catalog sw cover - vso · software solutions catalog onguard ... events such as invalid access...

PERPETUAL INNOVATION

SOFTWARE SOLUTIONS CATALOGOnGuard

®

Acc

ess

Con

trol

Vi

deo

Adv

ance

d C

rede

ntia

l

ContentsOnGuard Overview

Access Control Products

OnGuard Access

OnGuard Area Access Manager

OnGuard Visitor

OnGuard Fire & Intrusion

Credential Management Products

OnGuard ID CredentialCenter

OnGuard Biometrics and Smart Cards

Video Management Products

OnGuard VideoManager

OnGuard GO!

Advanced Products and Options

OnGuard Enterprise

Integration Toolkits

Software Options

Enterprise Diagram

Contact Information

Page1

3

5

7

9

11

13

15

17

19

21

23

25

28

Manage Everything...

Access C

ontrol

Support ■ Windows 2003/XP/2000

■ Microsoft SQL Server, Oracle Server

■ NEC ExpressCluster

■ Single Sign-on Support Using Windows 2000/XP/2003 Accounts

■ Available in Multiple Languages

■ UL 1076 Versions Available

■ FIPS 140-2 Validation Pending

Configuration Options ■ Software-only or Turnkey

Systems Available

■ Client/Server & Web Client Architecture

■ Concurrent Licensing

■ Fault Tolerant, Disaster Tolerant Solutions Available

■ OnGuard GO! (DVR or NVR Based)

■ OnGuard Enterprise

Features ■ Industry-Standard Database

Backups

■ Scheduling Management Tool

■ Scalability - Full Upward Migration Paths

■ Custom Report Writers

■ Advanced Monitoring Capabilities

■ User Friendly GUI

Benefits ■ Reduces Total Cost of Ownership

■ Leverages Existing Infrastructure

■ Increases Return on Investment

Total Security Knowledge Management Solution

The OnGuard Total Security Knowledge Management Solution™ seamlessly integrates synergistic security and information technologies using open architecture design standards. OnGuard offers applications for digital video management, video content analytics, advanced access control, alarm monitoring, intrusion detection, asset management, identity management, visitor management, and integration with information security systems. Individual application modules can be deployed as stand-alone systems or in any combination to deliver a single, seamlessly integrated solution. OnGuard is an established security integration platform, with over 13,000 users worldwide.

Open Architecture Design

As part of its corporate philosophy, Lenel is committed to open architecture. OnGuard has been designed in accordance with de facto information technology standards. This approach strategically benefits customers by allowing them to select the best new products available and/or to leverage their previous technology investments. To that end, OnGuard has been developed in part using Microsoft .NET. OnGuard supports multiple off-the-shelf technologies for operating systems (Windows), database platforms (MS SQL Server, Oracle Server), user directories (Active Directory / LDAP), network (Ethernet, TCP/IP), and administration utilities (Crystal Reports®, NEC ExpressCluster).

Seamless Integration

All OnGuard application modules (Access Control, Alarm Monitoring, Credential Management, Digital Video, Intrusion Detection, Asset Management, Information Security Management, Visitor Management, etc.) can be seamlessly integrated with one another. OnGuard uses a single database server and a single user interface for all applications. All OnGuard application software can be configured and managed from a single administrative workstation, and event activity can be monitored from a single alarm monitoring workstation.

Integration with Corporate Infrastructure

OnGuard Integration Tools enable advanced integration with existing business systems. Using sophisticated database tools, OnGuard can bidirectionally exchange cardholder data with human resources and/or ERP systems, coordinate alarm/event data with emergency response systems, and provide/receive event information with building management, network management and third-party security systems.

Applications to Integrate

■ OnGuard Access■ OnGuard Area Access Manager■ OnGuard ID CredentialCenter

Integration Toolkits and Standards to Enable

■ OnGuard DataExchange■ OnGuard OpenAccess Alliance Program■ OnGuard DataConduIT

Overview

1

■ OnGuard VideoManager■ OnGuard Visitor

■ OPC Server/Client Plug-in Adapter■ SNMP Manager/Agent Plug-in Adapter■ IBM WebSphere MQ Plug-in Adapter

Acc

ess

Con

trol

Partitioning & Permissions

Using OnGuard’s application partitioning, system administrators can provide each client workstation with only those applications that are required for that workstation. Based on licensing, each client workstation can have any combination of OnGuard application modules installed as needed for daily operations, including access control, alarm monitoring, credential management, digital video, intrusion detection and visitor management. Administrators can allow users to log in to only those applications that they are authorized to utilize. Administrators can also restrict the options available to any particular user within any application. From users with wide-ranging responsibilities to those with single function duties, OnGuard enables administrators to tailor users’ system experience to their jobs.

Application and Desktop Single Sign-On

OnGuard allows administrators to link an OnGuard operator’s user account with his Windows account. When an operator logs on to his Windows account, he can access OnGuard automatically, bypassing the need to log on to the individual application. A user does not need to remember a separate username and password. Furthermore, OnGuard ID CredentialCenter can seamlessly integrate with Single Sign-On applications such as Bioscrypt VeriSoft, so that a cardholder can access his Windows account by using his credential with a desktop card reader. VeriSoft helps the employee manage access to multiple password-mandated applications, including web sites. This improves system efficiencies for users of Windows applications. Desktop access events can be monitored like other OnGuard system events, keeping management of physical and logical security within the same user experience.

OnGuard Overview

2

Distributed Network Architecture

OnGuard’s distributed network architecture allows client workstations and intelligent field controllers to be placed directly on the existing network. All local access decisions are made and processed at the field panels, minimizing network traffic and providing real time access determinations. System administration, monitoring and video display can be performed at any client workstation on the network.

Access C

ontrol

Support■ Intelligent System Controller

(ISC) Communications• Ethernet• Modem

■ FIPS 197 128-bit AES Encrypted ISC Communications

■ FIPS 140-2 Validation Pending■ Industry Standard Card Reader

Technologies■ Open Supervised Device Protocol

(OSDP) for RS-485

FeaturesFlexible Programming Functions■ First Card Unlock■ Elevator Control■ (Selective) System Downloads■ Import/Export Utility■ Occupancy Limit■ Local and Global Anti-PassbackFlexible Monitoring Functions■ Alarm Masking Groups■ Graphical Maps and System

Overview Tree■ Monitor Zones■ Alarm/Event Mappings and

Routings■ Customizable Voice Instructions

and AnnunciationFlexible Cardholder Commands■ Escort Control■ Use Limits■ Extended Individual Strike Times

and (On-Demand) Door Held Open Times

■ Destination Assurance (with Elevator Control)

Flexible Card Reader Commands■ Time Zone Overrides■ Cipher Mode■ Multiple Card Formats■ Denied Access Attempts Counter

Options■ CCTV Interface■ Paging/E-mail Interface■ Video Verification■ Mustering■ Guard Tour

Overview

OnGuard Access is an integrated access control and alarm monitoring system that delivers maximum protection, versatility, simple operation and cost efficiency. OnGuard Access incorporates the most advanced technologies available, including modern object-oriented software, an advanced client/server database architecture and Microsoft’s multitasking, multithreading 32-bit Windows 2000/XP/2003 operating system. Solid technology and an intuitive graphical user interface combine to make OnGuard Access the most powerful yet easiest to use integrated security management system on the market.

Unlimited Handling Capacity

OnGuard Access offers unlimited scalability within a single, seamlessly integrated software solution. It has been designed to meet the needs of any size organization, from one that requires an entry-level, two-reader system to a large corporation with numerous facilities and thousands of card readers located around the world. OnGuard Access supports an unlimited number of card readers, alarm points and cardholders.

Segmentation

Segmentation is an optional feature that provides a logical way to group database components. System administrators define segments within the database, then assign each system user or object (access levels, card formats, badge types, etc.) to one or more of those segments. Segmentation is beneficial in environments where not every cardholder needs access to every area within a facility. A user sees only those objects that are in his segment(s) and those objects that are system-wide. In a segmented system, only those records associated with a particular segment are downloaded to the Intelligent System Controllers and associated field hardware in that segment. By minimizing the number of records that must be stored in a given device, segmentation provides more efficient utilization of the limited memory contained in access control hardware.

Scheduler

OnGuard’s scheduling utility allows system administrators to coordinate and plan system actions to be performed in the future. Many system operations can and are often anticipated to occur on certain dates at certain times. To reduce the risk of error in performing these functions manually, administrators can set rules of execution for actions such as starting guard tour, archiving, firmware or database downloads, and DataExchange scripts. Scheduler can also be configured to repeat security actions such as arming/disarming areas or masking/unmasking specific alarms. For any Scheduler action, the iterations can be one-time-only, or repeated at the administrator’s desired frequency. Such actions may occur once every hour, at a specific time every day, on a specific day of the week, or on a specific day of the month, recurring as often as the system requires.

Applications to Integrate

■ OnGuard Area Access Manager■ OnGuard Biometrics & Smart Cards■ OnGuard ID CredentialCenter


■ OnGuard DataExchange■ OnGuard OpenAccess Alliance Program■ OnGuard DataConduIT

Access

3

■ OnGuard Fire & Intrusion■ OnGuard VideoManager■ OnGuard Visitor

■ OPC Server/Client■ SNMP Agent/Manager■ WebSphere MQ Adapter

• RS-232• Dual-Path

• Multidrop (RS-485)

Acc

ess

Con

trol

■ Two Person Control allows administrators to require that two individuals be present before being able to access high-security areas and both credentials be presented upon exit of those areas. In between entry and exit of the first two and last two cardholders, individual access may be allowed as the two-cardholder minimum is in effect.

■ Occupancy Limit allows administrators to restrict the amount of cardholders in a specific area at any given time. Once the Occupancy Limit has been reached, a cardholder must use the exit reader before another card read will be accepted at the entry reader. This is a valuable instrument in managing access to parking areas which are at capacity.

Global Input/Output Event Linkage

OnGuard allows administrators to configure linkages where any input/output/event can be linked to any other input/output/event in the system. These linkages can be derived from any OnGuard application and associated hardware. Events such as invalid access level, valid card read, or motion detection might trigger such outputs as unmasking an alarm masking group, open an area or set the active mode of a card reader. With Global I/O, OnGuard is easily automated to ensure rules execute properly and security can be engaged instantly as necessary.

Area Control

■ Global Hard Anti-passback allows administrators to require that cardholders present credentials to both enter and exit an area. This prevents the same credentials from simultaneously being used elsewhere in the area, while reporting an alarm to the Alarm Monitoring workstation(s).

■ Global Soft Anti-passback allows administrators to require that cardholders present credentials to both enter and exit an area. This rule would allow the same credentials to be simultaneously used elsewhere in the area, accompanied by an alarm will be reported to the Alarm Monitoring workstation(s).

■ Timed Anti-passback (across readers) allows administrators to determine how long after an accepted card-read before the same credential may be allowed at the same card reader. This rule can also be applied across a group of readers, a valuable feature for turnstile applications where multiple readers are in close, open proximity and credentials have a chance of being passed back for additional use.

OnGuard Access

4

REGION 1 SECURITY OPERATIONS CENTER LOCAL AREA NETWORK (TCP/IP)

DEDICATED NETWORK VIDEO SUBNET

MOBILE SOLUTION

SAN - STORAGE AREA NETWORK

WEB CLIENTS

TERMINAL SERVER

LAN/WAN

Video WallSmart Card/Biometric Encoder Mobile Guard

Wireless DeviceUSB Smart Card Reader

Remote Monitor

Disaster TolerantBackup Security

Server

OnGuardID CredentialCenter

Network- Management System

(SNMP Manager/Agent)

Building/ProcessAutomation System

(OPC Server/Client)

USB Smart Card Reader

Application Server• Internet Information

Services (IIS)

Fault Tolerant OnGuard Regional Server

• OPC Server/Client • SNMP Manager/Agent• MS SQL or Oracle

OnGuard Integrated Monitoring Workstation

USB Biometric

OnGuard Client Workstation• Integrated Monitoring

• Centralized AdministrationMobile

Badging Station

USB Biometric

USBProx

Dual PathController

IntelligentDual Reader

ControllerIntercom Switcher

Courtesy/Duress Station

Central StationIntrusion Detection

Burg Panel

Intrusion Detection

Burg Panel

Fire Panel NAS - NetworkAttached Storage

Fire Panel

SECURE SOCKET

IrisReader(x4)

Digital VideoRecorder

• Alarm Inputs (13)

*Asset Reader

Biometric Gateway

*Hand Reader (x8)

FingerprintReader

Dual Reader

Interfaces

IDControl Unit

Smart Card Reader

*Card Reader

CardReader

WirelessGateway

16-DoorWireless ReaderInterface

WirelessReader (x16)

SingleReader

Interfaces

2-DoorWirelessReaderInterface

WirelessReader (x2)

CardReader

Smart Card/Biometric

Reader

CCTVCameras

Pan/Tilt/Zoom

Audio(Microphones)

Network VideoRecorder

IntelligentVideoServer

Network Addressable Cameras• Pan/Tilt/Zoom • Buffered Storage • Alarm Input (1)

Input Control Module

Output Control Module

VideoViewerDepartment ManagerDecentralized Access Privilege Management

Alarm Receiver

LOGICALLY TEAMED WITHIN ONGUARD SOFTWAREReception

Visitor Check-in StationDepartment Manager

Decentralized Access Privilege Management

*Supported Readers Include:• Contact/Contactless• Biometric• Proximity

• Wiegand• Magnetic Stripe• Bar Code

Access C

ontrol

Support■ Desktop or Browser-Based Client

■ Available for ADV, PRO and Enterprise Configurations

Features■ Easy Deployment and Installation

■ Wizard-Like Interface

■ Audit Trail

■ Complete Reporting Capabilities

Benefits■ Simple Management of Access

level permissions

■ Powerful Business Productivity Tool

■ Decentralization of Access Privilege Management

■ Reduced Training Costs

■ Less Time Invested in Modifying Access Levels

Business Productivity Tool

OnGuard Area Access Manager is a business productivity solution that enables authorized

managers to control cardholder access to specific physical areas. A manager need only log in to the

Area Access Manager application using a standard desktop PC or browser. OnGuard Area Access

Manager displays a list of areas over which the manager has control, as well as a list of all personnel

who have access to those areas. The manager can then assign or remove the access rights of

employees to areas within his or her operational domain.

Immediate Return on Investment

OnGuard Area Access Manager provides a simple yet robust method for remotely administering

access by individuals to specific areas in a facility. Using OnGuard Area Access Manager, corporate

security departments can give managers independent control over the physical areas and staff for

which they are responsible. This capability eliminates the ongoing need for intervention by a security

administrator in order to assign or remove access privileges for each employee, thereby saving both

time and money.

Audit Trail and Reporting Capabilities

OnGuard Area Access Manager’s seamless integration with other OnGuard applications provides a

complete audit trail and reporting capabilities. All access privilege assignments and removals are

logged to the database with a time and date stamp and the identity of the manager who completed

the transaction.

Intuitive, Wizard-like Interface

OnGuard Area Access Manager uses an intuitive wizard-like interface to provide fast, efficient

management of specific physical areas. The application simplifies process of adding or removing

cardholder access privileges, thereby streamlining training and minimizing the learning curve.

Browser or Client-based User Interface

Area Access Manager offers two different deployment models, desktop and browser-based client.

Both modules are designed to allow users the ability to easily access cardholder information and

assign/modify/revoke access permissions to the designated areas. Customers deciding to migrate

from the desktop model to the browser-based client model will find an identical wizard process,

eliminating the need for re-training. The browser-based client deployment also offers a no-cost

OnGuard VideoViewer component that is built into the user interface, allowing department

managers to view video related to their specific areas.

Required Applications

■ OnGuard Access

Area Access Manager

5

Acc

ess

Con

trol

6

Step 1: Search

Step 3: Select Access Levels

Step 2: Select Cardholders

Step 4: Confirm!

Browser-Based Thin ClientDesktop-Based Rich Client

OnGuard Area Access Manager

Access C

ontrol

Support ■ Uses Existing Desktop

Infrastructure

■ Easy Installation and Deployment

■ OnGuard BadgeDesigner

■ Photo/Signature Capture

■ Bulk Sign-In/Printing

■ Prescheduled Visits

■ Group Enrollment

■ Employee Host Assignment Function

■ Single Click Sign-In/Sign-Out Process

■ Assign Visitors Access to Secured Areas

■ Multiple Page, User-Definable Field Support

■ Customized Visitor Badge Layouts

■ Visitor Tracing

■ Business Card Scanner Interface

■ Track Scheduled versus Actual Visit Times

■ Send E-mail to Hosts Upon Visitor Arrival

■ Biometric Capture and Encoding

Reports ■ Daily Visitors

■ Visitor Activity

■ Visitor Arrival and Departure Times

■ Custom Reports

■ Additions and Changes to Visitor Record

Benefits ■ Reduced Total Cost of Ownership

■ Streamlined Data Collection and Management

Advanced Visitor Management

OnGuard Visitor is a dependable and cost-effective visitor management application that enables an organization to manage and track visitors throughout its facilities, using standard desktop technology. Whether it is implemented as a standalone system or seamlessly integrated with other OnGuard application modules to create a total security management environment, OnGuard Visitor offers unlimited flexibility by allowing IT and security managers to further capitalize on the existing IT investments made in their facilities.

Visitor Enrollment

Visitors can be quickly and efficiently enrolled into the system. Prior to a guest’s arrival, an OnGuard operator can enter pertinent visitor data into the system, assign an employee host to the visitor, assign active date ranges for the person’s scheduled visits, optionally capture the visitor’s photo and signature, and assign access privileges to the visitor. Then, upon arrival, the visitor can be signed in with a simple mouse click, a guest badge can be printed for the person, and the employee host can be notified electronically. For large groups, OnGuard Visitor provides bulk sign-in and printing capabilities.

OnGuard Visitor also offers the ability to enroll in advance both visitors and their upcoming visits. Visitor information can be either imported into the system or manually entered from any licensed desktop within the organization. Employee hosts can be preassigned at the time the visit is scheduled, and a printed badge can be ready for the guest upon arrival.

User-Definable Visitor Fields

A system administrator can customize OnGuard Visitor’s data entry forms to meet an organization’s unique data requirements. New fields can be added, existing ones modified, and unwanted fields deleted on multiple pages of visitor forms. Name, company represented, vehicle information, employee host, and reason for the visit are just a few of the fields that can be created.

Visitor and Visit Tracking

OnGuard Visitor provides detailed visitor and visit tracking mechanisms. OnGuard system administrators can track visitors scheduled arrival and departure times against their actual in and out times. If a visitor has been assigned access rights to card readers, system operators can tightly track the visitor’s movement throughout the facility using the OnGuard Alarm Monitoring application. OnGuard Visitor can be integrated with OnGuard VideoManager, allowing administrators to link digital video clips to visitor activity.

Advanced Visit Activity User Interface

OnGuard Visitor provides an advanced Visit Activity Status user interface. This interface displays a list of all visits that are due to occur and/or are due to expire within a user-defined period of time. It also shows the current status of all active visits in the system. The Visit Activity Status UI refreshes updated information in user-defined increments, providing receptionists and guards at visitor checkpoints with up-to-the-minute information related to all system visit activity.


■ OnGuard ID CredentialCenter

Visitor

7

Acc

ess

Con

trol

Complete Reporting Capabilities

OnGuard Visitor has complete reporting and auditing capabilities. All visitor transactions and movements that occur throughout the facility are recorded and stored in a detailed audit trail. All additions and changes to visitor records are also tracked by the system. Standard reports include Daily Visitors, Visitor Activity, and Arrival and Departure Times, among others. Custom reports can also be produced using industry standard report writers.

OnGuard Visitor

8

Access C

ontrol

Support■ Lenel Alarm Hardware

• LNL-1100 Alarm Input Module

• LNL-1200 Alarm Output Module

■ Supported Intrusion Panels:

• Bosch (Radionics) 9412, 7412

• Bosch (Detection Systems) DS7400xi, DS7400xi 4+

• Galaxy (models 8, 18, 60, 128, 500, 504, 512)

■ Supported Fire Panels:

• Siemens MXL/MXL-IQ

• Notifier AM-2020, NFS-640

• ESPA 4.4.4 protocol

■ Supported Receiver Formats:

• SIA 1, SIA 2, SIA 8, SIA 20, SIA 2000

• Radionics BFSK, Modem II, IIE, 3A

■ Supported Alarm Receivers:

• Bosch/Radionics 6500/6600

• Digitize 3500

• Osborne-Hoffman OH-2000

• AES-Intellinet 7000

■ Ethernet or RS-232 Communication

■ Unlimited Panels and Receivers

Features■ Complete Monitoring & Reporting

Capabilities

■ Integrated User Interface

■ Command and Control of Daily Operations

■ Complete Audit Trail

■ Centralized Data Management

■ Reliable Information Delivery

■ Custom Event Code Mapping

■ Receiver Account Auto-Add Feature

■ Complete Configuration of Alarm Areas for Each Account

■ Custom Alarm Zone Configuration

■ Centralized Monitoring

■ Full Reporting of All System, User and Alarm Events

Benefits■ One System to Monitor, Learn,

and Manage the Security Environment

Advanced Management of Fire & Intrusion Detection Systems

OnGuard Fire & Intrusion is an advanced solution for managing fire and intrusion events and maximizing return on investments in legacy intrusion/burglar/fire panel and central station receivers. Events generated in these parallel systems now have an additional means of monitoring and response. OnGuard allows customers to monitor these disparate systems from a single interface. Support is available for well-known brands such as Bosch (Radionics/Detection Systems) intrusion panels, Galaxy intrusion panels, Siemens fire panels, Notifier fire panels, the ESPA 4.4.4 protocol, and central station receivers from Bosch, Digitize, Osbourne-Hoffman and AES-IntelliNet. The supported central station receivers collectively support hundreds of different alarm panels and numerous industry formats, collectively accounting for over 90% of all burglar, fire, safety, nurse call and remote dialer systems in use today.

Lenel Alarm Hardware

Lenel offers alarm control panels that are seamlessly integrated within the OnGuard field hardware architecture. Lenel Intelligent System Controllers can manage a mix of LNL-1100 (Input Control Module) and LNL-1200 (Output Control Modules) dedicated alarm panels. The LNL-1100 can manage up to 16 inputs with two outputs. The LNL-1200 can manage up to 16 outputs. Lenel also offers the Lenel Command Keypad (LNL-CK), an LCD display keypad for users to execute local I/O functionality. The LNL-CK has 32-character display with a 16-position keypad that features arm, disarm, bypass and force arm alarm groups.

Fire Panel Interface

OnGuard supports secondary annunciation of events from several industry-standard fire alert panels, including models from Siemens and Notifier. When a specific fire alarm is triggered, the event is communicated to OnGuard. Users can define specific immediate response mechanisms, such as linked digital video, global I/O function and e-mail/paging alerts.

Intrusion Panel Interface

OnGuard supports secondary annunciation of events from multiple industry-standard intrusion detection panels. It also allows administrators to define zones and areas with logical names locally in the OnGuard database to identify the physical location of each alarm point, arm/disarm station or motion detector. When an event occurs, OnGuard identifies the source of the event by name, and tells the operator how to respond.


■ OnGuard Access

Options to Deploy

■ Alert System Interface■ Fire Alarm Interface■ Intrusion Panel Interface

Fire & Intrusion

9

■ Intercom Interface■ Central Station Receiver Interface

Acc

ess

Con

trol

Enhanced Reporting Capabilities

With OnGuard’s advanced reporting capabilities, administrators can run complete reports based on related activities from integrated intrusion panels. Here is a sample of report opportunities:

■ A “Fire Zone Missing” report determines if any fire detection zones were not reported as being online.

■ An OnGuard scheduler status report determines if all scheduled activity was executed as instructed.

■ An “Output Relay” report shows every action setup or modified in relation to respective output relays.

■ An “Opening/Closing” report shows when areas were armed/disarmed and when arm delays were active.

■ Cardholder activity reports can be generated to show the activity of all or specific cardholders between access control readers on OnGuard hardware or intrusion panels.

Central Station Receiver Interface

The OnGuard Central Station Receiver Interface provides a number of features to make event information displayed in the OnGuard Alarm Monitoring application more useful. OnGuard administrators can assign account numbers to panels connected to the central station receiver, to ensure accurate identification. Furthermore, groups can be created to lump together multiple panels in expansive deployment settings. Even in situations where an event is generated from a panel not yet named in the system, the database will automatically add the panel (using the account number as the name), which can be accurately identified at a later time.

Alarm panels connected to receivers report their events in a large variety of data formats. OnGuard provides a mapping between the event codes generated from receivers and panels and existing OnGuard events. Custom event code mappings can also be defined based on how a particular panel is configured.

OnGuard Fire & Intrusion

10

Credential

ID CredentialCenter

11

Overview

OnGuard ID CredentialCenter offers the most expansive set of capabilities available to manage the

employee security information life cycle, from data entry to access revocation. Cardholder

information is managed centrally, providing ease of enrollment, information management,

integration with LDAP, badge design, printing and encoding, and cardholder credential activity

reports. OnGuard makes every aspect of working with employees and their credentials easy to use,

easy to investigate and easy to report. Refer also to the OnGuard Biometrics & Smart Cards product

sheet for information about OnGuard’s smart card capabilities, and to the OnGuard Visitor product

sheet for visitor management capabilities.

Centralized Enrollment & Credential Management

A typical organization needs to manage credentials for employees, contractors and visitors.

Administrators need to manage each individual’s data and the credentials he uses to access

organizational resources, both physical and logical. OnGuard can help implement a secure platform

by which employee’s access to the business can be known and managed from beginning to end.

Using OnGuard Integration Tools, cardholder information can be constantly retrieved and updated

from the organization’s central identity management program, keeping the physical security program

in line with all organizational standards. From enrollment through revocation, OnGuard ID

CredentialCenter provides complete management of all data relevant to each cardholder and his

credentials.

Integration with LDAP

Users with an LDAP-based system for managing network identities [Active Directory, Sun Network

Management (formerly iPlanet)] can directly link cardholder accounts in OnGuard to their respective

LDAP accounts. In doing so, administrators in either system can control or restrict both physical and

network access as a security measure against specific employee(s). OnGuard can also automate

the creation or removal of a cardholder account when the LDAP account is created.

Integrating with Identity Management Systems

Businesses are seeking to adhere to stronger and more secure processes in pursuit of legislative

compliance. Increasingly, identity management systems dictate important security permissions for

employees throughout the business, ensuring that business rules are applied in every corner of

every program. OnGuard can be configured to accept security rules from the IDMS to enforce

company-wide standards.

Support■ Support for Industry Standard ID

Card, Reader and Printer Technologies

■ ID Cards/Readers• Lenel OpenCard™• iCLASS®• MIFARE®• DESFire®• Contact Smart Card• Proximity• Magnetic Stripe

■ Printers• Any Printer with Windows

2003/XP/2000 Drivers• Nisca®• Ultra/Magicard®• Evolis®• Zebra®• Fargo®• Datacard®• DFS®

Features■ High Speed Photo Capture

■ Signature Capture

■ Intelli-Check ID Check Integration

■ Full Biometric & Smart Card Management

■ Import Utility to Retrieve Data from Driver’s Licenses, Passports or Other Credentials

■ User-Definable Data Fields

■ High Resolution Lighting Kit

■ Import/Export Feature

■ In-line Encoding of Magnetic Stripe, Bar Code & Contact(less) Smart Card

■ PDF-417 Bar Code Support

■ Image Compression Control

■ Image FX Gallery

■ Program Badge Functionality

■ Chroma key and Ghosting

■ High-Quality, True Color Credential Production

Cre

dent

ial


12

Cardholder RecordsA cardholder record in OnGuard ID CredentialCenter can be created manually, or auto-generated from data received from a third-party application. Once a cardholder profile has been established, the balance of the person’s security permissions can be configured. Categories include:

■ Access Levels - single access points or logical combinations of access points.

■ Assets - create records of laptops, projectors and other office assets assigned to a cardholder and link them to a cardholder account.

■ Biometrics - manage the biometric templates of cardholders needing access to secured areas requiring biometric templates be used and when necessary encode or program this template to a smart card or manage it in an OnGuard Intelligent System Controller.

■ Directory Accounts - link cardholder account to LDAP account.

■ Logical Security - link cardholder account to logical security system. Support includes ActivIdentity CMS and Bioscrypt VeriSoft.

■ Visits - records of individuals who have visited a facility that were sponsored by the cardholder.

BadgeDesignerCardholders are often issued physical credentials (identifiers) which can be used to enable access to facilities and logical resources. For cards, OnGuard offers BadgeDesigner, a program that allows you to create/insert graphics into badge layouts that are used when producing cards. This user-friendly program allows users to manage layouts, both simple and sophisticated, for single sites or enterprise systems.

Card Printing, Encoding & ProgrammingA key component of many ID management programs is the physical card used for access control. OnGuard ID CredentialCenter can manage the processes of laying out the card design text and graphics, and printing the card. During printing, badge IDs can be encoded to magnetic stripes or contactless smart chips. OnGuard is the only non-proprietary solution on the market that offers the ability to program blank HID iCLASS contactless smart cards. From start to finish, OnGuard ID CredentialCenter lets you enable a quick and effective card production process.

Cardholder ReportsAny cardholder can potentially be involved in a security incident. A good security program will immediately recognize when a security incident occurs. It can also promptly and accurately identify problematic trends that might indicate that an incident is about to occur. OnGuard provides standard reports that can be quickly generated. For example, the Badge Use report can list exactly when and where a specific card was used within a given period of time.

Badge Printing and Encoding with Complete Smart Card Support

OnGuard SecurityServer


Image/Photo Capture Device

Smart Card Reader w/Encoding

Card or Badge Printer

Smart Card

Passport, License, or Military ID Scanner

Iris/Retina Capture Device

Fingerprint Capture (Slap or Roll)

Other Supported Biometric Capture Devices

CORPORATE HEADQUARTERS LOCAL AREA NETWORK (TCP/IP)

AD/LDAP NetworkAdministration Server

Card Management System or Certificate Authority* For use with smart card enabled systems or when

using digital certificates and PKI infrastructure External Database(SAP, PeopleSoft, Oracle, etc.,

Human Resources, IDMS)

Credential

Biometrics & Smart Cards

13

Integrated Biometric and Smart Card Management

Biometrics and smart cards are two of the most powerful security solutions available today. While there is an assortment of products on the market purporting to offer high security, not all of them provide the optimal experience for the user. Lenel has developed OnGuard Biometrics & Smart Cards to help customers leverage their OnGuard systems to support industry leading biometric and smart card technologies. This solution offers customers a seamless enrollment and verification experience, to simplify management and optimize security while providing added functionality.

Biometric Templates

Many organizations have begun to use biometrics to add a layer of protection beyond using cards and PIN at specific access points. Cardholders who must use biometrics for secure-area access can enroll their fingerprint, hand geometry or iris data easily and securely using OnGuard ID CredentialCenter. System administrators that add biometric verification capabilities to secured doors and desktops continue to use a single point of enrollment for all cardholders. Rolling out OnGuard Biometrics & Smart Cards involves capturing the cardholder’s biometric data, managing it in a secured database, and storing the template. Templates can be managed in the Intelligent System Controllers or on smart cards. Both models are achieved by leveraging existing investments made in OnGuard Intelligent System Controllers and cardholder credentials. The cardholder’s biometric template is securely managed, ensuring that the individual’s personal data will not be compromised.

Secure Cards

The enhanced security offered by smart cards has increased their popularity. Although magnetic stripe and proximity cards are easier to manage than traditional locks and metal keys, their vulnerability is that someone who can obtain the card-based data can reproduce the cards. By contrast, smart cards perform a procedure known as mutual authentication, which requires the smart card and the card reader to identify each other before data can be communicated. While proximity merely waits for a signal from a badge and automatically transmits data for verification, smart cards work in conjunction with readers to safeguard biometrics and other data on the card.

Smart Card Profiles

The ability to use a smart card for multiple applications besides security presents new opportunities for users. A magnetic stripe card contains a unique identifier that is accessed whenever the card is used—in vending machines, at doors, etc. By contrast, a smart card can support multiple, independent applications, each of which is protected by its own software key stored on the card. Each different application protects its own data, but all data is stored on one physical card. An advantage of the OnGuard solution is its ability to perform in-line encoding of multiple applications on a smart card during cardholder enrollment or badge printing. An OnGuard system administrator can create a unique smart card profile for each cardholder to manage and update the person’s card data.

OpenCard Format

OnGuard can produce smart cards that can be used across multiple systems. Lenel technologies can produce and read a variety of standard card formats, including the new PIV II and a variety of government smart card formats. Additional formats allow creation of iCLASS, MIFARE, DESFire, and magnetic badges that are compatible with many standard readers. This eliminates the need for third-party card encoding software in most cases.


■ OnGuard Access and/or OnGuard ID CredentialCenter

Support■ Supports Template-On-Card and

Template-On-Server Data Models

■ Supports Biometric Readers from:• Bioscrypt (V-Series) • Cross Match (for enrollment only)• Identix• Integrated Engineering SmartTouch• LG (3000+ iCAM 4000 series)• Schlage Recognition Systems• Ultra-Scan• Lenel

■ Supports Contactless Smart Cards / Readers from:• Lenel (OpenCard, PIV End-State,

MIFARE, DESFire)• Banque-Tec (MIFARE)• HID (iCLASS, MIFARE, DESFire,

PIV End-State)• Integrated Engineering (MIFARE,

DESFire, PIV End-State)• OMNIKEY (iCLASS, MIFARE)• XceedID (iCLASS, MIFARE,

DESFire, PIV End-State)

■ Supports Contact Smart Cards / Readers from:• ISO 7816-4 Providers• Gemalto (Cryptoflex, Payflex,

Cyberflex)• OMNIKEY (ISO 7816-4)• Veridt (CombiSmart)

Features■ Fast, Efficient, Enrollment Using


■ User Friendly GUI

■ Accurate, Non-Intrusive

■ Biometric Verification

■ Single Networked System

■ Unique Distributed Architecture

■ Access Decisions Made at the Panel or Credential Level, Even When Off-line with the Database Server

■ Centralized Reporting and Audit Trail

■ Share Biometrics Between PACS & LACS for Login to User’s Directory Accounts

Benefits■ Increases Security

■ Eliminates Multiple Systems and Databases

■ Reduces Total Cost of Ownership

Cre

dent

ial

OnGuard Biometrics & Smart Cards

14

Bioscrypt Support

OnGuard offers a fully-integrated, fingerprint authentication access control application reader for distributed controller and smart card solutions by integrating with the Bioscrypt V-Flex, V-Smart and V-Station fingerprint readers. Credentialholders’ fingerprints are captured during enrollment, and either downloaded to the LNL-2000 or directly written to a smart card chip using standard contactless smart card technology. Once users are enrolled for Bioscrypt physical access control products, they are automatically enrolled for use in Bioscrypt VeriSoft logical access control system. VeriSoft is seamlessly integrated with OnGuard, and allows desktop users to actively maintain their password profile for access to an assortment of network and software applications and web sites.

IR - Schlage Recognition Systems Support

OnGuard provides advanced hand geometry support using Schlage HandKey, HandKey II, and ID3D hand geometry readers. Schlage readers utilize field-proven technology that maps and verifies the size and shape of a person’s hand. Each hand template requires only 9 bytes of information, for fast enrollment and minimal data storage in the OnGuard database and at the LNL-2000.

LG Iris Support

OnGuard provides advanced iris verification support for customers seeking to establish the highest level of access control. By seamlessly integrating iris technologies from LG Electronics, OnGuard supports storage of iris templates on HID iCLASS 16K contactless smart cards for local verification. Users can enroll and receive their encoded credentials via OnGuard ID CredentialCenter.

LNL-500 ISC LNL-2000 ISC LNL-2000 ISC LNL-2000 ISC

LG ICU

Single Sign-On Support

Iris Support Fingerprint/ Hand Geometry Support

LNL-1300 RIM

LNL-1300 RIM

LNL-1300 RIM

LNL-500B RIM

LNL-500B RIM

Bioscrypt V-Flex LNL-BIO-007 HID iCLASSReader

LG IrisScan

LOCAL AREA NETWORK (TCP/IP)



USB Desktop Smart Card

Reader

USB DesktopBiometric/Smart Card

AuthenticationUnit

BioscryptV-Smart G

MIFARE Smart Card Reader

Video

Support Multiple Resolution Options:

■ QVGA (320 x 240)

■ CIF (352 x 288)

■ VGA (640 x 480)

■ 4CIF (704 x 576)

■ D1 (720 x 480 DVD quality)

■ Multiple Megapixel Resolutions

Multiple Frame Rates:

■ Up to 60, depending on recorder device

Compression:

■ MPEG-4

■ MJPEG

Recording Options:

■ Analog video input

■ Network video input

■ Continuous

■ Time-lapse

■ Event-driven

■ Synchronized audio & video

Extended Storage Options:

■ Direct-Attached Storage (DAS)

■ Network Attached Storage (NAS)

■ Storage Area Network (SAN)

Monitoring Options:

■ Integrated monitoring

■ VideoViewer

■ Remote monitor

■ Barco display integration

Event Options ■ PTZ on event

■ Auto-launch on event

■ Record on event

■ Monitor events

■ Investigate events

■ Archive event video

Overview

OnGuard VideoManager is the most flexible and dynamic video system available today. With

enormous 3,000+ channel installations operating around the world, OnGuard VideoManager offers

customers the scalability to take small and simple video needs to large and sophisticated enterprise

video. OnGuard VideoManager is seamlessly integrated with OnGuard, offering customers the

many benefits of applications inside the OnGuard portfolio, including OnGuard Access and OnGuard

Fire & Intrusion. By integrating with OnGuard, customers can realize a true, event-driven system

architecture whereby actionable security is enabled by linking real, live security-related events.

Event video can be monitored in several ways. For those organizations with sophisticated

monitoring needs, OnGuard IntelligentVideo offers an array of algorithms and packaged solutions

for everyday security challenges such as loitering, objects entering an area or object leaving an

area. For those customers who want to use OnGuard IntelligentVideo in forensic investigative mode,

there is no additional charge. All angles are covered with OnGuard VideoManager.

Configuration

OnGuard VideoManager’s powerful configuration options enable administrators to design simple

and straightforward systems, or expansive and sophisticated solutions tailored to their specific

needs. Camera resolution support ranges from basic QVGA (320 x 240) to high resolution D1 (720

x 480 DVD quality). An array of frame rates are available, and are dependent on video capture

modules with both MPEG-4 and MJPEG compressions. OnGuard VideoManager also offers several

recording, extended storage and monitoring options. Customers can record in continuous,

time-lapse, event-driven or synchronized audio and video modes, and store that video on

industry-standard, off-the-shelf hardware, including Direct Attached Storage (DAS), Network

Attached Storage (NAS) and Storage Area Networks (SAN.) Once video is set up, it’s time to monitor

it. OnGuard VideoManager offers several options for viewing, including through OnGuard Alarm

Monitoring, OnGuard VideoViewer, OnGuard Remote Monitor and a Barco digital display wall.

OnGuard VideoManager lets you build your video system with our software.

Event-Driven Solution

For every aspect of a video system, alarm event conditions drive the solution. PTZ on event.

Auto-launch on event. Record on event. Monitor events. Investigate events. Archive event video.

OnGuard VideoManager is the event-driven solution.

Monitoring

OnGuard leads the industry with the most robust monitoring application available. OnGuard Alarm

Monitoring communicates the status of video recorders and network cameras, illustrates alarm

location with the use of multimedia graphical maps, and enables operators with in-view PTZ control,

auto-launch of video on alarm and camera touring. OnGuard also offers users a variety of monitoring

interfaces, from the Remote Monitor to the Barco video wall. No matter what the monitoring

requirement is, OnGuard has an interface to match.

VideoManager

15

Vide

o Analytics

Research has proven that even an efficient monitoring staff has a decrease in focus after just one hour of video viewing. Often, situations that should be detected are not, presenting security with a reaction scenario. Short of having full time, highly focused monitoring, video intelligence is a viable option for any customer. By having the system provide more support, security managers and operators can focus on the security of people, information and assets. OnGuard IntelligentVideo offers security conscious organizations the opportunity to configure viewing areas to capture alarms in real time, or to forensically search recorded video post-event. Some situations, such as loitering, may present an immediately acknowledgeable threat to security, while a briefcase being taken usually will reveal itself after the fact. In live scenarios, events go directly to OnGuard Alarm Monitoring and can be brought to the attention of security. In forensic scenarios, security can identify activity that was indicative of a security event in question, such as an object crossing a line showing a person entering a sensitive area containing information, or an object removed, which highlights items such as a briefcase or laptop that was taken from a scene. OnGuard IntelligentVideo offers a multitude of tools for addressing security needs using the existing video infrastructure.

Investigation

Investigations are central to every security program. OnGuard VideoManager has several tools available that are critical to enabling successful investigations. Video event locking allows users to select which alarm event types automatically archive related video recordings. Centralized archiving allows administrators to ensure that event video is locked and archived in the case of late security event realization. Traces allow customers to select a specific badge or alarm point, and poll for all video associated with the badge’s use, or activity at the alarm point. Security evidence clips are available to be exported in industry standard formats, for use in the Lenel Video Player or standard media players such as Windows Media Player.

Management

OnGuard VideoManager offers customers a simple system management experience. OnGuard System Administration allows the customer to set up new video inputs, configure OnGuard IntelligentVideo, deploy an archiving strategy, adjust video tours, scale user permissions, and much more. For customers already using OnGuard, expanding with OnGuard VideoManager is simple and smooth. This enables users to perform video management on a low learning curve.

OnGuard VideoManager

16

NAS - NetworkAttached Storage

SECURE SOCKET

Digital Video Recorder

• Alarm Inputs (13) Network Video

Recorder


CCTV Cameras

Pan/Tilt/Zoom

Audio (Microphones)

IntelligentVideo Server

Network Addressable Cameras • Pan/Tilt/Zoom • Buffered Storage • Alarm Input (1)


VIDEOVIEWER WEB CLIENTS

REMOTE MONITORS

LAN/WAN



Video Wall

OnGuard Security Server

Third PartyMatrix Switcher

CCTV Cameras

Pan/Tilt/Zoom

Video

Support ■ Windows XP

■ SQL 2005 Express Database

■ 32 Card Readers (Up to 64)

■ Available with 8, 16 or 32 (NVR-based systems only)

Configurations ■ DVR-based

• DVC-ST • DVC-EX

■ NVR-based

• DVC-1U • DVC-Dell

Features ■ Access Control, ID Management

and Digital Video, all in one unit

■ Connects to existing analog video systems

■ Ease of migration to traditional OnGuard architecture

Benefits ■ Preconfigured and ready to GO!

■ Minimum one-day setup time savings over traditional interfaced access control and digital video systems

■ Minimum 1U rack space savings

OnGuard GO! - Seamless & Simple - All In One Box

OnGuard GO! is the fast track to using the most powerful security platform in the industry. With

access control, ID management and digital video all available on the same server as the database,

customers with entry-level system requirements have the luxury of all applications in one unit,

saving valuable IT resources by not requiring a separate security server. OnGuard GO! is the choice

for customers with one to many stand-alone locations and the need for consistent deployments of

access control, ID management and digital video applications. Customers who start with the

simplicity of OnGuard GO! also have the flexibility to expand to larger systems that might require

additional computing resources, while maintaining a consistent user interface and system

administration experience with no retraining required. OnGuard GO! can start your security

deployment today!

Single Unit for Everything

Customers with security applications ranging from access control, to ID management, to digital

video can start with one application and add more as requirements evolve. Customers who want to

start with video only and add modules later can do so without needing additional server hardware.

OnGuard GO! is built with an additional hard drive for the OnGuard application and database,

enabling a true single unit solution for entry-level access control, ID management and digital video.

Easy Upgrades to Traditional OnGuard Architecture

OnGuard GO! can make sense for customer needs today, but what will they do in a couple of years

when they need more? OnGuard GO! is designed to offer standard, entry-level access control, ID

management and digital video. Many customers have realized the investment value of addressing

today’s needs with the simplicity of OnGuard GO! Many more have also expanded on that initial

investment and, when expansion was necessary, upgraded the OnGuard GO! system to a traditional

OnGuard architecture. This migration involves a couple of straightforward steps. A new OnGuard

security server is introduced, the database is moved to the new server, and the original GO! unit is

converted to a dedicated video recorder. OnGuard GO! can start small and grow big to satisfy any

customer’s requirements.

Stand-alone Digital Video

Customers looking for stand-alone digital video recorders can use a Lenel video recorder with the

OnGuard GO! configurations. The OnGuard GO! configuration has the administration applications

and database on the video recorder, saving money by not requiring a separate security server to

launch the most powerful security system available. Furthermore, customers can take the single

stand-alone video recorder and add OnGuard’s robust Access Control, Fire & Intrusion and ID

Management applications, as well as countless software options. For customers expanding an

existing analog environment by upgrading to a DVR, or embracing IP by migrating to network video,

Lenel video recorders offer the flexibility to initiate an integrated security architecture by focusing on

stand-alone digital video, then expanding the system when the time is right.

GO!

17

Vide

o

OnGuard GO!

18

Optional Monitor

OnGuard Security ServerDigital Video

Recorder

CCTV Cameras

CCTV Cameras

CCTV Cameras

Pan/Tilt/Zoom

Client Workstation Client WorkstationClient Workstation

Traditional OnGuard System

Inputs Outputs

Controller

Optional Third Party

Matrix Switcher


CCTV Cameras

Pan/Tilt/Zoom

Client Workstation Client Workstation


OnGuard GO! Integrated Solution

Inputs Outputs

Optional Controller

Optional Third Party

Matrix Switcher

OnGuard GO!:OnGuard ServerOnGuard Client

Digital Video ManagementSystem Administration

Access ControlAlarm MonitoringID Management

13 Dry Contacts (inputs)


DVC-EX Chassis (3U)

Analog

Analog and Network

DVC-1U

Network

DVC-Dell

NVR-based GO! Systems DVR-based GO! Systems

DVC-ST Chassis (4U)

Network

Advanced

Support ■ Unlimited Regional Servers

■ Unlimited Cardholders

■ Unlimited Simultaneous Users

■ Unlimited Card Readers

■ Unlimited Alarm Inputs

■ Unlimited Client Workstations

■ Unlimited Time Zones

■ Unlimited Simultaneous Monitoring

■ Unlimited User Privilege Levels

■ Unlimited Relay Outputs

Features ■ Data Synchronization Between

Multiple Databases via LAN/WAN Connections

■ MobileBadge™ Functionality for Enrolling Cardholders at Remote Sites

■ Segmented Database Architecture

■ Open Architecture Design Utilizing Commercial, Off-the-Shelf Products

■ Intelligent Fault Tolerant Response System

■ Advanced Network Design

■ Powerful Import & Export Capabilities

Options ■ Multi-Regional Alarm Monitoring

Advanced Enterprise Security Integration

OnGuard Enterprise is the industry’s first multi-server, synchronized database solution designed for enterprises with multiple facilities spread across geographical areas.

OnGuard Enterprise allows corporate security and IT managers to maintain central control over the entire integrated security system, while allowing regional offices to maintain independence and autonomous operations of their respective individual regional security systems.

Central Database Storage Facilities

OnGuard Enterprise gives corporate security and IT managers complete command and control over all system and event information. All cardholder and access control field data accumulated at the regional servers is synchronized and logged to a master enterprise server. This gives corporate security managers full viewing control over central alarm monitoring, reporting, and auditing functionality.

Autonomous Regional Operations

OnGuard Enterprise gives regional system administrators autonomous control over their individual regions, independent of the enterprise server and corporate wide area network. Each regional system administrator has total control over all access control field hardware and system information related to his respective region. Additionally, regional administrators and operators can view, control, and modify only the information and field hardware that is related to their regions.

Multi-Database Synchronization

At periodic intervals, each of the regional servers performs a synchronization process with the enterprise server via wide area network communication. All access control field and event information, as well as updated cardholder information, is uploaded to the enterprise server. The enterprise server then distributes any changes received from other regional servers, so that all servers are equipped operating with up-to-date information.

Scalability for Multinational Sites

OnGuard Enterprise is scalable, which makes it ideal for any size installation. It supports an unlimited number of regional servers and client workstations without system degradation. Its powerful, transaction-based architecture allows the system to grow and expand as the organization grows, while utilizing the same access control field hardware and application software.

Third Party Human Resource Interface

OnGuard Enterprise’s advanced interfacing capabilities allow bidirectional communication with third party databases—such as human resource systems—to transfer cardholder information. Updates occur in real time, and cardholder information is automatically downloaded to all associated access panels. If an employee is terminated, the information is transferred from the HR system to OnGuard Enterprise, which automatically removes all access rights for the cardholder and downloads the required information to the access controllers.

Enterprise

19

Adv

ance

d

Multi-Regional Monitoring and Administration

OnGuard Enterprise’s power and flexibility allows system operators to monitor alarms in multiple regions simultaneously. This means that regional operators might, for example, monitor alarm and event information locally during working hours, while enterprise operators might monitor alarms from all of the regions after hours. An unlimited number of regions can be monitored simultaneously. OnGuard Enterprise also allows enterprise system administrators to configure and administer multiple regions from a single site.

A Single Card Enterprise Solution

With OnGuard Enterprise, each cardholder carries a single ID card that is usable at all regional sites in the system. Once the cardholder database has been distributed to the regions, each regional administrator can assign unique access levels for the cardholders that are allowed at his region. OnGuard Enterprise’s advanced security allows system administrators and operators to assign access levels for only those card readers that are in their respective regions.

OnGuard Enterprise

20




MOBILE SOLUTION


WEB CLIENTS

TERMINAL SERVER

Region 1

Region n

WIDE AREANETWORK

LAN/WAN

Video Wall

Certification Authority

Card/Biometric Management

System

Smart Card/ Biometric Encoder

Smart Card/ Biometric Encoder


Centralized Enterprise

Administration

Fault TolerantOnGuard Enterprise

Server

OnGuardDataConduIT

Logical AccessControl System

OnGuardDataExchange Human

Resources Database

Active DirectoryLDAP Directory

DataConduITQueue IBMWebSphere

Microsoft Message Queue

Mobile GuardWireless Device


Remote Monitor


Server





(OPC Server/Client)



Services (IIS)




USB Biometric

OnGuard Client Workstation • Integrated Monitoring

• Centralized Administration Mobile

Badging Station

USB Biometric

USBProx

Dual PathController


ControllerIntercom Switcher



Burg Panel

Intrusion Detection

Burg Panel


Fire Panel

SECURE SOCKET

IrisReader(x4)



*Asset Reader

Biometric Gateway

*Hand Reader (x8)

Fingerprint Reader

Dual Reader

Interfaces

ID Control Unit

Smart Card Reader

*Card Reader

Card Reader

Wireless Gateway

16-Door Wireless Reader Interface

Wireless Reader (x16)

Single Reader

Interfaces

2-Door Wireless Reader Interface

Wireless Reader (x2)

Card Reader

Smart Card/ Biometric

Reader

CCTV Cameras

Pan/Tilt/Zoom

Audio (Microphones)

Network Video Recorder

IntelligentVideo Server

Network Addressable Cameras • Pan/Tilt/Zoom • Buffered Storage • Alarm Input (1)




Alarm Receiver

LOGICALLY TEAMED WITHIN ONGUARD SOFTWARE

ReceptionVisitor Check-in Station

Department ManagerDecentralized Access Privilege Management

*Supported Readers Include: • Contact/Contactless • Biometric • Proximity

• Wiegand • Magnetic Stripe • Bar Code

Advanced

Integration Toolkits

21

Features■ Technology Independent with

Support for XML, OLE, etc.

■ Powerful Application Programming Interface

■ Flexible Open Design

■ Easy Script Creation

■ Guaranteed Delivery of Alarms using OnGuard DataConduIT Toolkit

Benefits■ Leverages Existing Available

Information

■ Automates Business Process

■ Increases Return on Investment

■ Stronger Security

■ Reduces Total Cost of Ownership

■ Increases Security Intelligence & Accountability

■ Vast Integration Opportunities

Increased Security Intelligence

Information sharing is critical to the implementation of effective business systems. Proper integration of different systems is essential to increasing a company’s return on investment. Applications that use the same data through the same process increase productivity and reduce maintenance. OnGuard Integration Toolkits help customers achieve this level of integration by leveraging OnGuard as the central repository for all security information, and integrating through scripting to other applications such as human resources, ERP and directory servers.

Automate Business Processes

OnGuard DataConduIT is a great toolkit for automating business processes inside an organization. When events occur in either the security or IT domain, middleware developed using OnGuard DataConduIT can automatically trigger corresponding actions or changes between multiple systems. For example, when using account linkage, the removal of access rights to physical and logical areas can be streamlined. When an employee is terminated from any system (badge disabled in security, Windows Login Account disabled, etc.), OnGuard DataConduIT can trigger all other security or IT accounts to also automatically disable access, immediately suspending the employee’s rights to physical areas, network directories, e-mail, and other intellectual property.

Extensive System Integration Opportunities

OnGuard DataConduIT’s flexibility allows many unique business applications to be implemented by leveraging existing available data. The integration possibilities are endless. For example, programmers can develop the following services using OnGuard DataConduIT:

■ OnGuard cardholder accounts can be created based on the creation of a Windows account for that employee.

■ A disabled OnGuard badge can cause the cardholder’s Windows or other Active Directory/LDAP account to be disabled.

■ Customers can create scripts with sophisticated business rules to automate movement of data to and from human resource systems or directory servers.

■ Customers can create applications for deployment of OnGuard applications onto alternative mobile computing devices such as wireless PDAs.

■ Login access (activation of LDAP accounts) to computers located in a lab can be controlled based on card access of the person who carded into the lab.


■ OnGuard DataExchange™■ OnGuard OpenAccess™ Alliance Program■ OnGuard DataConduIT™■ OnGuard DataConduIT™ Queue■ OPC Server/Client■ SNMP Agent/Manager■ Credential Agent

Adv

ance

d

OnGuard Integration Toolkits

22

OnGuard DataExchangeOnGuard DataExchange is an advanced data import/export application. DataExchange can be utilized in several ways. At initial population of the cardholder database, DataExchange facilitates database-to-database or flat-file data import from a human resources database (such as Oracle, PeopleSoft, or SAP) or a displaced legacy system. DataExchange can be configured to handle continual updates to/from these systems, reducing input time and allowing OnGuard to adhere to predefined corporate business rules. Export scripts can also be configured to communicate from OnGuard to other third party systems, such as time & attendance and meal systems.

OnGuard DataConduITOnGuard DataConduIT is an advanced Application Programming Interface, built on Windows Management Instrumentation (WMI), that allows real-time, bidirectional, seamless integration between OnGuard and IT applications. OnGuard DataConduIT enables OnGuard cardholder accounts to be linked to Windows Login Accounts. It also enables OnGuard applications to be deployed (full-scale or scaled-down versions) on alternative computing platforms. It allows information sharing and integration points with third party information system products such as Tivoli, HP OpenView and IBM WebSphere MQ Adapter.

Using OnGuard DataConduIT, system administrators can develop scripts and applications that allow events in one domain (security or IT) to initiate appropriate actions in the other. For example, administrators can link the OnGuard cardholder accounts to their respective Windows Login Accounts such that enabling or disabling one account automatically causes the other account to be enabled or disabled.

DataConduIT QueueDataConduIT Queue allows users of DataConduIT to queue event data if communications are lost. Upon reconnection, all queued events are brought into/out of the system, rather than being lost. DataConduIT Queue is recommended for implementations where data loss is not acceptable. Additional supported queues include Microsoft Message Queue and IBM WebSphere Message Queue.

OPC Client/ServerOnGuard supports OLE for Process Control (OPC) interfaces, which are based on Microsoft OLE/COM technology. OPC was designed to allow interoperability of building automation and process control systems, enabling the systems to bidirectionally communicate. OnGuard allows customers to utilize their systems as client or server for OPC alarms & events (historical) and OPC data access (real-time).

SNMP Agent/ManagerOnGuard has built-in support for network management system security via SNMP (Simple Network Management Protocol). A part of the TCP/IP protocol suite, SNMP facilitates the exchange of management information between network devices. Network administrators are familiar with SNMP’s ability to help them manage performance, identify and resolve network issues and plan for network growth. OnGuard is designed to play the role of agent (sending trap data to a ‘manager’) or manager (receiving trap data from an ‘agent’).

WebSphere MQ AdapterCustomers have the advantage of using OnGuard DataConduIT to implement advanced integration with the IBM WebSphere business integration platform. Customers can utilize WebSphere’s reliable messaging interfaces to develop security-specific, real-time, XML-based messaging. Specific information that can be leveraged includes cardholder data, visitor information, security-centric alarms, secure-credential data, and time & attendance information.

Credential AgentCredential Agent allows customers using smart card technology to efficiently obtain up-to-date information for third-party applications to a dedicated smart card data container. This process sequentially communicates to each established application at the time the card is being encoded, saving customers time in coordinating the data and writing in a single, seamless process.

OnGuard Security Server



SAP/PeopleSoft/OracleDatabase

LDAP orActive Directory

IBM WebSphere3rd PartySecurity System

NetworkManagement System

Advanced

Fault Tolerance and Disaster Recovery

Lenel offers multiple options for fault tolerance and disaster recovery, featuring in-the-box redundancy from the NEC Express5800/ft series and the advanced LAN/WAN failover capabilities of NEC ExpressCluster X software. NEC fault tolerant servers help organizations maintain a low cost of ownership by running only one instance of Windows, SQL Server and OnGuard, all while achieving 99.999% uptime. New capabilities even allow Active Upgrade, which enables the system to maintain full functionality while a service pack is applied or a full version upgrade is performed. Lenel also supports Microsoft Clustering.

Barco Wall Integration (SWG-1600)

OnGuard VideoManager offers a means by which to stream video through Barco digital controllers and display the video on high-definition Barco walls. Video can be easily matrixed over a multiple-screen display, providing maximum flexibility in bringing continuous or event-based video to the front of the Barco wall to aid in critical monitoring.

Extended Databases Options (SWG-1290,1293,1295,1440)

OnGuard supports databases from industry-leading vendors. OnGuard ships standard with Microsoft SQL Server. Oracle 9i and 10g Server support is also available for the OnGuard Security Server database. Organizations can choose the database that conforms to their corporate standards and support.

Thin Client Support (SWG-1360,1370)

OnGuard can distribute client applications via Microsoft Terminal Server or Citrix MetaFrame Presentation Server. This is ideal for organizations that have multiple-facility systems and dispersed client workstations that aren’t easily accessible when installations and upgrades are required.

Mustering (SWG-1120)

The OnGuard Mustering capability provides a way to account for cardholders who are located on-site during an emergency. Designated entry and exit card readers are used by cardholders to enter and depart hazardous and safe areas. When an incident occurs that warrants mustering, an online muster report is generated that provides a complete list of all personnel located within hazardous areas, as well as those who have registered at safe locations. The muster report updates in real time whenever a cardholder registers at a safe location.

Guard Tour (SWG-1130)

The Guard Tour feature checks one or more card readers or alarm inputs during routine tours to verify that predefined tour routes have been followed and completed. Guards use credentials at card readers or trigger inputs in a sequence along their watch path. Events sent to the OnGuard Alarm Monitoring application inform system operators that the guard has reached a checkpoint at the appointed time, early or late. Tours can be linked to live video in a “sliding window” format featuring multiple camera views that span the checkpoints already reached, the current checkpoint and anticipated checkpoints.

Software Options

23

Adv

ance

d

FormsDesigner™ (SWG-1210)

OnGuard FormsDesigner enables system users to customize the look and feel of the cardholder and visitor data entry forms. Custom fields can be defined to supplement or replace the application’s standard fields. Customization capabilities include:

■ Moving standard fields to different locations on cardholder forms or deleting undesired standard fields.

■ Adding new field(s) to the cardholder form, each with its own unique set of attributes.

■ Specifying size, text and alignment properties for each of the defined fields.

Language Packs (SWG-LP)

OnGuard software can be translated into multiple languages, to provide regional support in environments where languages other than English are required. Currently supported languages include: Arabic, Simplified Chinese, Traditional Chinese, Croatian, Czech, Dutch, English, Finnish, French, German, Hebrew, Italian, Japanese, Korean, Portuguese, Russian, Spanish and Swedish.

Cardholder Image Export (SW-1040)

The Image Export option enables system administrators to export cardholder images from the OnGuard ID CredentialCenter application to an industry standard JPEG (.jpg) file. The exported cardholder photos can be used in employee galleries, Internet directories or other human resource applications.

CCTV Interface (SW-1010)

The CCTV Interface allows users to integrate OnGuard with any Closed-Circuit Television (CCTV) system that utilizes ASCII switching commands. For each alarm or event in the system, up to three signals can be sent from an OnGuard Alarm Monitoring workstation to the CCTV switcher. OnGuard supports Bosch, Pelco, Vicon and other CCTV brands. The CCTV Interface allows the CCTV devices to be automated for optimal performance during an incident, giving administrators and operators an effective surveillance tool.

Video Verification (SW-1020)

The Video Verification option enables system operators to compare a live view of a person with the photo stored in that cardholder record in the database. As a real-time video stream is received from a CCTV camera at a particular access point, OnGuard displays the stored photo and live video image side by side, providing an additional layer of cardholder verification for access to high-security areas. The system operator can visually determine whether the person at the door is actually the cardholder or someone else who is using the card.

E-mail & Paging Interfaces (SWG-1260, SWG-1250)

Using the E-mail Interface, ASCII text messages can be sent to Microsoft Outlook/Exchange electronic messaging systems in response to system events or alarms. This capability is ideal for environments in which key personnel need to be notified immediately when a particular event occurs.

The Paging Interface generates outbound text messages based on system events or alarms. Numeric or alphanumeric messages can be sent to any pager that communicates using TAP (Telocator Alphanumeric Protocol). In addition, notifications of specific events, including personal duress alarms, are relayed using preprogrammed pager numbers. The Paging Interface is designed for use where responsibilities are distributed among multiple people and where paging is a common means of communication.

24

OnGuard Software Options

Advanced

25



Region 1

Region n

WIDE AREANETWORK

Smart Card/Biometric Encoder

Smart Card/Biometric Encoder






(OPC Server/Client)



Services (IIS)



OnGuard Client Workstation• Integrated Monitoring

• Centralized AdministrationMobile

Badging Station

USB Biometric

USBProx

Dual PathController


Controller

Digital VideoRecorder


*Asset Reader

Biometric Gateway

*Hand Reader (x8)

FingerprintReader

Dual Reader

Interfaces

*Card Reader

CardReader

SingleReader

Interfaces

CardReader

Smart Card/Biometric

Reader

CCTVCameras

Pan/Tilt/Zoom

Audio(Microphones)

Network VideoRecorder

IntelligentVideoServer

Network Addressable Cameras• Pan/Tilt/Zoom • Buffered Storage • Alarm Input (1)



LOGICALLY TEAMED WITHIN ONGUARD SOFTWARE

EnterpriseMulti-Server Architecture

*Supported Readers Include:• Contact/Contactless• Biometric• Proximity

• Wiegand• Magnetic Stripe• Bar Code

Adv

ance

d

26


MOBILE SOLUTION


WEB CLIENTS

TERMINAL SERVER

LAN/WAN

Video Wall

CertificationAuthority

Card/BiometricManagement

System

Centralized Enterprise

Administration

Fault TolerantOnGuard Enterprise

Server

OnGuardDataConduIT

Logical AccessControl System

OnGuardDataExchange Human

Resources Database

Active DirectoryLDAP Directory

DataConduITQueue IBMWebSphere

Microsoft Message Queue

Mobile GuardWireless Device


Remote Monitor


Server


USB Biometric

Intercom Switcher



Burg Panel

Intrusion Detection

Burg Panel


Fire Panel

SECURE SOCKET

IrisReader(x4)

IDControl Unit

Smart Card Reader

WirelessGateway

16-DoorWireless ReaderInterface

WirelessReader (x16)

2-DoorWirelessReaderInterface

WirelessReader (x2)


Alarm Receiver

ReceptionVisitor Check-in Station

Department ManagerDecentralized Access Privilege Management

PERPETUAL INNOVATION

Corporate Headquarters

1212 Pittsford-Victor RoadPittsford, NY 14534-3820TEL: +1.585.248.9720FAX: +1.585.248.9185

United Kingdom Office & Training Center

95 Maybury RoadWoking, SurreyGU21 5JLTEL: +44.1483.815230FAX: +44.1483.815231

Hong Kong Office & Training Center

Room 1401-2, 14/FChinachem Johnston Plaza178-186 Johnston PlazaWanchai, Hong Kong, SAR, ChinaTEL: +852.2893.2886FAX: +852.2893.7373

Dubai Office & Training Center

Building 5EB - Office 550Dubai Airport Free ZoneDubai, UAETEL: +971.4.609.1019FAX: +971.4.609.1021

Middle East Office & Training Center

Assaydeh Center, Main RoadMansourieh, Al MatnLebanonTEL: +961.4.409184FAX: +961.4.409569

Lenel Systems International is a leading provider of software and turnkey security systems for corporate and government markets. We focus on developing products that enable organizations to effectively protect and manage their people, property and assets by maximizing IT and infrastructure investments.

When we launched the OnGuard integrated solution in 1995, our pioneering efforts brought the power of leading-edge technology, the reliability of software industry standards, and the flexibility of open systems architecture to an historically proprietary security market. We swiftly moved to a leadership position by developing and delivering business solutions that protect people, property and assets. Today we’re recognized as the global leader and de facto standard in software and integrated systems for commercial and government security markets.

With nearly 15,000 system installations in 90 countries worldwide, we boast a blue chip customer base with a strong presence in a broad range of vertical markets. We have earned numerous awards for technology innovation, growth, market leadership and customer satisfaction. Lenel is part of UTC Fire & Security, a business unit of United Technologies Corp. (NYSE:UTX).

Lenel’s world headquarters are located in Rochester, New York. We also have major operational centers in London, Hong Kong, Beirut and Dubai, numerous satellite offices, and sales and support coverage worldwide.

28

Contact Information

www.lenel.com Lenel Systems International, Inc.1212 Pittsford-Victor RoadPittsford, New York 14534 USATel 585.248.9720 Fax 585.248.9185www.lenel.com

© 2007 Lenel Systems International, Inc.

Lenel’s flagship security platform, OnGuard®, seamlessly integrates a full suite of security

management functions and technologies using an open architecture design. OnGuard offers

access control, ID credential issuance and management, alarm monitoring, digital video

surveillance and management, real-time digital video content analysis, intelligent audio,

integration of biometric technologies, intrusion detection, visitor management and smart card

functionality, plus integration with a multitude of third party systems. Individual applications

are available as standalone systems, or can be deployed in any combination to deliver a

single integrated solution that uniquely satisfies each customer’s particular needs. OnGuard

systems offer unlimited scalability, and localization support for major world languages.

The possibilities are endless.

catalog sw cover - vso · software solutions catalog onguard ... events such as invalid access...

Documents