Differences between Federation™ and GCM - Security Center 5.10

Security Center Administrator Guide 5.10

Product
Security Center
Content type
Guides > Administrator guides
Version
5.10
Language
English
Last updated
2023-06-12

Global cardholder management (GCM) and Federation™ are both used for sharing information in Security Center, but cardholders and other information are shared differently.

The following table highlights the differences between GCM and Federation™.
Best Practice: Use GCM and Federation™ together on the same system to complement each other.
Federation™ (applied to access control) Global cardholder management (GCM)
Purpose: Central activity and event monitoring Purpose: Sharing of a central configuration
Allows an organization to monitor from a central location (Federation™ host), the access control events and activities at independent remote locations (federated sites). Allows an organization to share the common configuration of access control entities, hosted at a central location (sharing host), with independent remote locations (sharing guests).
The Federation™ host uses the Security Center Federation™ role to connect to the remote sites. The remote sites use the Global Cardholder Synchronizer role to connect to the sharing host.
Entities created at remote sites are federated at the central system. Entities created at the central system are shared at the remote sites.
The Federation™ host can observe, but cannot change anything on the remote sites. Remote entities can be created, modified, or deleted using the Remote configuration task. The remote site can create, modify, and delete the entities that are shared by the host with all other remote sites (two-way synchronization).
A federated site has no visibility on what is going on at the Federation™ host or other federated sites. All sharing guests have the same read/write access to all shared (global) entities, while maintaining full ownership of the local entities.
Almost all entities that generate events can be federated (monitored). Only cardholders, cardholder groups, credentials, and badge templates can be shared.
Custom fields are not federated. All custom fields and data types are shared.
A federated cardholder can be granted access to the facility managed by the Federation™ host, but not the reverse. A global cardholder can be granted access to all facilities participating in the sharing.