In the past, a building could be secured with a few locks and a trusted security guard. However, today's threats are sophisticated and the security to combat them must be even more than that.by NEC Corporation of America
High-tech access control systems are becoming a norm for building security.
After September 11, businesses and their owners have been forced to invest in this new generation of access control systems and understand the technology that comes with them (card readers, intelligent video surveillance, electronic locking devices and computers that control them). However, they must basically understand and appreciate the technology that provides 24-hour, seven-day-a-week building security.
In this paper, we will examine the key concepts and concerns associated with access control systems. Most importantly, we will explain the concepts inherent in highly available access control systems, and show how fault-tolerant (FT) servers offer an innovative method to keep access control systems running reliably. without interruptions and at lower costs than those offered by other options.
Building Security: The Emerging Imperative
Security professionals fear this scenario, but it's something that happens every day. An access control system malfunctions for a few seconds. Impatient employees, eager to get to their offices and meetings, keep an access control door open. The actual system downtime is only a few seconds, however, it takes the server a few minutes to restart, and the door remains open even longer before some security guard arrives at the site to correct the problem.
Dozens, maybe hundreds of people, walk through the open door without having their credentials verified. Is one of them an unwanted intruder?
Noticing that access control is not reliable, employees lose confidence in the system, and worse, they begin to consider security in a less serious way, as they keep the doors without cards for strangers or cancel a lock to go out to get a cigarette. The result will be that a thief, a spy, a terrorist or another unwanted person will only need to observe and wait for the next opportunity to enter.
Prior to September 11, 2001, it was normal to find strict access control in military units, government facilities, or research and development buildings. While most other businesses resorted to the visitor's record on a sheet, and the helpful and accommodating security guard.
Since that day, it is routinely expected to observe access control systems in transportation hubs, power stations, hospitals and laboratories, hotels, universities, manufacturing plants and corporate offices. Businesses that have adopted access control systems include financial institutions, professional and legal services firms, high-tech companies, news and entertainment companies, political organizations and any other group that can be considered as a target of theft, terrorism or espionage, at any level.
As organizations have become more aware of the need to secure their facilities, IT departments and building managers are becoming familiar with access control technologies, and are aware of the need for highly available computers (with virtually zero downtime and fail-free operations) at the center of this cr function. Mission tic.
The nerve center of access control
Computer hardware is really the backbone of next-generation access control systems; each component works as part of a unified sub-network to verify credential data, log events, and launch notifications. Because the security of people and property is online, the continuous and consistent operation of this network is crucial.
Operation 24 hours a day, seven days a week
The components of an access control system depend on constant communication with the computer center to function properly. Uninterrupted and reliable operation is particularly important in the following sub-systems:
• Alarm Monitoring System: As the visual window within the access control condition of the building, this system is the central application of access control. Security personnel rely on alarm monitoring for real-time notifications of all events affecting building security.
• Live video monitoring: This system uses raid alarms to bring live video to monitoring stations, as events occur effectively. Such technology must always be online to ensure a real-time response.
• Video verification: With the ability to compare a person's live video with an image stored in a computer database, security personnel can make timely and informed decisions before allowing access.
• Intrusion detection and fire alarms: for an alarm any downtime is a serious breach of security. Alarms must operate without interruption.
• Access control equipment: Door locks, motion detectors, switches for output request control, glass break sensors and other access equipment must be constantly and continuously connected to the central server.
• Credentials: whether hiring new employees, changing access privileges, or removing staff from the system, most credential changes are necessary immediately, without the risk of delays or interruptions. System downtime can result in the entry of personnel who no longer work in the company, traffic jams for visitors or a number of other headaches in the field of security.
• Reporting: Security personnel and managers rely on a number of real-time reports, such as check-in/check-out, repetitive meeting reports, and other information on the status of events. Without reliable real-time data, security teams don't get the information they need to account for staff and staff. ownership when critical decisions must be made.
Access control requires real-time integration
Access control systems work best when integrated with other business processes. Consider what happens when an employee stops working for a company. Many things must happen quickly: computer logins must be deleted, credit cards must be canceled, and access to the network and facilities must be denied. Without unbound communication between the HR system and the access control system, the company's assets, and perhaps even the safety of its staff, are at risk. When the systems that handle these functions are integrated, all these and other operations can be executed with a single operation; the HR department only needs to make one transaction and all other systems record the change.
In addition to Human Resources, other applications that are more integrated with access control include time and attendance, meal plan management, sales, and visitor management. Due to the time-sensitive nature of building security and access control, these integrations typically require a single master database to serve these multiple applications (in opposition). n to multiple databases that are duplicated and/or synchronized).
Reliable and easy-to-operate systems are required to execute these instructions immediately and without failure, without any delays caused by computer downtime.
High Availability: Why is it important?
The high-performance, always-on demands of the access control system require high-availability hardware for the backbone of the system. High availability describes a system designed and implemented to ensure a certain absolute type of operational continuity, which is usually measured as a percentage of uptime. Since operating times generally vary between 99% and 99.999%, availability is commonly expressed in terms of "nines". An average availability of "five nines," or 99.999%, represents the optimal performance of today's high-availability computing technologies.
For access control, the difference between "four nines" and "five nines" is significant. For example, a system with only 99.99% uptime could stop for a maximum of one minute per week. Under these conditions, only some interruptions during peak traffic periods could severely impair the effectiveness of building safety.
What the "nines" do not represent, however, is the length of time of each outage, or the ability of the system to recover from an outage. The same "four nines" system could be stopped for about a minute each week, or for an hour during an event over the course of a year. In addition, of course, these are the averages: a system rated "five nines" could actually perform better or worse than 99.999%.
The Science of High Availability
A more scientific method for variant types and levels of availability has been developed by the IDC analyst form. The following table is adapted from IDC's "availability spectrum," which uses it to help hardware buyers select an appropriate level of availability.
Clearly, AL4 is the highest level of availability for access control applications, as it offers an environment with no service interruption, even when there is a hardware failure; however, IT departments and facility managers are fortunately forced (due to budget cuts) to purchase the system with availability level 3 (AL3) or even the system with availability level 2 (AL2) to perform access control.
High Availability: not just "cool" to have it for the safety of the building
High availability is imperative for the basic effectiveness of an access control system. In terms of average downtime, the difference between a few minutes per week and a few minutes per year is important, as it can make the difference between unauthorized access and a safe environment (perhaps making the difference between life and death).
Because the seamless service of the central computer system is crucial for effective access control, facilities management departments with IT try to tie systems together using warehouse hardware to achieve high availability through different ways of grouping technology.
Unfortunately this method is not the best since:
• Requires considerably more effort to install and stabilize
• Adds unnecessary complexity to a security environment where stability is important
• Requires advanced training of security and IT personnel to understand the operation
• Introduces third-party service organizations in sensitive areas of security access control for server maintenance.
Due to the limitations mentioned above, AL4 fault tolerant systems that offer 99.999% uptime, have quickly become the high availability standard for security access control systems. These systems ensure successful computational transactions with card readers, monitoring devices, alarms, locks and many other access control system devices.
How do fault-tolerant servers deliver High Availability?
A fault-tolerant server is built entirely to deliver a four-point availability level with "five nines" availability. It is a completely redundant system internally that goes far beyond the traditional pool of servers in terms of reliability and cost effectiveness. True, fault-tolerant servers are more expensive than storage servers. n; however, fortunately, advances in computer technology are driving down the prices of fault-tolerant servers, although the demand for high-availability computing is increasing. Facilities and IT managers planning access control implementations no longer have to make difficult choice decisions between security and budget considerations.
The great benefit of a fault-tolerant (TF) server, apart from its superior AL4 high availability, is that the features that ensure high performance are built into the hardware, so they do not have to be installed, configured and maintained when using the hardware.
Here we have some of the main features of FT servers (particularly NEC's Express5800/ft series of servers) that differentiate this technology from other high-availability technologies.
Redundant components
All memory, processors, and other components of the FT server are redundant to each other and are physically configured to operate on lockstep (a fault-tolerant machine that uses duplicate elements that operate in parallel). Therefore, an FT server is the equivalent of two conventional servers that perform exactly the same processes at the same time. In the event that a component fails, its counterpart continues to operate without interruptions in the operation of the system. Since failover (the ability to automatically switch to a redundant or standby system when there are failures or abnormal termination of the previously active system) is virtually instantaneous, there are no points of failure and downtime is almost completely eliminated.
In theory, a pool of servers (offering grade 2 or 3 availability) operates on the same principles as an FT server. Components are redundant and in some cases failover is automatic with interruption of several minutes or more, however, joined servers must be configured to work together. The function and operation of failover must be diligently adjusted and maintained by experienced technicians using specialized software. For some IT departments (particularly those of companies). If they are new to having the need for high availability computing), the configuration and maintenance of a high availability group may require external technical expertise.
Hot-swappable hardware
When a hardware component on an FT server needs replacement, repairs must be made without downtime while the overall system is kept "hot" and online. Even routine hardware maintenance does not require any planned downtime and can be performed without compromising the access control system.
Before hot-swappable components were available on FT servers, pools had the advantage in this regard, as it is relatively easy to take a machine into an offline pool for maintenance. companies don't have to compromise on a level of high availability to maintain these servers.
ActiveUpgrade™ for software maintenance
Active Upgrade, a feature of NEC's FT servers, allows for upgrades with minimal service disruption. One module can be managed offline, while the second module continues to handle the operational load. When upgrades are complete, the two modules synchronize data and return to full redundant operation. A repeat feature is built into the Active Upgrade to return the server to its initial state in case there is a problem with the software update.
FT server, high availability for access control
Despite the high nominal cost, the cost of deploying an FT server in an access control application is lower, per metric, than that of other high-availability technologies. The combination of reduced spending on initial hardware, along with low operating costs, it makes FT servers a superior value over any other high-availability technology. Moreover, in the high-interest implementation of an access control system, there is simply no reason to compromise security.
A NEC FT Express5800 server is less expensive than two conventional servers. It is no longer feasible to try to save money by buying two less expensive conventional servers and grouping them together. Like many other computer hardware products, FT servers are becoming easier to acquire.
FT servers require less configuration and maintenance. IT departments already compete with high maintenance expenses (in fact, analysts who study IT groups find that many spend 50%, even 70% of their budgets on maintaining the systems they own, compared to building and improving their operations).
FT servers are less expensive to operate than group provisions or RAID (Redundant Arrangement of Independent Disks), since redundancies and configurations between components are built into the hardware. Fewer specialized IT skills are required to implement FT servers, so it is no longer necessary to hire workers with special skills in the implementation of a high availability system.
An FT server requires only one software license. Unlike a pool that requires multiple operating system licenses, databases, server applications, and other software (one for each server in the pool), an FT server requires only one license for each. Software costs can be greatly reduced along with the effort required to install and maintain multiple instances of each product. of software. Less downtime means less maintenance. Because downtime is dramatically reduced by highly available hardware, maintenance time is also reduced.
Conclusion
A fault-tolerant server is clearly the hardware everyone must have for an effective access control system. Organizations may risk the security of their property and personnel in the wrong way, but today they don't have the need to do so.
The actual decrease in the cost of FT servers, coupled with lower total costs of ownership over the life of the computer, make purchasing an FT server easy to justify for any organization that takes serious responsibility for facility access control.
Leave your comment