Storing cryptographic keys on MIFARE Secure Access Module (SAM) AV2 cards instead of the Synergis™ key store increases security because the keys cannot be retrieved. The SAM cards must be unlocked to interact with Synergis™ Softwire for cryptographic operations.
Before you begin
- Configure a Synergis™ Cloud Link equipped with an optional expansion module. For more information, see the SY-CLOUDLINK-312 Quick Start Guide.
- Configure SAM cards using a SAM production tool like ISLOG SAM Manager, and install up
to three cards. For more
information on SAM Manager, see Configuring MIFARE SAM AV2 cards.NOTE: If you install more than one SAM card, the cards must have the same keys. Having multiple SAM cards installed will allow for faster card reads and access decisions on units with heavy access control activity.
SAM card key storage requires Synergis™ Softwire 10.7 GA or later and a Synergis™ Cloud Link with an optional expansion module.
What you should know
- Log onto the Synergis™ unit.
- Click .
- Scroll to the bottom of the key index list and select SAM LockUnlock.
- Click Create new version.
In the text field, enter the Lock/Unlock keys that were configured in the SAM
production tool and click Add.
- Click .
Enter the keyEntry number and key version of the Lock/Unlock key stored on the SAM
You can have up to three SAM cards installed. Expansion slots with SAM cards inserted will read OK if the Lock/Unlock key, key number, and version number are valid. If the values do not match those on the card, the status will read SAM card unlock failed. Empty slots will read No SAM card inserted.
Enroll STid or OSDP readers, or configure enrolled readers. For more information about setting up OSDP and STid readers, see the Synergis™ Softwire Integration Guide.