Open Access Controller Guide
In the
access control market, there are many software platforms, but only a few
companies that make non-proprietary door controllers.
In 2019, Axis released a 3rd party-only controller, while HID purchased Mercury Security.
In this
note, we contrast common access hardware providers and which brands of hardware
many access management systems use.
·
The
3rd party offerings of Axis, HID, Isonas, and Mercury
·
How
their pricing compares
·
Why
ONVIF for Access Control Is Not A Big Factor
·
A
chart explaining which controllers 34 notable access platforms support
· The three factors that may complicate takeovers
What is an Access Control System?
An access
control system is a security measure designed to regulate who can enter or exit
a building or specific areas within it. These systems can range from simple
mechanical locks to advanced biometric and cloud-based solutions. Modern access
control systems often include features like keycards, PIN codes, mobile
credentials, and facial recognition technology.
Select Access Hardware Components
Your
access control system will require various hardware elements:
·
Control
Panels: The brain of
the system, managing access points and credentials.
·
Readers: Devices that scan keycards,
biometrics, or mobile credentials.
·
Electric
Locks: Magnetic or
strike locks that secure doors.
·
Door
Sensors: Detect
whether a door is open or closed.
·
Request
to Exit Buttons:
Allow users to leave secured areas.
·
IT: If you run an on-premises access
control system you will need a computer to run the software on and network
connectivity.
Choose hardware compatible with your desired technology and ensure it meets your building’s security standards.
'Open' Controller Options
In the access market, the number of manufacturers producing door controller hardware is comparatively small to the total number of vendors writing management software.
While some companies choose to produce their own proprietary controller designs, a significant portion of the market chooses to integrate with 'open' 3rd party devices manufactured by others.
For the
access control market, the most widely recognized non-proprietary door
controllers are produced by three companies:
·
Axis: The
company offers two different controllers, the A1001 and A1601.
Both models are two-door controllers, but the A1601 is built with higher memory
capacity, faster processors, form C relays. Both units use Axis' VAPIX
API, although the free embedded Axis Entry Manager software is only
an option for the A1001.
·
HID Global: Owned by
Assa Abloy, HID also manufactures two series of controllers, Edge and Aero,
that with a firmware update can be added to over 15+ different access systems.
·
Isonas: The Allegion
owned access hardware manufacturer opened it's line of
controllers to being integrated into other platforms in 2017. The
company's line of combo readers/controllers are IP based and PoE powered.
·
Mercury
Security: Purchased by HID in 2017, the hardware
manufacturer sells only to other businesses. Mercury produces several lines of
controllers and expansion modules, including the IP-based LP and EP series
and Series 3 Redboard panels with a common firmware
framework. Over 35 companies use Mercury designed hardware, or other
hardware using Mercury's standard firmware.
These offerings compose most of the 'open' controller options in the market.
Defining 'Open' for Access
In the
case of access control and the broader security market, 'Open' has a different
general meaning than IT and software development use. 'Open' for access
essentially means 'non-proprietary' that is potentially compatible with several
systems.
This differs from 'openness' in other tech areas where 'open-source' generally means use is free, collaboration is public, and licensing (if implemented) is light and provisional.
Cost Comparison
While
pricing varies for each controller, the hardware cost alone may also be subject
to additional software licensing. However, on a hardware only basis, pricing
looks like:
·
Axis A1001
& A1601: The A1001 is widely available online for
~$500, while the A1601 runs ~$700.
·
HID Edge
EVO: The single door controller is available from distribution with a
street price of ~$350, with options for units with integrated readers for
~$450.
·
HID Aero: The
base controller and two-door expansion module is available through resellers
for ~$650, but total cost varies depending on which base controller and how
many expansion modules are used.
·
Isonas: The
company's line of RC-04, PowerNet, and IP Bridge controllers range from $700
(single door) - $1,100 (three door bridge) depending on configuration of the
included reader.
· Mercury Security: None of these products are available as direct purchases from Mercury or through distribution. Single door controllers typical range in price from $250 - $400, but the final cost is often heavily negotiated and drops for projects with large door counts.
Compatibility Chart
The chart below provides a look at leading access brands, and which door
controllers they work with:-
The Disadvantages of Proprietary Solutions
Discussions around the “myth” of open architecture often come from
advocates of proprietary solutions who argue against the flexibility of open
systems. However, this perspective can be compared to the fox guarding the
henhouse—those who benefit from vendor lock-in are the ones discouraging open
architecture. The primary aim of proprietary manufacturers is to secure ongoing
reliance on their products, leaving organizations with little ability to switch
to alternative solutions without a major cost.
Hardware installation is typically the most expensive part of an initial Physical Access Control System (PACS) deployment. By opting for a proprietary solution, organizations essentially commit to that manufacturer for the duration of the product’s lifespan. If the solution no longer meets operational needs, a costly overhaul is required to migrate to another system. This dependency aligns perfectly with the goals of proprietary vendors, keeping organizations tied to one source indefinitely.
The Advantages of Open Architecture Solutions
Open architecture solutions offer a range of benefits that boost
security, flexibility, and efficiency. Companies like Mercury Security, HID
Aero, and Axis provide open hardware platforms that are interoperable and
supported by numerous technology partners. Choosing an open architecture
approach means futureproofing your hardware investment, allowing for a flexible
transition across providers without needing a complete system replacement.
For example, Mercury Security has the world’s largest access control hardware base, supported by over 20 OEMs. This extensive adoption enables users to switch to another Mercury OEM if the current solution is insufficient, preserving the existing hardware infrastructure and avoiding significant costs.
Five Reasons to Choose Open
Architecture
1.
Interoperability and Integration: Open
architecture supports seamless integration across various hardware and
software, enabling vendor independence, smooth communication between platforms,
and easy customization to meet unique security needs.
2.
Scalability and Flexibility: Open
architecture systems are scalable and flexible, allowing for expansion and
adaptability. Incremental upgrades are possible without major overhauls,
reducing costs and supporting long-term system value.
3.
Cost-Effectiveness: Open
architecture reduces expenses tied to proprietary systems, such as costly
upgrades and vendor-specific maintenance. By supporting partial upgrades and
enabling competitive pricing, it provides short- and long-term savings.
4.
Enhanced Security: Open systems allow
organizations to implement the latest security protocols and quickly respond to
emerging threats. They also support compliance with industry standards,
ensuring a resilient and compliant security environment.
5. Future-Proofing: Open architecture preserves initial hardware investments by allowing integration of new technologies through standard protocols. This approach ensures long-term relevance, efficiency, and cost savings.
Proprietary Private Brand Hardware Common
Notice not all platforms use or are compatible with third party panels.
For example, major providers like Tyco's Software House use proprietary controllers, which differ and are not compatible with other Tyco access products like the distribution access line Kantech that uses its own proprietary panels.
Startups like Openpath and Proxy sell 3rd-party compatible mobile readers, but also are available in versions that use their own proprietary controller boards/relays in a standalone management software.
Access ONVIF Not A Factor
When it comes to interoperability standards, access control is significantly less accepting of standards like ONVIF and no 3rd party standard is widely adopted.
As noted
in Access Control Does Not Want ONVIF, despite being so readily adopted by
video platforms, both ONVIF interoperability standards, Profile A and Profile C
have weak adoption with support from only two vendors:
Three Common Takeover Exceptions
While
generally possible, 'takeovers', where controllers associated with one platform
are switched to another, have exceptions.
The three
common factors that complicate system takeovers and controller interoperability
are:
·
Unsupported
Features/Integrations
·
New
Licensing/OEM Mask Codes
· Voided Warranty or Support
Unsupported Features/Integrations
First, in terms of existing system integrations and features, just because another system supports the same controller hardware, there is no certainty a new platform supports the same range of features and integrations. Individual features, like OSDP or event cross-linking may be supported at the panel in one system, but not the other.
New Licensing/OEM Mask Codes
Another pitfall, as noted in Does Lenel Support Unbranded Mercury Security Hardware? is some platforms may observe a 'Product OEM Mask' that codes hardware to a specific brand.
The codes are not always observed and not all 3rd party vendors have
them in place, but adding existing hardware to a new system can be blocked and
potentially require additional licensing fees or risk being refused by the new
vendor.
In other cases, like Honeywell Prowatch, physically changing chips on the controller board may be required.
Voided Warranty or Support
Finally, vendors may choose to not 'tech support' taken-over devices, nor do they typically warranty them when something goes wrong.
Thanks to Mr. Brian Rhodes, IPVM writer.