Intelligent single-door controllers have recently increased their presence in the market, as more users opt to connect these networked-enabled, power-over-Ethernet (PoE) devices directly to a network. The approach provides simplicity and adds value but, like any technology, there are some limitations to consider when managing an enterprise access control program.
Intelligent door controllers manage the basic functions of opening and closing a door locally, and are connected to the IT backbone, where multi-door functionality is managed. Should the network become unavailable for any reason, these door controllers automatically switch from network mode to standalone mode.
But the systems that use these devices depend on connectivity to the host application to control higher-level access control functions, such as the creation of passback or arm/disarm zones, mantrap configurations, producing occupancy counts and global input/outputs (I/O). All these are critical access control functions, especially in the increasingly complex world of enterprise security.
It is a fact of life that networks do in fact go down. That leads to the question of, what happens to these functions if a network connection is interrupted? The short answer is: They are lost. But leveraging proven technologies to augment IP devices can bridge the gap between functionality and security.
At the Mercy of the Network
Security practitioners prefer that their systems do not rely solely on the corporate network. That’s why intelligent controllers provide functionality to ensure continued basic operation at the door level in the event of a network outage. As mentioned above, the door controller switches to standalone mode and continues to operate the single door during a network outage. Is it too much to also expect continued operation of higher-level access control functions in the event of a network outage? Must users “settle” for partial functionality when the network goes down?
Security end-users may feel reassured to know that a network failure does not cause a catastrophic failure of their access control system as IP readers revert to standalone operation. But they may be disappointed to learn that the network failure will limit their system operation and undermine the enhanced functionality they invested in when they bought the system.
Concerns about what happens to an IP-based access control system when the network goes down include:
- What is the system’s operational capability during a network failure?
- What functions are lost when the network goes down and what functions are preserved?
- What is the system’s off-line behavior and what is the potential impact of that behavior on enterprise security?
- How fault tolerant/redundant are the IP links associated with a security device?
- What mechanisms exist to ensure continued, uninterrupted connection with the network?
- How critical are the functions of operational security that are lost when the door controller is offline?
- What impact might limited functionality have on the overall security stature of the enterprise?
- What additional activities and costs might be involved to create strategies to offset the limited access control functionality during a network outage?
These are valid concerns that go to the heart of what an end-user expects from an access control system. They want it to operate dependably, and especially so in a crisis situation. A variety of situations could cause the network to go down, from a natural emergency to a targeted attack. When considering risk management scenarios, security leaders should be able to depend on the full functionality of an access control system throughout a crisis. Their company’s well being may depend on it.
A Tried-and-True Alternative
End-users might understandably seek an alternative to a system that does not work to its full potential during a crisis. This situation can be remedied in how the access control system is configured, and the solution to the problem suggests that there is, in fact, still a place for hardwired door controllers in the world of IP access control. A solution is the use of a traditional IP-connected multi-door central panel with wired door controllers.