *********** ****** *** management ******** ** ** ******** ********* ****** *** **** **** an ********** *********** ******** ** *** ********* ** ** ***** systems, *** **** ******** *** **** **** ****** ** *** serialized *** ****-***** ***** ** ******** ****** *******.
  • *** ***** *************:** *** **** ****, *** ************* ** ***** ************'* *********** with ****** ******* ****** * ****** ***********. ***** ********* ** achieve **** ****** **** *******, ***** *** ** ***** ******* 'out-of-box' ************ **** **** ******* ****** *********. *** *********** ******* of ******** ******* **** ***** ******** *** ******* ** **** systems, ******** ************ ** ****** *** ********** *********** * *************** task.
  • *********** / ****************:** * ****** ******, *********** *********** ** *********** ***** ******. In ***** ** ****** ********* ********-***-**** ***, **** *** ***** **** **** *** ******* ****** support ********* ******** ** ********** ************. ******** ******* **** ******* or *********** *** ***** ******, ** ******* *** **************** ******* different ********* ** ****** ********** ** ** ***-********.

Changes *** ******

*******, *** ******** ********** ** ****** ** *** ********, *** cost. *** ***** ********* ***** **** ********* ** ******* ** control **** ****, ** *********** ** ****** ******* ********* ** price. ** ******** ** *** **** **** ** ******** *** labor, ****** ***** ***** ***** **:

  • ** **************** *********:**** **** *** **** ********** *** ********** ** ***** *** video *** *** ***** ** **************** *** ****** *** ********** weight. **********, ****** ******** ********** *** *******: *** ***** ** access ****** **** ** * ******* ** ********* ***** ** a **********'* ****** ********* ** *** **** *******? *******, *** pressure ** *********** **** ***** ******* *** *** ********* ** a ****** ******** ******** *** *********** * *** **** ** the *******. **** **** *** ***** **** ********** ********** ** their ***** ********* ** ******* ****** ******* *******. ************** ***************** ******* ** '***** ** *******' **** * ********** ** vendors *** *** *** ********* ** **********, ** ****** *********** to ********. *******, ** **** ****, ** *** **** ****** should *** ****** *** ********* ** **** **** ** ******** access *********, *** ****** ********* ************ ** **** ********* ** required.
  • '*** ** *******':*** ****** ** ** **************** ******* ** ******** **** * small **** ** ****** *********** ******** *** ** *** ******. If * **** ********** ** ****** ***, **** *********** ******* the ********* ** * ******* *****. ** *********** ****** ******** ********* *******, ***** ******* **** ** ********* ** *** ***********, *** so **. * *** ****** ********* *** ***** ******** ******* to *** ****** ******.
  • **** **********: ** **** *****, *** ******* ** ** ******* ***** compliance **** ******** ******** *********. ********* ** *** *** ** an *******, *** ***** ** *** **** ** ************* ** hardware **** ** ******* ** **** ******* *****. **** **** employ **** **** ** '**************' ***** *** ********* ******** *** be ************* **** **-**, ***** ***** ***** ***** * ******. As **** ** *********** ******* *** *******, ****** ********** ******* come **** ****.

Cutover ******** ** ********

****** ******** ** ** ******* ** ********* ** ***** **********. Unlike ***** ************, ***** ******** ******* ******* ** ** ******, updating ****** ******* *** **** *** ******** ** ****** ***** are ** ********. ***** * ****** **** *** ''*******" ** an ******** *** ****** ** ****, *** ******** ** ******** for *****, *****-**** *******. **** ********, *** ******** ***** ****** to ******** ***:

************ ** *****:******* *** ****** ** **** '***********' **********, ***** ********** ***** go **** *** ** ************* ********. ********* ***** ** *** change, *** *** ********** ******** **** ******* (**: *********** ** mechanical ****, ********** ** ******) **** ******* ****** ******** **** a ****** ****** *******.

********** *********: *** ******** ** ***** *** *** ******** ****** **** be ***** ** *** *** ******. ***** '******** *******' *** be *********, **** ********* ** *** ******* **** ********* ** 'User ******* ******' ** *** ******** ** ** * **** job ** ******** ***** ******* ** ****.

***** ******** ********** ********* ***** ******* *** ***** ** **** security ********* *** **********, ******* ****** ** ***** **** ******** the **** ********.

  • ****** **********: ****** ********** *** *********, ****** * ****** *** ******** if ********** ******.
  • **** **** * ****: ****** ********, *** *********** ****** **** ***** **** * copy ** *** **** ********, *** *** ******.
  • ****** ** *** '***** *********** ******': ********* **** **** *** **** ***** ****** ***** ***** corruption. *********, * **** ******** ****** ** ******** **** * .CSV ** ***** ***** ***** ********* ****.
  • ** *** **** *** *******: **** * **** ******** ****** ****** *** **** ***** to ********. *** ***** **** ********* ** *****, *** ******* may ******* * *** ** ****. ********** ********* ** * way ** ********** *** ******* *** ****** **** ** **********.
  • ********: ***** *** ****, *** ******** **** ****** ** **** checked ** ******* ************ *** ********.

*** ******** ****** *** ********* ******** ** ***** ** ***** to ********, *** *** ****** ** ******** *** ******** ********** to **** ********. ******* ** *** *****, **** ****** ** taken ** ******* *** ******* ********* ** ************'* ************.

*** ******** ** * ****: ******* ** '******** *** ******' *** ******* ** * new ****** ** *** *****, * ****** ******** ** ***********. In **** ***, ** ****** **** ** *****-**** ******** ** not ******** *** ** **** ** ******* ** ************* ** hardware *******. ********** *** ******* ******* ****** *** **** ******** to ** ********** '****** **' *** **** ***% ********** ****** the ****.

Comments (16)

Thumbnail profile pic

James Talmage

IPVMU Certified | 02/20/13 06:19pm

Brian, All good advice. I have a customer struggling with this decision right now (they want to change vendors, but the cost is basically preventative).

This is a huge selling point for the Mercury eco-system, in my opinion. This at least offers some comfort that you could change software vendors at a future date. Hopefully, the proposed OSDP standard will extend choice to controller hardware as well.

Karl Preuss

02/21/13 02:27pm

I have been changing out systems for years (since the mid 90's) by using a system that can support the existing readers and hardware. This allows for upgrades to the system and new door locations while maintaining the existing equipment until budget/repairs allows for upgrades at a later date. With this approach you can add remote locations and new features by combine the new and old together. IP based controllers allow for more flexibility and enterprise based access control over dispersed locations. I have amazed some customers who had existing system with how seamless it was to integrate the current systems to their new one. Once a customer get to realize the benefits of the new...up selling is a breeze.

Undisclosed Integrator #1

02/21/13 04:41pm

What about the database? Copy over, test, then "click the on" switch?

Thumbnail pp 5

Brian Rhodes

IPVMU Certified | 02/21/13 04:59pm

Hello, Undisclosed:

In my experience, the best approach is to copy the database over and run two concurrent systems during cutover. It may only be for a few hours, or it might be for days - but during this time, cardholder information is typically updated in two different systems.

Efficient? no way. Safe? absolutely!

Testing card reads on each door is important during hardware (re)install, but during cutover it's more of 'Lets make sure it works like the old system did." and the proverbial floodgates are opened with all existing cardholders interacting normally with the system. Once you're confident that the 'micro' system works, you open it up to the 'macro' system test.

Undisclosed Integrator #1

02/21/13 05:09pm

Thats pretty much the process I had envisioned. Thanks!

Karl Preuss

02/21/13 07:32pm

I usually export the Card Holder list or do a Card Holder report. The hardest part of the whole thing is determining access levels etc. So do a Schedule Report and a Access Level report (most larger systems even from the earlier days will do that) and manually setup the access levels ....the system that we use allows for batch card entry so you import the card holders and then have someone manually assign the access levels to those card holders (This is a good time to clean up the database). All of this must be done before the changeover occurs. In my experience it is always better to have a card not work then work on the wrong schedules or access points so error on the not working. (keep high level managers cards working...lol)

One thing I've learned over the years is that if you have anti passback active then you probably want to keep it soft for a few days and monitor the activity. Most customers will understand that there may be a little bit of disruption to the system and once you are sure that everything is 100% then put it into forced mode.

Patrick Heenan

IPVMU Certified | In reply to Karl Preuss | 05/21/14 08:19pm

Karl,

I came across these comments while looking for ideas for a ACS upgrade at a hospital. Here are some of the critical facts:

Old system: GE Interlogix/FC-WNx pre-Lenel controllers (101 controllers)

New system: Red Cloud/Avigilon with mercury controllers. (1 for 1 change out)

readers: HID and are compatiable with new system (410 readers throughtout the hospital)

active employees approx 700. data base contains approx. 4000 actrive and inactive personnel.

We are not the current service provider; we just had a better proposal.

Current service provider, as expected, is not cooperating with customer's demands to provide us with a data base in SQL format.

Provider said that customer signed a non disclosure agreement regarding the system. and they will not provide the request.

Customer has no information on the database or access to it.

Here's my question(s) to you:

Any experience with GE Interlogix?

If so,

Is there a way to generate reprot files and convert them to an SQL database? If I were to do this do you believe that this would befaster than just reloading each person?

Pat Heenan, RCDD

Thumbnail picture of guitar with chris

Christopher Freeman

02/23/13 01:55am

This is pretty much the same procedure we use , and have used over the years though we print out hard copies just in case of error and problems

fyi a lot of older systems wont work with new IP based systems & components

Thumbnail dsc00412 2

Jonathan Lawry

Trecerdo, LLC | 02/24/13 03:48pm

Brian, and Undisclosed:

I chuckled a little bit upon reading the comment regarding running concurrent systems during cutover: "It may only be for a few hours, or it might be for days". These must have been tiny sites! I have never seen major cutovers measured in less than weeks.

While you can gradually swap out hardware a little a time, it's much harder to phase out a badging system. Badging office personel tend not to tolerate enrolling people twice for any amount of time.

I was involved with several such cutovers of large airports and facilities while employed with the Honeywell ProWatch group. The least disruptive solution was a continuous data-transfer scheme that fed badging and configuration updates from the old to the new system during the cutover. Once you get to the point where the new system is running all the hardware, and the old system is merely data-entry, only then do you swap out the badging and other user-facing pieces and consider the process complete.

Thumbnail pp 5

Brian Rhodes

IPVMU Certified | 02/26/13 12:03am

Hello, Jonathan:

Thanks for the feedback. When you write "continuous data-transfer scheme" was that a script of piece of software that entered data into both systems at once?

Do you might sharing a little more about that?

Thanks.

Thumbnail dsc00412 2

Jonathan Lawry

Trecerdo, LLC | 02/26/13 12:55am

Sure, Brian. Full disclosure is that I am now at Mercury, so the following is based on my own prior field experience, and I am certainly not pitting one vendor over another:

We would use a "data transfer utility" that would feed data from the old system to the new on a regular basis. The tool would help the integration team map schemas from the old system's database to the new, and allow for manual scripts to be part of the process, as there is rarely a 1-to-1 rule for much of the data. The main benefit was that badging personel would only need to enter badges into a single system, and new badges would work immediately on doors conrtrolled by either system.

Alarm dispatch operators would still need to run workstations side-by-side during cutover. While tedious, it had the benefit of allowing operators to get used to the new system gradually, as well as allowing technicians to filter events that might not have existed on the old system.

Cutting over badging offices was perhaps the biggest challenge, because of the human element. In my experience, during cutover of the rest of the system, a test badging station would be used for training. When it was time to cut over the badging office, a planned closure of the badging office (to the facility's population) for a few days took place, as final configuration and training was done. This was followed by a gradual re-opening of the office over the next few days, with the integrator on-hand to iron out any wrinkles.

I have seen different manifestations automated transfer tools. They go by names like "DTU" and "Data exchange" or "data conduit", and are usually part of the software suites.

Robert Fuller

In reply to Jonathan Lawry | 10/08/13 06:15pm

Data Exchange or Data Conduit tools rarely work as advertised and the manufacturer may not offer much support. If possible I would suggest you go with a backend (SQL if available) sync. This way any DBO is able to read/write to the script. I tried a "DataExchange" and it did not work anywhere near advertised. Many fields and tables were not supported, it was very clunky, and would not run on a schedule. Going the SQL sync is also difficult but with a knowledgable DBO it is a lot easier than an modular exchange.

Robert Fuller

In reply to Robert Fuller | 10/10/13 08:34pm

MEant to say DBA, not DBO

Thumbnail pp 5

Brian Rhodes

IPVMU Certified | 02/26/13 01:31am

Thanks, Jonathan. Very insightful!

Donald Bowne

IPVMU Certified | 03/08/15 09:10pm

Very helpful as we are replacing our AC system.

Horace Lasell

03/09/15 01:07am

Pat Heenan, I notice your question was 10 months ago, so any current response may be long past the need date.

We've not had experience with access control databases, but on many fronts we've had good experience converting reports into structured data. Of course, if you're starting with no prior information at all, yours would be an entirely different challenge.

You left us with a pretty exciting cliff hanger. Is it possible to provide (in the words of Paul Harvey) "the rest of the story?"

Thanks.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

'Secure Channel' OSDP Access Control Examined on Jun 21, 2018
Despite claiming to be better than Wiegand, OSDP's initial releases did not address the lack of encryption between reader and controller, leaving...
IFSEC 2018 Final Show Report on Jun 20, 2018
IPVM attended the IFSEC show for the first time this year. The Chinese took over the show, centered on Hikvision, flanked by Dahua, Huawei and a...
Axis Releases First New Access Controller In 5 Years (A1601) on Jun 15, 2018
It has been 5 years since Axis 2013 entry in the physical access control market, with the A1001 (IPVM test). Now, Axis has released its second...
Access Control - Time & Attendance, Mustering and Mantraps Guide on Jun 13, 2018
Electronic access offers features that traditional mechanical locks cannot. While these features may not be as fundamental as keeping doors secure,...
ReconaSense - The AI / Access Control / Analytics / IoT / Video Company Profile on Jun 12, 2018
One company's ISC West booth stood out for displaying a light-up tower of buzzwords. The company, ReconaSense, pledged to be 'making sense of it...
The Benefits of An Access Control Test Door on Jun 08, 2018
Security system dealers can benefit from having their own access control test door both for demonstrations and training. Inside, we explain the...
H.265 / HEVC Codec Tutorial on Jun 07, 2018
H.265 support has improved significantly in 2018, with H.265 camera/VMS compatibility increased compared to only a year ago, and more manufacturers...
Princeton Identity Access 200 Iris Scanners Examined on Jun 05, 2018
Iris recently registered a big jump as a preferred biometric in our Favorite Biometrics survey, but access-ready options can be difficult to...
Keypads For Access Control Tutorial on May 31, 2018
Keypad readers present huge risks to even the best access systems. If deployed improperly, keypads let people through locked doors almost as if...
Ambitious Mobile Access Startup: Openpath on May 24, 2018
This team sold their last startup for hundreds of millions of dollars, now they have started Openpath to become a rare access control small...

Most Recent Industry Reports

July 2018 IP Networking Course on Jun 22, 2018
  This is the only networking course designed specifically for video surveillance professionals. Register now. Lots of network training exists...
Installation Hardware for Video Surveillance - Indoor Fasteners on Jun 22, 2018
As part of our Installation for Video Surveillance series, in this note, we cover drywall anchors. A key part of installing security hardware is...
Hikvision ColorVu Integrated Visible Light Cameras Examined on Jun 22, 2018
When it comes to low light, infrared light has become the defacto standard in surveillance. But IR is limited to monochrome images, making colors...
'Secure Channel' OSDP Access Control Examined on Jun 21, 2018
Despite claiming to be better than Wiegand, OSDP's initial releases did not address the lack of encryption between reader and controller, leaving...
Most Wanted Improvements In Manufacturer Technical Support (Statistics) on Jun 21, 2018
5 key areas of improvement and 1 clear wanted support feature were voiced by 140+ integrator responses to: What improvement in manufacturer...
GDPR / ICO Complaint Filed Against IFSEC Show Facial Recognition on Jun 20, 2018
IPVM has filed a complaint against IFSEC’s parent company UBM based on our concern that the conference violates core GDPR principles on...
IFSEC 2018 Final Show Report on Jun 20, 2018
IPVM attended the IFSEC show for the first time this year. The Chinese took over the show, centered on Hikvision, flanked by Dahua, Huawei and a...
Mobotix Releases 'Move' Into 21st Century on Jun 20, 2018
For years, Mobotix stood resolutely against, well, every other manufacturer, selling it as a virtue: MOBOTIX equipment is designed with no...
Cybersecurity Startup VDOO Disclosing 10 Manufacturer Vulnerabilities Starting With Axis And Foscam on Jun 20, 2018
Cybersecurity startup VDOO has uncovered significant vulnerabilities in Axis cameras along with many others not yet disclosed. In this report, we...
Axis Guardian - Cloud VMS And Alarm Monitoring - Released on Jun 19, 2018
Axis has struggled to deliver a cloud-based managed service video platform. Video service providers have utilized AVHS for over a decade, and have...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact