As the popularity of IP (Internet protocol) CCTV continues to grow, manufacturers, integrators, consultants and, most importantly, clients are increasingly looking at IP for their other security system solutions. The IP electronic access control technology, while not as mature as its CCTV counterpart, is becoming more common as manufacturers try to emulate the successes of IP CCTV. As with the initial introduction of IP CCTV, a number of myths regarding the capabilities of IP access control are regularly being encountered within the industry. Below, some of these myths are examined and the advantages and disadvantages of IP access control over traditional RS485 systems are explored.
Myth: there is no real difference between IP and traditional RS485 access control systems: IP electronic access control, as opposed to the traditional RS485 systems, uses Cat 6 cables and utilises PoE (power over ethernet) instead of copper RS485 transmission cables and a dedicated low-voltage power cable. In RS485 systems, copper cables are run between access control panels and door controllers and from door controllers to the readers, locks and other devices at the door. The control panels and door controllers are usually installed in a dedicated security/IT (information technology) room or communications riser. In IP systems, however, Cat 6 cables are run from PoE switches installed in the security/IT room or communications riser (in lieu of control panels and door controllers) directly to the readers at the door.
IP access control systems provide a number of benefits over the traditional RS485 access control systems. As mentioned, there is no need for control panels as the intelligence is direct to the door. In IP systems there is no longer a need for power supply units (PSUs), as IP utilises PoE. An IP system allows remote diagnostics, as each door is networked. IP systems require less cabling, as IP electronic access control utilises Cat 6 cables which provide transmission and can utilise PoE. RS485 systems on the other hand require separate transmission and power cables.
There are, however, some disadvantages of IP over RS485 access control systems; the main one being that, even though the readers are IP, the locks and reed switches are often not. This means that RS485 copper cables and dedicated low-voltage power cables still need to be provided to these devices. Another disadvantage of an IP system is that cable runs between switch and reader are normally limited to 100m.
Myth: IP access control is relatively untested compared to traditional access control: While IP might be newer in terms of its rival, RS485 copper, with regard to electronic access control systems, the IP technology itself is a mature, well-tested and proven technology. IP access control can also draw on the vast experience and knowledge of the IT industry. Depending on what topology is used, IP access control systems can in fact be more reliable than the traditional RS485 systems that they are replacing. In RS485 systems with access control panels and multi-door controllers, a single point of network failure can render multiple doors inoperable. IP systems negate this risk since each door is independently connected straight into the network. A single point of failure in this case will result in just the one door being inoperable.
Myth: IP access control is more prone to failure: Networks have become such a critical asset to organisations that any downtime has significant ramifications financially, operationally and from a security perspective. Since organisations these days are so reliant on their networks, a significant amount of redundancy is usually factored in. The security vulnerabilities encountered by a network failure on IP access control systems is no different to the vulnerabilities encountered by a power failure on RS485 systems. For both network failure and power failure, doors will be either fail safe or fail secure, resulting in doors being either insecure or inoperable. In IP systems, the intelligence is at ‘the edge’, meaning the systems intelligence, copy of database and ability to make access granted or denied decisions is located in the readers at the door. In RS485 systems, the intelligence is centrally located in the access control panels. What this difference means for IP systems is that, in the event of network failure, the readers can continue to operate and grant or deny access as per usual. Once the network is back online the readers can then upload the access history that occurred during the network outage to the operator workstation. This functionality further ensures the resilience of IP access control systems.
Myth: IP access control is vulnerable to hackers and is a less secure option than traditional access control: The IT security vulnerabilities facing IP access control are no different to the vulnerabilities faced by IP CCTV, and any other system residing on an organisation’s network. The IP access control system is no more at risk to hacking than an organisation’s financial information or intellectual property. It is important not to forget that RS485 access control systems are vulnerable to being breached as well, especially systems using unsecured 125kHz proximity technology, which is the most prevalent electronic access control technology in the marketplace. The network security industry is a multi-billion dollar industry in which organisations can engage to help ensure the protection and integrity of their IP access control systems as well as any other systems residing on their networks. Standard network security practices, such as setting up LANs (local area networks), VPNs (virtual private networks), using encryption, firewalls, proxy servers and DMZ sub-networks can be utilised to help ensure the integrity of IP access control systems.
Myth: Integrated systems (IP access control, alarms, CCTV) are less secure than running separate systems for each: Most commercial security systems these days are fully integrated systems utilising an overarching ISMS (integrated security management system), with dedicated ISMS software and hardware (servers). Integration between separate security subsystems and the use of ISMS software provides a holistic and more secure environment for organisations than the use of individual standalone security systems. The integration of CCTV and alarm systems for instance can provide immediate footage of alarm events, providing the security operator the ability to perform instant alarm verification. Without this level of integration, the security operator would have to identify the location of the alarm event and then manually bring up the footage of that area on the CCTV workstation. This process is both inefficient and time consuming, and there is no guarantee that the alarm event was captured in the field of view of the PTZ (pan, tilt, zoom) cameras. The integration between the two systems (with the use of PTZ cameras) would ensure instant footage of an alarm event with the cameras programmed to ‘snap’ to the alarm event location.
Following the successful evolution from analogue CCTV to IP CCTV systems, IP access control is gaining wider industry acceptance and is slowly but surely increasing its market share. Even though it is still relatively new and not currently supported by all manufacturers, IP is clearly the future for electronic access control. As more manufacturers begin to embrace and offer IP access control systems, and integrators and consultants become more familiar and experienced in these systems, IP access control can emulate the successful migration to IP as experienced in the CCTV industry.
Mr. Chris Nunn has a Bachelor of Science (Security) degree from Edith Cowan University in Perth and is a security consultant at Aurecon, which provides engineering, management and specialist technical services for public and private clients around the world. Mr. Nunn can be contacted on 02 8197 4615.