Architecture of Global cardholder management - To share cardholders across multiple independent Security Center systems, one of the systems must act as the sharing host , while the others act as sharing guests . - Security Center 5.13

Security Center Administrator Guide 5.13
Product
Security Center
Content type
Guides > Administrator guides
Version
5.13
ft:locale
en-US
Last updated
2025-04-16

To share cardholders across multiple independent Security Center systems, one of the systems must act as the sharing host, while the others act as sharing guests.

Sharing Guest 3 Sharing Guest 2 Sharing Host Local areas Local doors Local elevators applied to Partition D þ Global partition Local partition ¨ Global partition Local access rules Partition C þ Global partition Partition B þ Global partition Partition A þ Global partition grant or deny access to cardholders Local access rules Copy of Partition B Local access rules Sharing Guest 1 Copy of Partition A Local access rules Copy of Partition C Copy of Partition B Copy of Partition C Copy of Partition D Two-way synchronization through Global Cardholder Synchronizer roles

Sharing host system

The sharing host is the Security Center system that initiates the sharing process by creating a global partition. All cardholders, cardholder groups, credentials, and badge templates within the global partition automatically become available for sharing. Other types of entities can be part of the global partition but remain invisible to sharing guests.

The sharing host owns the master copy of the global partition and its entities. It validates all changes made by sharing guests to the global partition's content before propagating these changes to other sharing parties.

Think of the global partition as a central database. The sharing host acts as the database server, and the sharing guests function as the database clients. There’s no limit to the number of global partitions that a host system can share.

Sharing guest systems

A sharing guest is a Security Center system that participates in the sharing process. This participation is enabled by creating a Global Cardholder Synchronizer (GCS) role on the system, which connects the sharing guest to the sharing host.

As the sharing guest administrator, you can select which partitions shared by the host are relevant to your system. The GCS role then copies the selected global partitions and entities to your local system. Only cardholders, cardholder groups, credentials, and badge templates are eligible for sharing. Shared entities are visually identified with a green icon () superimposed over the regular entity icon.

You can assign local access rules and credentials to global cardholders, granting them access to your local areas, doors, and elevators. The actions you can perform on shared entities depend on the user privileges assigned to the GCS role by the sharing host. You can add, modify, and delete entities from a global partition if the sharing host grants you the necessary privileges. All changes made to global entities on guest systems must be validated by the host system. Any modifications rejected by the host system will also be rejected on your local system.

Parent topic: Global cardholder management