Web-based Access Control—What Integrators Need to Know

March 30, 2009

The case for replacing lock-and-key systems is clear-cut: lost and stolen keys present a risk; there are no records of user access or unauthorized attempts, there's no control over when users can enter; and no lock-down capability. Before deciding on an electronic access control system, it's important to know your options.

Web technology comes to physical access control

Web technology, also referred to as IP-based systems, provides new options that can eliminate many problems faced by traditional software-based systems. Making its way into the access control realm, here are the basics of IP-based access control.

Embedded IP access

Embedded IP-based access control systems are a good choice for smaller, single-site facilities with a limited reader count. Referred to as “embedded,” the operating system, database, and a Web-server are embedded in the firmware located on the main control panel. Most embedded IP-based access control systems are configured with a static IP address, although many of them support DHCP in order to minimize the support needed from the customer's IT administrators.  

Once the embedded control panel is installed and programmed on the user's local area network (LAN), the system is then accessible from any computer with a browser on that network or with connectivity to that network. These types of systems alleviate the need for dedicated computers, proprietary software and managing and maintaining software licenses.

Yet embedded IP-based access control panels do have limits: the expansion capacity and other key features are often limited so that these solutions remain affordable and simple to configure and operate. Some embedded control panels support only a single door while others can be expanded to 30 doors.

While you could easily add a second or third control panel to the same LAN, this makes administration cumbersome as every change has to be replicated to each panel. To add or delete a user who needs access to all doors, the administrator must log in to each embedded panel individually. Reporting becomes cumbersome, as reports would have to be generated from each panel individually and then combined through some third party application.


Some companies offer products that can manage multiple embedded IP-based access control panels through a single interface across a common LAN or WAN. These security appliances operate as the “host server” to the embedded IP-based access control panels. Instead of needing to know the IP addresses of multiple embedded access control panels, the administrator just logs into the appliance which then communicates with all the various embedded panels on the LAN or WAN.

These appliances increase the number of doors that can be installed and administered on a LAN or WAN and often provide greater processing power and memory needed for features available on larger access control systems.

As with embedded access control, an appliance-based system has all the customer's access control data on their network, so backups still need to be performed and application updates need to be manually installed. Be sure to determine which features your customers will need and what they think the maximum capacity of the system will be before selecting a system.

Get your SaaS on

Similar to online banking and hosted CRM applications, Web-hosted applications, also referred to as Software as a Service (SaaS), are fast gaining popularity for a wide array of users. In the SaaS model for access control, the application and user database are hosted by the service provider. A secure, centralized data center takes care of the software and upgrades, along with backups, archives, redundancy and disaster recovery. The security provided by data centers usually surpasses what most organizations can attain on their own.

The IP-based access control panels automatically connect to the hosting site where they receive their programming updates via a simple outbound Internet connection. The end-user administrator accesses the application by using any Web browser to log into their account. As with embedded and appliance-based solutions, eliminating the server and software frees up the user's IT department to focus on the enterprise's core business. A SaaS solution also eliminates the need for an established network or VPN configuration between multiple sites, facilitating the administration of multiple buildings and remote facilities at a greatly reduced cost. With the proliferation of GSM cellular connectivity to the Internet, Web-hosted panels can be deployed almost anywhere, whether there is an available broadband Ethernet connection or not.

The Web-hosted model is particularly appealing to security dealers and installers with limited IT experience as it greatly limits their exposure to and impact on the customer's network. Web-hosted access control allows IT-savvy systems integrators to offer a high level of service to their customers by providing live system support without being at the custome r's site. Whether you are IT savvy or not, consider Web-hosted solutions for your customers—they are most likely already using the SaaS model for many of their other business applications. Once they are presented with the Web-hosted choice for their security applications, they will want it because they've already seen the value of SaaS. This means the dealer realizes higher margins at a lower risk, while providing a service that has greater value to their customers.

Security dealer managed applications

While the Web-hosted services outlined above provide users with ultimate flexibility when managing their access control system, some customers prefer to rely on their security dealer/integrator entirely. Security dealer-managed applications provide the ultimate in security services by allowing the customer to submit access system change requests to the installing security dealer. With security dealer-managed applications, traditional installation dealers utilize Web-hosted applications to offer a “concierge” service for their customers that provides system redundancy, disaster recovery, and managed services on a level not available with traditional server-based access control applications. The ongoing service provides value to both you and your customer.

Your next step

As we've seen, IP-based physical access control gives plenty of options in selecting the solution that's right for your customers. Once you understand the capabilities and constraints of the different options, you are now in the position to recommend the best system for your customers' needs, resulting in greater end-user satisfaction, more productive relationships and enhanced prospects for future business.

Rueben Orr is the director of Business Development, Brivo Systems, LLC.