Upload
vitor-hugo-torugo
View
239
Download
0
Embed Size (px)
Citation preview
8/3/2019 Access Control Essentials Guide
1/170
Andover Continuum CyberStationAccess Control Essentials Guid
8/3/2019 Access Control Essentials Guide
2/170
2010, Schneider Electric
All Rights Reserved
No part of this publication may be reproduced, read or stored in a retrieval system,
transmitted, in any form or by any means, electronic, mechanical, photocopying, recordin
or otherwise, without prior written permission of Schneider Electric.
This document is produced in the United States of America.
Product Names are trademarks of Schneider Electric. All other trademarks are the pro
erty of their respective owners.
Title: CyberStation Access Control Essentials Guide
Revision: D
Date: December, 2010
Schneider Electric part number: 30-3001-405
CyberStation version 1.92
The information in this document is furnished for informational purposes only, is subje
to change without notice, and should not be construed as a commitment by Schneider
Electric. Schneider Electric assumes no liability for any errors or inaccuracies that may a
pear in this document.
On October 1st, 2009, TAC became the Buildings Business of its parent company Schneid
Electric. This document reflects the visual identity of Schneider Electric. However, the
remain references to TAC as a corporate brand throughout the Andover Continuum so
ware. In those instances, the documentation text still refers to TAC only to portray t
user interface accurately. As the software is updated, these documentation references w
be changed to reflect appropriate brand and software changes. All brand names, trad
marks and registered marks are the property of their respective owners.
Schneider Electric
One High Street
North Andover, MA 01845(978) 975-9600
Fax: (978) 975-9782
http://www.schneider-electric.com/buildings
8/3/2019 Access Control Essentials Guide
3/170
December, 2010
Andover Continuum CyberStation
Access Control Essentials Guide30-3001-405
Revision D
8/3/2019 Access Control Essentials Guide
4/170
8/3/2019 Access Control Essentials Guide
5/170
Andover Continuum CyberStation Access Control Essentials Guide
Content
About this Manual .................................................................Whats new in this Manual .........................................................
Related Documentation .............................................................. 1
Chapter 1 Getting Started ...................................................................... 1Planning an Access Control System ........................................... 1
Overview of an Access Control Network .................................... 1
Chapter 2 Configuring an Access Control System ............................. 1Task 1: Open Continuum Explorer ............................................ 2
Open Continuum Explorer .......................................... 2
More About Continuum Explorer ............................... 2
Task 2: Create a Network and a Controller ............................... 2Containers and Parent/Child Objects ......................... 2
Create a Network ......................................................... 2
Web Configuration for Controllers ............................. 2
Create a Controller ...................................................... 2
More about Networks and Controllers ....................... 2
Task 3: Configure IOU Modules ................................................. 3
Creating an IOU Module Object ........................................ 3
General Tab IOUModule Editor .............................. 3
Security Level Tab IOUModule Editor .................... 3
More about the IOUModule Editor ............................. 3
Commissioning an IOU Module .................................. 3
Task 4: Configure Controller Comm Ports ................................ 3
General Tab CommPort Editor ............................... 3
Viewing the Status of an XDriver Device ................... 3
Settings Tab CommPort Editor .............................. 3
8/3/2019 Access Control Essentials Guide
6/170
6 Schneider Electric
SecurityLevel Tab CommPort Editor ..................... 4
Field Bus Controllers Tab CommPort Editor ........ 4
Task 5: Designate the Primary Access Server ........................... 4
More about the Primary Access Server ...................... 4
Task 6: Create CyberStation Points .......................................... 4
Create an InfinityInput Point ..................................... 4Create an InfinityOutput Point .................................. 4
Create an InfinityNumeric Point ................................ 5
More about Points ....................................................... 5
Task 7: Create Areas ................................................................... 5
Factors to Consider When Defining Areas ................. 5
Task 8: Create Doors ................................................................... 5
When to Create a Door ................................................ 5
Data that Defines a Door ............................................ 5
Create a Door ............................................................... 5
View Doors Assigned to an Area ................................. 6Task 9: Create Personnel ............................................................ 6
Access-Control Information in a Personnel Object .... 6
Methods of Creating Personnel Objects ..................... 6
Open the Personnel Manager for the First Time ....... 6
Create a Personnel Object in the Personnel Manager 6
More about Personnel Objects .................................... 6
Task 10: Create Schedules ......................................................... 6
About Schedule Points ................................................ 6
Create and Configure a Schedule ............................... 6
Attach a Schedule Point to a Door .............................. 7Attach a Schedule Point to an Area in a Personnel
Object ........................................................................... 7
More about Schedules ................................................. 7
Task 11: Configure Alarms ......................................................... 7
About Event-Notification Objects ............................... 7
Create an Event-Notification Object .......................... 7
About Notification by E-mail and Pages .................... 8
About AlarmEnrollment Objects ................................ 8
Create an Alarm-Enrollment Object .......................... 8
General Expressions for Security ............................... 8
About Attaching Alarms to Objects ............................ 8
Attach an Alarm-Enrollment to a Door ...................... 8
Attaching Alarms to a Point ....................................... 8
Using the Alarms / Advanced Alarms Tab of an Object
Editor ........................................................................... 8
8/3/2019 Access Control Essentials Guide
7/170
Andover Continuum CyberStation Access Control Essentials Guide
More about Alarms ...................................................... 9
Task 12: Configure Video ............................................................ 9
About Video Monitor and Video Administrator ......... 9
About VideoLayouts ....................................................
Configuring Video via Video Monitor and Video
Administrator .............................................................. 10Configuring Video Using VideoLayout ....................... 10
Task 13: Create Graphic Panels and Controls .......................... 11
About Graphic Controls for Access Control ................ 11
Create a Graphics Panel and a Door Control ............. 11
More about Graphics Panels and Controls ................ 11
Task 14: Configure Reports ........................................................ 11
About Report Objects ................................................... 11
Create a Report ............................................................ 11
More about Reports ..................................................... 12
Chapter 3 Monitoring an Access Control System ............................... 12Responding to Alarms ................................................................. 12
About the Alarm Status Bar ....................................... 12
About the Active Alarm View Window ....................... 12
Monitoring Live Access Events .................................................. 12
About Creating EventView Objects ............................ 12
More about EventView Objects ................................... 12
Using ListView Windows ............................................................ 12
About Predefined ListView Objects ............................ 12About Creating ListView Objects ............................... 12
More about ListView Objects ...................................... 13
Chapter 4 Advanced Topics for Access Control ................................. 13Security Groups for CyberStation Users ................................... 13
About User Objects ............................................................ 13
Before Configuring Users ............................................ 13
Creating a User Object ................................................ 13
About Security Groups ....................................................... 13Configuring User Security Groups ............................. 13
Displaying Security Groups ........................................ 13
Renaming Security Groups ......................................... 13
Assigning Access Privileges for Security Groups ....... 13
Copying Access Privileges Between Security Groups 14
8/3/2019 Access Control Essentials Guide
8/170
8 Schneider Electric
About SecurityLevel Objects ............................................. 14
Creating a SecurityLevel Object ................................. 14
Displaying Access Privileges in the Security Tab ...... 14
Universal Unlock Folder ............................................. 14
Assigning Access Privileges in a SecurityLevel Object .... 14
Copying Access Privileges from a Single Security Groupto Another Group ............................................................... 14
More about Users and Security .................................. 14
Using Area Lockdown ................................................................. 14
About Area Lockdown ................................................. 14
What Happens During Lockdown .............................. 15
Locking down an Area ................................................. 15
Locking down Individual Doors .................................. 15
More about Area Lockdown ........................................ 15
Controlling Access with Condition Levels ................................. 15
About Changing the Condition Level ......................... 15Implementing Condition Levels and Clearance Levels 15
Sending a Condition Level Message to Controllers ... 15
Restoring Controller Condition Levels to Previous
Levels ........................................................................... 15
About Sending Condition Level Values to Individual
Controllers ................................................................... 15
More about Condition and Clearance Levels ............. 15
Adding FIPS-PIV Card Credentials ........................................... 15
Overview of FIPS-PIV ................................................. 15
Overview of FIPS-PIV cards and readers .................. 16Configuring FIPS-PIV on a New System ................... 16
Transitioning an Existing system to FIPS-PIV ......... 16
More about FIPS-PIV .................................................. 16
8/3/2019 Access Control Essentials Guide
9/170
Andover Continuum CyberStation Access Control Essentials Guide
About this Manua
Whats new in this Manual
This manual provides basic, essential information for planning,
configuring and monitoring an access control system consisting of
Schneider Electric controllers and CyberStation software. This manua
provides the following information:
An introduction to planning for an access control system
Step-by-step procedures for basic configuration tasks in
CyberStation
Step-by-step procedures for monitoring your access control system
using CyberStation
An overview of advanced access control features that you may wan
to implement in your facility
This manual is intended to be used with the CyberStation online help
and the documentation that accompanies Schneider Electriccontrollers.
For complete user-interface details (beyond the scope of the basic task
in this manual), you must consult the online help and the other
CyberStation documents listed in the next section. The procedural
information in this manual assumes that your access control hardwar
and software are installed, online, and ready to be configured.
8/3/2019 Access Control Essentials Guide
10/170
8/3/2019 Access Control Essentials Guide
11/170
Chapter 1: Getting Start
Andover Continuum CyberStation Access Control Essentials Guide
Chapter 1
Getting Started
This chapter offers guidance on planning your access control system
and includes the following topics:
A review of a sample floor plan for a manufacturing facility, its
access control issues, and access control devices in place to addres
the issues for this sample site
A network configuration of controllers, servers, and CyberStation
workstations that provides the access control infrastructure for th
sample site
8/3/2019 Access Control Essentials Guide
12/170
Chapter 1: Getting Started
12 Schneider Electric
Planning an Access Control System
Schneider Electrics access control products support the full range of
access control needs:
Small buildings to multi-site facilities
Limited access validation and monitoring of personnel movement
within a facility to extensive oversight
As you prepare to implement an access control system in your
organization, you may want to work from floor plans of your facility t
identify factors such as the following that will affect implementation:
Locations where access control is needed
Personnel who use these locations
The movement of personnel from one location to another
How you want to manage access permissions in each location
8/3/2019 Access Control Essentials Guide
13/170
Chapter 1: Getting Start
Andover Continuum CyberStation Access Control Essentials Guide
The following illustration is a floor plan of a small office and
manufacturing facility.
The following issues for this sample site determine the access control
devices that are needed and the configuration of the system:
At the main entrance, a receptionist greets employees and visitor
during business hours. The main entrance is locked during off
hours, but employees may need to enter and exit at those times.The employer wants to monitor use of this door during off hours.
Warehouse and manufacturing employees can use the rear
entrance to enter and leave the building.
Emergency ExitLoading Dock
Warehouse Manufacturing Floor
Main Entrance
Rear Entrance
Office
8/3/2019 Access Control Essentials Guide
14/170
Chapter 1: Getting Started
14 Schneider Electric
The door in the manufacturing area to the outside is for
emergencies only and should be closed and locked under normal
circumstances.
Only authorized employees are allowed onto the manufacturing
floor.
The employer wants to monitor manufacturing employees who ex
the building through the warehouse to the rear entrance.
The following illustration shows the same floor plan, with access
control devices in place.
Emergency Exit:Loading Dock:
Warehouse Manufacturing Floor
Main Entrance: Card Reader
Single Reader
Office
at RearEntrance
Door Switch isSupervised
Door Switch isSupervised
for Employee Access
Dual-ReaderDoor
Motion Detector:
Single-ReaderDoor
Camera:CapturesVideo
Unlocks Door during Regular HoursTriggers Video during Off Hours
8/3/2019 Access Control Essentials Guide
15/170
Chapter 1: Getting Start
Andover Continuum CyberStation Access Control Essentials Guide
The following table describes how these access control devices addres
the issues identified for this facility. Note that the devices used in thi
example are only one of many possible access control solutions that ca
be implemented.
Area or Door Access Control
Main Entrance Card reader allows access to
employees. No access to visitors
unless the receptionist is present.
Motion detector unlocks door for
exiting during regular hours, and
triggers alarm with video during off
hours.
Camera captures video if triggeredduring off hours. Security guard at
CyberStation workstation is alerted
and can view video.
Supervised input on door detects
tampering and trigger an alarm.
Door to Manufacturing
from Office
Card reader allows access only to
authorized employees.
No access-validation needed to exit
Manufacturing through this door.Door to Manufacturing
from Warehouse
Card reader allows access to
Manufacturing only to authorized
employees, and requires employees to
present access cards to exit
Manufacturing through this door.
Rear Entrance Card reader allows employees access
to Warehouse.
No access validation needed to exit to
the outside using this door. Supervised inputs on door detect
opening or tampering during off
hours and trigger an alarm.
8/3/2019 Access Control Essentials Guide
16/170
Chapter 1: Getting Started
16 Schneider Electric
Loading Dock Supervised inputs on door detect
opening or tampering during off
hours and trigger an alarm.
Emergency Exit Supervised inputs on door detect
opening or tampering and trigger an
alarm.
Area or Door Access Control
8/3/2019 Access Control Essentials Guide
17/170
Chapter 1: Getting Start
Andover Continuum CyberStation Access Control Essentials Guide
Overview of an Access Control Network
This illustration represents a sample Andover Continuum Security
architecture.
The following components are standard in a security setup:
CyberStation
ACX 57xx Controller
NetController II
web.Client Server
Integral DVMS (Digital Video Management System)
Badge Printer
8/3/2019 Access Control Essentials Guide
18/170
Chapter 1: Getting Started
18 Schneider Electric
8/3/2019 Access Control Essentials Guide
19/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
Chapter 2
Configuring an AccessControl System
This chapter contains step-by-step procedures for configuring an acces
control network in CyberStation using ACX 57xx and NetController I
controllers. The chapter presents basic configuration tasks in the
sequence that you typically perform them.
So that you can more readily understand how the elements of an acces
control network work together, the procedures in this chapter cover
basic setup tasks for a simple network. Each procedure provides cross
references to the CyberStation online help so that you can obtain
complete, detailed information about all the options associated with aconfiguration task.
8/3/2019 Access Control Essentials Guide
20/170
Chapter 2: Configuring an Access Control System
20 Schneider Electric
Task 1: Open Continuum Explorer
Objects are the building blocks of your access control network. In
CyberStation, objects are categorized by class. Area, Door, Schedule,
and Personnel are examples of object classes. An objects attributes ar
determined by its object class, although the attribute values are
specific to the individual objects.
Objects may represent:
Physical devices, such as a controller or a workstation
Folders that are storage locations for objects
Data, such as points, alarms, schedules, and personnel records
When you configure a network in CyberStation, you create the objectthat correspond to the devices, folders, and data in your network, and
you specify their attribute values. Continuum Explorer is the tool tha
you use to configure and manage your network.
Navigation Pane
Select an object inthis pane to displaythe objects it containsin the Viewing Pane.
Networks and theirobjects areorganized in ahierarchy underRoot.
Viewing Pane
8/3/2019 Access Control Essentials Guide
21/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
Open Continuum Explorer
1. Open CyberStation if it is not running at your workstation, and
login.
2. At the CyberStation main menu, click Explorer.
Note:You can also open Continuum by clicking:
Start>Programs>Continuum>Continuum Explorer
Continuum Explorer opens. The navigation pane does not yet
contain any network objects or controllers. However, other
predefined objects, created for you during installation, are
displayed.
3. Proceed to Task 2: Create a Network and a Controller on page 2
More About Continuum Explorer
See the topic, Continuum Explorer in the CyberStation online help.
8/3/2019 Access Control Essentials Guide
22/170
Chapter 2: Configuring an Access Control System
22 Schneider Electric
Task 2: Create a Network and a Controller
A network is a logical organization of controllers that know about eac
other and have the ability to exchange data. The ACX 57xx is a highl
intelligent controller that is designed for access control.
Containers and Parent/Child Objects
Each network in CyberStation has a hierarchical structure of objects
Many objects can be containers for other objects. For example, a
network object contains all the controllers in that network.
A container object is also called a parent object. All objects within the
container are child objects that are owned by the parent object. Thes
relationships are important for organizing the many objects that mak
up a network. They are also significant because you can apply setting
to container objects that affect all the child objects within them.
Each network contains one or more controllers, up toa maximum of 190 controllers. You can create additionalnetworks to manage more controllers.
8/3/2019 Access Control Essentials Guide
23/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
Create a Network
When you configure an access control network, the first object you
create is the network itself.
1. In Continuum Explorer, right click Root, select New, and thenselect Network.
2. Enter a name for the network for Object Name, and click the
Create button.
3. In the Network editor, enter the Universal Time Coordinate
(UTC) offset in minutes for Time Zone.
The UTC offset is the difference between your local time and
Greenwich Mean Time (GMT). Enter - if local time is behind
GMT.
Note: -300 minutes is an example of the Time Zone offset for
Eastern Standard time.
4. Click OK.
CyberStation creates analias from the object namethat you enter. You canedit the alias if you wish.An alias cannot containsymbols or spaces.
CAUTION
It is required that you locate Continuum controllers and workstations and
Pelco video system in the same time zone. You should also ensure that they
are time synchronized with each other.
The system manager can act as a time server. Since the system manager isessentially a PC, however, be aware that the time of the PC may drift.
8/3/2019 Access Control Essentials Guide
24/170
Chapter 2: Configuring an Access Control System
24 Schneider Electric
Web Configuration for Controllers
The NetController II and the ACX controllers are commissioned and
configured using your PCs Internet Browser.
To configure the controller, it must be installed and connected to yourEthernet network.
IP configurable NetControllers and ACX controllers are shipped with
default IP addresses and Subnet Mask values. These values must be
changed to new values, which are assigned by your local IT personnel
The default values for all IP configurable controllers are:
IP Address: 169.254.1.1
Subnet Mask: 255.255.0.0
Prior to changing these values, the PC being used to commission thecontrollers must be configured to communicate with the controllers a
their default address.
The setup values for the PC are:
IP Address: 169.254.1.(191-254)
Subnet Mask: 255.255.255.0
1. From Microsoft Internet Explorer, in theAddress field, enter the
controllers default IP address (169.254.1.1).
The Andover Continuum EmbeddedWebServer page appears.
2. Select Controller ConfigurationOptions.
8/3/2019 Access Control Essentials Guide
25/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
The Controller Configuration Login dialog displays.
3. In the login dialog enter the default controller user name and
password:
Username: acc
Password: acc
Note: The password can be changed by right clicking the Continuum
task icon and selecting Change your password...
4. Select OK.
8/3/2019 Access Control Essentials Guide
26/170
Chapter 2: Configuring an Access Control System
26 Schneider Electric
The Controller Configuration screen appears on the left menu.
5. Select Controller Configuration.
6. In the Configurable Properties section enter the following
information:
ACCNet ID
IP Address
Subnet Mask
Gateway Address
Web Server Port
PPP IP Address
Transport Type; use the drop down menu to make the proper
selection.7. In the Miscellaneous section, using the dropdown menu, select
the following information:
IO Configuration
Comm4 Port Line
8/3/2019 Access Control Essentials Guide
27/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
8. Select Submit to Controller.
9. Exit the configuration setup.
Note: Once you have finished commissioning your controller, your PC
IP address and Subnet Mask value can be returned to their
normal settings.
Create a Controller
Note: Before performing this procedure, you must first install the
controller, connect it to your Ethernet network, and then
commission the controller. Refer to Web Configuration for
Controllers on page 24.
1. In Continuum Explorer, right click the existing network object,
select New, and then select InfinityController.
2. Enter a controller name for Object Name, and click the Create
button.
3. In the InfinityController editor, enter a unique number from 1 t
190 forACCNetID.
Note: This must match what was entered in the web configuration
page.
The ACCNetID value uniquely identifies the controller within theaccess control network.
4. Select the controller model from the Controller Type dropdown
menu.
8/3/2019 Access Control Essentials Guide
28/170
Chapter 2: Configuring an Access Control System
28 Schneider Electric
For example, select 5740 for an ACX 5740 controller.
5. Select the Network tab.
6. Enter the IP address of the controller and subnet mask, and if
required, enter the default router.
You obtain this information from your IT administrator.
7. ClickApply.
8. Select the General tab, and then click the Teach button.
9. In the Select Teach Mode dialog, select the InfinityController
Teach radio button, and click OK.
Note: To confirm that the Comm Status is online, click the Refresh
button.
10. Click OK to close the InfinityController editor.
11. Proceed to Task 5: Designate the Primary Access Server on
page 44.
Serial Numberand Versionwill be readfrom thecontroller afterthe Teachoperation.
8/3/2019 Access Control Essentials Guide
29/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
More about Networks and Controllers
See the following topics in the CyberStation online help:
Network Editor
InfinityController Editor
8/3/2019 Access Control Essentials Guide
30/170
Chapter 2: Configuring an Access Control System
30 Schneider Electric
Task 3: Configure IOU Modules
After you finish configuring a controller with the Comm port editor, yo
can define your input and output. Start by defining the IOU modules
with the IOUModule editor.
IOU modules are electrical units that contain a number of input and/o
output circuits that are electrically and sometimes physically attache
to controllers. They provide controllers with the ability to interface
with the outside world. There are four types of IOU Modules:
Input modules
Output modules
Mixed input and output modules
Special-purpose modules
Creating an IOU Module Object
The following steps allow you to add an IOU Module object for an IOU
Module connected to a controller.
1. Right click the controller that you want to own this module, selec
New, and then select IOUModule.2. When the New dialog appears, name the IOUModule and click
Create.
8/3/2019 Access Control Essentials Guide
31/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
General Tab IOUModule Editor
Use the General tab to enter basic information about the IOU modu
Description The description is optional, but a good description of
the IOUModule object helps others when they need
to test, modify or manipulate the network. To enter
a description, type up to 32 characters (includingspaces) in the text field.
IOU Number Enter the IOU number here. You must manually
assign a unique number (between 1 and 32) for each
IOU module on a network controller.
Physically label the IOU modules with the numbers
you assign. This number is not the same as the 12-
digit module ID # assigned to the individual module
at the factory.
You will use this number when you configure pointson this controller.
Model
Number
The model number identifies the type of the
IOUModule and is read from the module.
8/3/2019 Access Control Essentials Guide
32/170
Chapter 2: Configuring an Access Control System
32 Schneider Electric
Security Level Tab IOUModule Editor
The SecurityLevel tab shows the object security level and access
privileges for the object.
More about the IOUModule Editor
For more information, see the IOUModule Editor topic and its relate
subtopics in the CyberStation online help.
Comm
Status
This displays Online or Offline, depending on
whether the controller is in communication with the
module.
Module ID
andProgram ID
These Schneider Electric-assigned numbers appear
after the Learn process. The only time you will needthese numbers is when speaking to a Schneider
Electric Support Representative. These numbers
will help our staff to answer your questions. You
may manually enter the Module ID number in this
field, (if you know it), rather than following the
Learn process.
Learn Use the Learn button to commission the IOU
module on the network. See Commissioning an
IOU Module on page 33 later in this chapter.
Wink Use theWink button after commissioning the IOUmodule to confirm that your system recognizes the
IOU module.
Click theWink button. The Status light on the IOU
module should flash. This indicates the IOU module
was successfully commissioned.
Update IOU Click the Update IOU button to browse for a *.iou
file (a Schneider Electric-provided Flash File for
individual modules) when updating IOU modules
with new firmware.
8/3/2019 Access Control Essentials Guide
33/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
Commissioning an IOU Module
Perform this procedure after installing the IOU module on the
controller.
1. In the IOUModule editor, click the Learn button.
A dialog displays requesting the operator to press the Commissiobutton on the physical module.
2. At the IOU Module, press the Commission button on the front
panel.
The dialog at the workstation should disappear indicating that it
received the information from the module.
If the module is not easily accessible, you can enter the module ID
found on the label inside the cover of the module into field, and
click theApply button.
3. In the IOUModule editor, click the Refresh button.
The ModuleID for commissioned module, the ProgramID field, an
the IO model type (i.e., AO-4-8) are automatically entered. This
information was received from the module. Also, the Comm Statu
should be Online.
8/3/2019 Access Control Essentials Guide
34/170
Chapter 2: Configuring an Access Control System
34 Schneider Electric
Task 4: Configure Controller Comm Ports
The comm port you select to configure and the settings you choose in
the CommPort editor depend on the model of network controller and
the device you want to connect to it. Refer to the CommPort Editor top
of the CyberStation online help to identify the appropriate settings to
use for your devices.
To configure a comm port, follow these steps:
1. In Continuum Explorer, expand the network controller whose
comm ports you want to configure.
2. CommPort objects appear in the list of objects in the viewing pan
Double click the CommPort class folder under the controller.
3. Double click the CommPort object you want to configure.
4. In the CommPort editor, select the appropriate settings in each ta
as described on the following pages.
5. Click OK.
8/3/2019 Access Control Essentials Guide
35/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
General Tab CommPort Editor
In the General tab, enter basic information about the comm port.
Note: In the event of a controller reset, each comm port reverts to its
original default mode. For a complete list of default modes for
each comm port on each controller, please see the help topics:
Configuring Settings for Infinet or MSTP, Default Modes for
Controller Comm Ports, and Summary of Comm Port
Characteristics.
Description Type in a description for the comm port. You can use
up to 32 alphanumeric characters. This attribute isoptional, but providing a good description can aid
other users.
Comm Port
Number
The CommPort attribute displays the number of the
comm ports you are editing.
Default
Mode
Each comm port has a default mode. To change the
default mode, select a different one from the
Default Mode dropdown menu. The Settings tab
displays different attributes, depending on the
default mode you select.
Refer to the table of default modes and their
descriptions for more information.
8/3/2019 Access Control Essentials Guide
36/170
Chapter 2: Configuring an Access Control System
36 Schneider Electric
.
Default Mode Description
Printer Select this option when connecting a serial
printer to this port.
XDriver(XDriver option
must be enabled
to support this
function)
Select this option to use a customized externalequipment driver to connect to a third-party
device.
Note: Before you can select the XDriver, you
must first install it using the instructions
provided with the software.
To select an XDriver file, click the browse button
to locate and select the file for the XDriver.
NotConfigured Select this option if the comm port is available.
Indicates that the port is not preset to any other
default mode configuration.
8/3/2019 Access Control Essentials Guide
37/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
Viewing the Status of an XDriver Device
In the General tab, click theXDriver Status button to view the
status of the device that is using the XDriver. TheXDriver Status
button displays the following read-only information:
Status Displays the status of the device, or
XdrvNotInstalled when no XDriver file
has been selected.
Error Displays the last error to occur on the
device.
Error Time Displays the time and date that the last
error occurred on the device.
Error Count Displays the number of errors that have
occurred on the device since you last set it to
zero. Increments to 255 errors and remains
set at 255 until you reset it to zero by
clicking the Reset Count button.
8/3/2019 Access Control Essentials Guide
38/170
Chapter 2: Configuring an Access Control System
38 Schneider Electric
Settings Tab CommPort Editor
The Settings tab is where you view or edit the communications spee
and handshaking settings for the mode that you have chosen for the
port.
Depending on which Default Mode you select on the General tab, som
of the attributes on this tab may be unselectable (appear gray).
Baud Rate The Baud rate is the speed, measured in bits per
second, at which the controller sends
information to the device that you are
connecting to the comm port. Select the baud
rate that matches that required by the
equipment connected to this port.
8/3/2019 Access Control Essentials Guide
39/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
Track CXD This option monitors a communications carrier
detect signal called CXD. When selected, it
enables the controller to detect when
communication with connected objects has been
lost.
Depending on your modem configuration, the
CXD (sometimes called DCD) signal (pin 8 on an
RS_232 connector) is asserted high when the
communications link is established between
modems. Once the carrier signal is lost, CXD
goes low. Track CXD looks for the high-to-low
transition and makes the controller reset this
comm port to its default mode. Track CXD
cleans up the comm port by logging off the last
user. Track CXD is selected by default, and it isrequired for comm ports that are connected to
modems. If Track CXD is not selected, the
controller cannot respond to the loss of the CXD
signal.
Flow Control The flow control type determines how the comm
port handles the flow of data between the
controller and its attaches device (usually a
printer, modem, or terminal). This process is
also known as handshaking.
Select one of the following options from thedropdown menu:
NoFlowControl: Select this flow control
type if you do not want to regulate the flow
of information between the controller and its
attached printer, modem, or terminal.
Without a flow control type, buffers that
hold data that is being transmitted or
received could overflow, and some data could
get lost.
8/3/2019 Access Control Essentials Guide
40/170
Chapter 2: Configuring an Access Control System
40 Schneider Electric
CtsRts: This flow control type uses hardware
signals to send clear to send (Cts) and request
to send (Rts) messages. Both of these messages
must be acknowledged by the controller and its
attached device before information can be
transmitted.
XonXoff: This control flow type uses
software signals in the form of characters
that are sent as part of the data being
transmitted. When the controller or its
attached device detects that it has been sent
anXon character, it makes itself available
to receive data. It considers all data received
after theXon character as valid. When it
detects anXoffcharacter at the end of thedata steam, the controller or attached device
knows the transmission is complete.
XonXoff CtsRts: This flow control type uses
both the software (XonXoff) and hardware
(CtsRts) handshake methods for regulating
the flow of information between the
controller and its attached device.
Current Mode This is a read-only attribute that shows you the
default mode selected in the General tab.
8/3/2019 Access Control Essentials Guide
41/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
SecurityLevel Tab CommPort Editor
Refer to CommPort Editor topic of the CyberStation online help for
details regarding attaching or detaching SecurityLevel objects.
Field Bus Controllers Tab CommPort Editor
When you set the General tabs Default Mode to Infinet, MS/TP, o
Wireless, the Field Bus Controllers tab appears on the CommPort
editor.
This tab displays the controllers that reside on their respective field
bus network Infinet, BACnet MS/TP, or Wireless connected to
this comm port. The controllers will not display, however, until you
click the Learn button on the Settings tab.
The CommStatus column displays either Online or Offline for
controllers listed in the Name column. When a controller is Online, i
is communicating with the rest of the network.
When a controller is Offline, it is not in communication with the rest o
the network. This information is read only.
8/3/2019 Access Control Essentials Guide
42/170
Chapter 2: Configuring an Access Control System
42 Schneider Electric
NetController II Model 9680
Comm Port Default Mode Other Modes
Infinet Port - -
User Port - -
COMM1 AutoSet Printer; Infinet; Lbus; LON
PPP; Wireless; XDriver
COMM2 AutoSet Printer; Infinet; Wireless;
XDriver
COMM3 AutoSet Printer; PP; XDriver
COMM4 AutoSet Printer I; Lbus; XDriver
COMM16 LON XDriver
Custom Port - -
8/3/2019 Access Control Essentials Guide
43/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
ACX 57XX Series
Note: For additional information, in the Comm Port editor, see the
help topics: Configure Settings for Infinet, Default Modes for
Controller Comm Ports, and Summary of Comm Port
Characteristics
Comm Port Default Mode Other Modes
Infinet Port - -
User Port - -COMM1 AutoSet Infinet; Wireless; XDriver
COMM2 - -
COMM3 - -
COMM4 - -
COMM16 - -
Custom Port - -
8/3/2019 Access Control Essentials Guide
44/170
Chapter 2: Configuring an Access Control System
44 Schneider Electric
Task 5: Designate the Primary Access Server
The Primary Access Server is the CyberStation workstation that you
designate to record access events in the CyberStation database. If you
network has multiple CyberStation workstations, you also should
designate another workstation as a Secondary Access Server.
1. In Continuum Explorer, right click the workstation that you wan
to make the primary access server, and select Edit.
2. In the General tab of the Device editor, check the Primary
Access Server check box, and click OK.
3. When prompted to teach the controllers and workstations aboutthis workstation, clickYes.
4. Proceed to Task 6: Create CyberStation Points on page 45.
More about the Primary Access Server
See the topic Device Editor in the CyberStation online help.
Select thischeck box.
8/3/2019 Access Control Essentials Guide
45/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
Task 6: Create CyberStation Points
A point is an object that stores a value, such as an input indicating th
status of a door lock, an output that locks or unlocks a door, or a
True-False condition that triggers an alarm.
In access control systems, you most often work with the following type
of point objects:
Points enable you to monitor and control access events. You use these
points with schedules, alarms, and other objects to establish routine
access control and to respond to unauthorized access events.
Create an InfinityInput Point
Supervised input points can monitor:
The status of a contact or switch, and
Whether the wiring for the contact or switch was tampered with.
Supervised points can have one of three values: On, Off, or Trouble.
Point Type Use in Access Control Systems
Supervised
InfinityInput
Used to monitor contact status as well as the
condition of the wiring, allowing
CyberStation to detect that wiring was
tampered with.
Digital InfinityOutput Used to specify a digital (On or Off) value,
allowing CyberStation to change the status
of a switch or a contact.
InfinityNumeric Software point that stores a number value,
including an On/Off value (1 or 0).
InfinityDateTime Software point that stores a date and time
value.
InfinityString Software point that stores text.
8/3/2019 Access Control Essentials Guide
46/170
Chapter 2: Configuring an Access Control System
46 Schneider Electric
You create a supervised input point for each input (for example, from
contact sensor) from the devices wired to channels at each controller i
your network.
1. In Continuum Explorer, right click the controller where you want
to create the point, select New, and then select InfinityInput.
2. Enter a point name for Object name, and click the Create butto
3. In the General tab of the InfinityInput editor, enter the units fo
this point.
For example, define the meaning of the On value: On = Closed.
Leave theValue field at 0. The system updates the value with th
input from the associated controller channel.
4. Select the Settings tab.
5. Select Supervised for Elec Type.
6. Enter the controller channel number (marked on the controller) t
which this input is wired.
7. Enter $####### for Format.
Entering a descriptionhelps other usersidentify what this pointrepresents.
8/3/2019 Access Control Essentials Guide
47/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
$ indicates a text value. Each# is a placeholder for one character
This format enables On, Off, or Trouble to be reported for the valu
$ indicates a text value. Each# is a placeholder for one character
Use a period to indicate the position of the decimal point, if neede
An example for the Format value is $#####.#
8. Select the appropriate input type based on the wired configuratioof the switch (normally open with a resistor in series, normally
closed with a resistor in series).
9. Click OK.
8/3/2019 Access Control Essentials Guide
48/170
Chapter 2: Configuring an Access Control System
48 Schneider Electric
Create an InfinityOutput Point
An InfinityOutput point is a digital point that stores the value of a
signal sent to an access control device. The value is sent via the
controller channel to which the device is wired, and is used to control
the device. For example, the output may lock a door.
An output point can have a value of On or Off. You create an output
point for each output (for example, to a door lock) to the devices wired
to channels at each controller in your network.
1. In Continuum Explorer, right click the controller where you want
to create the point, select New, and then select InfinityOutput.
2. Enter a point name for Object name, and click the Create butto
3. In the General tab of the InfinityOutput editor, enter the units
for this point.
For example, define the meaning of the On value: On = Unlock.
Leave theValue field at 0.
4. Select the Settings tab.
5. Select Digital for Elec Type.
8/3/2019 Access Control Essentials Guide
49/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
6. Enter the controller channel number (marked on the controller) t
which this output is wired.
7. Enter $### for Format.
$ indicates a text value. Each# is a placeholder for one character
This format enables On or Off to be reported for the value.
8. Click OK.
8/3/2019 Access Control Essentials Guide
50/170
Chapter 2: Configuring an Access Control System
50 Schneider Electric
Create an InfinityNumeric Point
An InfinityNumeric point stores a number value, such as:
1. In Continuum Explorer, right click the controller where you want
to create the point, select New, and then select InfinityNumeric
2. Enter a point name for Object name, and click the Create butto
3. In the General tab of the InfinityNumeric editor, enter the unifor this point.
For example, define the meaning of the point value: Max.
Occupancy = 100 or On=Occupied.
4. LeaveValue empty, or enter a value, depending on how you inten
to use this point.
For example, if the point will be a constant, enter the number. If
the value will be the result of a calculation, do not enter anything
in the field.
5. Enter the format of the value for Format.
$ indicates a text value. Each# is a placeholder for one character
Use a period to indicate the position of the decimal point, if neede
Value Example
System constant Maximum occupancy for a specific area
Result of a calculation Current occupancy of the area
Logical value On or Off value set by a schedule
8/3/2019 Access Control Essentials Guide
51/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
An example for the Format value is $#####.#.
6. Click OK.
7. Proceed to Task 7: Create Areas on page 52.
More about Points
See the following topics in the CyberStation online help:
InfinityInput Editor
InfinityOutput Editor
InfinityNumeric Editor
8/3/2019 Access Control Essentials Guide
52/170
Chapter 2: Configuring an Access Control System
52 Schneider Electric
Task 7: Create Areas
An area is a space that can be accessed only by passing through an
access control device, such as a card reader or keypad. Each area can b
accessed through one or more doors where access control devices are
configured.
For example, the manufacturing floor of a small facility might have
doors leading to other areas of the facility, such as an office area, stoc
room, and emergency exit to the outside.
Factors to Consider When Defining Areas
Unlike Door objects, which correspond to actual doors in your facility
Area objects are not necessarily direct representations of each physic
space in your facility. The number of Area objects that you need tocreate depends on many factors, including:
The size and physical layout of your facility
The movement of personnel into, out of, and through your facility
Lobby/Offices
ManufacturingFloor
Stock Room
8/3/2019 Access Control Essentials Guide
53/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
The degree of access control that you require for the movement of
personnel within the facility
The types of personnel who need access to various locations in you
facility and when access is needed
After you create an area object, you configure doors that access thearea. You also assign the area to personnel who need access to it. In
addition, you can attach schedule points to Door and Personnel object
to determine when access can occur.
Create an Area
Because the doors accessing an area may be managed by different
controllers, you typically create a folder for Area objects from Root.
1. In Continuum Explorer, right click Root, select New, and then
select Folder.2. Enter a folder name, and click the Create button.
3. Right click the folder, select New, and then selectArea.
4. Enter an area name, and click the Create button.
5. In theArea editor, click OK.
You can now assign doors and personnel to this area.
6. Proceed to Task 8: Create Doors on page 54.
More about Areas
See the topic Area Editor in the CyberStation online help.
8/3/2019 Access Control Essentials Guide
54/170
Chapter 2: Configuring an Access Control System
54 Schneider Electric
Task 8: Create Doors
Door objects, along with Area and Personnel objects, are the
fundamental elements of your access control system. Door objects are
highly customizable, and you can configure doors to meet the access
control requirements of specific locations. You can configure access
control devices, such as card readers and keypads, on one side of a doo
(single-reader door) or on both sides (dual-reader door).
When to Create a Door
You create Door objects only for doors that have access control device
associated with them. If you want to monitor a door that is simply
closed or locked under normal circumstances, such as a fire door, you
can do this by setting up supervised input points for the door switchand contacts.
Data that Defines a Door
You will need the following information to define each door:
Card-format information for access-card sets
Site codes (Wiegand or ABA card formats only) accepted at the do
Area(s) to which the door provides access
Type of validation needed at the door (by site code, card number,personal identification number [PIN], etc.)
Channel numbers for card reader and keypad inputs
Channel numbers for door inputs and outputs
You can also attach schedule points to a door to determine when the
door is locked or unlocked or when no access is allowed.
8/3/2019 Access Control Essentials Guide
55/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
Create a Door
You create Door objects in the controller to which the door and reader
inputs and outputs are wired.
1. In Continuum Explorer, right click the controller where you wantto add the door, select New, and then select Door.
2. Enter a door name, and click the Create button.
3. In the Door editor, select the Card Formats tab.
4. If you use Wiegand cards, enter the site code(s) used with your
access cards.
Note:You can have up to four site codes per door.
8/3/2019 Access Control Essentials Guide
56/170
Chapter 2: Configuring an Access Control System
56 Schneider Electric
5. Select the card format,Wiegand orABA, and then select the
individual formats that you want the reader to recognize.
Note: The FIPS-PIV options are included in theWiegand Formats
section. Cyberstation version 1.9 and higher supports this speci
personnel category for federal employees and contractors whosesecurity identification must comply with the Federal Informatio
Processing Standard for Person Identity Verification (FIPS-PIV
In Cyberstation you can configure door and Personnel objects t
accommodate FIPS-PIV card or credential holders and FIPS-
PIV card readers. For more information, seeAdding FIPS-PIV
Card Credentials in Chapter 4,Advanced Topics for Access
Control. Refer also to the CyberStation help topic, Defining a
Custom FIPS-PIV String Format.
6. Select the Entry Reader tab.
7. Enter the channel number on the controller that is connected to th
card reader at this door.
8. Select the area to which the door provides access.
8/3/2019 Access Control Essentials Guide
57/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
9. Select the access validation options required at this door.
10. If the door has readers on both sides, select the Exit Reader tab
and repeat steps 7 - 9 to configure the second reader.
8/3/2019 Access Control Essentials Guide
58/170
Chapter 2: Configuring an Access Control System
58 Schneider Electric
11. Select the Channels tab.
12. Enter the channel number where each input or output is wired.
Channel Description
Door Output Channel to which the door lock is wired.
ADA (Americans
with Disabilities
Act) Output
Channel to which an electronic door opener
is wired.
Alarm Output Channel that will be energized when an
alarm condition is active at this door.
Exit Request Input Channel that receives input from a motion
detector, request-to-exit (REX) button, or
other REX device.
8/3/2019 Access Control Essentials Guide
59/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
Door Switch Input Channel to which the door switch is wired.
The door switch monitors whether the door
is open or closed. You also select the resistor
type for the switch.
Bond Sensor Input Channel to which a bond sensor is wired. A
bond sensor determines the physical position
of the door latch. You also select the resistor
type for the sensor.
ADA (Americans
with Disabilities
Act) Exit Request
Input
Channel for input that requests that the
door be opened for a person to leave the area
accessed by this door.
ADA (Americans
with Disabilities
Act) Input
Channel for input indicating that the card
holder has ADA access enabled on his or her
access card.
Channel Description
8/3/2019 Access Control Essentials Guide
60/170
Chapter 2: Configuring an Access Control System
60 Schneider Electric
13. Select the Options tab.
8/3/2019 Access Control Essentials Guide
61/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
14. Under Send Access Events, select the events you want to log fo
this door.
The events that you select for this door can be shown in logs,
ListView and EventView windows, and reports. Events not selecte
here are not captured and cannot be retrieved for later viewing anreporting.
15. Click OK.
Note: Cyberstation version 1.9 and higher supports a special personn
category for federal employees and contractors whose security
identification must comply with the Federal Information
Processing Standard for Person Identity Verification (FIPS-PIV
In Cyberstation you can configure door and Personnel objects to
accommodate FIPS-PIV card or credential holders and FIPS-
PIV card readers. For more information, seeAdding FIPS-PIVCard Credentials in Chapter 4,Advanced Topics for Access
Control.
View Doors Assigned to an Area
1. In Continuum Explorer, expand the folder where you created area
and double click the area to which you assigned the new door.
2. In theArea editor, select the Doors to Area tab.
8/3/2019 Access Control Essentials Guide
62/170
Chapter 2: Configuring an Access Control System
62 Schneider Electric
The door you created now appears in the list. The list indicates
whether the door provides access to the area, exits the area, or
both.
3. Click Cancel.
4. Proceed to Task 9: Create Personnel on page 63.
More about Doors
See either the topic, Door, and its subtopics, or Door Editor in the
CyberStation online help.
8/3/2019 Access Control Essentials Guide
63/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
Task 9: Create Personnel
A Personnel object stores the access information for each person
authorized to enter your facility. Personnel objects can also store
personal and employee data for each person.
Access-Control Information in a Personnel Object
You can specify access control information for each Personnel object,
such as:
Card format
Site code
Card number
Card expiration date
Areas to which the person has access rights
8/3/2019 Access Control Essentials Guide
64/170
Chapter 2: Configuring an Access Control System
64 Schneider Electric
Schedules points that determine when the person can access
assigned areas
More advanced access control settings, such as area clearance levels
and executive privilege, can also be defined in a Personnel object. Thes
are described in greater detail in the CyberStation online help.
In addition, if you have purchased the badging option, you can create
ID badges for Personnel objects. The badges can include a photo,
signature, fingerprint, etc., to identify the card holder.
Methods of Creating Personnel Objects
You have several options for creating Personnel objects:
You can enter new Personnel objects in the Personnel Manager
dialog.
You can use the Personal Import Utility to import personnelrecords from another application into CyberStation. Once importe
these records become Personnel objects that you can edit and
manage in the Personnel Manager.
You can import personnel records from a .CSV file and save the
imported data as Personnel objects.
You can create Personnel objects from templates.
You can add new Personnel objects from Continuum Explorer.
Open the Personnel Manager for the First Time
The Personnel Manager automatically opens when you double click a
Personnel object in Continuum Explorer. However, if you have not ye
created any Personnel objects, you create a new Personnel object in
Continuum Explorer, which also opens the Personnel Manager.
You typically create one or more folders in which to store Personnel
objects.
1. To create a Personnel folder in Continuum Explorer, right click
Root, select New, and then select Folder.
2. Enter a folder name, and click the Create button.
3. Right click the folder, select New, and then select Personnel.
8/3/2019 Access Control Essentials Guide
65/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
4. Enter a name for the Personnel object (for example, you might wan
to enter the last name and first initial of the person), and click th
Create button.
The Personnel Manager opens.
5. In the Details tab, enter the persons full name.
6. Select the card format for Card Type.
7. For Wiegand cards, enter the site code for the card. For FIPS-PIV
cards, enter agency code and system code.
8. Enter the card number. For FIPS-PIV cards, enter credentialnumber.
9. UnderAccess Rights, expand the UnAssigned areas list.
8/3/2019 Access Control Essentials Guide
66/170
Chapter 2: Configuring an Access Control System
66 Schneider Electric
10. Select the check box next to areas this person can access.
You can expand an area to attach a schedule point. Schedule poin
are described in Task 10: Create Schedules on page 68.
11. ClickApply.
Note: Cyberstation version 1.9 and higher supports a special personn
category for federal employees and contractors whose security
identification must comply with the Federal Information
Processing Standard for Person Identity Verification (FIPS-PIV
In Cyberstation you can configure door and Personnel objects t
accommodate FIPS-PIV card or credential holders and FIPS-
PIV card readers. For more information, seeAdding FIPS-PIV
Card Credentials in Chapter 4,Advanced Topics for Access
Control.
Create a Personnel Object in the Personnel Manager
When the Personnel Manager is open, you can continue creating
Personnel objects without closing and reopening it each time.
1. In the Personnel Manager, click theAdd Record button.
2. Repeat steps 5 - 11 above to enter information for this person.
3. When you finish adding Personnel objects, click OK to save the
current object and close the Personnel Manager.
4. Proceed to Task 10: Create Schedules on page 68.
Note:An alternate method for creating a Personnel object is with the
Personnel Editor. Refer to the Personnel Editor topic in the
CyberStation online help for more details.
8/3/2019 Access Control Essentials Guide
67/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
More about Personnel Objects
See the following topics in the CyberStation online help:
Personnel Manager
Personnel Editor
Personnel Import Utility
Allowed Credentials Dialog
8/3/2019 Access Control Essentials Guide
68/170
Chapter 2: Configuring an Access Control System
68 Schneider Electric
Task 10: Create Schedules
A schedule is a graphical calendar of events that CyberStation uses t
determine when activities occur. Access-control activities that you ca
manage with schedules include:
When doors are locked or unlocked
When personnel have access to areas
About Schedule Points
Schedules use the following points to determine when the schedule is
active and which CyberStation objects are controlled by the schedule
InfinityDateTime points that are updated with occupied and
unoccupied times An InfinityNumeric or InfinityOutput point whose value is set by
the schedule. Other objects that reference this point, such as a doo
are controlled by the schedule that sets the point value.
8/3/2019 Access Control Essentials Guide
69/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
Create and Configure a Schedule
You create schedules in the controller where the schedule will be used
(Later, you can use the Schedule editors Mass Create feature to copy
the schedule to other controllers in your network, if needed.)
Note: Before creating a schedule, you must create the points called fo
in the schedule. See Task 6: Create CyberStation Points on
page 45.
1. In Continuum Explorer, right click the controller, select New, an
then select Schedule.
2. Enter a schedule name, and click the Create button.
3. In the Schedule editor, select the Configuration tab.
8/3/2019 Access Control Essentials Guide
70/170
Chapter 2: Configuring an Access Control System
70 Schneider Electric
4. Under Point Configuration, use the browse button to locate eac
of the following points:
An InfinityDateTime point that the schedule updates with the
next occupancy time (the date and time at which an area will
next be occupied) An InfinityDateTime point that the schedule updates with the
next unoccupancy time (the date and time at which an area wi
next be unoccupied)
5. Use the browse button to locate the InfinityNumeric point that th
schedule will set for Occupancy Point.
The value of this point will be set to On (Occupancy Time is now.)
or Off (Unoccupancy Time is now.).
6. Check theAutomatic Download check box, and select the day othe week and the time you want CyberStation to download the
schedule to the controller.
7. Click OK.
8. In Continuum Explorer, right click the workstation that you wan
to perform the schedule download, and select Open.
9. In the General tab of the Device editor, click theAuto
Download check box, and click OK.
Each week, at the day and time you selected in the schedule, this
workstation downloads the next seven days of the schedule to the
controller.
Select this check box
8/3/2019 Access Control Essentials Guide
71/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
Attach a Schedule Point to a Door
After you create and configure a schedule, you attach the point you
selected for the Occupancy Point to the objects you want the schedule t
control.
1. In Continuum Explorer, double click the door to which you want t
attach the schedule point.
2. In the Door editor, select the Options tab.
3. Click the browse button next to one of the schedule fields, and
navigate to and select the schedule point you want to attach.
You can use schedule points to control the door in two ways:
4. If you are using the Force Lock option, select the Entry Reader
tab, and ensure that the Door Force Lock Schedule check box
selected for Normal underAccess Validation. Repeat for the
Exit Reader tab if this is a dual-reader door.
5. Click OK.
Attach the point to . . . To . . .
Door Force Lock
Schedule
Lock the door, with access allowed
to valid personnel when the
schedule is On, and
Lock the door, with no access
allowed when the schedule is Off.
Door Force Unlock
Schedule
Unlock the door, with no access
validation required when the
schedule is On, and
Lock the door, with access allowedto valid personnel when the
schedule is Off.
8/3/2019 Access Control Essentials Guide
72/170
Chapter 2: Configuring an Access Control System
72 Schneider Electric
Attach a Schedule Point to an Area in a Personnel Object
Attaching schedule points to areas in a Personnel object enables you
specify when this person can access the assigned areas without
affecting access to the areas by other personnel.
For example, you may want permanent employees to have access to
your facility at any time. You may also want temporary workers to
have access only during the regular business day and be denied acces
after hours. You can limit the times of access for temporary workers b
attaching schedule points to area assignments in their Personnel
objects.
1. In Continuum Explorer, double click the Personnel object that yo
want to edit.
2. In the Personnel Manager, underAccess Rights, expand
Assigned, and then expand an area where you want to attach a
schedule point.
If . . . Then . . .
A schedule point is attached toan area in the Personnel object
the person can access the area onlywhen the schedule associated with
the point is active.
No schedule point is attached
to an area in the Personnel
object
the person can access the area as
determined by schedules (if any)
that are attached to doors to the
area.
8/3/2019 Access Control Essentials Guide
73/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
3. Click the icon next toAdd Schedule to display theAdd Schedul
dialog.
4. Select the browse button next to Schedule Points Location to
locate, and select the controller with the schedule point that you
want to add.
5. Select a schedule point, select the area(s) where you want to attac
the point, and click OK.
6. Click OK.
7. Proceed to Task 11: Configure Alarms on page 75.
Click here to displaythe Add Scheduledialog.
Select aschedule pointin this pane . . .
. . . And in this paselect the check bfor each area thatyou want to use
the point.
8/3/2019 Access Control Essentials Guide
74/170
Chapter 2: Configuring an Access Control System
74 Schneider Electric
More about Schedules
See the following topics in the CyberStation online help:
Schedule Editor
Options Tab (located in the Door Editor topics)
Editing a Personnel Object (located in the Personnel Manager
topics)
8/3/2019 Access Control Essentials Guide
75/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
Task 11: Configure Alarms
When you have configured your access control system to define when
where, and to whom access is permitted, your next task is to set up
alarms that notify you when unauthorized access is attempted or othe
access-related conditions occur.
Two CyberStation objects work together to define alarm conditions an
the systems response to the alarm:
An EventNotification object determines what happens in respons
to the alarm.
An AlarmEnrollment object specifies the conditions that define th
alarm state and the return to normal state. You attach an
AlarmEnrollment object to the objects, such as doors and points, t
configure the alarm for that object.
About Event-Notification Objects
In an EventNotification object, you specify how the system responds t
an alarm condition. You also specify how a user, when notified of an
alarm, must respond to acknowledge the alarm.
Actions the system can take include:
Displaying alarm messages in the Active Alarm View window or
the Alarm Status bar at specific workstations
Beeping or playing an audio file at the workstations
Sending an e-mail message and/or paging one or more individuals
These EventNotification objects define the response toalarms of different levels of severity.
These AlarmEnrollment objects define some typicaldoor-related alarm conditions.
8/3/2019 Access Control Essentials Guide
76/170
Chapter 2: Configuring an Access Control System
76 Schneider Electric
Displaying a video layout that shows video from cameras in
locations affected by the alarm
Displaying a graphics panel associated with the alarm
You can also specify the notification actions that occur when the
conditions that triggered the alarm return to normal.
Create an Event-Notification Object
You create EventNotification objects in Root. Typically, you create a
folder in Root to store both EventNotification objects and
AlarmEnrollment objects.
1. In Continuum Explorer, right click Root, select New, and then
select Folder.
2. Enter a folder name, and click the Create button.
3. Right click the folder, select New, and then select
EventNotification.
4. Enter a name, and click the Create button.
Note: The Fault state referred to in the EventNotification editor does
not apply to access control events.
5. In the General tab of the EventNotification editor, enter anumber for the priority of the alarm state and the return to norma
state.
8/3/2019 Access Control Essentials Guide
77/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
Priority is used to sort events in the Active Alarm View window,
with higher-priority events (events with a smaller priority numbe
at the top of the list. For example, a certain kind of alarm may be
priority 1, while the return to normal for the alarm is priority 10.
You can choose how you want to assign priorities to alarms.
6. Under Colors and Fonts, right click to select the colors and font
used to display the alarm in the Active Alarm View window and th
Alarm Status bar.
7. If you want the notification to be reissued if the alarm continues,enter the number of minutes between notifications for Repeat.
8. Select theActions tab.
8/3/2019 Access Control Essentials Guide
78/170
Chapter 2: Configuring an Access Control System
78 Schneider Electric
9. Click the check box next to each action you want the system to tak
in notifying users of the alarm and the return to normal.
Note:You can receive an email notification of an alarm by choosing on
of the email selections from the checklist. For more information
about email notification of alarms see About Notification by Email and Pages on page 80.
10. Select the Delivery tab.
11. Click theAdd Recipient button.12. In the Recipients Configuration dialog, click the browse butto
to locate and select the CyberStation workstation to be notified of
the alarm.
Note: The recipients referred to in this dialog are the CyberStation
workstations that you want to be notified of the alarm and that
will then take the actions you selected in theActions tab.
13. Specify the days and times of day that this workstation should
receive the messages.
8/3/2019 Access Control Essentials Guide
79/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
For example, you might designate Workstation 1 as the recipient
alarm notification during office hours Monday through Friday. Yo
might then designate another workstation as the recipient of
notification at night and on weekends.
14. Click the check box next to the actions the workstation should tak
if it receives notification during the times you selected.
If you want the
workstation . . .Then . . .
Always to perform the
action
Select the check box under
Primary for the action.
To perform the action only
if a workstation that was
designated as primary forthis action is offline
Select the check box under
Secondary for the action.
To perform the action only
if a repeat of the alarm has
occurred
Select the check box under Backup
for the action.
8/3/2019 Access Control Essentials Guide
80/170
Chapter 2: Configuring an Access Control System
80 Schneider Electric
15. Click OK.
16. Select the Deactivate tab.
17. Select when to remove the alarm from the Active Alarm View
window.
18. Click OK.
You can now create an AlarmEnrollment object that uses this
EventNotification object.
About Notification by E-mail and Pages
If you want to use the e-mail and paging options in an
EventNotification object, you also need to set up distribution lists in
the e-mail application at the computer that distributes alarmnotifications. For each EventNotification object, create a distribution
list of the people you want to be paged or receive e-mail when an
associated alarm occurs.
Create the lists in the first address book that appears in the e-mail
application, and use the formats shown in the following table for the
list names. The list names in the Example column are for an
EventNotification object named dooralarms.
Requirements for forwarding CyberStation alarms via E-mail or page
The CyberStation workstations that have been designated primarand backup E-mail and/or page handlers must have a MAPI-
compliant E-mail client such as MS Exchange or Outlook.
The E-mail client application can communicate with an existing E
mail server application, such as MS Exchange Server.
The primary or backup E-mail/paging workstation must be runnin
CyberStation at the time an alarm is generated.
8/3/2019 Access Control Essentials Guide
81/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
Each EventNotification object associated with the alarms that you
wish to E-mail or page must have its own E-mail distribution list i
the personal address book or Contacts list of the client E-mail
application using a specified naming convention as outlined in Ste
4 below.
This E-mail distribution list must be stored in the first address
book shown in the list of available address books in the E-mail
client application. For example, if you create an EventNotification
distribution list in the Personal Address Book in Microsoft Outloo
then the Personal Address Book must be the first one showing in
the address list dropdown menu when you open the Address Book
Creating an EventNotification Distribution List
To create an E-mail or page distribution list, proceed as follows:
Note: The following steps are based on Microsoft Outlook. Other ma
applications may have different menu names and choices but the
general procedure is the same.
1. Open the Address Book for the E-mail account on the CyberStatio
workstation that will be providing the E-mail/paging service(s).
Your toolbar may have a button for this. If not, use the Address
Book option of the Tools menu.
2. Select New Entry from the Files menu.
3. Select the entry type Personal Distribution List and put thisentry in the Personal Address Book.
4. In the Name field enter a name for the distribution list using the
following format:
List
TypeFormat of List Name Example
E-mail acc.eventnotification.name
acc.eventnotification.dooralarms
Paging acc.page.eventnotificatio
n.name
acc.page.eventnotification.doo
ralarms
8/3/2019 Access Control Essentials Guide
82/170
Chapter 2: Configuring an Access Control System
82 Schneider Electric
For example, if your EventNotification object is named Severe, th
personal distribution list for E-mail deliveries should be named:
ACC.Severe. Likewise, your personal distribution list for page
deliveries should be named: ACC.page.Severe.
Note: Use the EventNotification object Name not the Alias, forexample, Critical Temp, not CriticalTemp.
5. Add members (the E-mail addresses or pager and service number
of those to whom the notification of the alarm will be sent) to you
personal distribution lists.
6. Set address book options so that the address book where your
personal distribution lists are stored is the first one to be searche
when sending E-mails or pages. For example, in Microsoft
Exchange, select Options from the Tools menu. Click the
Addressing tab. When sending mail, check names using theseaddress lists in the following order area, use theAdd button, the
the up or down arrow buttons to add the correct address book to
this field and position it at the top of the list.
About AlarmEnrollment Objects
An AlarmEnrollment object:
Defines the conditions that your access control system uses todetermine that a point is in the alarm state
Defines the conditions that the system uses to determine that the
point has returned to its normal state
Contains the text messages that are displayed in the Active Alarm
View window or the Alarm Status bar
Has an attached EventNotification object that defines how the
system responds to the alarm and notifies the appropriate people
You attach an AlarmEnrollment object to points, doors, and other
objects that you want to alarm.
8/3/2019 Access Control Essentials Guide
83/170
Chapter 2: Configuring an Access Control Syste
Andover Continuum CyberStation Access Control Essentials Guide
Create an Alarm-Enrollment Object
You create AlarmEnrollment objects in Root or in an alarms folder tha
you previously created in Root for AlarmEnrollment and
EventNotification objects.
1. In Continuum Explorer, right click the folder that contains your
AlarmEnrollment objects, select New, and then select
AlarmEnrollment.
2. Enter a name for the alarm (for example, doorisajar), and click
the Create button.
3. In the General tab of theAlarmEnrollment dialog, click the
browse button to locate and select the EventNotification object tha
determines how the system responds to the alarm.
4. SelectValue forAlarmed Attribute.
This is the attribute that triggers the alarm, based on the
parameters you define forVal