Showing posts with label anti-passback. Show all posts
Showing posts with label anti-passback. Show all posts

Tuesday, October 1, 2024

Emergency Response and Access Control

Emergency Response and Access Control 

When it comes to ensuring safety and effectively managing critical incidents, emergency response and access control are two crucial factors. Secure Entry Solutions understand the importance of integrated solutions that provide a seamless balance between the needs of visitors and staff, while maintaining secure zones and customizing security features to meet specific requirements.

With over 90,000 organizations already choosing Keri Systems for their security needs, our solutions offer comprehensive automation of day-to-day operations, multi-site management, and proactive emergency response capabilities.

By implementing our access control systems, organizations can enhance security and prevent disasters by effectively restricting access to sensitive equipment, tightly controlling access to high-value assets, and protecting sensitive data through integration with CCTV and anti-passback systems.

Our software package enables easy management of perimeter access control, threat-level activation, CCTV integration, and auditing. With our multi-site management capabilities, organizations can effortlessly manage security across multiple locations and compile access reports for investigative purposes.

At SSA INTEGRATE, we prioritize rapid emergency response and situational awareness. Our advanced notification systems provide crucial information and situational awareness to emergency responders, enabling them to take immediate action in critical situations. With the ability to grant specific access levels to different zones or buildings, organizations can effectively manage occupancy limits and protect sensitive information and equipment.

Our cloud-based security solution (Bravo Based), offers a powerful lockdown feature that can be initiated remotely, ensuring peace of mind and enhanced security. During a lockdown, first responders are still granted access permissions to enable them to respond effectively. Once the all-clear is given, only authorized administrators have the ability to clear the lockdown.

With comprehensive integrations across security, administrative, and identity solution ecosystems, Brivo makes it easier for organizations to manage their security needs efficiently and with confidence.

Secure Entry Solutions are committed to providing top-notch emergency response and access control solutions that prioritize safety and protect against critical incidents. Partner with us to ensure the utmost security for your organization.

Enhancing Security and Preventing Disasters

Keri Systems has developed robust access control systems specifically designed for emergency responders. Our access control systems offer a wide range of features that enhance security and prevent disasters. With these systems, organizations can efficiently manage access to sensitive equipment, tightly control entry to high-value areas, and protect sensitive data.

Restricting Access to Sensitive Equipment

  • Our access control systems allow organizations to restrict access to sensitive equipment, such as fire-fighting gear, ensuring that only authorized personnel can access it.

Tightly Controlling Access to High-Value Areas

  • With our systems, organizations can establish strict access control measures for high-value areas, minimizing the risk of unauthorized entry and theft of valuable equipment or weaponry.

Protecting Sensitive Data through Integration

  • Our access control systems integrate with CCTV and anti-passback systems to provide enhanced data protection. This integration ensures that only authorized individuals can access sensitive data, reducing the risk of data breaches.

In addition to these features, Keri Systems provides a comprehensive software package that enables efficient management of access control. With our software, organizations can easily manage perimeter access control, activate threat-level protocols, integrate with CCTV systems, and generate audit reports.

Furthermore, our access control systems offer multi-site management capabilities, allowing organizations to effectively manage security across multiple sites. This feature streamlines security operations and provides a centralized platform for compiling access reports, facilitating investigative processes.

By choosing Keri Systems’ access control systems, organizations can enhance their security measures, prevent disasters, and protect sensitive equipment and data.

Rapid Emergency Response and Situational Awareness

Keri Systems understands the critical importance of rapid emergency response and situational awareness in ensuring the safety and security of organizations. Our advanced notification systems are designed to provide real-time updates and alerts to fire fighters and police officers, enabling them to respond swiftly and effectively to emergencies.

Advance Notifications

With our advanced notification systems, organizations can receive immediate alerts about critical incidents, such as unauthorized access attempts, fire alarms, or security breaches. These advance notifications allow emergency responders to have timely information, enabling them to make informed decisions and take appropriate actions.

Dual Verification

In emergency situations, every second counts. Our dual verification feature ensures an added layer of security by requiring users to authenticate their identity through multiple verification methods. This prevents unauthorized individuals from gaining access to restricted areas and enhances the overall security of the organization.

Access Levels

Organizations often have areas with varying levels of security clearance. With our access control systems, specific access levels can be assigned to different zones, areas, or buildings, ensuring that only authorized personnel can enter certain areas. This not only helps manage occupancy limits but also protects sensitive information and equipment from unauthorized access.

Multi-Site Capabilities

For organizations with multiple locations, our systems offer seamless multi-site management capabilities. This allows for centralized control, monitoring, and reporting across all sites, ensuring consistent security protocols and efficient emergency response coordination.

Occupancy Counting

Managing occupancy limits is crucial for maintaining a safe and secure environment, especially during emergencies. Our systems enable organizations to accurately monitor and track the number of people in specific areas in real-time. This information can be used to ensure compliance with occupancy regulations and aid emergency responders in making informed decisions based on accurate occupancy counts.

With the ability to integrate with other security systems and solutions, Keri Systems offers comprehensive emergency response support for organizations of all sizes. By leveraging our advanced notification systems, dual verification capabilities, access level management, multi-site capabilities, and occupancy counting features, organizations can enhance their emergency preparedness and ensure the safety and security of their premises.

Cloud-Based Security and Peace of Mind

When it comes to ensuring the safety and security of your organization, Brivo, a leading cloud-based security solution, offers a powerful lockdown feature that brings peace of mind to both administrators and first responders. With the ability to initiate a lockdown from anywhere using a laptop, phone app, or a hardwired button in the building, Brivo’s lockdown feature provides a quick and efficient response to potential threats.

During a lockdown, first responders are still granted access permissions, ensuring their ability to swiftly enter the premises and respond effectively. This feature allows them to carry out their critical duties without any unnecessary obstacles. Once the all-clear is given, authorized administrators have the ability to clear the lockdown, restoring normal operations securely and efficiently.

Brivo goes beyond just offering a lockdown feature. Their comprehensive integrations across security, administrative, and identity solution ecosystems provide organizations with a seamless experience in managing their security needs. The cloud-based nature of Brivo’s platform enables easy access and real-time updates, making it simpler than ever to monitor and control access to your facilities.

By leveraging Brivo’s cloud-based security and innovative integrations, organizations can benefit from enhanced security measures, streamlined access control, and increased flexibility. With Brivo, you can have the peace of mind knowing that your security system is reliable and up-to-date, allowing you to focus on what matters most – your business and the safety of your employees and assets.

Wednesday, February 1, 2023

Access Control Commissioning Checklist

Access Control Commissioning Checklist 

All customers are not knowledgeable to understand Access control system. When we are getting order it’s our responsibility to commissioned in proper way. In India maximum system integrator do not follow their own check list and as a result after few month call logging is started. Some call forward to OEM and System Integrator with customer’s blame on products are not good. But no one drilldown about commissioning report. Ultimately system integrator don’t know commissioning also a part of BOQ, yes they put importance only installation. I hope this checklist helps end users, integrators and consultants verify that access control installation and commissioning is complete. Take print edit as per your projects and fill all point. After that attached this with handover documents.

It covers the following sections:

  • Door Hardware Checks
  • Reader Checks
  • Controller Checks
  • Fire Alarm Loop Confirmation
  • Backup Power Compliance
  • RTE and 'Free Egress' Confirmation
  • Door Timing Checks
  • Turnstiles or Gate/Door Operator Checks
  • Credential Enrolment
  • Credential Issuance
  • Database Migration
  • Management Software User Creation
  • Access Levels and Schedules
  • Access Event Notifications
  • Door Held Open / Forced Open Troubleshooting
  • Anti-Passback Troubleshooting
  • Mapping and Custom Reporting Creation
  • Viewing Clients Installation 
  • Integration with VMS and Other Systems
  • Workstation Setup
  • Network Setup
  • Cable Verification

We recommend each person using this customize the list for their own needs / situations. There is no 'one size fits all' checklist but this list is meant to serve as a starting point to make it easier and quicker to build your own.

Door Locks and Hardware

This section covers commissioning of doors and opening locks, strikes, or other electro-mechanical hardware, including mounting and physical considerations.

Physical Operation, For every controlled opening:

  • Check all lock / hardware fasteners or mounts are secure and without play, slack, or gaps exceeding tolerances on installation instructions.
  • Ensure operation of lock is free of binding, grinding, or interference for door or frame features or other components.
  • Close and open door, or operate several cycles, the opening to ensure that no binding or warping is affecting operation. 
  • If Exit Devices are used, confirm appropriate 'Push to Exit' signage is displayed.
  • If Door Closers or Operators are used, confirm electronic access devices do not interfere with operation.
  • Confirm secure installation and function of Door Position Switches/ Contacts/ DPS.
  • Weatherproof and lightly apply grease per specification to mechanical hardware like hinges
  • Ensure any cabling or system wiring is hidden, tucked behind raceway or frames, and is not being pinched or cut by features like hinges.
  • Confirm that accessibility clearances are satisfied and any additional access control devices comply with codes.
  • If standalone, battery powered locks are used, confirm remaining battery life is strong and document commission date of batteries for future reference.

Door Controller Install Checks

  • Confirm that all terminated wiring at controller is secured and terminated without short for each device.
  • If kept in a metal enclosure, ensure panel tamper contacts and panel locks are used.  Gather panel keys for central, secure management.
  • If controllers are located at the door, confirm they are installed on the secure/locked side of the opening and located behind a tamper-resistant or semi-obscured location, such as above tiles at the door.
  • For wireless locks, confirm that all hubs or repeaters are clearly labeled as companions to the separate system readers or controllers.

Free Egress and Fire Alarm Loop Check

  • Confirm that upon fire alarm activation, all door maglocks release and are not powered.
  • Confirm that upon fire alarm activation, all emergency exit doors and openings can be freely opened and are not locked for any reason.
  • Confirm that during normal operating conditions, all 'Request To Exit' devices are located in code compliant arrangements and function properly.
  • Check that any delayed egress openings have specifically been approved by the AHJ, and delays do not exceed 15 seconds, unless specifically excepted by AHJ.
  • Confirm that all Pushbutton style RTE switches are properly labeled and displayed per local code requirements, and directly interrupt power to locks and not controller, unless specifically excepted by AHJ.

Credential Reader Checks

  • Confirm that reader device is securely anchored without gaps to the wall, frame, post, or bollard.  Seal or install trim guards where needed.
  • Confirm 'normal operation' status lights are displayed per intended behavior. (On/Off/Red/Green/Blue, etc.)
  • Confirm audible beep or siren registers when credential is read.
  • Check that reader tamper device is connected and configured.
  • If contactless type reader, present test card to confirm read range meets spec.  
  • If biometric type reader, confirm unit positioning will not be interfered with by environmental features (ie: sun movement, HVAC downdrafts, etc)
  • Confirm that accessibility clearances are satisfied and any additional access control devices comply with codes.

Credential Enrolment

  • Confirm that the only credentials to be immediately carried/used by cardholders are activated, and no batched activation of unissued/ stored credentials is done.
  • Check that each user issued a credential is accurately classified and identified in the access control software.  Include Picture ID images if possible.
  • If credentials are being renewed or exchanged, confirm physical possession, disposal, and deactivation of old credential in system.
  • If biometric credentials are enrolled, confirm multiple digits or templates are enrolled.
  • If multi-factor credentials are issued, confirm that all factors are recorded, active, and valid in the system.

Access Management Software Servers

This section covers commissioning of Management Software servers and appliances, including both hardware/network setup as well as OS and software. Some of these items may not be used depending on OS and access platform. For example, appliances typically do not require OS updates. OEM to OEM process are slight different.

Access Management Software Configuration

  • Configure Unlock, Extended unlock, Door Hold Open, and Relock event periods, as appropriate.
  • Configure user access schedules (e.g., 24/7, 8am-5pm, off-hours, holidays, etc.)
  • Configure user access levels (e.g., Managers, Workers, Visitors, Temporaries, etc.)
  • Confirm Polling Interval, or settings update push duration as prompt and as close to real-time to be accurate as recorded in system.
  • Configure any Maps or floorplans used to display and manage system control points.
  • Confirm successful integration and configuration of features like 'Video Verification', or integration with video surveillance, intrusion, fire alarm, and intercom systems.
  • Configure alarm or event notifications (email, text, etc.)
  • Download and retain copies of all door/controller configurations
  • Confirm any imported databases are clean and without problems if populating access management system.
  • For 'Anti-Passback' rules, ensure that users will not unwittingly or inadvertently cause alarms if they use atypical or uncontrolled openings.

Hardware/Security

  • Document MAC address(es) (often more than one if using multiple network cards), or if hosted/cloud access is used, document hostnames of all remote servers.
  • Assign and document IP address(es) of every networked device, endpoint, or server.
  • Apply latest OS updates (unless not recommended by manufacturer);
  • Create secure admin password
  • Create additional users as specified
  • Test UPS operation and runtime (if supplied);

Network/Security Settings

  • Document Controller and other ethernet-based devices MAC address;
  • Assign and document Controller and other ethernet-based device IP address
  • Update firmware to latest version (or manufacturer recommended/tested if different)
  • Change Controller admin password from default
  • Create multiple users if required (by specification or manufacturer recommendation)
  • Set NTP server and verify time and date;
  • Disable unused services/close unused ports (FTP, telnet, SSH, etc.);

General Server Settings

  • Confirm any requisite services or policies are free to operate and will restore automatically after reboot events.
  • Change access management admin password from default
  • Create operator/user logins
  • If LDAP or Active Directory is used, confirm valid implementation and provisioning of service.
  • Confirm and document any external database connections or dependencies by the access software.

Workstations

This list involves client workstations, including hardware, OS, and access client setup and commissioning. Some of these steps may be omitted if appliances are used. OEM to OEM process are slight different.

  • Document MAC address(es) of each workstation
  • Assign and document IP address(es)
  • Apply latest OS updates (unless not recommended by manufacturer)
  • Create secure admin password
  • Create additional users as specified
  • If dongles or hardware keys are required for client access, document location of key on workstation (e.g., Port Location, Key Serial Number)

Network

This section outlines commissioning of network hardware, including switches, routers, firewalls, etc. Some of these devices may not be used in all systems, or managed by the installing integrator.

  • Document MAC address(es) of each device
  • Assign IP address and document
  • Update switch/firewall/router firmware to latest version
  • Change admin password from default
  • Configure VLAN(s) as required; 
  • Configure QoS as required;
  • Disable unused switch ports as specified
  • Configure SNMP monitoring if required;
  • Configure MAC filtering if required
  • Download and retain configuration for each switch
  • Test UPS operation and runtime for each endpoint, if supplied

Cabling

This section covers commissioning of the access control cabling system, including labeling, supports, aesthetic concerns, and testing. OEM to OEM process are slight different.

  • Label all cables, patch panels, wall outlets, etc., as specified
  • Ensure cables are secured to supports (J-hooks, ceiling truss, etc.)
  • Conceal cables where possible/required
  • Leave properly coiled and dressed service loops at Controller or Switch location and head end as required;
  • Test all terminations and document results as specified
  • Document cable test results as specified (if certification is required)


 If need any expert comment on your projects we can help you free of cost over voice or text.


Sunday, November 1, 2015

Anti-Passback in Access Control Systems

Anti-Passback in Access Control Systems

The anti-passback (APB) feature is designed to prevent misuse of the access control system. The anti-passback feature establishes a specific sequence in which access cards must be used in order for the system to grant access.

The anti-passback (APB) feature is most commonly used at parking gates, where there is both an “in” reader at the entry gate and an “out” reader at the exit gate. The anti-passback feature requires that for every use of a card at the “in” reader, there be a corresponding use at the “out” reader before the card can be used at the “in” reader again. For the typical user of the parking lot, this works fine, because the user would normally swipe their card at the “in” reader to get into the lot in the morning, and swipe it at the “out” reader to get out of the lot in the evening. So long as the sequence is “in – out – in – out – in – out”, everything works fine. However, if a user swipes his card at the “in” reader to get in, and then passes his card back to a friend, the card would not work the second time when it was swiped by the friend. The attempt to use the card a second time would create an “in – in” sequence that is a violation of the anti-passback rules, and this is why access would be denied.

Picture Left: (1.) First the cardholder enters into the area and then the system will allow them to (*2.) exit.

Picture Right: If a cardholder has already (1.) entered and then before they exit they try (or someone else with their card tries) to enter again, the will be (3.) denied because there is an anti-passback violation because it is impossible to Enter and area when the system thinks you are already Inside.


Anti-passback can also be used at employee entrance doors. This requires that a card reader be installed on both the inside and the outside of the door. Employees are required to both "card-in" when they enter the building and "card-out" when they leave the building. The anti-passback feature is also commonly used with turnstiles.

There is an expanded version of the anti-passback feature called “regional anti-passback”. This establishes an additional set of rules for card readers inside of the building itself. Basically, this rule says that unless a card is first used at an “in” reader at the building exterior, it cannot be used at any reader within the interior of the building. The theory is that, if a person did not enter through an approved building entrance, he or she should not be permitted to use any of the readers within the building.

Depending on the access control system manufacturer, there may be additional anti-passback features in the system. Some of these features could include "timed anti-passback", which requires that a designated amount time pass before an access card can be used at the same reader again, and "nested anti-passback" which requires that readers be used in only designated sequence to enter or leave a highly-secured area.

Denying access when a user attempts to use a card out of sequence is sometimes called "hard" anti-passback. Hard anti-passback means that when a violation of the anti-passback rules occurs, the user will be denied access. Some access control systems also offer a feature known as "soft" anti-passback. When a system is using this option, users who violate anti-passback rules are permitted access, but the incident is reported to the person managing the access control system so that corrective action can be taken - most often notifying the offending employee that the access card should be used in the proper sequence in the future.

The anti-passback feature can also be integrated with the corporate computer system, preventing users from logging on to the network at their desktop computer unless they have properly entered the building using their access card. This feature can also temporarily disable the users remote log-on privileges while the user is in the building - the theory being that if the user is at work, there is no reason for someone from off-site to be logging on to the network using his or her user name and password. When the user leaves the building at the end of the day, his or her remote log-on privileges are turned back on.

Some Typical Situations

A. When someone enters the entry gate following others without his own authentication, he or she cannot get through the exit gate through his own authentication even his authentication is a valid one. It’s the same when someone gets through the entry gatefollowing others without his own authentication, he or she cannot get through the entry gate through his own authentication.

B. When someone gets through the gate, and then he or she “passes back” that card, say through a window or another door, to an unauthorized user, who then uses the same card to access the building, he or she cannot get through. The password authentication is the same.
C. When someone get through the Fingerprint/Card/Password authentication, he or she doesn't access, then he or she cannot get through the gate even the authentication is a valid one.

Set up an Anti-passback SYRiS Controller Exp:-


Set up an Anti-passback Suprema BioStar V1.62 Software Exp:-


Anti-passbackis a security mechanism that prevents a person from passing back her access card to the next person. It is designed to prevent the next person from verifying herself with another person's access card. When using BioStar, you can set up an Anti-pass back zone, which requires users who've already entered an area to leave the zone first before entering the area again. For instance, if the zone consists of two devices (let's call them Device A and Device B here), the user who's been already verified on Device A must verify herself on Device B before verifying herself on Device A again.
You can set up an anti-passback zone by performing the following steps:
1. On the Doors page, click Add New Zone.

2. Enter a name for the Anti-passback zone and choose Anti-passback Zone from the Type drop-down list.
3. Configure the settings of the Anti-passback zone and add devices to the zone by clicking Add Device.
·  APB Type
§  Soft - A user who has broken the Anti-passback rule can enter the area without the administrator explicitly releasing the alarm.
§  Hard– A user who has broken the Anti-passback rule can't enter the area without the administrator explicitly releasing the alarm.
·  In case of Disconnected
§  Door Open– Doors in the zone will get opened when the communication between the master and member devices is disconnected.
§  Door Close – Doors in the zone will get closed when the communication between the master and member devices is disconnected.
4. Choose the devices you want to add to the zone as In Device and click the right arrow button. Perform the same for Out Device.
5. Click Apply to transfer the settings to the devices.