Intelligent single-door controllers have recently increased their presence in the market, as more users opt to connect these networked-enabled, power-over-Ethernet (PoE) devices directly to a network. The approach provides simplicity and adds value but, like any technology, there are some limitations to consider when managing an enterprise access control program.
Intelligent door controllers manage the basic functions of opening and closing a door locally, and are connected to the IT backbone, where multi-door functionality is managed. Should the network become unavailable, these door controllers automatically switch from network mode to standalone mode.
But the systems that use these devices depend on connectivity to the host application to control higher-level access control functions, such as the creation of passback or arm/disarm zones, mantrap configurations, producing occupancy counts and global input/outputs (I/O). All these are critical access control functions, especially in the increasingly complex world of enterprise security.
What happens to these functions if a network connection is interrupted? The short answer is: They are lost. But leveraging proven technologies to augment IP devices can bridge the gap between functionality and security.
At the Mercy of the Network
Security practitioners prefer that their systems do not rely solely on the corporate network. That’s why intelligent controllers provide functionality to ensure continued basic operation at the door level in the event of a network outage. As mentioned above, the door controller switches to standalone mode and continues to operate the single door during a network outage. Is it too much to also expect continued operation of higher-level access control functions in the event of a network outage? Must users “settle” for partial functionality when the network goes down?
Concerns about what happens to an IP-based access control system when the network goes down include:
- What is the system’s operational capability during a network failure?
- What functions are lost when the network goes down and what functions are preserved?
- What is the system’s offline behavior and what is the potential impact of that behavior on enterprise security?
- How fault tolerant/redundant are the IP links associated with a security device?
- What mechanisms exist to ensure continued, uninterrupted connection with the network?
- How critical are the functions of operational security that are lost when the door controller is offline?
- What impact might limited functionality have on the overall security stature of the enterprise?
- What additional activities and costs might be involved to create strategies to offset the limited access control functionality during a network outage?
These are valid concerns that go to the heart of what an end-user expects from an access control system. They want it to operate dependably, and especially so in a crisis situation. A variety of situations could cause the network to go down, from a natural emergency to a targeted attack. When considering risk management scenarios, security leaders should be able to depend on the full functionality of an access control system throughout a crisis. Their company’s well being may depend on it.
This situation can be remedied in how the access control system is configured. A solution is the use of a traditional IP-connected multi-door central panel with wired door controllers.
If potential network downtime and the resulting degraded operation of a security system is a concern, users should consider the merits of hardwiring clusters of their door controllers and intrusion alarm points back to a common IP. An area controller provides added intelligence to allow an access control system to continue performing multi-device security functions even during network outages. Intelligent area controllers are then connected via IP to the network.
Wireless systems are ideal for any retrofit or new construction application where wiring is difficult or impractical, or where the cost of traditional wired online access control is prohibitive.