S2 NetBoxTM NetTech Rich Ames :Training
S2 System Architecture Portal Temp Probe Photo ID Camera 6 Analog Camera Reader Photo ID Badge Printing NetDoor Node Door Lock 5 IP Camera Video Recorder IP Camera (PTZ) Security Administrator IP Network IP Network 4 Temp Probe Portal 3 Alarm Security Monitor Internet Alarm Panel 2 Door Lock Portal Reader NetBox Remote Support Portal 1 Reader NetBox Node Door Lock Gate Reader Elevator Lighting
S2 System Architecture Portal Temp Probe Photo ID Camera 6 Analog Camera Reader Photo ID Badge Printing NetDoor Node Door Lock 5 IP Camera Video Recorder IP Camera (PTZ) NetDoor Node Security Administrator IP Network IP Network 4 Temp Probe Portal 3 Alarm Security Monitor Internet Alarm Panel 2 Door Lock Portal Reader NetBox Remote Support Portal 1 Reader NetBox Node Door Lock Gate Reader Elevator Lighting
NetDoor Node S2 Hardware Architecture • Controllers & Nodes • 1 ea Controller • 32 ea Nodes (Solid State) • ? ea Nodes (Enterprise)
Controller LED NC to NN NC to NN Speed NN Count N Com Connection Activity Node LED Action Co-Processor NN Com Power NN to NC Speed NN to NC Activity S2 Combo Board
Initmode • Starting point with new NetBox Controller • Set IP Address (Controller starts on “0” subnet) • Set Time (Controller) • Email Settings • Initmode (turn off?)
REX (Input) DSM (Input) Buzzer (Alarm > Output) Door Lock (Alarm > Output) Access Blade Card Reader (Reader/Keypad) Reader 1 Temp Input Reader 2 1 2 3 4 1 2 3 4 Outputs Inputs Net Door Access Blade & NetDoor Blade
Access Control Blade • Two card reader connectors • Readers using standard Wiegand output up to 128 bits are supported. • Four Supervised Inputs • Door contacts and REX devices. • Standard two wire inputs. • Wide variety of input supervision types. • Four Relay Outputs • Strike output, door opener, buzzer. • Standard 3 pin normally open or normally closed. • NOTE: Inputs and Outputs not used for door hardware can be used for other functions. 4 Inputs 4 Outputs 2 Wiegand Readers
Alarm Inputs • 8 Standard two wire inputs. • A variety of supervised and unsupervised inputs can be configured: PIR, Exit Request, Alarm button. Door Status Monitor • Input blade barcode numerals begin with “01.”
Temperature Inputs • 8 Standard two wire inputs. • S2 temperature probe • Temperature blade barcode numerals begin with “08.”
Output Blade • Eight 3-pin output relays • Standard normally open or normally closed Form C Relays • Suitable for controlling many strikes, but a step up relay should be used for magnetic locks. • Requires appropriate suppression: MOVs or diodes Output devices: Strikes, Mag locks, sounders, etc.
0 Expansion Slots Slot/Connector Positions
The Portal • Access or Egress Point • Door • Gate • Turnstile • Associate Inputs and Outputs • Readers, Keypads • Locks • Rex, DSM • Events • Actions and Alarms
Access Blade & Portal Access Blade Portal REX (Input) DSM (Input) Buzzer (Alarm > Output) Door Lock (Alarm > Output) Card Reader (Reader/Keypad)
10 Steps to Gain Simple Access • Connect a Reader • Set up a Reader • Configure a Door Lock Output • Define a Portal with Reader and Lock • Define a Card Format • Setup an Access Level for Readers/Groups • Add a Person • Assign a Card • Assign an Access Level • Present the card to the reader to unlock the Door
Decoding Credentials • Test and Compare to determine format • Decode content
Personal Information • Optional Tabs • Contact • Other Contact • User Defined • Vehicles (Parking) • User Defined Tab • 20 fields available • User Defined Labels for Tab and Fields. • Show? Y/N • Use fields for sorting and filtering reports
Photo ID • License required (Badge) • Supports Canon PowerShot digital cameras A70, A75, A80, A85, A95, A510, A520, A620, A640, G3, G5, G6, G7, G9, Pro 1, S3 IS, S5 IS, S70, S80 and SX100 IS
Support Information Your Company Contact Information • On “Dealer Info” Page • On “About” page
Support Information Your Company Contact Information • On Dealer Page • On “About” page
Securing NetBox Data: Assumption: Interactions between the various networked components in our system are not secure. Each of these pathways is secured.
Secure by Design • Minimal security vulnerabilities: • The NetBox is a “locked down” networked information appliance. • S2 controls the software/firmware that is on it. • The NetBox has a single purpose. • It is not a general purpose computer. • Minimal chance for virus attacks • Network Security • User Login, User Roles, Session Token • SSL • Encryption • Authentication & Tamper Detection
Backups(Backup is only needed when you haven’t)(Murphy’s IT corollary) • Automatic Backup daily. • System holds up to 6 weeks • Sunday is a full backup … all others are differential backups. • Seventh week starts overwrite of oldest backup. • Backup writes to CFC • Optional to NAS and FTP site. • Must set up NAS or FTP address and password. • Will not overwrite old backups. • Use “get” to off-load backup to laptop or off-site. • Save, Shutdown or Reboot save to ROM is automatic (v3.0 or higher).
Backups to NAS or FTP sites • FTP Backup (File Transfer Protocol) web site. • Network Storage (NAS=network attached storage).
Inputs • Two Pin Relays • Used to monitor status or receive input • Supervision Types • Dual Resistor NO or NC • Four States: Normal, Alarm, Short, Open • Parallel Resistor NO or NC • Three States: Normal, Alarm, Open/Short • Series Resistor NO or NC • Three States: Normal, Alarm, Open/Short • Unsupervised NO or NC • Two States: Normal, Alarm
Output Relay Connectors Normally Not Energized Normally Energized
Local to Node Events • Output activated by Portal Status • Timed or for Length of Status.
Time Specs & Holidays • Holidays: normal function does not apply unless specified as part of the controlling Time Spec. • Define Beginning Date/Time and Ending Date/Time • 3 Holiday Groups: Must be in at least one group. • Holidays are not part of Access Level unless specified in the Time Spec.
Time Specs & Holidays • Time Spec is a period of time definition • 2 standard time specs (Cannot be changed) • Always • Never • Specify Start and End Times • Days of the week and Holidays that apply
Time Specs: Where are they used? • When Access is allowed : • Access Level: Time Spec • Floor Groups: Free Access Time Spec • Portal Groups: Unlock Time Spec • Automate Change in Status: • Portal Groups: Unlock Time Spec • Floor Groups: Free Access Time Spec • Alarm Panel: Auto Arm Time Spec • Input Groups: Auto Arm Time Spec • Output Groups: Auto Activate Time Spec • When Additional Restrictions Apply • Portals: Keypad Time Spec, Exit Reader/Keypad Time Spec
First in Unlock, (Monitored Unlock) • Works with Portal Group Unlock Time Spec • Set up in System Rules • Requires a special Access Level (You should limit who can do this) • Set Unlock access level (required to activate unlock time spec) • Set Re-Lock access level (automatic relock at end of time spec) • Set reset time: resets to locked starting position. • Portal Group must have • Unlock Time Spec • First In Unlock Rule • Unlocks Door(s) with badge read during unlock time spec • Relock at end of unlock time spec or with Relock Access Level badge read.
Momentary and Scheduled Actions • Access Portals for impromptu unlock/lock • Momentary – quick unlock and relock • Scheduled Portal Unlock • Used to temporarily unlock for one-time activity • Start time and date or Now • End time and date or after X period of time • Comment is a good idea – it documents unlock reason
Threat Levels • Pre-defined to match US Homeland Security Definition and color coding. • You can add your own (snow day) • You can upload your own Threat Icon • Use to mass change Access ability • Activated by Event or Manually by pre-authorized person. • Quick Lock down • Must Assign Threat Level Groups to all Access Levels • Must reset after Threat Level has changed • Manually (may require password) • Input Event with change Threat Level action • Make sure someone has access during Lock Down.
Passback and Tailgate Violations • Definitions: • Passback is when a card is “passed back” to another person so both can gain access on same card. • To Tailgate is to gain access without a valid card read and without forced entry. • Regions are used to determine either violation • At least two regions required for passback violation. • At least three regions required for Tailgate violation. • Actions to be taken (defined in Region definition) • Soft - Log entry but allow access • Hard - Log entry and deny access • Ignore – allow access.
Regions Region 2 Reader A: In Uncontrolled Portal: Main Entrance Reader 1. Reader A Access to Region 1 Uncontrolled Region 3 Region 1 Uncontrolled
Regions Region 2 Reader G: In Uncontrolled Reader F: In Region 2 Portal: Back Entrance Reader 1. Reader G Access to Region 2 Reader 2. Reader F Access to Uncontrolled Uncontrolled Region 3 Region 1 Uncontrolled
Regions Region 2 Reader D: In Region 3 Reader E: In Region 2 Portal: Lab Back Door Reader 1. Reader E Access to Region 3 Reader 2. Reader D Access to Region 2 Uncontrolled Region 3 Region 1 Uncontrolled
Regions Region 2 Reader B: In Region 1 Reader C: In Region 3 Portal: Lab Front Door Reader 1. _________________ Access to ________ Reader 2. _________________ Access to ________ Uncontrolled Region 3 Region 1 Uncontrolled
Technical and Installation Information * For a password (must register on website): • www.s2sys.com • Support Phone: (508) 663-2505