Perle Systems Application Note
Access Control for Entrances
Many buildings, or rooms within buildings, require some type of secure access control to restricted areas. This is a daunting task when you consider complex permissions. For example granting certain individuals access to particular labs, computer rooms, or environmental control systems. Card Readers, installed at entry points are a common way to allow access to authorised people. The card readers, when swiped, collect information about the cardholder and verify that he/she is authorised to access the given area.
Most access control systems utilize a serial connection between the access control computer and the card reader/clock. This restricts the distance between these to be no more than 20 meters and may require the use of multiple access control computers. If the data to be analysed, for Health and Safety records, to ascertain which areas are most heavily used, or to monitor who accessed certain locations at certain times, this information needs to be securely transferred via the network, to the IT department. By connecting the card readers to an Ethernet network using a serial Device Server, a single computer can now read and control each reader, resulting in a more secure system and reduced costs through increased efficiencies in database management.
In addition, a Device Server can extend the security of the system by providing centralized control from the access control computer to open doors, open gates or sound alarms.
The IOLAN Device Server enables administrators to securely access remote serial console ports on equipment such as door entry systems, servers, routers, network storage equipment and security appliances through an IP network. Sensitive data such as security access information is protected through standard encryption tools such as Secure Shell (SSH) and Secure Sockets Layer (SSL). Access by authorised users is assured via authentication schemes such as RADIUS,TACACS+, LDAP, Kerberos, NIS and RSA Security’s SecurID tokens. By using encryption technologies,an IOLAN can protect sensitive and confidential data from a serial device such as a door access reader before being sent across a corporate Intranet or public Internet. For compatibility with peer encryption devices,all of the major encryption ciphers such as AES, 3DES, RC4, RC2 and CAST128 are fully supported. Similarly, photocopiers and printers, can be connected to the network via an IOLAN Device Server to transmit payment information securely for printouts and copies.