Changing All the Rules
Q: How do I know how many devices to add to a network?
A: The 5-4-3 rule is used to meet the Ethernet protocol requirement that a signal sent out on the network cable reach every part of the network within a specified length of time. Each concentrator or repeater that a signal goes through adds a small amount of time. Each network is limited to a maximum of 5 segments and to connections through 4 hubs, repeaters or concentrators between any two nodes on the network. In addition, only three of the segments may be populated (trunk) segments if they are made of coaxial cable. A populated segment is one which has one or more nodes attached to it. The furthest two nodes on the network have 4 segments and 3 repeaters/concentrators between them. If there is a combination of fiber optic backbone and UTP cabling, the rule is changed to 7-6-5 rule.
Q: How is ODBC support used in access control?
A: Open Data Base Connectivity is a standard database access method that is used to make it possible to access any data from any application, regardless of which database management system (DBMS) is handling the data. ODBC manages this by inserting a middle layer, called a database driver between an application and the DBMS. The purpose of this layer is to translate the application?s data queries into commands that the DBMS understands. For this to work, both the application and the DBMS must be ODBC-compliant?that is, the application must be capable of issuing ODBC commands and the DBMS must be capable of responding to them.
In access control, it can be useful to allow transaction data, including entry, exit and system events to be shared with another application. It is sometimes easier to analyze or present data in programs such as Microsoft Access or Excel than to view the data in the pre defined reports provided by the access control system. Sharing data with other software applications is also helpful if entry and exit data from the access control system is being used to record time and attendance.
The Who, What, When
Q: What is an audit trail?
A: An audit trail is a record showing who has accessed a computer system and what operations they have performed during a given period of time. Audit trails are useful both for maintaining security and for recovering lost transactions. Most accounting systems and database management systems include an audit trail component. In addition, there are separate audit trail software products that enable network administrators to monitor use of network resources.
In access control systems, the audit trail will let you know when activities occurred and who or what caused the action to occur. For example the system might track that a door was automatically locked by the system at 5 p.m. on January 1 or that a door was temporally unlocked outside the schedule by a particular system operator. It is also helpful to know when files are deleted or archived and by whom. Another item that can be tracked is who made changes to user privileges or information.
Responsible for Monitoring
Q: Can access control systems be used to monitor events?
A: Some systems are designed to allow you to connect sensors including door contacts, motion detectors and other devices such as temperature monitors to the same equipment used to control the card readers and locks. Events can simply be recorded or they can be displayed on computer monitors to alert a guard or monitor. The monitor can be located on site or in a remote location. If the access system is used to monitor critical events, the main thing to consider is if the system will call appropriate attention to the event and also allow the person monitoring the event to record the required actions in a log for future review. What is required will depend on your customers needs.
You also need to be comfortable that the communications and annunciation methods used by the system are appropriate and reliable for the event being monitored. If you are using a shared computer network for communications, you will need to make sure that the other activities on the network will not cause unacceptable delays or prevent the signal from getting through. Keep in mind that the designated monitor may have other responsibilities. Some systems will allow you to program an event to sound an alarm and/or change the display to attract the monitor?s attention. Others may require the monitor to acknowledge the event in some way. The system may send the event to a remote location if it is not acknowledged after a certain period of time. In some cases, you may want to have an on site guard monitor events during business hours and manually or automatically transfer the monitoring to a remote location after hours.
Brad Shipp is a former Executive Director and Training Director for the NBFAA where he authored several NTS courses, including the Access Control Certification course. His involvement in the access control industry dates back to 1974 and in 1986 he became an instructor for the NBFAA National Training School. Shipp has served on several law enforcement, regulatory and industry association boards and has been honored for his service by the False Alarm Reduction Association and the International Association of Security and Investigative Regulators. Send in your questions on access control to firstname.lastname@example.org.