ACS based on a local network with complex IP periphery.
The main direction of development of technical security equipment (TSE), and all areas of the industry — some to a greater, some to a lesser extent — is integration with other components of engineering systems that modern buildings are equipped with. One of the main options for integration with these external systems is to use the capabilities of combining equipment for different purposes through an existing network at the facility.
The unification of the existing network of systems responsible for building control, life support, general enterprise management, solving management problems, personnel service, etc., into a single system and globalization in this direction lead to the fact that it will be increasingly difficult to consider the TSB as such in the context of a specific enterprise over time. Apparently, the day is not so far away when the TSB will be just one component of the general information and management system of the facility. A very important one from the point of view of the tasks it solves. But initially the end user will consider the TSB as one of many systems, and nothing more. And this, I think, is not bad.
The main trend in the hardware implementation of new solutions, primarily in the field of ACS, is the development of new controllers in which the interfaces necessary for working with Ethernet networks are integrated into the hardware. That is, we are talking about popular Ethernet protocols, such as Ethernet (TCP/IP) and HTTP, and various ways to protect these protocols. First of all, it is worth noting the possibility of establishing VPN connections between the controller and the server via a secure SSL protocol. We are not talking about a possible upgrade of existing controllers by installing the necessary chips and interfaces on them to create, for example, a virtual COM port, but about the full integration of access controllers into the network by implementing software and hardware on the controller side to integrate the controller into the network as a full-fledged IP device. In addition, an integral part of IP ACS (this concept is similar to IP CCTV, which is used more and more often, which is also typical) will be web browsers implemented on the controller side. This will allow the system to use the so-called thin client technology, which in turn makes it possible to receive information, view messages, events, and the configuration of any controller by accessing the network through a standard web browser from any mobile device. There is no need to install a stationary workstation protected by a hardware key; it is enough, for example, to enter the network through a handheld communicator, dial the required code, and, depending on the authority you have, be able to view the operation of a particular controller.
Let me say right away that all this is not a scientific and technical fantasy. In a number of systems available on the market, these capabilities are implemented and successfully used. Another innovation on the market is the organization of peer-to-peer connections between ACS controllers located in the network. Of course, this requires appropriate software tools both on the server and on the controller. Moreover, the controller, most likely, should have specialized software installed for the Linux OS. The presence of such tools allows the controllers, after preliminary programming, to communicate with each other and interact regardless of whether there is a connection with the server. All the necessary preset configurations, behavior options, system reactions to this or that external influence will be processed and saved even in the absence of communication with the central server. When communication is restored, the information accumulated on the local controllers will be synchronized with the server. But the presence or absence of a server in the system will not affect the level of security of the system or its operability in any way.
This technology is not very widespread yet for a number of reasons. One of them, in my opinion, is the general inertia of the CCTV market as such. At the moment, IP solutions in CCTV dominate in security systems. Their main task is one-way communication in the system (of course, without taking into account telemetry), that is, receiving information from an IP camera, for example, to a video recorder, further processing and viewing of the received information. The issue of close interaction of cameras with each other is not raised. The problem of protecting an object from the point of view of ACS looks somewhat different. If there are alarm signals in one part of the system, this is especially relevant if the system is geographically distributed, the main task is to ensure that the other part reacts correctly. The simplest example: when an alarm occurs, say, a fire alarm, the system must send a signal to other rooms or buildings to unlock doors, turnstiles, etc. Currently, in most distributed network systems, the controller interaction dispatcher is a computer, i.e. a central server. Receiving information about an alarm situation, it analyzes it and sends a corresponding signal to the controller responsible for working with the necessary turnstiles or doors about unlocking. Correct organization of work on the network allows you to remove the computer (server) as the most unreliable link, having pre-programmed the necessary reactions in the controllers. After this, the most important thing is that there is a connection between the controllers on the network. In this case, regardless of the server state, all programmed scenarios will be clearly worked out.
This solution cannot be called a very serious breakthrough. Let's be fair: the first breakthrough was made by those who started to deal with IP video surveillance. This is just a competent optimization of new network technologies for the tasks of ACS.
The point is that a modern access control system should support industrial network standards supported by manufacturers of not only security systems, but also network equipment. The presence of standardized network protocols, generally accepted standards will allow, regardless of the presence of a server at any facility, to competently organize the interaction of various IP devices. This is already practiced in serious systems. At the «intellectual level» of these devices themselves. That is, without the participation of the server, the controller accesses the camera, turns it on, turns it, receives an alarm signal from the sensor, opens the turnstile. Such functionality is implemented today in many access control systems. But often only within a certain closed interface of a specific manufacturer, naturally, with its own protocol. If we are talking about coordinating the work of offices in different countries, or at least on different streets in one city, then working via the Ethernet protocol, working with LAN and WAN networks is a step towards the globalization of services for ensuring the operation of the building. It is possible that the next step will be the so-called big button or single remote control, which is so popular in «smart home» type systems, where the customer sees a panel as the main part of his system, where he can press buttons. The system does everything else itself, without any user participation.
Everything is moving towards the fact that the creators of most systems (whether security systems, enterprise management and building engineering, life support, etc.), using basic network protocols, will meet each other halfway in order to eventually create universal modules from which a competent engineer will be able, like from blocks, to quickly build an effective information and management system for servicing the entire building.
The winner will be the one who correctly assesses their capabilities for implementing new software and hardware products and understands in time which direction the industrial network standards market is moving. This is a natural path of development. Like the transition from carburetors to direct injection.
This is a qualitatively new level of ACS. More evidence of the attack on the security market of the IT market.
The advantages that such solutions provide are quite obvious. First of all, this is a reduction in installation costs. By initially laying a network route at the facility, you solve the issue of the possibility of the necessary distribution of ACS equipment across your facility more. Further, there is the possibility of integration with other systems operating in the network at the enterprise. In addition, work on the Ethernet network allows, if the necessary software and hardware base is available, to quickly reconfigure the system in the event of any changes at the facility: a change in the security mode and tactics, restructuring of the facility.