About ClearID architecture - ClearID

Genetec ClearID™ User Guide
Applies to
ClearID
Last updated
2024-04-09
Content type
Guides > User guides
Language
English
Product
ClearID

Genetec ClearID™ offered either as a globally distributed or as a European-only solution, synchronizes data between local sites, regional services, and global services. The web application modules perform tasks or share data between the authoritative sources, ClearID, and the endpoints.

IMPORTANT: Transferring or copying a customer account from one instance to another is not supported.

Globally distributed architecture

The following diagram illustrates the globally distributed solution. The diagram illustrates what data is stored, where data is stored, and how data flows between the local sites, the regional services, and the global services.
NOTE: Regional services and global services data is stored in the cloud.
ClearID takes advantage of the following:
  • Multiple Azure data centers - to minimize the risk of downtime.
  • Encrypted employee data - to minimize the risk of data theft.
  • Geo-localized data - to maintain less infrastructure and provides an optimized approach for data flow performance.
C ardholders Credentials Areas Cardholder groups Access rules Schedules (GSC) US data center C ardholders Credentials Areas Cardholder groups Access rules Schedules (GSC) C ardholders Credentials Areas Cardholder groups Access rules Schedules (GSC) Visitor management Self-service portal Workflows engine Email notifications A utomatic provisioning Identi ties 1 Policies and rules User authentication Area management A PI Global services Regional services Local sites Local custom fields Plugins EU data center US data center CA data center Asia data center Genetec ClearID™ globally distributed architecture C ardholders Credentials Areas Cardholder groups Access rules Schedules (GSC) AU data center C ardholders Credentials Areas Cardholder groups Access rules Schedules (GSC) Example: Paris Example: Sydney Example: New York Example: Montreal Example: Bangkok or or or or
NOTE: 1For more information about which data centers are used in the Global deployment, see the Microsoft Corporation entry in the ClearID section of the Genetec Subprocessors list.

For visitors, the relevant guest information is stored in global storage with the visit event information. This information is then transferred to the Security Center managing the site visited.

Europe only architecture

The following diagram illustrates the Europe only solution - where data is stored in European data centers. For example, when customers or company policies require data to be stored in Europe.
EU data center Visitor management Self-service portal Workflows engine Email notifications A utomatic provisioning Identities Cardholder credentials Policies and rules User authentication Area management A PI Services Local sites Local custom fields Plugins Genetec ClearID™ Europe only architecture Example: Bangkok Example: Montreal Example: New York Example: Paris Primary: Azure West Europe (Netherlands) Secondary: Azure North Europe (Ireland)

ClearID modules

The following diagram illustrates the ClearID web application modules that are available to customers:
Self-service Kiosk Mobile check-in Self-service Portal Plugin Visitor management Area management Access request Credential management Access control management Team management Single sign-on Identity life-cycle Provisioning Identity management HR ClearID API External sources Databases LDAP sync One identity sync Authoritative source Genetec ClearID™ Global identity management service Endpoint Genetec ClearID™ modules
Authoritative source
Shows the identity provisioning options that are available to customers. You can create identities in ClearID from one of the data sources (Databases, HR, External sources) by using one of the tools (Genetec ClearID™ One Identity Synchronization Tool, Genetec ClearID™ API, or the Genetec ClearID™ LDAP Synchronization Agent).
Global identity management service
Shows an overview of the features and services offered by the ClearID platform.
Endpoint
Shows the modules that customers directly interact with. These modules are where the customer enters their data or configures their system.

Cloud architecture

ClearID is deployed on the Microsoft Azure cloud platform, to take advantage of its industry-recognized security. Microsoft Azure has been audited against SOC 1, SOC 2, and SOC 3 standards. Audits are conducted in accordance with ISO SSAE 16 and ISAE 3402 standards. Certifications are regularly updated and can be provided upon request. Azure is also compliant with ISO 27001.

The service architecture is built for High availability (HA) and scalability. Data stored in ClearID is redundant, ensuring the redundancy of critical data and mitigating the impact of hardware failure. This architecture, coupled with the robustness of the underlying Microsoft Azure cloud, means that we can provide a 99.9% SLA.

Security controls
Microsoft Azure adheres to a rigorous set of security controls that govern operations and support. Microsoft deploys a combination of preventive, defensive, and reactive controls including the following mechanisms that help to protect against unauthorized developer or administrative activity:
  • Strict access controls on sensitive data, including a requirement for two-factor smart card-based authentication to perform sensitive operations.
  • Combinations of controls that enhance independent detection of malicious activity.
  • Multiple levels of monitoring, logging, and reporting.
  • Security reports can be used to monitor access patterns and to identify and reduce potential threats proactively.
  • Microsoft administrative operations, including system access, are logged to provide an audit trail if unauthorized or accidental changes are made.
High availability

Azure facilities are designed to run 24x7x365 and use various measures to help protect operations from power failures, physical intrusions, and network outages. These data centers comply with industry standards for physical security and availability. Microsoft operations personnel manage, monitor, and administer these azure facilities.

Browse