An access rule entity defines a list of cardholders to whom access is either granted or denied based on a schedule. Access rules can be applied to secured areas and doors for entries and exits, or to intrusion detection areas for arming and disarming.
Unlike other access control solutions, Synergis™ does not use clearance codes or access levels to grant or deny access. Instead, the basic logic used by Synergis™ to grant or deny access is defined by access rules.
The biggest difference between an access rule approach and an access level approach is that access rules are applied to the access points of the physical locations we want to protect, whereas access levels are applied to people. Access rules specify who can pass through a door and when they can do so. An access level defines where and when a person can gain access.
- Who? (Who can pass through - cardholders or cardholder groups)
- What? (Whether access is granted or denied)
- When? (The schedule when the access rule is applied)
Access rules that have been pushed to the door controllers, called access control units in Security Center, do not have to be modified. If you associate a new credential with a cardholder, the old rule is still valid.
Permanent vs. temporary access rules
Access rules are either permanent or temporary. A temporary access rule is an access rule that has an activation and an expiration time. Temporary access rules are suited for situations where permanent cardholders need to have temporary or seasonal access to restricted areas. These access rules are automatically deleted seven days after they expire to avoid cluttering the system.
Typical use case examples of temporary access rules include seasonal cardholders, such as students who need to access a lab during their semester, and permanent cardholders who need short term access to a restricted area, such as maintenance technicians who need to work on storage servers at a highly secured data center.
From the Cardholder management task, you can only assign a temporary access rule to one cardholder at a time. To assign a temporary access rule to multiple cardholders or cardholder groups, you must update the access rule properties from Config Tool.
Limitations
Temporary access rules work with both HID and Synergis™ units. However, only Synergis™ units can apply temporary access rules while operating offline (disconnected from the Access Manager). For HID units to work with temporary access rules, the controller must always be connected to the Access Manager, and the synchronization must be set to Automatically. The activation of temporary access rules is immediate because of the host lookup. However, the expiration of a temporary access rule only comes in effect after a synchronization with the Access Manager.