To monitor the units, keep them in sync with the access control settings in Security Center, and allow them to make access control decisions independently, you can configure an Access Manager to control the units.
What you should know
Procedure
- From the Config Tool homepage, open the Access control task, and click the Roles and units view.
- Select the Access Manager role to configure, and click Resources.
-
If necessary, configure the database
required to run this Access Manager.
If you plan on setting up Access Manager failover, see Setting up role failover.
-
Click Properties and configure the general settings of the
Access Manager.
Many of these settings only apply to Synergis units. A Synergis unit is an access control unit enrolled through the Synergis extension. This includes all supported units, except HID units.
- Keep events
- Specify how long you want to keep the events in the Access Manager database before
deleting them. The access control events are used for reporting and maintenance purposes
(they include events related to doors, elevators, areas, and other access control entities).
- Indefinitely
- Keep the events until you manually delete them.
- For
- Select the number of days for the retention period.
CAUTION:When using the SQL Server 2014 Express database engine, it's important to note that the database size is limited to 10 GB. This database engine is included with the Security Center installation files. A door event uses on average 200 bytes in the database. If you configure the Access Manager to keep door events indefinitely, the database eventually reaches the 10 GB limit and the engine stops. - Include identifiable personal data in synchronization
- (Synergis™ IX only) Select this option to synchronize cardholder names with the Synergis units. If this option is cleared (default), only credentials are synchronized, excluding cardholder personal data. Enable this option if you have devices capable of displaying cardholder names and you want them to be visible.
- Minimal cardholder synchronization
- Select this option to minimize the number of cardholders the Access Manager needs to synchronize with its units. This option is only recommended for large systems and requires following specific design guidelines. It’s disabled by default.
- Manage offline doors
- Select this option if the Access Manager is responsible for managing offline doors.
Enabling this option allows:
- The Access Manager to send offline door configurations and blocklists to Synergis units.
- OSS events to be stored in the Access Manager database when badges are updated.
Enabling this option is the first step in supporting the OSS Standard Offline in your system. You also need to create an OSS Standard Offline configuration and configure readers to update OSS Standard Offline cards. For more information, see About managing OSS Standard Offline locks.
- Unit discovery
- Select this option to allow the Access Manager to use DHCP to automatically update the
IP addresses of its Synergis units.NOTE: This option is typically disabled by default, to avoid possible security threats. Enabling the option can negatively impact your security score.
- Assign NTP server
- Enable this option and enter an NTP server in the Address field
to configure the NTP server for all the access control units under this Access Manager
role. This setting overrides the NTP server configured in the units' portals. To
override this setting for a specific unit, configure a different NTP server from the
unit's Properties page.NOTE: The following minimum firmware versions are required, depending on your access control units:
- Synergis™ Softwire 11.4.0
- Synergis™ Cloud Link 2.1.0
- Cloud Link Roadrunner™ 2.1.0
- If necessary, add the extensions for the access control unit types that you want this Access Manager to manage.
-
Add the access control units that you want this Access Manager role to manage.
Do any of the following:
- If you plan to create I/O zones that involve multiple Synergis units, or apply antipassback to areas controlled by multiple Synergis units, enable peer-to-peer.