Security Center 5.11.3.0 includes the following access control enhancements.
Axis Powered by Genetec
Axis Powered by Genetec is an all-in-one solution that combines Genetec™ access control software with Axis network door controllers. Synergis™ Softwire is preinstalled onto the Axis controllers and runs as an app on the AXIS OS platform. This simplifies their deployment, configuration, and maintenance in Security Center. Axis Powered by Genetec is sold exclusively through Genetec™ Certified channel partners.
- Supported devices
- As of Security Center 5.11.2.0, the AXIS A1210 and AXIS A1610 Powered by Genetec network door controllers are supported. For more information, see What is Axis Powered by Genetec?.
- Centralized password management
- You can now securely manage the passwords of all Axis Powered by Genetec units within
Security Center. Password changes can be scheduled using a password rotation policy and
can be customized to the needs of your organization. For more
information, see Changing access control unit passwords in Config Tool.NOTE: Axis Powered by Genetec unit passwords are limited to 64 characters.
- Centralized firmware upgrade
- You can now update the firmware (Synergis Softwire app) version and platform (AXIS OS) version of Axis Powered by Genetec units from Security Center. The procedure works the same as a platform upgrade for a Legacy Synergis Cloud Link unit. For more information, see Upgrading access control unit firmware and platform, and interface module firmware.
DESFire configuration enhancements
The MIFARE DESFire configuration task has received many enhancements.
- General enhancements
- The checkboxes used to enable or disable the configuration panels have been moved to
the title bar of the panels they control.
- In the Badge configuration section, the UID retrieval key checkbox has been moved to the UID retrieval key panel.
- In the Application details section, the Update application master key checkbox has been moved to the Old application master key panel.
- Random credential generator
- You can now incorporate a random value in the credentials encoded on the DESFire
cards. This is done by adding the following tag to the
App.ConfigTool.config and
App.SecurityDesk.config files on your
system:
<CredentialEncoder ManualEntryCredentialBitLengthThreshold="value" UseSequenceGeneratorLikeRandomGeneratorForSTidEncoder="True" />
For this to work, you must first create a custom card format with a field designated as the sequence generator. For more information, see Custom card format editor tool.
To use the sequence generator as a random generator, the following conditions must be met:- You must create in the MIFARE DESFire configuration task, a configuration that includes a credential.
- The Length (bits) of the credential must be equal to the Format length of the custom card format that you created.
- The Length (bits) of the credential must be equal or
greater than the
value
ofManualEntryCredentialBitLengthThreshold
set in the .config files.
- Third-party application support
- If you have third-party applications that generate credentials independently of
Security Center, you can configure applications without credentials in the
MIFARE DESFire configuration task to be used as placeholders for
credentials generated by the former. An application without credentials can be blank, meaning without any file, or contain only an empty file. To create an empty file, select Empty as the file Type in the File details section of the MIFARE DESFire configuration task.IMPORTANT: When you encode credentials on a MIFARE DESFire card in Security Center, you must always select at least one configuration with a credential.
- Re-using the same credential for different sites
- If your company uses different access control applications at different sites, you can
reuse the same credential generated for one application on other applications by
re-encoding it on other applications.A new panel has been added to the Badge configuration section of the MIFARE DESFire configuration task, allowing you to do just that.
- Diversification modes for AN10922
- You can now select the diversification mode for AN10922 directly from a drop-down list.The available modes are:
- Default value
- (Also known as STid) The key number is automatically added in the diversification calculation, and the diversification input (the field beside AN10922) must have an even number of hexadecimal characters and must not exceed 40 characters. If you leave this field blank, the system automatically fills it for you.
- Default value - Reverse application ID
- (Also known as STid_RevAID) Same as Default value with the application ID bytes reversed (little endian).
- NXP AV2
- (Also known as Standard_BE) Non-transparent mode is not supported. The key number is not added in the diversification calculation. Encoding by Security Center is not supported. The diversification input must have an even number of hexadecimal characters and must be between 2 and 42 characters long.
- NXP AV2 - Reverse application ID
- (Also known as Standard_LE) Same as NPX AV2 with the application ID bytes reversed (little endian).
You can view the description of the diversification modes in a tooltip by clicking .
- Free access and Application master key support for file keys
- Two new types of file access keys have been added. They are:
- Free access. The file is public. No key is needed.
- Application master key. The same key used to access the application is used to access the file.
Previously, only the Preloaded and Inline keys were supported.