S 2 Net Box TM Net Tech Rich

S 2 Net. Box TM Net. Tech Rich Ames : Training

S 2 System Architecture Portal Temp Probe Photo ID Camera Analog Camera Photo ID Badge Printing Reader Door Lock Net. Door Node IP Network IP Camera Video Recorder Security Administrator IP Camera (PTZ) IP Network Portal Internet Temp Probe Alarm Security Monitor Alarm Panel Door Lock Portal Reader Net. Box Portal Reader Door Lock Net. Box Node Gate Reader Lighting 6 5 4 3 2 1 Elevator Remote Support

S 2 System Architecture Portal Net. Door Node Temp Probe Photo ID Camera Analog Camera Photo ID Badge Printing Reader Door Lock Net. Door Node IP Network IP Camera Video Recorder Security Administrator IP Camera (PTZ) IP Network Portal Internet Temp Probe Alarm Security Monitor Alarm Panel Door Lock Portal Reader Net. Box Portal Reader Door Lock Net. Box Node Gate Reader Lighting 6 5 4 3 2 1 Elevator Remote Support

S 2 Hardware Architecture Controllers & Nodes 1 ea Controller 32 ea Nodes (Solid State) ? ea Nodes (Enterprise) Net. Door Node

Network Controller, Node & Expansion Blades

Net. Door Node, with Access Blade

S 2 Combo Board Controller LED NC to NN Speed NN Count N Com Connection Activity Node LED Action Co-Processor NN Com Power NN to NC Speed NN to NC Activity

Initmode • Starting point with new Net. Box Controller • Set IP Address (Controller starts on “ 0” subnet) • Set Time (Controller) • Email Settings • Initmode (turn off? )

Access Blade & Net. Door Blade REX (Input) Buzzer (Alarm > Output) DSM (Input) Door Lock (Alarm > Output) Access Blade Card Reader (Reader/Keypad) Reader 1 Temp Input Reader 2 1 2 Outputs 3 4 1 Inputs 2 3 4 Net Door

Access Control Blade • Two card reader connectors – Readers using standard Wiegand output up to 128 bits are supported. 4 Inputs • Four Supervised Inputs – Door contacts and REX devices. – Standard two wire inputs. – Wide variety of input supervision types. • Four Relay Outputs – Strike output, door opener, buzzer. – Standard 3 pin normally open or normally closed. • NOTE: Inputs and Outputs not used for door hardware can be used for other functions. 2 Wiegand Readers 4 Outputs

Alarm Inputs • 8 Standard two wire inputs. • A variety of supervised and unsupervised inputs can be configured: PIR, Exit Request, Alarm button. Door Status Monitor • Input blade barcode numerals begin with “ 01. ”

Temperature Inputs • 8 Standard two wire inputs. • S 2 temperature probe • Temperature blade barcode numerals begin with “ 08. ”

Output Blade • Eight 3 -pin output relays – Standard normally open or normally closed Form C Relays – Suitable for controlling many strikes, but a step up relay should be used for magnetic locks. – Requires appropriate suppression: MOVs or diodes Output devices: Strikes, Mag locks, sounders, etc.

Expansion Slots Slot/Connector Positions 0

The Portal • Access or Egress Point – Door – Gate – Turnstile • Associate Inputs and Outputs – Readers, Keypads – Locks – Rex, DSM • Events – Actions and Alarms

Access Blade & Portal Access Blade Portal REX (Input) DSM (Input) Buzzer (Alarm > Output) Door Lock (Alarm > Output) Card Reader (Reader/Keypad)

10 Steps to Gain Simple Access 1. Connect a Reader 2. Set up a Reader 3. Configure a Door Lock Output 4. Define a Portal with Reader and Lock 5. Define a Card Format 6. Setup an Access Level for Readers/Groups 7. Add a Person 8. Assign a Card 9. Assign an Access Level 10. Present the card to the reader to unlock the Door

Decoding Credentials • Test and Compare to determine format • Decode content

Net. Box Navigation

Personal Information • Optional Tabs – Contact – Other Contact – User Defined – Vehicles (Parking) • User Defined Tab – 20 fields available – User Defined Labels for Tab and Fields. – Show? Y/N – Use fields for sorting and filtering reports

Photo ID • License required (Badge) – Supports Canon Power. Shot digital cameras A 70, A 75, A 80, A 85, A 95, A 510, A 520, A 640, G 3, G 5, G 6, G 7, G 9, Pro 1, S 3 IS, S 5 IS, S 70, S 80 and SX 100 IS

Support Information Your Company Contact Information • On “Dealer Info” Page • On “About” page

Support Information Your Company Contact Information • On Dealer Page • On “About” page

Securing Net. Box Data: Assumption: Interactions between the various networked components in our system are not secure. Each of these pathways is secured.

Secure by Design • Minimal security vulnerabilities: – The Net. Box is a “locked down” networked information appliance. • S 2 controls the software/firmware that is on it. – The Net. Box has a single purpose. • It is not a general purpose computer. • Minimal chance for virus attacks • Network Security – User Login, User Roles, Session Token – SSL – Encryption – Authentication & Tamper Detection

Backups (Backup is only needed when you haven’t) (Murphy’s IT corollary) • Automatic Backup daily. – System holds up to 6 weeks – Sunday is a full backup … all others are differential backups. – Seventh week starts overwrite of oldest backup. • Backup writes to CFC • Optional to NAS and FTP site. – Must set up NAS or FTP address and password. – Will not overwrite old backups. • Use “get” to off-load backup to laptop or off-site. • Save, Shutdown or Reboot save to ROM is automatic (v 3. 0 or higher).

Backups to NAS or FTP sites • FTP Backup (File Transfer Protocol) web site. • Network Storage (NAS=network attached storage).

Inputs • Two Pin Relays – Used to monitor status or receive input • Supervision Types – Dual Resistor NO or NC • Four States: Normal, Alarm, Short, Open – Parallel Resistor NO or NC • Three States: Normal, Alarm, Open/Short – Series Resistor NO or NC • Three States: Normal, Alarm, Open/Short – Unsupervised NO or NC • Two States: Normal, Alarm

Dual Resistors

Normally Closed Parallel Resistor

Normally Closed Series Resistor

Normally Closed Unsupervised

Normally Open Parallel Resistor

Normally Open Series Resistor

Normally Open Unsupervised

Output Relay Connectors Normally Not Energized Normally Energized

Local to Node Events • Output activated by Portal Status • Timed or for Length of Status.

Time Specs & Holidays • Holidays: normal function does not apply unless specified as part of the controlling Time Spec. – Define Beginning Date/Time and Ending Date/Time – 3 Holiday Groups: Must be in at least one group. • Holidays are not part of Access Level unless specified in the Time Spec.

Time Specs & Holidays • Time Spec is a period of time definition – 2 standard time specs (Cannot be changed) • Always • Never – Specify Start and End Times – Days of the week and Holidays that apply

Time Specs: Where are they used? • When Access is allowed : – Access Level: Time Spec – Floor Groups: Free Access Time Spec – Portal Groups: Unlock Time Spec • Automate Change in Status: – Portal Groups: Unlock Time Spec – Floor Groups: Free Access Time Spec – Alarm Panel: Auto Arm Time Spec – Input Groups: Auto Arm Time Spec – Output Groups: Auto Activate Time Spec • When Additional Restrictions Apply – Portals: Keypad Time Spec, Exit Reader/Keypad Time Spec

First in Unlock, (Monitored Unlock) • Works with Portal Group Unlock Time Spec • Set up in System Rules – – Requires a special Access Level (You should limit who can do this) Set Unlock access level (required to activate unlock time spec) Set Re-Lock access level (automatic relock at end of time spec) Set reset time: resets to locked starting position. • Portal Group must have – Unlock Time Spec – First In Unlock Rule • Unlocks Door(s) with badge read during unlock time spec • Relock at end of unlock time spec or with Relock Access Level badge read.

Momentary and Scheduled Actions • Access Portals for impromptu unlock/lock – Momentary – quick unlock and relock • Scheduled Portal Unlock – Used to temporarily unlock for one-time activity – Start time and date or Now – End time and date or after X period of time – Comment is a good idea – it documents unlock reason

Threat Levels • Pre-defined to match US Homeland Security Definition and color coding. – You can add your own (snow day) – You can upload your own Threat Icon • • • Use to mass change Access ability Activated by Event or Manually by pre-authorized person. Quick Lock down – Must Assign Threat Level Groups to all Access Levels • Must reset after Threat Level has changed – Manually (may require password) – Input Event with change Threat Level action • Make sure someone has access during Lock Down.

Passback and Tailgate Violations • Definitions: – Passback is when a card is “passed back” to another person so both can gain access on same card. – To Tailgate is to gain access without a valid card read and without forced entry. • Regions are used to determine either violation – At least two regions required for passback violation. – At least three regions required for Tailgate violation. • Actions to be taken (defined in Region definition) – Soft - Log entry but allow access – Hard - Log entry and deny access – Ignore – allow access.

Regions Reader A: In Uncontrolled Portal: Main Entrance Reader 1. Reader A Access to Region 1 Region 2 Region 3 Uncontrolled Region 1 Uncontrolled

Regions Reader G: In Uncontrolled Reader F: In Region 2 Portal: Back Entrance Reader 1. Reader G Access to Region 2 Reader 2. Reader F Access to Uncontrolled Region 2 Region 3 Uncontrolled Region 1 Uncontrolled

Regions Reader D: In Region 3 Reader E: In Region 2 Portal: Lab Back Door Reader 1. Reader E Access to Region 3 Reader 2. Reader D Access to Region 2 Region 3 Uncontrolled Region 1 Uncontrolled

Regions Reader B: In Region 1 Reader C: In Region 3 Portal: Lab Front Door Reader 1. _________ Access to ____ Reader 2. _________ Access to ____ Region 2 Region 3 Uncontrolled Region 1 Uncontrolled

Technical and Installation Information * For a password (must register on website): – www. s 2 sys. com – Support Phone: (508) 663 -2505

S 2 Installation Documentation Support

Additional Documentation and Downloads http: //s 2 sys. com/downloads/v 31/

Miscellaneous Information • Photo ID URL – Storage location for Person Pictures – Default on Controller /upload/pics – Off-board location NAS • • • Photo ID Layout – default layout for badges Enrollment Reader – for assigning access cards to People Default Card Format – Can change when issuing cards Hide Unpermitted Access Levels – Only allows certain User Roles to see Access Levels PIN entry timeout – System wide time allowed for PIN entry after card read. ODBC Report user password – password protection for ODBC connection direct to Network Controller for user defined reports. Log Archive Interval – Time interval between automatic archive creation of Activity Log. Temperature Scale – For Temperature input unit of measure. Unacknowledged Alarm Audio – Wave file to play once per minute during unacknowledged alarm (System Wide Action)

Configure Remote Nodes • Portable Node Configuration Utility • Finds Nodes on network • Displays Node Address, Netmask and Gateway • Assign Network Controller

System Upgrade • • • Email Upgrade File (need i-button number, - serial number -) Backup System Upload patch file Apply Upgrade Backup System

What you have accomplished so far… • • • • • • Set Controller Network address, Initmode. Enable and connect Node Setup Portal Access Level Card/Keypad Format Add Person, assign card and PIN Customize Personal Information Tabs Setup Customer ID and Support contact info Badge and Photo ID API Backups, NAS, FTP Inputs, Outputs, Portal DSM, REX, Alarm Outputs Time Specs, Holidays First-in Unlock Scheduled Actions (Momentary Unlock) Threat Levels (Quick Lock-down, Snow-days) Time sensitive Access Requirements Timed Anti-Passback System Security: SSL System Maintenance, Portable Backups / System Restore / System Shutdown Connecting Remote Nodes Controller Default Settings

Yet to Come … • • • IP Cameras and Monitoring Desktop Events and Actions Video Recording and Playback Floor Plans Alarm Panels Elevator Controls Custom User Roles Importing Person Information History Reports; standard and custom Resetting System Defaults

IP Camera and Net. Box Interface I U p Se tu Z PT r se w Vi de o Br o S 2

IP Camera Configuration • The Install Guide has a list of IP cameras that we have tried but any webcam should work. System ships with a growing set of camera types. • Camera Types are user configurable – see manufacturer’s documentation for pan, tilt, and zoom (PTZ) URLs etc. • Definitions – Browser Address is video feed. Control Address is PTZ control. May need DNS or IP forwarding for access from outside a firewall. • Presets – enter on camera web site first. • Views – PIP (picture in picture), Quadview. • Monitoring Desktop has tabs for Cameras and views.

Events • Something that requires action – – Door Forced Door Held Input in abnormal state Designated Alarm Input • Acknowledgment may be required to fix • Actions triggered by Event – – – Lock a Portal Unlock a Portal Momentarily unlock a Portal Activate a Relay Deactivate a Relay Send an Email – Send an SMS (text) message – Move a Camera to a Preset (IP cameras must be set up before you can use them in an Event) – Save the event to an Activity Log – Record Video – Set a Threat Level

Putting Events to Work • Portal Status: System Wide Actions – React to Door State – React to Card Read • Input Action: Off-normal event – Input activates Action(s)

Putting Events to Work • Temperature Events: Temp too High or too Low or Not Reading • Node Status: Node Tamper, Timeout or Disconnect Alarm

Putting Events to Work • Video Action: Record Video or Notify of Failed Camera – Normal activates when Camera returns to normal – Motion activates Recording – Fail activates when camera fails or stops communicating

Conceptually, the DVR and NVR are treated the same S 2 er ws Vi de o o Br UI DVR or NVR Setup

The Five Steps to DVR/NVR Setup 1: Complete the set up of the DVR/NVR. 2: Point the S 2 Net. Box to the DVR/NVR. 3: Verify live video from the Net. Box interface. 4: Set up Video Motion Detection from DVR/NVR. 5: Set up Video Recording Actions from the Net. Box.

1: Complete the set up of the Milestone NVR. Milestone Video Server Milestone Windows UI S 2 Milestone Service S 2 Milestone Generic Event Builder

1: Complete the set up of the Milestone NVR. • Install the software: – Milestone Systems software components. – S 2 Milestone Service Handles communications between Milestone and the S 2 Netbox. Service should start itself. Service creates its own Event Log, “S 2 Milestone Log. ” Make sure you set “Overwrite events as needed” Service should add itself to the Windows Firewall (requires Windows XP SP 2). – S 2 Milestone Generic Event Builder (copy) Creates correct Start, Stop and PTZ events for each camera.

To open the Windows Firewall applet select Settings : Control Panel : Windows Firewall

DM B ro w se r U I 1: Complete the set up of the Dedicated Micros DVR.

1: Complete the set up of the Dedicated Micros DVR. • Plenty of documentation and support from Dedicated Micros. • Make sure you set up the cameras first, and verify that you can see live video through the DS 2 interface. • Be aware of browser capabilities. – DM is promoting use of Java over Active. X. – JRE 1. 4. 2 or 5. 0 required. – We are integrating their Java applet into our S 2 Net. Box interface.

2: Point the S 2 Net. Box to the Milestone Server w ro B S 2 I U r se Milestone Video Server Setup

2: Point the S 2 Net. Box to the DM DVR. S 2 U r se w ro B I Setup

Vi de I U er ws ro B S 2 o 3: Verify live video from the Net. Box interface. DVR or NVR

4: Set up Video Motion Detection from NVR/DVR S 2 er ws Se V tu ide p VM o D o Br UI DVR or NVR VMD Events

5: Set up Video Recording Actions from Net. Box en Ev rig T I, Vi de o , V ts rs ge Recording Events DVR or NVR VMD Events

Floorplans • Used to Monitor Activity or Status of – Portals – temporarily unlock – Cameras – thumbnail – Temperature – Graph of last hour, day, week. • Link Detailed Floor Plans to General Floor Plans • Setup Sequence – Upload jpg files – Define Floorplan – Place Resources • Set Place • Resource type • Resource select • Save Floorplan

Alarm Panels • Identify 2 Inputs for “zone” and “armed” status from panel • One Output to allow arming or disarming from Net. Box • Auto Arming – Output to sound warning device. • Warning duration – Auto Arming Time Spec (armed period). • When the panel should be armed. – Auto Arm Inactivity Time • Length of time for panel to show all zones as inactive. – Arm Panel request timeout – time to wait for armed status input. • 5 seconds longer than panel’s grace period. – Disarm reader group – card read for disarm access level to disarm panel. – Disable reader group – disabled (deny access) readers when panel is armed. • Events – Specify Event to occur when there is failure to arm. – Event to occur when activity detected during armed period.

Elevator Control

Define Floors 5 & 6 for Elevators 1 and 2 Output 1 6 6 Output 3 Output 2 5 5 Output 4 4 4 3 3 2 2 1 1 Reader 2 Elevator 2 Reader 1 Elevator 1

Define Floors 5 & 6 for Elevators 1 and 2 Elevator 1 Elevator 2 Output 1 6 Free 6 Output 3 Output 2 5 Restricted 5 Output 4 4 3 3 2 2 1 1 Reader E 2 Reader E 1 4

Other uses of Elevator Controls Floor 6 Thermostat Floor 5 Thermostat Front Entrance

Personal Information • Access Control – Badge – Access Level – PIN • Photo ID • User Defined (optional) – User Labels and fields – Display all or some • • • Contact (optional) Other Contact (optional) Vehicle (optional) Login Recent Activity

User Roles • Predefined Categories – Monitor menu only – Administer – Monitor plus Administration menus – Setup plus Monitor and Administration menus • Custom User Roles – Setup and or Administration Privileges – Monitor limitations • Camera groups: view, go to presets, PTZ • Portal Groups: view, momentary unlock. extended unlock extended lock • Elevator Groups: view • Event Groups: view, acknowledge, clear actions • Floorplan Groups: view • Access Levels: assign

History Reports • History Reports – Access History – Portal Access Count by User - General Event History - Custom Reports

Custom Report

System Reset and Evaluation • Reset to Factory Defaults – Use for configuring before going to the site. – Be sure to wait for single beep. • Activate Initmode • Leave Plugged in • Tear out Evaluation page – Fill in – Leave with instructor

Thank you for your attention! Thanks for taking S 2 Training