advanced access control course 3000 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Advanced Access Control Course 3000 PowerPoint Presentation
Download Presentation
Advanced Access Control Course 3000

Loading in 2 Seconds...

play fullscreen
1 / 242

Advanced Access Control Course 3000 - PowerPoint PPT Presentation


  • 236 Views
  • Uploaded on

Advanced Access Control Course 3000. Access Control Configuration. EOL Resistor Table. EOL Resistor Table. Allows configuration of EOL resistor values for all Lenel alarm inputs 4 Default values Non supervised Supervised 4 Custom values Detectable resistance range

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Advanced Access Control Course 3000' - kiril


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
advanced access control course 3000

Advanced Access ControlCourse 3000

Access Control Configuration

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

eol resistor table

EOL Resistor Table

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

eol resistor table1
EOL Resistor Table
  • Allows configuration of EOL resistor values for all Lenel alarm inputs
    • 4 Default values
      • Non supervised
      • Supervised
    • 4 Custom values
      • Detectable resistance range
        • Basic = 51Ω (minimum) to 9,999Ω (maximum)
        • Advanced = 50Ω (minimum) to 25000Ω (maximum)

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

eol resistor table2
EOL Resistor Table

Basic EOL Table

Advanced EOL Table

Common Values

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

eol resistor table cont
EOL Resistor Table Cont.
  • Table Configuration
    • Standard pre-configured settings
      • Default normally open
        • Non supervised
        • Supervised
      • Default normally closed
        • Non supervised
        • Supervised

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

eol resistor table cont1
EOL Resistor Table Cont.
  • Custom configuration
    • Basic
      • Allows configuration of low and high range
      • Allows selecting N/O or N/C contact
    • Advanced
      • Input status and resistance ranges may be defined
      • Allows configuration of priority
      • During add or modify switching between basic and advanced will keep low and high values.
    • Default button
      • Sets configurations to standard values

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

basic configuration

Defined values

Foreign

1K Ω

Foreign

2K Ω

Foreign

Short

Open

Basic Configuration
  • Basic default values
    • Normal low range
      • 750 to 1250 Ω
    • Normal high range
      • 1550 to 2500 Ω

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

advanced configuration

Defined values

0 Ω

∞ Ω

Foreign

1K Ω

Foreign

2K Ω

Foreign

Open

Short

Advanced Configuration
  • Advanced default values
    • Shorted loop
      • 0 (short) to 50 Ω
    • Foreign
      • 50 to 750 Ω
    • Inactive (secure) input
      • 750 to 1250 Ω
    • Foreign
      • 1250 to 1550 Ω
  • Active (alarm) input
    • 1550 to 2500 Ω
  • Foreign
    • 2500 to 10000 Ω
  • Open loop
    • 10000 Ω to ∞ (open)
  • Grounded input line
    • Input A or B grounded

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

advanced configuration cont
Advanced Configuration Cont.
  • Resistance range
    • Positive number representing a resistance value in ohms
    • Drop-down selection
      • infinite resistance
      • shorted line
      • ground line A
      • ground line B

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

advanced configuration cont1
Advanced Configuration Cont.
  • Status options:
    • Inactive
    • Active
    • Fault – ground
    • Fault – short
    • Fault – open
    • Fault – foreign voltage (abnormal resistance)
    • Fault – non-settling (debounce time expires)

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

advanced configuration cont2
Advanced Configuration Cont.
  • Priority
    • Configures the priority of each monitored state and assign a priority to the reported event
      • Allowable range (low-high)
    • Used when the input is in a non-determined state and another determined state will take precedence

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

debounce time

Debounce Time

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

debounce time cont
Debounce Time Cont.
  • Debounce time
    • The amount of time (mS) required for the contact to remain stable and accurately report a change of state of the input
    • Configuration is relative time based on type of input
      • General purpose alarm input (alarm panel, reader interface alarm input)
      • REX
      • Door position switch

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

debounce time cont1
Debounce Time Cont.

Debounce time

150 mS

Contact Open

Contact Bounce

Contact Closed

Time

Reported Alarm = Alarm Restored

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

debounce time cont2
Debounce Time Cont.

Debounce time

33 mS

Contact Open

Contact Bounce

Contact Closed

Time

Reported Alarm = Fault – Non settling

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

debounce time cont3
Debounce Time Cont.
  • Debounce values
    • Default – used mainly for upgrading, and for hardware not supporting configurable values
      • Previous value used when upgrading
    • 1 ~ 33 mS (default for REX)
    • 2 ~ 67 mS
    • 3 ~ 100 mS (default for general purpose inputs and DPS)
    • 4 ~ 150 mS
    • 5 ~ 200 mS
    • 6 ~ 250 mS

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

hold time

Hold Time

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

hold time cont
Hold Time Cont.
  • Hold time
    • The hold time is intended to reduce multiple transaction events from sensors that are likely to have many transitions per incident
      • Intended for general purpose inputs
    • Extends the detection of the restored alarm
      • Configured in seconds

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

hold time cont1
Hold Time Cont.

Secure

Incident

1

A single restored event will be generated at the end of each hold time

2 second hold time

Single Alarm

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

debounce hold time configuration
Debounce & Hold Time Configuration
  • Configuration of Reader Controls, AUX inputs and Alarm Inputs
    • Assigning the EOL supervision configuration
    • Debounce Time
      • 1 lowest (33ms)
      • 6 highest (255ms)
    • Hold Time
      • In seconds (1-15)

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

exit entry delay

Exit/Entry Delay

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

exit entry delay1
Exit/Entry Delay
  • Non-Latch Entry field
    • Checked/Non-latched mode
    • Unchecked/Latched mode
  • Entry Delay
    • Non-Latched mode = Alarm will be reported when the Entry Delay time expires
      • Adds false alarm prevention
      • Input must still be active at the end of delay time.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

exit entry delay2
Exit/Entry Delay
  • Latched mode = Alarm will not be reported when the Entry Delay time expires if input is masked within the specified delay time
    • Valid access to a room with motion detectors
    • Used with Reader Command Programming, Arm/Disarm Areas or Manual Masking.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

exit entry delay3
Exit/Entry Delay
  • Exit Delay
    • An active input will NOT be reported until the Exit Delay expires (count down starts after unmask action)
    • Useful for securing a room upon exit
    • Value is in seconds (0 to 32767)

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

exit entry delay cont
Exit/Entry Delay Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

first card unlock

First Card Unlock

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

first card unlock cont
First Card Unlock Cont.
  • Referred to as ‘Snow Day’ functionality
  • The reader will change to unlock mode when the first badge is presented
    • Any badge
    • Authorized badge
      • Based on access level permission
    • May also be controlled through Timezone/Reader mode

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

first card unlock cont1
First Card Unlock Cont.
  • Option enabled at each ISC
  • Enabled on a per reader basis
    • Default reader configuration
      • May also be manually changed from alarm monitoring
    • Reader mode timezone control
      • Specific times when functionality is enabled

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

slide29

First Card Unlock Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

first card unlock cont2
First Card Unlock Cont.
  • First Card Unlock Authority
    • Reader optionally configured for First Card Unlock Authority Required
      • First card unlock authority controlled by access level assignment

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

first card unlock cont3
First Card Unlock Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

first card unlock cont4
First Card Unlock Cont.

Timezone can be applied to determine when reader will switch to first card unlock mode.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

first card unlock cont5
First Card Unlock Cont.
  • Other features that can enable or disable First Card Unlock include:
    • Global I/O
    • Alarm Acknowledgment Actions
    • Guard Tours
    • Scheduler

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

cipher mode

Cipher Mode

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

cipher mode cont
Cipher Mode Cont.
  • Allows card data to be entered via the readers keypad
    • “Temporary” badge if employee forgets badge
    • Eliminates multiple badges for multiple facilities
    • May be revealed to a group of people
      • Reporting accountability would be lost
    • No physical credential
  • May be used when reader is set to card and PIN
    • Both cipher code and PIN must be entered

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

cipher mode cont1
Cipher Mode Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

cipher mode cont2
Cipher Mode Cont.
  • Magnetic card format must be assigned to the reader for format comparison
    • Card format used as template for badge information entered through keypad
    • All badge format information must be entered that is configured in the card format
      • Facility code, badge ID, issue code
      • * used to identify the start of data entry for cipher mode
      • # used for identify end of data entry for cipher mode

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

cipher mode cont example 1
Cipher Mode Cont. Example 1

* - Determined by card format

  • Reader in card only mode
    • Enter *12312345601# at the reader keypad
      • * (start)
      • 123 facility code*
      • 123456 badge ID*
      • 01 issue code*
      • # (end)

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

cipher mode cont example 2
Cipher Mode Cont. Example 2

* - Determined by card format

  • Reader in card and PIN mode
    • Enter *123456# 1234 at the reader keypad
      • * (start)
      • No facility code*
      • 123456 badge ID*
      • No issue code*
      • # (end)
      • PIN 1234

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

cipher mode cont3
Cipher Mode Cont.
  • Cipher mode will not operate in reader facility mode
  • Magnetic card format may be configured with just a badge ID
    • No facility code or issue code

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

i o linkage

I/O Linkage

Local I/O

Global I/O

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

new terminology
New Terminology
  • Local I/O
    • Confined to a single access panel
  • Global I/O
    • System wide*
      • *Segmentation restricts the ability to configure Global APB, Mustering, and Guard Tour across segments

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

local i o

Local I/O

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

local i o1
Local I/O
  • Functions operate at local level only
    • Up to 100 functions supported per ISC

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

local i o cont
Local I/O Cont.
  • Output of functions allow control of:
      • Alarm panel outputs
      • Reader outputs
      • Masking/unmasking of alarm groups
      • Opening/closing areas
      • Chain to function list
      • Access Panel callback
      • Two Man Area Control Activation
      • Reader unlock/set reader mode
      • Testing for active alarms in alarm group*
        • * - Used in conjunction with Alarm Group unmasking to provide intrusion detection panel functionality
      • Activate/deactivate time zone

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

local i o cont1
Local I/O Cont.
  • Local I/O may be executed via.
    • Device linkage
    • Command Programming
    • Instant Commands
    • Area count
    • Alarm mask group count
    • Alarm Acknowledgment
    • Scheduler
      • Part of an Action Group
      • Action type

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

local i o cont2
Local I/O Cont.
  • Device Linkage Inputs include:
    • All alarm points
    • Communications loss to downstream devices
    • Access activity
    • Workstation
      • Communication loss to host workstation running the panels LS Communication server

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

local i o cont3
Local I/O Cont.
  • Input actions on state change can be configured to
    • Do nothing
    • Set true
    • Set false
    • Pulse

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

local i o cont4
Local I/O Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

local i o cont5
Local I/O Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

local i o cont6
Local I/O Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global i o

Global I/O

Documentation References

System Administration | Appendix A | Actions

System Administration | Appendix B | Alarm/Event Descriptions

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global i o1
Global I/O
  • Global I/O
    • Functionality allows linkage between Access Panels system wide
    • Utilizes the LS Linkage Server for Global I/O execution

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global i o2
Global I/O

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global i o cont
Global I/O Cont.
  • Global Linkage
    • World Time Zone
      • Defines world time zone that the LS Linkage Server will use to execute based on the OnGuard Timezone assignment
    • Timezone
      • Defines allowable times when Global Linkage will execute based on world time zone
        • Always
        • User defined
        • Never – Could be used to disable Global I/O linkage

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global i o3
Global I/O
  • Event Timestamp Tolerance
    • Name changed in OnGuard 2008
      • Used to be called ‘Input Event Duration’ in previous versions
    • Sets a tolerance (limit) to the difference between the time of the event and the time it is received by the linkage server

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global i o4
Global I/O
  • Logic correlation time period
    • The number of seconds that each event text must occur between each other to be valid
      • Valid range 1-999 seconds
        • Defaults to 10 seconds
    • If each event transaction occurs within the logic correlation time, the output action is triggered

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global i o5
Global I/O

* - Multiple input event configurations may be configured within a single Global Linkage

  • Input Event*
    • Event is required
      • May have two inputs linked to a single event
    • Devices may be optionally assigned:
      • All field hardware
    • Badges may be optionally assigned
      • One badge ID per configuration

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global i o6
Global I/O

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global i o and or logic
Global I/O: “And / Or” Logic
  • Requires two or more input (event) transactions in a pre-configured time (Logic correlation time period) in order to generate the output event(s)
    • Not a state-based AND operation
      • All inputs must report active, but do not have to remain active
      • Inputs are ‘transaction’ based NOT ‘Alarm State’ based

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global i o and or logic1
Global I/O: “And / Or” Logic
  • Multi-layer AND/OR hierarchy may be created
    • OR gates feeding an AND gate
    • The AND gates feeding an OR gate
    • Limited to OR-AND-OR relationship

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global i o and logic group
Global I/O: “And” Logic Group
  • Two or more inputs must be selected to initially create an “And” Logic Group
    • An OR logic group will also be automatically created

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

creating logic groups

Logic Diagram

Creating Logic Groups
  • The automatically created ‘OR’ group represents that the input Event window was originally an ‘OR’ window
    • It also allows you to follow the logic of any inputs added to the window after the ‘AND’ was created

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global i o multiple logic levels
Global I/O: Multiple Logic Levels

“OR” logic group

allows multiple conditions

to trigger execution

Up to 3 logic levels may be created

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global i o modifying inputs in logic groups
Global I/O: Modifying Inputs in Logic Groups
  • Inputs may be dragged and dropped between logic groups using a mouse
    • As long as moving the input does not violate the logical operation
      • Example: There MUST always be at least 2 inputs in an ‘AND’ group
  • Logic groups may be deleted
    • User will be prompted for keeping the inputs belonging to the group

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global i o7
Global I/O

* - Multiple output actions may be configured within a single Global Linkage

  • Output Action*
    • Choices include
      • Action Types
        • Individual actions
      • Action Group Library
        • Predefined Action Groups
    • Control action
      • Action dependent on selected item

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global i o8
Global I/O

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global i o9
Global I/O
  • Local I/O may be linked to Global I/O when Execute Function List is selected for the Output Action
    • Execute: True
    • Execute: False
    • Execute: Pulse

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

grant deny action type
Grant / Deny Action Type
  • Launches pop-up on any access related event
    • Previously only launched Grant/Deny pop-up window with an access grant event

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global i o generic event action type
Global I/O: Generic Event Action Type
  • Action type used to generate a Generic Event from Global I/O
    • Useful for creating a custom alarm from the correlation linkage that may include event text
      • Custom alarm based on Generic Event and specific event text

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global i o generic event text
Global I/O: Generic Event Text
  • Configuring event text
    • Select configured text using dropdown
      • Contents added in Text Library
    • Events can be typed in the given area
      • Automatically added to Text Library

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

acknowledgment actions

Acknowledgment Actions

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

acknowledgment actions1
Acknowledgment Actions
  • Allows an Action Type or Action Group to be executed during the alarm acknowledgment process
    • Action or Action Group may be executed
  • Allows a Local I/O function list to be executed during the alarm acknowledgment process
    • Execute Function List Action can be chosen from Action Types
      • Execute: True
      • Execute: False
      • Execute: Pulse

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

acknowledgment actions2
Acknowledgment Actions
  • Acknowledgment time limit may be configured to prevent execution after a period of time lapses
    • Zero sets no limit

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

alarm mask groups

Alarm Mask Groups

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

alarm mask groups1
Alarm Mask Groups
  • Allows you to mask or unmask multiple alarm inputs and readers simultaneously
  • Limitations
    • 128 Alarm Points (items to mask) per group
    • 64 Alarm Mask Groups per Access Panel
  • Uses Device – Event assignments to determine masking
    • Each assignment can be assigned to only one masking group

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

alarm mask groups cont
Alarm Mask Groups Cont.
  • Local IO function can be linked to the masking/unmasking of the group
    • Can be used to show indication by activating device output upon unmasking

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

alarm mask groups cont1
Alarm Mask Groups Cont.
  • Alarm Masking Groups can be masked or unmasked
    • Manually through Alarm Monitoring System Status Tree
    • Using Local IO Function
      • Alarm Group Mask/Unmask
        • Absolute or Incremental
    • Using Global IO
      • Mask/Unmask an Alarm Mask Group
        • Absolute – Mask or Unmask Only
      • Execute Function List
        • Setup to call Mask/Unmask Local IO Function

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

using mask counts
Using Mask Counts
  • Allows configuration of how I/O will mask and unmask an Alarm Masking Group
    • A mask count of 0 = Unmasked
    • A mask count of 1 or higher = Masked

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

slide80

Masking methods

    • Absolute
      • Sets mask count to 1 on set true
      • Sets mask count to 0 on set false
    • Incremental
      • Increments mask count by 1 on set true
      • Decrements mask count by 1 on set false
      • Incremental is useful for using valid access grants into rooms or areas. (Anti-Passback Area Function List)

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

alarm mask group using local i o
Alarm Mask Group using Local I/O
  • Setup a function list to test and set the mask count for the Alarm Masking Group
  • Link that function list to Access Granted at Entry and Exit Readers

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

masking groups using command programming
Masking Groups using Command Programming
  • Setup a function list to test and set the mask count for the Alarm Masking Group
  • Assign the function list to a command pair under command programming

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

command programming

Command Programming

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

command programming1
Command Programming
  • Enable Command Programming at a particular reader
    • Access level must be enabled for Command Authority and level must be assigned to cardholder’s badge
  • Function may be assigned to key command pair
    • Command range 4-15
      • Even number sets function true, e.g. *4#
      • Odd number sets function false, e.g. *5#

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

command programming cont
Command Programming Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

command programming cont1
Command Programming Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

instant commands

Instant Commands

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

instant commands1
Instant Commands *
  • May be entered at any keypad reader
  • Non-paired commands used to execute local I/O function lists
    • Function 16-22
    • Example - * 17 #

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

instant commands2
Instant Commands
  • Command sequence entered into keypad readers
    • Does not first require an access grant transaction
    • Useful for Local I/O functions that can be executed by anyone at anytime
    • Commands may be entered when reader is in Locked or Unlocked mode

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

instant commands cont
Instant Commands Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

unknown user command event

Unknown User Command Event

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

unknown user command event1
Unknown User Command Event
  • An Unknown User Command event will be generated and logged containing keypad user command data unrecognized by the system
    • Note: Default Unknown User Command alarm definition is set to not display or print

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

unknown user command event2
Unknown User Command Event

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

unknown user command event3
Unknown User Command Event
  • May be used to
    • Track and report keypad entry
      • Erroneous entry
      • Intentional
    • Creating custom command sequences
      • Custom alarm definitions and Global I/O linkages may be created containing the invalid command strings
        • Uses event text library

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

user commands

User Commands

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

user commands1
User Commands

 Non-Segmented system

Segmented system 

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

user commands cont
User Commands Cont.

Configuration of the Extended Held Command

Configuration of the Intrusion Command

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

extended held command
Extended Held Command
  • Allows held open time to be extended for a specific reader by a validated cardholder
    • Examples:
      • Cleaning crew removing large quantity of trash
      • Shipping and receiving with large delivery
      • Occupied Rooms with low security levels in need of air circulation.
        • Training Rooms
        • Hardware closets
        • Libraries
        • Board/meeting rooms
        • Etc.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

extended held commands
Extended Held Commands
  • Extended held command options
    • Code
      • Must be 3-6 digits in length per system (segment)
        • Avoids conflict with Reader Commands 4-15
    • Minimum time (1 minute)
    • Maximum time (999 minutes)
    • Pre alarm time (1-30 minutes)
  • User has 15 seconds from valid access to enter the extended held command

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

extended held commands1
Extended Held Commands
  • Command Authority for Extended held
    • Reader must be configured for allow user commands
    • Access level must be enabled for Command Authority and level must be assigned to cardholder’s badge

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

extended held commands2
Extended Held Commands
  • Reader Beep
    • Setting must be set to “Use reader buzzer” in the System Administration / Access Control / Readers / Settings / Pre-Alarm Mode field
    • once every two seconds during pre-alarm time (not configurable)
    • Pre-alarm in extended held command overrides pre-alarm in reader settings

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

extended held commands3
Extended Held Commands
  • Reader Output Pulse
    • Setting must be set to “Use aux output 1” in the System Administration / Access Control / Readers / Settings / Pre-Alarm Mode field
    • Causes auxiliary relay 1 to energize for the “Output pulse time” when an Extended Held Open Pre-alarm occurs

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

extended held commands4
Extended Held Commands
  • Command Sequence:
    • Valid Access Granted
      • Present badge + proper access level + hold open door
    • * or ← on LNL-CK
      • Tells system that cardholder is about to enter a command
    • Extended command code
      • Default = 200

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

command sequence continued
Command Sequence Continued
    • Three digit extended held time in minutes
      • 002 = two minutes
      • Time before issuing pre-alarm and/or held alarm
    • # or Command key on LNL-CK
      • Tells system that the cardholder is finished entering command
  • Example:
    • Extended Held for 30 minutes
    • Access Granted + * + 200 + 030 + #

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

intrusion command
Intrusion Command

NOTE: Prior to 5.12.110 this was called the Arm/Disarm command and did not include the Advanced Permission Control functionality

  • Allows cardholder to Arm/Disarm an alarm mask group using keypad input.
  • Set Intrusion Command Configuration
    • Global Permission Control – allows for basic Arm/disarm functionality
    • Advanced Permission Control – allows for more discrete control of Arm/disarm permission
      • Training covered in Elective Distance Learning Course, EL3700 Embedded Intrusion

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

intrusion command1
Intrusion Command
  • Allow Intrusion Commands at the Reader
  • Typically the LNL-CK is used
    • Access panel firmware 3.083 or higher is required.
    • Non-command keypads are not recommended but may be used

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

intrusion command global
Intrusion Command: Global

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

intrusion command global1
Intrusion Command: Global

Cardholder must also have an access level with Global intrusion command authority

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

intrusion command2
Intrusion Command
  • Command Sequence:
    • Valid Access Granted - Present badge + proper access level + open door
    •  - Tells system that cardholder is about to enter a command
    • Arm/disarm command code - Default = 300 - Tells system that cardholder is executing arm/disarm command
    • Two digit alarm mask group ID - Tells system what mask group to arm or disarm
    • “Command” - Tells system that the cardholder is finished entering command

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

command sequence continued1
Command Sequence Continued
    • Arm/Disarm Command
      • 1=Disarm: Sets alarm mask group to 1 and masks all events in the group
      • 2=Arm: Sets alarm mask group to 0 and unmasks all events in the group
      • 3=Forced Arm: Sets alarm mask group to 0 and unmasks all events in the group even if a device is in alarm at the time of arming
      • 4=View: Allows you to view any active points to help you determine if any further action is required before arming
  • Example: Access Granted + + 300 + 01 + Command + 2 = Arming #01 Alarm Masking Group

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

command keypad lnl ck
Command Keypad (LNL-CK)
  • LNL-CK may be set as an alternate reader to the primary door reader for visual text message display

Stand Alone

No Door Hardware

Address 0-31

Reader Device

Alternate RS-485 Device

LNL-CK Uses door hardware from RIM

Reader Port 1

LNL-CK Uses door hardware from RIM

Address 1

Address 1

Address 2

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

command keypad
Command Keypad
  • LCD display will display text information
    • Line 1
      • Locked, Unlocked, Ready, Denied, Access granted, Enter PIN, Next badge, Not authorized, Invalid data, Timed door open
    • Line 2
      • Current time, *’s on PIN entry, Number of minutes/seconds left until door held alarm occurs
  • LNL-CK can also display the extended held time available:
    • 14:32 to alarm = Held alarm in 14 minutes and 32 seconds.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

access level extended options

Access Level Extended Options

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

access level extended options1
Access Level Extended Options
  • Access levels may be configured with extended options
    • Escort feature
    • Temporary access
  • Options configured globally
    • Per system
    • Per segment basis

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

access level extended options2
Access Level Extended Options

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

access level extended options3
Access Level Extended Options
  • Escort Feature
    • Feature utilizing the ‘two man’ rule for visitors or cardholders required to be escorted by a designated escort
      • Escorted badge(s) presented first
      • Escort badge presented within 15 seconds
      • Access granted for both badges

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

access level extended options4
Access Level Extended Options
  • Configuration allows access levels to be set
    • Not an escort or does not require an escort
      • Standard access level
    • An escort
      • Access level designated as being an escort
    • Requires an escort
      • Access level designated as needing an escort

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

access level extended options5
Access Level Extended Options
  • Temporary Access
    • Feature downloaded to the access panels allowing configuring either/both
      • Activation date/time
      • Deactivation date/time
    • A group of badges may be affected by activating/deactivating the access level
      • Hardware resident rather than host driven

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

access level extended options6
Access Level Extended Options

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

access level extended options7
Access Level Extended Options

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

area control and anti passback

Area Control and Anti-Passback

Documentation References

System Administration | Appendix G | Special Two-Man Rule

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

reader interlocking
Reader Interlocking
  • A multiple door interlock may be created using Local APB
    • For any door in the area if either the door strike is active or the door is open, no other door may be opened to leave or enter the area
      • Typically used with magnetic locks in order to secure the interlock

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

reader interlocking1
Reader Interlocking
  • This option requires
    • LNL-2220 or LNL-3300 panels
    • System configured with local areas
      • Reader tab for APB is used for configuration
      • If Global APB is enabled this option will be unavailable
  • When the area interlock is active, any additional request for access will be denied
    • An event will be indicated in Alarm Monitoring
    • LED’s on the door reader(s) will show that access has been disabled

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

reader interlocking2
Reader Interlocking
  • Interlock Area Events
    • Interlock Area Busy
    • Cannot Open Door: Interlock Area Busy
    • Exit Request Denied: Interlock Area Busy
    • DURESS - Interlock Area Busy

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

reader interlocking3
Reader Interlocking

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

anti passback overview
Anti-Passback Overview
  • OnGuard supports either Local or Global Anti-Passback (APB)
    • Local Area Control & APB
      • Tracked and controlled by access panel
        • Access Panels
    • Global Area Control & APB
      • Tracked in DB and controlled by software
        • Communication servers

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

local anti passback
Local Anti-Passback

Access Control

Panel

Area #1

Inside

1A

1B

2B

2A

Area #2

Outside

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global anti passback
Global Anti-Passback

Access Control

Panel

Access Control

Panel

Area #1

Inside

1A

1B

2B

2A

Area #2

Outside

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

types of anti passback
Types of Anti-Passback
  • Three Types of Anti-Passback scenarios
    • Soft
      • Event generated if system thinks you are not in “Area Leaving”
    • Hard
      • Access Denied into “Area Entering” if system thinks you are not in “Area Leaving”

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

slide130

Timed

    • Individual Reader
      • Access denied to individual reader until configurable countdown time expires
      • Countdown time transfers to new reader on every access granted event.
    • Area
      • Access denied to “Area Entering” until configurable countdown time expires
      • Countdown time transfers to “Area Entering” upon access granted event at an entering area reader

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

soft anti passback

Then Here Again

Then Here

4

3

2

Then Here

1

Swipe Here

Soft Anti-Passback

Access Control

Panel

Area #2

Outside

Area #1

Inside

1A

1B

2B

2A

#4 Outcome = Access Granted Anti-Passback Violation

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

hard anti passback

Then Here Again

Then Here

4

3

2

Then Here

1

Swipe Here

Hard Anti-Passback

Access Control

Panel

Area #2

Outside

Area #1

Inside

1A

1B

2B

2A

# 4 Outcome = Access Denied Anti-Passback Violation

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

timed anti passback

Then Here Again

Then Here

3

4

2

Then Here

1

Swipe Here

Timed Anti-Passback

Access Control

Panel

Area #2

Outside

Area #1

Inside

1A

1B

2B

2A

10:00

09:49

09:40

09:41

09:42

09:59

09:45

09:46

09:47

09:48

09:44

09:50

09:52

09:53

09:54

09:55

09:56

09:57

09:58

09:51

09:43

09:50

10:00

09:59

09:58

09:56

09:57

09:53

09:52

09:51

09:55

09:54

09:55

09:50

09:51

09:53

09:54

09:57

09:56

09:58

09:59

10:00

09:52

# 4 Outcome = Access Denied on 1A reader for 10 min.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

segmented vs non segmented
Segmented vs. Non Segmented

 Non-Segmented system

Segmented system 

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

anti passback settings
Anti-Passback Settings
  • Reset APB Status
    • Local APB
      • Option to reset ABP at the start of a timezone
      • Reset Now button – resets ABP immediately
    • Global APB
      • Timezone option is disabled
      • Reset Now button is available
  • Global APB
    • Select checkbox to enable Global APB

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

local anti passback1

Local Anti-Passback

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

setting up local apb
Setting up Local APB
  • Local APB is setup in several steps
    • Enable Store APB Locations at Access Panel
    • Create/Set up Areas
    • Set up APB at Readers
  • Timed APB
    • Enable Timed APB at the Access Panel
    • Set up time limit at the readers
    • Areas may be used with Timed Area APB option set at the reader
      • In this case you will also need to create areas

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

enabling at the access panel
Enabling at the Access Panel

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

local areas
Local Areas
  • All Local Areas are considered a ‘Normal Area’ type
  • A default local area will be created in a local APB system/segment when a new access panel is added
    • Normal Area (Default Area)
  • Areas may not span Access Panels

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

local areas cont
Local Areas Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

local areas cont1
Local Areas Cont.
  • Default Local Area
    • This area is automatically created for each panel
    • All badges will be assigned to the default area
      • After an ISC database download
      • When new badges are first created
    • Typically no area features should be configured for default area
    • Do not delete the default area

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

creating a local area
Creating a Local Area
  • Select the panel (ISC) for the area
  • Define area rules
    • Anti-passback readers associated with the area will be listed once readers are configured
    • Interlock
    • User Counting
      • Two man control
      • Maximum occupancy
      • Close Area
    • Occupancy actions
      • Function list

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

slide143

User Counting

    • Maximum occupancy
      • Setting count to zero disables feature
    • Two man control
      • None: Feature disabled
      • Standard: Two cardholders must be in the area at all times
      • Other options are available is Special Area Rules are enabled at the access panel
    • Close area
      • Manually closes area to any card access

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

slide144

Occupancy Function Actions

    • A Local function list may be set to activate based on occupancy
    • Minimum count
      • Triggers Local I/O on descending count direction
    • Maximum count
      • Triggers Local I/O on ascending count direction

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

timezone area modes
Timezone/Area Modes

Doors associated to areas can be configured to open or close based on the start and end timezone

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

setup local apb readers
Setup Local APB Readers
  • Area Configuration Rules
    • Area entering
      • Updates badge being used with new area
      • Required
    • Area leaving
      • Checks for APB violation
        • Free pass negates this check one time
        • Cardholder must be in this area before access
      • Not required
        • System has choice for ‘Don’t care’; equivalent to blank

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

local apb readers
Local APB Readers
  • Anti-Passback tab in reader configuration
    • Area entering
      • Move the badge to this new area
    • Area Leaving
      • Badge must be in this area to use the reader (for Hard APB)
    • Use Soft anti-passback (APB not enforced)
    • Timed Area anti-passback
      • Used to allow areas with Timed APB
    • Timed anti-passback setting (minutes)
      • Actual time limit for the same badge using the reader twice in a row

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

local apb readers1
Local APB Readers

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global anti passback1

Global Anti-Passback

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global anti passback2
Global Anti-Passback
  • Global Anti-passback may be enabled system wide or may be enabled per segment
    • Global and Local Areas are not supported simultaneously in a non-segmented database or in the same segment in a segmented database
    • Global Area Control utilizes the LS Communication Server to track APB

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global apb cont
Global APB Cont.
  • Decision to grant / deny access will be made at the database when using Hard APB
    • If reader is configured for APB
    • Decision based on APB location
  • Decision to grant / deny access will be made by the access panel when using Soft APB
    • Decision based on access level
    • Anti-passback event generated after the access event is received by the database

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global apb cont1
Global APB Cont.

When online, the LS Communication Server performs OnGuard database lookup to enforce APB

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global apb cont2
Global APB Cont.
  • For Hard APB only, when the panel is offline from the OnGuard database
    • Access panel will attempt to make access decision through the LS Communication Server for 15 seconds
      • Reader blinks red/green during this time
    • After 15 seconds of database inaccessibility the off line state is then enforced based on the configuration of anti-passback at the reader
      • Access will be denied for all cardholders (default)
      • Decision will be made by the Access panel based on access level

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

setting up global apb
Setting up Global APB
  • Global APB is setup in several steps
    • Enable Global anti-passback
    • Create/Set up Areas
    • Set up APB at Readers

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global areas
Global Areas
  • Areas may span Access Panels
    • Not associated with an access panel
      • Tracked by the Communication Server
  • Some area features disabled
    • Two man control
    • Function list activation
  • Global Area types
    • Normal (Similar to a local area)
    • Hazardous (only used with Mustering)
    • Safe (only used with Mustering)

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global areas cont
Global Areas Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global apb readers
Global APB Readers
  • Global APB reader configuration
    • Similar to Local APB reader options
    • Timed Area APB not available
    • Timed APB is available but reader must not be associated to an area
    • Host Decision Offline Mode
      • Global areas require access to DB so we need to set the behavior when the database is offline
      • Default is to Deny all access attempts
      • Set Make local decision at panel to suspend APB and revert to panel access level enforcement

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global apb readers cont
Global APB Readers Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

alarm monitoring
Alarm Monitoring
  • Areas
    • Occupancy report
      • Displays cardholders in area
      • May be manually refreshed
    • Move badges
      • Allows moving cardholder to selected area

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

anti passback features
Anti-Passback Features
  • Allows current cardholder displayed
    • One Free Pass
      • APB not enforced for first access attempt
    • APB Move Badge
      • Allows badges to be moved from the current area to a new area
        • Notes may also be logged
      • Global APB only
    • Display Global APB Areas
      • Displays the Global APB areas for all badges of the currently displayed cardholder

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

anti passback features1
Anti-Passback Features

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global apb reset
Global APB Reset
  • Listed as an Action In only scheduler
    • Global APB System/Segment Reset
      • Local APB Reset was done on a timezone or manually

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

mustering

Mustering

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

mustering1
Mustering
  • Global APB is the foundation for Mustering
  • Mustering requires at least two global areas
    • Hazardous Location
    • Safe Location

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

mustering cont
Mustering Cont.
  • Hazardous Location
    • A danger area
    • When Mustering is initiated, a occupancy report will be generated showing cardholders in the Hazardous Location
    • More than one Hazardous Location may exist for a Safe Location(s)
  • Safe Location
    • A safe area used to account for and assemble cardholders leaving a Hazardous Location(s)
    • More than one Safe Location may exist for a Hazardous Location(s)

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

hazard location
Hazard Location
  • Hazardous Location
    • Not associated with an access panel
      • Tracked by the DB/Communication Server
    • Normal areas may be associated and located within a Hazardous Location
    • Active area features
      • Maximum occupancy
      • Close area

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

safe location
Safe Location
  • Safe Location
    • Not associated with an access panel
      • Tracked by the DB/Communication Server
    • No area features enabled
    • Cardholders area will update regardless of access level permissions during Mustering
      • Cardholder must access the Safe Area reader
    • Recommended Safe Area configuration
      • Set area leaving as ‘Don’t care’
      • Enable ‘Soft APB’

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

safe location cont
Safe Location Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

associated safe locations
Associated Safe Locations
  • Associated Safe Location
    • Associates one or more safe locations with each Hazardous Location
    • A mandatory configuration when the following functionality is required
      • Muster Reset Area
        • Removes all badges from safe area to a specified area when Muster mode is reset
      • Muster Start Area
        • Removes all badges from safe area to a specified area when Muster mode is initiated

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

associated inside areas
Associated Inside Areas
  • Associated Inside Areas
    • Associates normal areas with the Hazardous Location
    • Muster report will list all badges within the Hazardous Location and all associated areas

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

mustering reporting
Mustering Reporting
  • Muster Reporting
    • Muster report shows badges within the Muster area and associated areas
    • Alarm monitoring Muster Report activation
      • Immediate
      • Time delay in minutes
      • Minimum occupancy is reached

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

safe reader configuration
Safe Reader Configuration
  • Anti-passback tab in reader configuration
    • Similar to all other APB reader configurations
  • Readers entering a Safe Area
    • Automatically “Use soft APB”
    • Automatically set Area Leaving to <Don’t Care>

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

alarm monitoring1
Alarm Monitoring
  • Hazardous Location
    • Muster report
      • Real time display of cardholders in Hazardous Location and optionally inside areas within the Hazardous Location
      • Optionally removes all cardholders from Safe Area Automatically refreshed every two minutes
      • Shows last attempted location
    • Start muster mode
      • Starts muster mode for Hazardous Location
    • Reset muster mode
      • Stops muster mode for Hazardous Location

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

alarm monitoring cont
Alarm Monitoring Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

guard tour

Guard Tour

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

guard tour1
Guard Tour
  • Creates predefined guard checkpoints that must be reached in the correct order in a pre-defined rehearsed time range
  • Alarm input devices may be optionally configured as checkpoint devices for ease of configuration
    • Filtering purposes

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

guard tour configuration
Guard Tour Configuration
  • The Guard Tour wizard will configure:
    • Devices to be used as checkpoints
      • Devices may be filtered by defining device as a checkpoint device
        • Readers
        • Reader aux inputs
        • Alarm panel inputs
        • Personal safety device inputs
      • Checkpoint devices may span Access Panels
        • Must reside in same segment in a segmented database

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

guard tour configuration cont
Guard Tour Configuration Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

guard tour configuration cont1
Guard Tour Configuration Cont.
  • Device minimum/maximum times
    • Defines time window that checkpoint must be reached
      • From start of tour if first device in tour
      • From previous checkpoint device
    • Time may not be set to zero
  • Device order
    • Order that checkpoints must be toured

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

guard tour configuration cont2
Guard Tour Configuration Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

action events
Action Events
  • Define actions link(s) to checkpoint action events
    • Action type
    • Action group
    • Execute Function List

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

action events cont
Action Events Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

action events cont1
Action Events Cont.
  • Checkpoint reached on time
    • Generated when guard arrives between minimum and maximum times
  • Checkpoint reached early
    • Generated when guard arrives prior to minimum time
  • Checkpoint overdue
    • Generated when maximum time exceeded and guard has not yet arrived
  • Checkpoint reached late
    • Generated when guard arrives after maximum time

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

associated messages
Associated Messages
  • Associate messaging with action events
    • Email
      • Recipient(s)
      • Subject
      • Message

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

associated messages cont
Associated Messages Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

monitor stations
Monitor Stations
  • Monitor station assignment
    • Monitor station must be first configured in Monitor Station configuration
    • Selects which Alarm Monitoring stations will be notified
      • When the tour is scheduled to begin
      • When tour is started at another alarm monitoring station

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

monitor stations cont
Monitor Stations Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

digital video
Digital Video
  • Digital Video Camera assignment
    • Associate cameras to checkpoint devices for live view or record tour that is underway
    • Enable live video for this tour
      • Will display a matrix view for all cameras linked to the checkpoint devices in the tour
      • Colored frame follows tour activity

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

digital video cont
Digital Video Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

tour instructions
Tour Instructions
  • Tour Instructions
    • Create instructions for the tour that may be viewed or printed from Alarm Monitoring

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

tour groups
Tour Groups
  • Allows assignment of a single or multiple tours
    • Random Tour List
      • Picks a random tour from the Tour Group that is scheduled to run
    • Security Clearance Level
      • Only the guards that have Security Clearance are listed when the tour is launched.
        • Guards without Security Clearance Level can also be selected.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

tour groups cont
Tour Groups Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

security clearance
Security Clearance

Cardholders are set as recommended guards for a tour by assigning security clearance.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

tour scheduler
Tour Scheduler
  • Schedules Tours or random Tours from Tour Group
    • Alarm Monitoring Workstations will be notified that tour needs to be started
      • First Alarm Monitoring workstation that starts tour gets priority
        • All other Guard Tour Stations will be notified

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

tour scheduler cont
Tour Scheduler Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

guard tour events
Guard Tour Events
  • Guards Tour events appear only in the Alarm Monitoring Guard Tour dialog
    • Guard Tour events are stored in a separate database table
      • Events are generated by LS Linkage Server
      • Guard Tour events sorted by each individual tour

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

guard tour event definitions
Guard Tour Event Definitions
  • Guard Tour Initiated
    • Issued at start of tour
  • Guard Tour Completed
    • Issued when last checkpoint reached
  • Guard Tour Completed with errors
    • Issued when last checkpoint reached but one or more checkpoints were not reached on time or missed all together

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

guard tour event definitions cont
Guard Tour Event Definitions Cont.
  • Guard Tour Cancelled
    • Cancelled by the Alarm Monitoring operator before Tour is started
  • Guard Tour Terminated
    • Tour terminated prior to completion by Alarm Monitoring operator

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

guard tour event definitions cont1
Guard Tour Event Definitions Cont.
  • Checkpoint reached out of sequence
    • Issued when a checkpoint was reached that was expected further along in the tour
  • Checkpoint missed
    • Issued when a checkpoint further along was reached before this checkpoint

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

terminology
Terminology
  • Alarm Monitoring Operator
    • User responsible for monitoring alarms, controlling hardware at the Lenel OnGuard Alarm Monitoring station
  • Guard
    • Security officer responsible for physically touring the facility as part of the Guard Tour

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

launching a guard tour
Launching a Guard Tour
  • Guard Tour
    • Launch Guard Tour from Hardware tree or toolbar
      • Start tour
      • View tour

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

launching a guard tour cont
Launching a Guard Tour Cont.
  • Select tour
  • Instructions
    • View or print tour instructions
  • Select Guard
    • With proper Tour Security Clearance Level
    • Any Guard
    • Any badge

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

launching a guard tour cont1
Launching a Guard Tour Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

destination assurance

Destination Assurance

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

destination assurance cont
Destination Assurance Cont.
  • Global functionality allows timing the use of a initiating reader to one of several destination readers
    • Maximum time 9999 minutes (approximately 7 days)
  • Must proceed to exit readers option enforces use of the exit reader prior to any other reader
    • Other readers may be accessed prior to the exit reader within the timeout, with the option turned off
  • Note: LS Linkage Server must be running

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

without must proceed to exit readers
Without “Must Proceed To Exit Readers”
  • Entrance reader access
  • Alarm configuration 20 minutes timer begins
  • Exit reader must be accessed prior to timeout expiration
    • Alarm generated if not accessed within 20 minute timeout
      • Other readers may be used during the 20 minute timeout*

Entrance

Reader

20 minutes

Exit

Reader

* Option off

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

with must proceed to exit readers
With “Must Proceed To Exit Readers”

Entrance

Reader

  • Entrance reader access
  • Alarm configuration 20 minute timer begins
  • Exit reader must be accessed prior to timeout expiration
    • Alarm generated due to non-exit reader being accessed*
    • Alarm also generated after the 20 minute timeout

Non- exit

Reader

20 minutes

Exit

Reader

* Option on

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

destination assurance cont1
Destination Assurance Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

enabling badge exemption
Enabling Badge Exemption
  • A system prompt occurs when creating the first Destination Assurance link after performing an OnGuard upgrade
    • Enable badge exemption option
      • Allows each badge to be set exempt for this feature
        • Default is non-exempt
      • All users with view or edit permissions to see the Destination Exemption option control
    • New installs have the option automatically added to the badge form

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

lost stolen badge event

Lost/Stolen Badge Event

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

invalid badge event
Invalid Badge Event
  • Invalid badge events will have the badge status appended to the event description for inactive badges
    • No status will be appended on an active badge that is generating an invalid badge event
      • Standard invalid badge event will be generated on an active badge due to no access levels assignment

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

basic configuration1
Basic Configuration
  • Cardholder option must be enabled
    • Use invalid badge event text
  • Report badge as being lost or stolen
    • Deactivate badge for cardholder
  • Invalid Badge alarm
    • Alarm description format dropdown can now be edited
      • Event Text Only
      • Alarm Name Only
      • Alarm Name – Event Text
      • Event Text – Alarm Name
  • Refresh Alarm Configuration in Alarm Monitoring

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

cardholder options
Cardholder Options

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

additional event configuration options
Additional Event Configuration Options
  • Badge statuses requiring special handling will need an exact entry match in the Text Library
  • Special alarm handling may be configured
    • Alarm definition will need to include text
    • Global I/O will need to include text as the trigger for an action execution

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

advanced configuration1
Advanced Configuration
  • Cardholder option must be enabled
    • Use invalid badge event text
  • Create Badge Status entry
  • Create Text Library entry
    • Directly from Text Library or Alarm Definition or Global I/O
  • Create custom alarm definition and/or create Global I/O

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

badge status
Badge Status

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

text library
Text Library

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

alarm definition
Alarm Definition

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

global i o10
Global I/O

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

examples
Examples
  • Active badge with at least one access level
    • Access grant
  • Badge not in DB
    • Invalid badge
  • Active badge with no access levels assigned
    • Invalid badge
  • Badge marked as Lost (with Cardholder Option enabled)
    • Invalid badge – Lost

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

uses of event text
Uses of Event Text
  • Events that may be configured with event text
    • Generic event
    • Invalid badge
      • Option must be enabled in Cardholder Options
    • License expiration
    • Unknown user command

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

advanced alarm handling options

Advanced Alarm Handling Options

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

advanced alarm handling options1
Advanced Alarm Handling Options

//System Administration/Administration/Monitoring/Alarms/Failure to Acknowledge

  • One of two alarm handling options may be configured per alarm definition
    • Alarm highlighting
      • Displays pop-up window after a pre-configured period indicating that an alarm has not been acknowledged
    • Alarm forwarding
      • The alarm will be forwarded to another alarm monitoring station after a pre-configured period

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

slide228

//System Administration/Administration/Monitoring/Monitor Zones/Monitor Stations

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

  • Dependent services
    • The LS Communications Server is used to forward hardware related alarms
    • The LS Linkage Server is used for non-hardware related alarms
      • Mustering alarms
      • OpenIT events
alarm highlighting
Alarm Highlighting

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

alarm highlighting cont
Alarm Highlighting Cont.
  • A dialog box will to pop-up in Alarm Monitoring when the alarm has not been acknowledged in the configured time frame
    • Option to silence the reoccurrence of select alarms for the snooze interval
      • Snooze
      • Snooze all

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

alarm highlighting cont1
Alarm Highlighting Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

alarm forwarding
Alarm Forwarding

//System Administration/Administration/Monitoring/Alarms/Failure to Acknowledge

  • Alarm forwarding may be configured per alarm definition
    • The alarm will be forward to another alarm monitoring station after a pre-configured period
    • Uses the time received by the Alarm Monitoring program
      • Queued events in DB follow same received rule

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

alarm forwarding cont
Alarm Forwarding Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

alarm forwarding cont1
Alarm Forwarding Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

alarm forwarding cont2
Alarm Forwarding Cont.

//Alarm Monitoring/Configure/Columns

  • Alarm monitoring includes two columns that may be configured to display
    • Workstation
      • Workstation that events are forwarded from
    • Time received
      • Date/time when event was received by the Alarm Monitoring station the event was forwarded

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

alarm forwarding cont3
Alarm Forwarding Cont.

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

alarm forwarding cont4
Alarm Forwarding Cont.
  • Monitoring station that alarms are to be forwarded to must include the hardware in the monitor zone
    • Event routing may be used to control suppression of events except when forwarded
      • Event routing time zones do not affect forwarded events
  • Alarms forwarded to a monitor station who already has received the alarm will not display the alarm a second time

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

alarm forwarding cont5
Alarm Forwarding Cont.
  • Set Forwarding action type allows alarm forwarding to be scheduled
    • Choose source monitoring station
    • Choose monitoring station that events are to be forwarded
      • Set station to None to configure the system to stop forwarding

//System Administration/Administration/Scheduler

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

alarm forwarding cont6
Alarm Forwarding Cont.
  • Alarm icon indicates forwarding status in Alarm Monitoring
    • Routed In
    • Routed Out
    • Failure to Route

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

summary
Summary
  • Access control features
    • EOL resistor table
    • Debounce Time
    • Hold Time
    • Entry/Exit Delay
    • 1st Card Unlock
    • Cipher mode
    • I/O Linkage
      • Local I/O
      • Global I/O

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

summary cont
Summary Cont.
  • Acknowledgment Actions
  • Alarm Mask Groups
  • Command Programming
  • Instant Commands
  • Unknown User Command Event
  • User Commands
    • Extended Held Command
    • Intrusion Command
    • Command Keypad (LNL-CK)

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)

summary cont1
Summary Cont.
  • Access Level Extended Options
    • Escort Mode
    • Temporary Access
  • Area Control and Anti-Passback
    • Local Anti-Passback
    • Global Anti-Passback
      • Mustering
  • Guard Tour
  • Destination Assurance
  • Lost/Stolen Badge Event
  • Alarm Forwarding

CR3000 - M05.01 - 6.4.500 TU 1 (Access Control Config)