Less may be more

Will the access control panel disappear in an IP-dominated future?
Friday, June 1, 2007

With the IP revolution upon us, it's fair to wonder about the future deployment and construction of access control systems. When every door is just another point on the network, what will we need panels for?
Michael Radicella, chief executive officer of ISONAS Security Systems, an access control maker that has its roots in the IT world, thinks that panels are definitely going the way of the dinosaur ... eventually.
"They certainly will go away. I don't think there's any doubt. How many years it will take? No one knows." Founded in 1999, ISONAS is headquartered in Boulder, Colo., and is privately owned and backed by a private investment group. ISONAS IP reader-controllers, the latest of which is the PowerNet IP Reader, have built-in Power over Ethernet and connect directly to an IP network "eliminating the need for traditional security control panels and expensive wiring," according to the company's marketing materials. The readers are equipped to read proprietary cards and can be configured to read a variety of HID cards as well.
ISONAS diplomatically refers to its IP access control readers as panel-free. "For years we had to tiptoe around the idea," said Radicella. "We didn't want to alienate the dealers ... we just stuck to our story, and said, 'Here's another solution.' But HID just came out and said 'it's time to get rid of those messy panels!' when they recently jumped on the same bandwagon with their release of the Edge product. People said, 'If HID is touting that, then we need to have a panel-less system as well.' It was a big help for us," said Radicella.
Although a lot of buzz is being generated by this technology of late, talking about the demise of access reader panels is still controversial to many in the industry.
Neeraj Purandare, product manager, access control for Cisco Systems, which previewed their new panel-less IP access control system at ISC West, said, "Mostly, it's fear of the unknown. There's a huge installed base [of legacy panels] out there, and a lot of companies have standardized on that base. They are threatened by any other architecture and don't want to invest once again in R&D."
Cisco's system, which should be ready for roll-out later this year, also utilizes power over Ethernet.
Viscount Systems out of Canada is another company that has developed panel-less access control systems. Its offering, called "MESH," stands not for mesh network but for "Multi Media Embedded Security Hub."
"We use readers that run and report directly to servers," said Steve Pineau, president and chief executive officer of the company. "The world is starting to understand what we do."
From 1969-1997 Viscount was an R&D affiliate of Telus, itself a controlled subsidiary of GTE, now Verizon Communications.
According to Pineau, the question is "not how soon they will disappear. At this point in time they are unnecessary if someone doesn't want them." He added, "It won't be any time soon because there's an underlying legacy installation base out there."
Pineau went on to say that HSPD-12 would be "the death knell for the control panel."
"For HSPD-12, the control panel has been the biggest problem that the U.S. government has faced. The government wanted to go to a logical physical convergent architecture, where the same card would be used for everything. They wanted to use Global User ID (GUID) cards. Traditional control panels can't take that kind of data format, and they can't take it encrypted." In contrast, "With a server-based reader [such as Viscount makes], they can actually deploy the type of systems they can't deploy with a control panel. You can process much bigger data without a control panel. The underlying issue with control panels is that they're proprietary and they are firmware. That nature impedes the end user. The U.S. wanted security to be an IT application," said Pineau. "Control panels are standing in the middle."
Still, questions about panel-less systems remain. Paul Baran is a security consultant for Bosch and chairman of the NBFAA's National Training School, which is the technology arm of the NBFAA. He has basic security concerns about panel-less architecture. "If your access control readers are outside a protected area, if someone got to the reader, they could compromise the system and the network," Baran said. "No IT administrator would allow that risk. With traditional panels, they could get to wiring. If they take that reader down, they only take that one reader. If there's a vulnerability within the structures we're creating, I'd rather stay away from it without building safeguards to the infrastructure, even if the risk is remote. One in 10,000 is too much. Like the parachute--I do not want to have the one that fails. And what is the risk when it does fail? That's why redundancy and the creation of proper infrastructure is so important," said Baran. He also mentioned cost as a deterrent.
"I don't think panel-less access control readers are an enterprise solution," Baran said. "And I keep going back to cost. Everything hinges on a POE switch. You do get flexibility and scalability, but it is not cost effective to go this route at this particular time, for a widescale deployment."
Back at ISONAS, Radicella said, "By utilizing Power over Ethernet, and running a standard network cable, customers can reduce the cost of installation labor and wiring by 30 percent over traditional panel-based access control systems, which require standard electrical power." Plus, "Software enables network administrators to directly monitor and control an unlimited number of door readers across the enterprise, as well as time and attendance and emergency response," which also cuts costs on the personnel side.
And then there's the number of doors that will be controlled with one system. "We don't put an artificial limit," Radicella said, "but there will be a practical limit. How big is your server going to be? How much space do you want to put on it? 500 doors on one server, and then say, let's get there, getting a bigger server or second server."
"Why would anybody start a new business and go after the old technology? No one wants to go backwards. No one."