Transcript
Hand Vascular Pattern Recognition System
NetControl-X User Guide Application software for VP-II X Hand Vascular Pattern Recognition (HVPR) System
1
Preface Thank you for choosing the VP-II X, Hand Vascular Pattern Recognition (HVPR) system. This manual is to familiarize you with the features and functions of the NetControl-X, the application software to be used for access control as well as time and attendance by utilizing the VP-II X hand vascular pattern recognition system. VP-II X is a biometric scanner which verifies users utilizing individually unique vascular patterns extracted from the hypoderm below the surface of the skin of the back of the hand using an infra-red based sensor device. The vascular pattern cannot be seen by the naked eye and is not easily affected by scars or contamination of hands. This results in no performance degradation in harsh environments, makes it 100% tamper-proof and eliminates privacy concerns with other biometric modalities. By utilizing HVPR technology, 99.98% of the entire population is able to use the system accurately and with the verification speed of 0.4 seconds, eliminating user bottlenecks and the requirement of a separate backdoor. Please refer to the VP-II X User’s Manual for details on VP-II X. NetControl-X supports various functions required for access control as well as time and attendance, such as a user management, gate management, gate control (security level, door open, etc.), gate monitoring, event monitoring, log-in account management, floor map management and access/time and attendance report, and etc. The user interface was developed using a graphic environment, making it convenient to use. Customer Service If you have any questions in regards to this manual or any of our products please do not hesitate to contact us at any time. Techsphere Co., Ltd. 3F Wonil Bldg. 980-54 Bangbae, Seocho Seoul 137-060 South Korea Tel: +82-2-523-4715
[email protected]
Disclaimer The information in this document is for informational purposes only. Techsphere Co., Ltd. assumes no liability for any inaccurate, or incomplete information, or for any actions taken in reliance thereon. Note: The contents of this guide are subject to change in order to reflect improvements in product performance. Copyright This material is proprietary and shall not be used except for reference. Techsphere Co., Ltd. reserves the right to change or discontinue this product at any time.
1
Table of Contents Preface ........................................................................................................................................................ 1 Table of Contents ....................................................................................................................................... 2 Revision Information ................................................................................................................................. 5 Chapter 1 Overview and Getting started ................................................................................................. 6 1. Configuration ........................................................................................................................................... 6 1.1 Software Components....................................................................................................................... 6 1.1.1 DBMS (MS-SQL) ..................................................................................................................... 6 1.1.2 XAgent ..................................................................................................................................... 6 1.1.3 Software Protection Key: Wibu-Key ........................................................................................ 6 1.1.4 XConfig .................................................................................................................................... 6 1.1.5 NetControl-X ............................................................................................................................ 6 1.2 Network Configuration....................................................................................................................... 7 1.2.1 Master/Slave Operation ........................................................................................................... 7 1.2.2 Local Network Configuration ................................................................................................... 7 1.2.3 Networking Multiple Locations ................................................................................................. 8 2. Installation and Setup .............................................................................................................................. 9 2.1 Installation ......................................................................................................................................... 9 2.2 VP-II X Configuration and Registration ............................................................................................. 9 2.2.1 Network Parameters Setup ..................................................................................................... 9 2.2.2 Register VP-II X to DBMS ....................................................................................................... 9 2.3 XAgent Setup .................................................................................................................................... 9 2.4 Login to NetControl-X....................................................................................................................... 11 2.5 Link VP-II X to XAgent ..................................................................................................................... 11 2.6 Password Management .................................................................................................................. 12 2.6.1 Network Password ................................................................................................................. 12 2.6.2 NetControl-X .......................................................................................................................... 12 3. Terms and Acronyms ............................................................................................................................. 13 3.1 User Type ........................................................................................................................................ 13 3.2 Manager .......................................................................................................................................... 13 3.3 Installer ............................................................................................................................................ 13 3.4 Test Mode ........................................................................................................................................ 13 3.5 Security Level.................................................................................................................................. 13 3.6 HCD (Human Criteria Decision) Level ............................................................................................ 14 3.7 VP-II XG (Door Controller) .............................................................................................................. 14 3.8 Anti-Passback ................................................................................................................................. 14 3.9 Bypass (PIN or Card only access: No vascular pattern verification) .............................................. 14 3.10 Duress ........................................................................................................................................... 14 3.11 Public Notice ................................................................................................................................. 15 Chapter 2 NetControl-X Menu and Functions....................................................................................... 16 1. Menu ...................................................................................................................................................... 16 1.1 Main Screen .................................................................................................................................... 16 1.1.1 Event and Alarm Display ....................................................................................................... 16 1.1.2 Device Monitoring .................................................................................................................. 16 1.1.3 Icons ...................................................................................................................................... 17 1.1.4 Device Icon Menu .................................................................................................................. 18 1.1.5 Check XAgent status ............................................................................................................. 18 1.2 Menu Description ............................................................................................................................ 19 2. Program Management Functions .......................................................................................................... 21
2
2.1 Login Account Management ........................................................................................................... 21 2.2 Alarm Functions and E-mail Notification ......................................................................................... 21 2.3 Language and Display Options ....................................................................................................... 22 2.4 Message Change ............................................................................................................................ 23 3. Access Control ....................................................................................................................................... 24 3.1 How to Control Users by Timezone and/or Area Restrictions ......................................................... 24 3.2 Timezone Control Tables................................................................................................................. 25 3.2.1 Set Holiday Tables ................................................................................................................. 25 3.2.2 Set Timezone Tables ............................................................................................................. 26 3.3 Access Area Group Tables .............................................................................................................. 27 3.4 Anti-Passback Function .................................................................................................................. 28 3.5 Door Control Functions ................................................................................................................... 29 3.6 Set Wiegand.................................................................................................................................... 30 3.6.1 Set Wiegand Format .............................................................................................................. 30 3.6.2 Set VP-II X Wiegand Output .................................................................................................. 32 4. Device management.............................................................................................................................. 34 4.1 Add/Remove (VP-II X, XAgent, XG)................................................................................................ 34 4.2 Device Group .................................................................................................................................. 35 4.2.1 Grouping Devices .................................................................................................................. 35 4.2.2 Map Assignment .................................................................................................................... 35 4.3 Device Setup (VP-II X Setup) ......................................................................................................... 37 4.3.1 Device Status ......................................................................................................................... 38 4.3.2 Date/Time Adjustment ........................................................................................................... 39 4.3.3 Wiegand ................................................................................................................................. 39 4.3.4 Free Timezone ....................................................................................................................... 39 4.3.5 Door Shutdown Time ............................................................................................................. 39 4.3.6 Test Mode .............................................................................................................................. 39 4.3.7 Public Notice Display on the VP-II X ..................................................................................... 39 4.4 Database Synchronization .............................................................................................................. 41 4.5 Get User List and Installer Info. From VP-II X................................................................................. 41 5. User Management Functions ................................................................................................................ 42 5.1 User Group Definition...................................................................................................................... 42 5.2 User Definable Fields ...................................................................................................................... 42 5.3 User Enrollment .............................................................................................................................. 43 5.4 User Management Menu ................................................................................................................ 44 5.4.1 Verification ............................................................................................................................. 45 5.4.2 Delete User / Manager........................................................................................................... 45 5.5 Modify User ..................................................................................................................................... 45 5.5.1 User Information / Password ................................................................................................. 46 5.5.2 User Definable Fields ............................................................................................................ 46 5.5.3 Enroll Vascular Template / Re-enroll ..................................................................................... 46 5.6 User Import / Export / Pre-enrollment ............................................................................................. 47 5.6.1 Export User Information ......................................................................................................... 47 5.6.2 Import User Information ......................................................................................................... 47 5.6.3 Pre-Enrollment ....................................................................................................................... 49 6. Report / Event Viewer ............................................................................................................................ 50 6.1 Report ............................................................................................................................................. 50 6.1.1 Common Options for Report .................................................................................................. 50 6.1.2 Daily Time and Attendance Report ........................................................................................ 51 6.1.3 Time and Attendance Per User.............................................................................................. 51 6.1.4 Access Report........................................................................................................................ 52 6.1.5 Device Events/Logs ............................................................................................................... 53 6.1.6 Command Log ....................................................................................................................... 53 6.2 Event Viewer ................................................................................................................................... 53 Chapter 3 Appendix ................................................................................................................................. 54 1. Installation.............................................................................................................................................. 54
3
1.1 System Requirements to Install NetControl-X ................................................................................ 54 1.2 Installation ....................................................................................................................................... 55 1.3 Installing DBMS (MS-SQL) ............................................................................................................. 56 1.3.1 Installing the Microsoft SQL Server 2005 Express ................................................................ 56 1.3.2 Using the Existing Microsoft SQL Server .............................................................................. 57 1.3.3 Installing the NetControl Database ........................................................................................ 58 1.4 Installing XAgent / Wibu-Key .......................................................................................................... 60 1.5 Installing XConfig / NetControl-X .................................................................................................... 60 2. XConfig .................................................................................................................................................. 61 2.1 Setup VP-II X Network Parameters ................................................................................................ 61 2.2 Firmware Download ........................................................................................................................ 62 2.3 VP-II X Registration to DBMS – Add to DB (F2) ............................................................................. 62 2.4 Password / Backup / Restore .......................................................................................................... 63
4
Revision Information D0: June 10, 2009
First Edition
V1: June 19, 2009
First Release
V1.01 June 29, 2009
Grammatical Corrections
5
Chapter 1 Overview and Getting started 1. Configuration 1.1 Software Components The NetControl-X software package consists of four components: DBMS, XConfig, XAgent and NetControl-X.
1.1.1 DBMS (MS-SQL) NetControl-X uses either Microsoft SQL 2005 Express or compatible Microsoft SQL versions as a Database Management System (DBMS). The MS-SQL 2005 Express is used as default, and the MSSQL 2005 is recommended for large scale implementations. If Microsoft SQL has been already installed, NetControl-X can be configured to use it instead of installing a new one. All commands and communications between components and/or VP-II X units are made through the DBMS.
1.1.2 XAgent The XAgent, working in the background, manages the communications with VP-II X units. It delivers the commands from NetControl-X to the designated VP-II unit(s) and receives response to be delivered to NetControl-X through the DBMS. It also collects any events occurring on the VP-II X such as user transactions or system logs, and stores them to the DBMS so it can be used by NetControl-X and/or any other third party applications that may be implemented using the NetControl-X SDK. See Chapter 1 2.3 XAgent Setup to learn how to configure XAgent.
1.1.3 Software Protection Key: Wibu-Key The NetControl requires a software protection lock-key (Wibu-Key) to be installed in a USB port in the server where the XAgent runs. The key is provided by Techsphere with the NetControl-X installation package. XAgent checks for the Wibu-key when it starts running, and it will not properly function with more than one VP-II X if the Wibu-key is not found. NetControl will run normally with one VP-II X unit without a Wibu-Key. When running more than one XAgent for multiple locations, a Wibu-key is required to be installed at each server where the XAgent runs.
1.1.4 XConfig The XConfig is a software tool to setup the network parameters of the VP-II X. It searches VP-II X units in the network within the TCP/IP broadcast range, and can set or change the network parameters such as IP address or port. It also provides the firmware download function to the VP-II X. See Chapter 3 2 XConfig for details.
1.1.5 NetControl-X The NetControl-X is the GUI application software that provides various functions for access control as well as time and attendance. This user’s manual focuses on the details of NetControl-X functions.
6
1.2 Network Configuration Each component can be installed on one server or separate servers providing each component can be connected to the DBMS server through a TCP/IP network. When you install components to a separate server, a network administrator should be consulted to set up a proper environment such as network firewalls.
1.2.1 Master/Slave Operation When multiple VP-II X units are networked, one unit has to be configured as a master unit while other units are configured as slaves. A server where the XAgent runs can be also configured as a master; all VP-II X units are then set to slaves. A master unit manages the user’s database for the entire network. There can only be one master on the network, which can be a VP-II X or server. When there are more than 64 VP-II X units running on the same network, a VP-II X cannot be set as a master, and the server must run as the master. When a VPII X is configured as a master, it can only handle up to 63 slave units.
1.2.2 Local Network Configuration
DBMS (MS-SQL) NetControl-X XAgent
TCP/IP
VP-II X
VP-II X
VP-II X
Master
Slave
Slave
7
1.2.3 Networking Multiple Locations VP-II X units that are installed at different locations (i.e. offices in New York City, Los Angeles and Toronto) can work as one system. For multiple VP-IIX locations to function properly there must be at least one XAgent running at each location and then networked together to a central DBMS. VP-II X units at each location are assigned to be managed by the XAgent installed at that location, and the XAgent networks the VP-II X units to the central server where the DBMS runs. Also, multiple installations of the NetControl-X application software can be installed at any location. However, there must be only one DBMS server within entire system. With this configuration, users enrolled at one location can access any other location without any limitations.
NetControl-X (Optional) DBMS (MS-SQL)
XAgent Internet
NetControl-X TCP/IP
XAgent
TCP/IP
VP-II X
VP-II X
VP-II X
Master
Slave
Slave
VP-II X
VP-II X
VP-II X
Slave
Slave
Slave Location 2
Location 1 (Headquarter)
NetControl-X (Optional) XAgent
TCP/IP
VP-II X
VP-II X
VP-II X
Slave
Slave
Slave Location 3
8
2. Installation and Setup 2.1 Installation Please refer to Chapter 3 1 Installation to learn how to install the NetControl-X software package. After installation, you have to perform an initial setup procedure which is a mandatory procedure to run the system. Please perform the procedures in the following sections from “Chapter 1 2.2 VP-II X Configuration and Registration” to “Chapter 1 2.5 Link VP-II X to XAgent”.
2.2 VP-II X Configuration and Registration 2.2.1 Network Parameters Setup It is required to setup the network parameters of the VP-II X units either using the XConfig tool, or the manager menu on each VP-II X unit so they can communicate with NetControl through the TCP/IP network. See Chapter 3 2 XConfig for details on how to setup network parameters using XConfig, or refer to the VP-II X User manual if you are using the manager menu on each VP-II X unit.
2.2.2 Register VP-II X to DBMS The MAC address of the VP-II X units must be registered to the NetControl database. Use the ‘Add to DB (F2)’ function in XConfig to automatically register the selected VP-II X units to the database. See Chapter 3 2 XConfig for details on how to use XConfig. Whenever a new VP-II X unit is added to the network, you must first register it in the database. Registration can also be done manually from a device management menu in NetControl-X.
2.3 XAgent Setup The XAgent runs as a Windows service program. It is automatically registered to the Windows Services when installed, and automatically starts running when Windows starts. In order to setup or manage the XAgent, which runs as a Windows service, a management tool program (XAgent Management Tool) is provided. This program is automatically installed when installing the XAgent. To setup the XAgent, run the XAgent Management Tool from Windows Start – All Programs – HVPR – XAgent. The XAgent program will continue to run in the background although you exit the XAgent Management Tool program.
In the Service XAgent Status window shown above, you can manually start, stop or restart the XAgent. In the above example, it shows an Error (Can’t find XAgent in database) because no initial setup has been performed. Click Detail to proceed with the setup. It will expand the window with more options as shown below:
9
DBMS The DBMS information needs to be entered here. The example shown on the right is the default information created by the NetControl DB installer. If the DBMS is installed on the same computer, keep the default value 127.0.0.1 which means the local machine. But you must enter the IP address of the DBMS server if the DBMS is installed on a different computer. The Database and ID information must be kept as default to change the password using a SQL management tool program, such as Microsoft SQL 2005 Management Studio Express which is provided by Microsoft. Once you change the password, please make sure that you apply the same password to all NetControl software components; XAgent, NetControl-X and XConfig. Click Apply to accept any changes made. Master Mode Setup Select Device Master Mode and click Apply after entering the MAC address on the Master VP-II X unit. If the Master VP-II X unit is already registered to the database using the ‘Add to DB(F2)’ function of XConfig, you do not need to input this information as shown in the example on the right. Server Master Mode is currently unavailable. It will be enabled in a future release. Register XAgent Every XAgent running on the same network has to be registered to the DBMS. Click Register and enter a password to continue. Default password is ‘admin’. The following window will appear. Input a name for the XAgent to be called by the NetControl-X application, like Headquarters, location A or New York Office. The DBMS MAC Address indicates the physical address of the server where the DBMS is installed. It is recommended that you use the TCP/IP port (61235) unless occupied by another application, if changed, all VP-II X units must be changed to use the same port.
10
2.4 Login to NetControl-X When NetControl-X is initialized, you must login to the NetControl database (DBMS). For initial setup, click Detail to set or confirm the DBMS information. Enter the IP address of the server where the DBMS is installed and confirm the database name, account and password which are HVPRX, TNCXS and ?ts2000nx! respectively. And then enter the Login name and Password which are both ‘admin’ by default. You can change the password or create more accounts with different access rights using the ‘Login Account Management’ menu in NetControl-X.
2.5 Link VP-II X to XAgent After you have logged in, NetControl-X will show all VP-II X’s that are registered to the DBMS. Now you have to assign the VP-II X’s to a XAgent. This is because there could be multiple XAgents that handle different groups of VP-II X’s if there are multiple locations being networked to one DBMS. Go to the menu ‘Device – Device Management’. And then select a VP-II X and click Modify. Initially VP-II X’s are named with the MAC address such as 001510700129 shown below. Rename accordingly, select the XAgent to be linked to the selected VP-II X from the Connect XAgent pull-down menu, and click Save to apply.
Now initial setup is complete and the system is ready to use.
11
2.6 Password Management There are three categories in managing the passwords being used for NetControl software – DBMS login, network password and NetControl-X login. DBMS The NetControl installer creates both an administrator account, and a user account for Microsoft SQL 2005 Express. By default, the administrator’s login ID is ‘sa’ and the password is ‘sql2005’. The created user account shown below is used for NetControl. Database name: HVPRX / Account name: TNCXS / Password: ?ts2000nx! The account information can be modified or changed by the Microsoft SQL system manager. Once the account information has been changed, it must be applied to the XAgent, XConfig and NetControl-X as these programs must be able to connect to the DBMS.
2.6.1 Network Password The network password, which is ‘admin’ by default, is used for the encryption of the communication data between XAgent and VP-II X devices. The network password is also required to be entered when changing the network parameters using IONconfig. The password can be changed using XConfig and it must be applied to the XAgent and all VP-II X units connected to the network if the password is changed.
2.6.2 NetControl-X By default when NetControl-X is installed, the account name and password are both ‘admin’.
12
3. Terms and Acronyms 3.1 User Type Below is a table defining the multiple user types based on the type of identification number used for enrollment and verification: User type
Description
PIN User
Users enrolled with a PIN from 2 to 24 digits. Users enrolled with a proximity card.
Prox. Card User
- Wiegand code of the card is used as the PIN. - Up to 128 bits supported.
Smart Card User
Password User
Users enrolled with a smart card (HID, Mifare, etc). - Vascular data can be stored on the card and/or the VP-II X database. A password can be assigned individually to any enrolled user. If required,, users with a password can gain access with or without verification of a vascular pattern. - Specific instructions are required to gain access with a password. Refer to VP-II X user’s manual for details.
3.2 Manager The Manager(s) is an administrator who has the right to enrol/delete users as well as configuring or changing system settings. When a Manager is verified, the Manager Menu automatically appears on the LCD.
3.3 Installer The Installer is a temporary manager who can be enrolled when the VP-II X is in Test Mode during the initial implementation. An Installer has the same rights as a Manager, and can access the Manager menu to setup/change system settings as well as enrol/delete users. Typically an Installer is temporarily enrolled as a Manager for system setup and installation, and it is recommended that the Installer be deleted once the installation is complete. Only a PIN (no cards) is allowed to be used for the Installer, both cards and PINS are allowed to be used to enrol Manager(s).
3.4 Test Mode Test Mode is a factory default setting on the VP-II X. In Test Mode, the VP-II X provides a menu allowing an installer to be enrolled as a manager each time the VP-II X starts up. This means that anyone can be enrolled as a Manager as long as the unit is in Test Mode by recycling the power, it is strongly recommended that the system manager release Test Mode once the installation and training is complete.
3.5 Security Level The security level is an adjustable level for matching vascular biometric data for verification. Five adjustable levels are provided; level 1 is the most strict in matching vascular data. Level (1) provides higher accuracy in matching vascular patterns, but may cause an increase in the false rejection ratio depending on individual vascular characteristics and/or environment. The factory default setting is level 4 which is recommended for initial implementation. This allows users to become familiar in the correct positioning and/or placing his/her hand to the scanner. It is recommended that after successful implementation and training, that the System level for the VP-II X be
13
set at Level 3 or higher. The Personal Security Level can be adjusted for individual users based on their specific requirements. Each VP-II X unit has its own security level (System Level), which can be assigned to each user individually (Personal Security Level). When a user verifies , the VP-II X uses either the Personal Security Level (if assigned) or the System Level if the Personal Security Level is not assigned to the user.
3.6 HCD (Human Criteria Decision) Level The Hand Vascular Pattern Recognition technology in the VP-II X can recognize human or non-human materials. The decision level can be adjusted using the HCD Level menu. The range is from 1 (most strict) to 3, or off (disabled). Level 1: HCD applied for both enrolment and verification and is the most strict level. At this level only a human hand can be enrolled and verified. Level 2 and 3: HCD applied for enrolment only, not for verification. Off: HCD function disabled.
3.7 VP-II XG (Door Controller) The VP-II X can control an electric door-lock thorough the VP-II XG door controller. The VP-II XG is separately provided and is connected to the VP-II X via RS232 (or RS485; an optional RS485 driver board needs to be installed at both VP-II X and XG to use RS485 interface). The VP-II XG has a relay output to connect an electrical lock and digital input ports for door status monitoring and exit button interface.
3.8 Anti-Passback VP-II X system provides an anti-passback function. Anti-passback is a function that does not grant access to a user who tries to exit but does not have a record for entrance, or vice versa. To use this function, more than two VP-II X units must be grouped for entrance and exit, and only users with an access grant record at the VP-II X unit assigned for entrance can gain access from a VP-II X unit assigned for exit. See Chapter 2 3.4 Anti-Passback Function for details on how to set and use.
3.9 Bypass (PIN or Card only access: No vascular pattern verification) Bypass is defined as a function that allows the users to gain access with only a PIN or a card without verifying a hand vascular pattern. This function can be set at a VP-II X unit or on a per user basis. If the bypass function is enabled for a VP-II X unit, all users can gain access without verifying their hand. If an individual user has bypass enabled, the user can gain access from any VP-II X unit in the network without requiring hand verification, whether the bypass function is enabled for the VP-II X units or not. See Chapter 2 4.3 Device Setup (VP-II X Setup) for details on how to setup and use this function.
3.10 Duress The Duress option allows a user to generate an emergency notification after verification on a VP-II X unit. Users can generate a duress notification by performing a specific sequence on the VP-II X (See the VP-II X user manual) or verifying the hand assigned for duress verification. For users whose right and left hands are enrolled, one hand can be assigned for duress verification and the system will generate a duress alarm if the assigned hand is verified. If the duress verification is made, an alarm notification is sent to NetControl to immediately notify the administrator(s). NetControl can also immediately send out an e-mail to designated personnel and a duress code may also be sent to an external system through the Wiegand port if enabled.
14
3.11 Public Notice A public notice such as an announcement to the employees can be displayed on the VP-II X LCD screen. If set, the notice message(s) are displayed in the background of LCD. See Chapter 2 4.3.7 Public Notice Display on the VP-II X.
15
Chapter 2 NetControl-X Menu and Functions 1. Menu 1.1 Main Screen
DBMS Status
Device monitoring
Device configuration display
Event and alarm display
1.1.1 Event and Alarm Display All events received from devices such as user verification/failure transactions, manager menu access or system logs are displayed in the event and alarm display window. You can assign different colors for each type of events from the Set menu. See Chapter 2 2.3 Language and Display Options for details. When you select the Alarm tab on the bottom-left of the NetControl X screen, alarm messages such as duress verification or tamper detection from the devices will be displayed in the window. When alarm messages occur, they will be displayed with a pop-up window without having to select the alarm tab.
1.1.2 Device Monitoring When the device tab is selected the device configuration display window shows a tree of all configured devices (VP-II X, XG and XAgent) or shows devices by group with real maps (if configured) (See Chapter 2 4.2 Device Group for details on device group and map configuration). If the ‘Device Group’ tab is selected, it will show the devices by group if defined. If you double click on an item from the tree, it will display the devices that only belong to the selected item. For example, if you double click ‘Headquarter’ in the above figure, it will show only the VP-II X’s and XG’s assigned to the XAgent at headquarter.
16
In the device monitoring window, it shows the status of the selected devices. If you right click on a blank space in the window, a menu allows the reorganization of the devices by name, type or device details. Refresh will update the status of the devices.
1.1.3 Icons DBMS connection status: Blue (Connected) / Red (Not connected) XAgent status (Normal / Error) VP-II X is in normal operation. VP-II X is connected but is not working properly. For example, it can’t connect to the Master unit or XG controller when XG is used. Put the mouse-pointer on the icon to see the details of the error Cannot connect to VP-II X. Door is closed Door is open Door lock error A color band in the back of an icon indicates as follows: Green: Free timezone is set (Door is kept open by free timezone) Orange: Bypass function is being used (Users can gain access only with a PIN or card without hand verification) Gray: Door is kept closed by the door-shutdown command (Door is not open although a user is verified until this command is released).
17
1.1.4 Device Icon Menu When a device in the device monitoring window is shown as normal, by right clicking on the icon a popup menu appears as shown below. If you select the Device Status option in the red box of the figure below, NetControl-X will display a setup window with the current settings retrieved from the device in real time. You can set or change the settings or options from these menus. The setup window and instructions are the same as those described for Device Setup menu. See Chapter 2 4.5 for the Get User List and Installer Info. function, and see the appropriate sections of Chapter 2 4.3 Device Setup (VP-II X Setup) for details of other functions of this menu. Device Management and Device Setup menus are shortcuts for those functions in the main menu. See the appropriate sections of Chapter 2 4 Device management for these menus.
1.1.5 Check XAgent status When the XAgent icon(s) shows an error, all devices belonging to the XAgent may be shown as disconnected although the devices are actually connected and working. If this occurs please check the status of the XAgent using the XAgent Management Tool. See Chapter 1 2.3 XAgent Setup.
18
1.2 Menu Description Main menu
Sub menu
Functional description
Program(S)
This puts the NetControl-X program into the Windows system tray. Double click the icon in the system tray to re-open the program. A login password is required to re-open.
Lock
` Login Account Management
See Chapter Management.
Program information
Shows program/version information.
Exit
Exits the program
Set Message
Allows changes to any word used in NetControl-X such as menu title or display messages.
Set(E)
2
2.1
Login
Account
See Chapter 2 2.3 Language and Display Options. Set Holiday
Sets holiday and timezone tables for access control.
Set Timezone Table
See Chapter 2 3 Access Control. Setup Wiegand formats for card users.
Wiegand Management
See Chapter 2 3.6 Set Wiegand. Allows changes to be made on events, system logs, alarms and e-mail notifications.
Environment Setup
See Chapter 2 2 Program Management Functions. View(V)
Tools Device Select or unselect the items to be displayed in the main screen.
Device Group Event Alarm User(U)
User Management User management functions.
User Enrollment
See Chapter 2 5 User Management Functions.
User Group Management User Definable Fields Management Access-control(R)
Device(D)
Set Access Area Group
Allows VP-II X’s to be assigned to a group based on same level access permission areas or for anti-passback controls.
Anti-Passback Management
See Chapter 2 3 Access Control.
Device Management
These functions are to manage the VP-II
19
Xs and the VP-II XG door controllers. You can add or remove devices, set parameters or options for all X/XG devices.
Device Setup Device Group Management Data Synchronization Window(W)
See Chapter 2 4 Device management.
Cascade Windows Tile Windows Horizontally
You can adjust display layouts of the NetControl-X main screen.
Tile Windows Vertically View All Tools(T)
Event Viewer
For report and event viewer functions, see Chapter 2 6 Report / Event Viewer.
Report
20
2. Program Management Functions 2.1 Login Account Management Menu: Program > Login Account Management You can create login accounts with different levels of authority. Depending on the account type, access to menus is automatically limited to only assigned functions. Administrators can assign any of the functions below to each account or if you select one from a pull-down menu (Administrator account, Monitor account or Report account), it will automatically assign the functions available for the selected account. This menu is only visible when logged in as an administrator. This menu will only allow password change for the currently logged-in account. Selectable functions are Modify account, User info. Management (can see user information but no modification or enrollment of user is allowed), User management (User modification or enrollment allowed), Access control, Device management, Monitoring and Report. By default, an administrator account is created by the NetControl installer with the login ID and password both set to ‘admin’.
2.2 Alarm Functions and E-mail Notification Menu: Set > Environment Setup > Alarm/Mail tab NetControl-X provides an alarm notification function for any system errors and/or events. When the alarm function is activated, the pop-up window shown below appears on the Windows desktop when an alarm occurs. The alarm event can also be e-mailed automatically to desired recipients.
21
To use the alarm function, set it to Active and select items to use (Display or Not display) as shown in the figure. Even though the alarm function is disabled, those events are still shown in the event display window and stored in the NetControl-X database. To e-mail the alarm event, set it to Active from the Mail tab and select ‘Send’ for the items to be e-mailed when they occur. The events for the items selected ‘Do not send’ will not be e-mailed. You have to setup the sender’s e-mail account properly. Enter SMTP server information including password, recipient(s) and subject to be used when sending an e-mail. The program must be restarted for the settings to take effect. Click Test to send an e-mail to verify the settings are set correctly.
2.3 Language and Display Options Menu: Set > Environment Setup > Basic tap
22
Language: Select a Language to Use. Device Display Set True for the VP-II X to display the events. If set to ‘Enable’ no events will be displayed. The XC is a function for future use, keep setting Disabled. Display Color For Events You can assign different colors to display each type of event for easy recognition. Select an item to change and assign a color. Event Display Option Select ‘Not display’ for events that do not need to be displayed in the event monitoring window. Unselected events are still stored in the database. By default all events are set to be displayed. The item ‘Failure and Errors’ refers to verification failure events, restricted users, or any system errors.
2.4 Message Change If required, you can change any of the messages currently used for NetControl-X. Go to the menu ‘Set – Message’ and change the message in the ‘Currently used’ column. Changed messages will be applied when the program is restarted.
23
3. Access Control The combination of NetControl-X and VP-II X units provides a full range of access control capabilities. User access can be controlled based on flexible combinations of time, day, date, holiday and gate (VP-II X). You can set up to a 100 holiday tables, up to 200 timezone tables and access area group tables, and can assign a combination of one or more tables to a user for unlimited access or restriction control.
3.1 How to Control Users by Timezone and/or Area Restrictions For example, if a user needs to be granted access rights with the following conditions: (1) only from 9:00am to 5:00pm from Monday to Thursday, (2) no access permissions on holidays, (3) only main entrance access while there are multiple gates within the facility; Perform the followings: (1) Create a holiday table that covers all holidays in the region (2) Create a timezone table with the start time of 9:00am and an end time of 5:00pm, activation days are from Monday to Thursday, and assign the holiday table index created in the above step. (3) Create an access area group table with only the main entrance included, and assign the timezone table created in the above step. (4) Assign the access area group table index created in the above step to the user using the user management menu. See the following sections for more details.
24
3.2 Timezone Control Tables Menu: Set > Set Holiday / Set Timezone Table These menus will function if the master unit is not operational as the timezone tables must be synchronized with the VP-II X units.
3.2.1 Set Holiday Tables Select an index number from 001 to 100 to set or modify, and input the table name (U.S.A Holidays in the below example). And then select a month, click on each date to set as a holiday for the selected month, and click Add before selecting another month. The selected date(s) will be listed on the right side window. The changes will be ignored if you do not click Add. Repeat for all months from January to December, and click Set to save. When you click Set, it will transfer the table data to the master VP-II X unit which may take a few seconds. If the master unit is not operational, it will show an error message and the changes will not be applied. Set tables up to 100 for different holiday systems in your organization to assign different holidays to the desired users.
25
3.2.2 Set Timezone Tables Timezone tables are used for the functions listed below: Free timezone: Door is kept open during the set time period. User timezone: Users are allowed to gain access only during the set time period. Door shutdown function: Door is kept closed during the set time period and is not allowed to open by the user verification until released, except for emergency cases such as fire alarm. Select an index number to set or modify, enter the table name, and assign a holiday table to be used for that timezone table. Select the desired Active/Inactive check-boxes to set the timezone, and click on Start Time and End Time to adjust the time. The timezone will not be applied to the unselected day(s). This means that the door will not be kept open if used for free timezone or users will not be allowed to gain access if used for user timezone for the unselected day(s). To apply the time zone for holidays, assign a Holiday Index and select (check) Holiday. And then set the desired time period. The timezone will be applied during the set time period of the dates listed in the assigned holiday table. To set the same time period for multiple days at once, click the Duplicate button.
26
3.3 Access Area Group Tables Menu: Access-control > Set Access Area Group You can also create tables based on access areas. Select a table index and enter the table name. And then select gate(s) – all devices are listed in the window – to be assigned to this group and timezone tables up to two tables. In the example below only the gate Entrance is selected and timezone table index 001 and 002 (created in the above section) are assigned. As the timezone table 1 is set from 9:00 to 16:00 and table 2 is set from 18:00 to 01:00 (next day) for Monday to Friday, two separate time zones appear for a day as shown in the figure. Users to whom this access area group table is assigned will be allowed to access only the Entrance during 9:00 to 16:00 and 18:00 to 01:00 (next day) from Monday to Friday.
27
If you select a gate and do not assign any timezone tables, the gate will be allowed for access at all times, meaning no timezone rules will be used for that gate. In the example below, users to whom the access area group index 2 are assigned can access the gate Entrance at all times, but can access the Warehouse only during the period set by the timezone table index 003. The T&A Terminal is not allowed access at all times.
3.4 Anti-Passback Function For the units which are set to be used for anti-passback, only the users who are permitted to access the anti-passback units and who have an access record on the entrance unit can gain access from the exit unit(s). In the same manner, users who do not have an access record on the exit unit, in other words they exited without verifying on the exit unit, they will not be permitted to gain access through the entrance. To use the anti-passback function, two or more VP-II Xs must be grouped; One unit or more for entrance and other(s) for exit. You can set multiple groups to control different rooms. Also the antipassback option of the VP-II X unit must be enabled. Go to the menu ‘Device – Device Setup’ to enable this option. See Chapter 2 4.3 Device Setup (VP-II X Setup) for details on VP-II X parameters/options setup. To set anti-passback in NetControl-X, go to the menu as follows: Menu: Access-control > Anti-Passback Management When the Anti-Passback Management window appears, Click the Add or Modify button to group antipassback units for in and out, or click Information button after selecting one group name from the list in order to assign anti-passback users.
28
Select at least two VP-II X units (to be paired) from the right side window and click ‘<<’ button to move them to the left. Then assign either Entrance or Exit to each unit. There must be at least one Entrance and one Exit to use anti-passback function. Start Time and End Time can be set if you want to use this function only for the set period.
When you click Add User, the list of all enrolled users will be shown. Select the desired users to assign. You can also set the allowed time period for the assigned users using the Modify User menu. In the above figure, it shows the current status of the users who have entered and exited. Entered means the user entered through the entrance unit but has not exited through the exit unit which means the user remains in the facility. In case the status shows Entered but the user has already exited (following somebody without verifying hand), the user is not allowed to get in through the entrance and you have to manually change the status to Exited from this menu for the user to be able to use the entrance again. It is recommended that you DO NOT use timezone function for the Exit units. Using timezone for exit units could lock the users in the room unexpectedly when users stay longer than the set time in error.
3.5 Door Control Functions When the VP-II XG door controller is used, door lock control functions are provided. See Chapter 2 4.3 Device Setup (VP-II X Setup) for details on door control functions.
29
3.6 Set Wiegand 3.6.1 Set Wiegand Format Menu: Set > Wiegand Management The Wiegand format(s) being used for the system should be set. Set total bit length and site code (facility code) length. NetControl considers each one odd and even parity bit, and uses the remaining bits as card serial number (CSN). As an example for 26bit Wiegand code the bit length of CSN shall be 16 if the bit length of site code is set to 8 (1 odd parity + 8 site code + 16 CSN + 1 even parity).
Once the Wiegand format is set, card numbers of the card users will be managed according to the defined card format and displayed according to the selected display option. Select a display option from the pull-down menu as shown above. Also enter a delimiter that will be located between Wiegand Bit, Site Code and CSN when displaying. As an example for a card of which Wiegand data is 26bit 00001111100101011101001100, its site code and CSN are as follow: Total number of Wiegand bit Binary Decimal
Odd parity (1bit)
Site code(8bit)
CSN(16bit)
Even parity (1bit)
0
00011111
0010101110100110
0
31
11174
26
When ‘Card Serial No.’ is selected, it will be displayed as follow. If there are multiple types of Wiegand formats or site codes being used, there could be the same number displayed as a PIN as shown in the following examples:
30
When ‘Site Code + Card Serial No.’ is selected, it will be displayed as follow:
When ‘Wiegand Bit + Site Code + Card Serial No.’ is selected, it will be displayed as follow:
Display of Undefined Wiegand Format If a user is enrolled with a card of which Wiegand format is not defined, the card number will be displayed in hexadecimal code such as 1A0F95D33FFFFF which cannot be visibly recognized. The hexadecimal code includes the original Wiegand data in it. The first byte indicates the total bit length of the Wiegand data, and the original Wiegand data is filled from the second byte. The first bit of the original Wiegand data, which is usually even parity bit, is filled in the MSB of the second byte(Byte 2) and the 8th bit is filled in the LSB. In the same manner, the 9th bit is filled in the MSB of Byte 3. Unused bits are all filled with ‘1’. Byte 1
Byte 2
Byte 3
~
Byte 7
Total number of Wiegand bit
First 8 bits (Bit 0~7)
Bit 8~15
~
~
As an example for a card of which Wiegand data is 26bit 00001111100101011101001100, the hexadecimal Wiegand code shall be 1A0F95D33FFFFF. Byte 1
Byte 2
Byte 3
Byte 4
Byte 5
Byte 6
Byte 7
Binary
00011010
00001111
10010101
11010011
00111111
11111111
11111111
Hexadecimal
1A
0F
95
D3
3F
FF
FF
The hexadecimal Wiegand code is managed as a PIN by the system until an appropriate Wiegand format is defined using the menu described above.
31
3.6.2 Set VP-II X Wiegand Output Menu: Device > Device Setup > Wiegand Information tab When you execute this menu, NetControl receives the settings from the selected VP-II X’s in real time and shows the current values. Modify the items to be changed and click Set to apply to the VP-II X’s.
Pulse Width Time / Pulse Interval Time These show the physical characteristics of the Wiegand signal. Do not change these values unless required for a specific application. Changing these values may cause a communication problem with an external system. Total Bit Length / Site Code Bit Length / Site Code – Verification Success The VP-II X outputs a Wiegand code for interfacing with an external access control system when a user is successfully verified; (1) For card users, the VP-II X outputs the Wiegand code as it is read from the card; and (2) For PIN users, VP-II X outputs a Wiegand code created in accordance with the preset format. A Wiegand format along with a site code value for verification success (0~255) must be set for PIN users accordingly, and the option ‘Wiegand output type – Success’ must be selected. The site code value set here doesn’t affect card users as the Wiegand code read from the card is directly passed to the PACS for card users. Wiegand Output Type
32
VP-II X can also output a Wiegand code for verification failure and emergency notification (duress code). Select the check box (Failure and/or Duress) to use, and enter a separate site code value (0~255) for each in order for PACS (Physical Access Control System) to recognize the difference for these codes. The VP-II X will replace the site code of the original Wiegand code with the assigned value for both PIN and card users for verification failure or duress case. The receiving device (PACS) must be also properly set to be able to recognize the different site code.
33
4. Device management 4.1 Add/Remove (VP-II X, XAgent, XG) To add or remove a VP-II X, XAgent or VP-II XG door controller to/from the network, go to the Device Management menu. Menu: Device > Device Management
All XAgents are shown with VP-II X’s and doors if connected to each VP-II X through a VP-II XG door controller. Click Add to add any new ones. You will need to enter or set the following information: XAgent The Name, MAC address of the server where the XAgent runs, and the TCP/IP communication port which is 61235 by default (It is recommended that you keep the default port number unless it’s occupied by another application). XAgent can be added using the XAgent Management Tool. See Chapter 1 2.3 XAgent Setup for details. VP-II X Assign the Name, MAC address, IP address (if DHCP is not used and a fixed IP is used) and assign the XAgent it connects to. (Refer to Chapter 1 2.5 Link VP-II X to XAgent for more information). Ignore the ‘Connect XC’ option as it is currently unavailable. To add additional VP-II X’s use the XConfig tool. See Chapter 3 2 XConfig for details. Door (VP-II XG) This is used to add a VP-II XG door controller to a VP-II X. When a XG is connected, name it and assign a VP-II X to which the door is connected through the XG. To modify, select a device and click Modify.
34
4.2 Device Group You can group devices for convenient monitoring on a main screen when using many units in the same network. Grouped devices are shown group by group or all at the device monitoring window. Menu: Device > Device Group Management
4.2.1 Grouping Devices Click Add or Modify button when the device group management window appears. The following window will pop up.
Enter the group name to create and click Add to open a device list. Initially all devices (XAgents, VP-II X’s and doors) currently configured to the network will be shown, but the devices once assigned to other groups will not be shown. Select devices to add to the group you are editing. In the above example, one XAgent, two VP-II X’s and two doors are configured under the name of Headquarter. Click Save to apply.
4.2.2 Map Assignment The NetControl-X provides a function to monitor and control the devices using a map which shows a real location of the devices. You can assign a map to each device group. Load a map image using a JPG or BMP format by clicking Map Open, and locate the devices on the map (drag and drop) where the devices may be installed in the real environment as shown in the example below. Click Save to apply.
35
On the main screen, select Device Group tab to monitor the devices on a map basis.
36
4.3 Device Setup (VP-II X Setup) Any parameters and settings of the VP-II X can be set or modified through NetControl-X. Use the menu below. All VP-II X units currently configured to the network are listed. Menu: Device > Device Setup When the Device Setup window appears, select one or more VP-II X and click Set to continue. The following window will appear. There are six tabs in this menu. Click a tab of an item to set. Please be aware that the setting values and shown options in this setup window are factory defaults, and do not indicate the current settings of the VP-II X as multiple VP-II X units can be selected at the same time for duplicate setting. To see the current settings of the VP-II X, right click the device icon in the device monitoring window of the main screen. See Chapter 2 1.1.4 Device Icon Menu for this function.
Select check-boxes at the left of the items that you want to set, and set the values or options of the ‘Value’ field. And then click ‘Set’ to apply before moving to other tabs. Changes of the selected (check-box) items will be sent to the VP-II X units in real time, the time required to update all units will vary based on how many units are selected at once. Any VP-II X units not selected will not be updated and will keep their previous settings.
37
4.3.1 Device Status The parameters below are optional settings. Please refer to the manager menu descriptions in the VP-II X User manual for details on the operations or meanings of the items in the below chart. New User Access Permission by Default New enrolled users can be restricted to gain access until proper access rules, such as timezone and/or access area assignment, are made through the NetControl-X management functions. Select ‘Restrict’ for this option. If you select ‘Allow’, any new enrolled users can access all units in the network as soon as they are enrolled. Appropriate management by applying access rules may be required later. Bypass If enabled, users can gain access with only a PIN or card without verifying hand vascular. See Chapter 1 3.9 Bypass (PIN or Card only access: No vascular pattern verification) for details on bypass operation. Anti-Passback This option must be enabled to use anti-passback functions. See Chapter 2 3.4 Anti-Passback Function to learn how to use these functions. Synch Period
Synchronization Time Period Between Master and Slaves. Keep local setting – Keep the time independently and not adjust with server.
Date/time Set Option
Automatic adjustment with time server – The VP-II X will periodically adjust its time and date with those of the DBMS server.
DB Search Sequence for Verification
Firstly local and secondly network or vice versa, only local or network, or both.
Event Type
Select event types to be reported. Unselected events will not be reported to the server.
Door open time
Activation time of the door open signal for verification success (0~255 seconds).
Allowed Door Open Time
The maximum allowed time that the door can be kept open from the moment that the VP-II XG releases the door-open signal (0~255 seconds). An alarm will occur if the door is not closed within the set time.
Security Level, HCD, Verification Retry Times, Keypad Use, Set appropriately in accordance with the VP-II X user Volume, Time to Sleep Mode, manual. Tamper S/W, Language, GMT Information
Door Open When Function Key is Used
Optionally the VP-II X can generate a door open signal when a user is verified with a function key input. Select or unselect for each function key accordingly. As an example, if F1 is unselected in this menu, the VP-II X will not open the door for a successful verification of a user who pressed F1 prior to entering a PIN.
38
4.3.2 Date/Time Adjustment Go to Date/Time tab, select Database time or Manually input, and then click Set to apply. It will be applied immediately. To keep the time accurate, enable ‘Automatic adjustment with time server’ option. The VP-II X will automatically adjust its date and time with the DBMS server daily. Set daily time to execute time adjustment from the menu ‘Device – Data synchronization – Date/Time tab’.
4.3.3 Wiegand See Chapter 2 3.6.2 Set VP-II X Wiegand Output.
4.3.4 Free Timezone Set free timezone for the VP-II X to keep the door open during the set time period. This function is available when a VP-II XG door controller is used. A free timezone cannot be set manually, assign a pre-defined timezone table from the pull down list. See Chapter 2 3.2.2 Set Timezone Tables to learn how to define timezone tables. The option at the bottom ‘Operation Type’ is to decide whether the VP-II X keeps the door open from the set Start Time (Select ‘Apply at set time’), or waits until the door is opened by the first user verification after the Start Time (Select ‘Apply after user verification’).
4.3.5 Door Shutdown Time The VP-II X will keep the door closed during the set time period and will not allow any users to open the door although a successful verification has been made. However, the door will be automatically released to open if fire alarm is detected. In the same manner as free timezone, assign a pre-defined timezone table. See Chapter 2 3.2.2 Set Timezone Tables to learn how to define timezone tables.
4.3.6 Test Mode Important: Prior to releasing Test Mode – See Chapter 1 3.4 Test Mode to learn details of Test Mode. If you select ‘Release with recovery enabled’, the Test Mode will be released but can be recovered by the system manager in the VP-II X manager menu. If Test Mode is completely released without recovery enabled, it cannot be recovered without the unit being sent back to factory to recover the factory Test Mode settings.
4.3.7 Public Notice Display on the VP-II X A public notice can be displayed on the VP-II X LCD as shown below:
39
To use this function, select Active as shown below and set messages for each line, up to five lines. Displayed character size on the VP-II X is automatically adjusted to display the set message in a line. You can also assign a color for each line.
40
4.4 Database Synchronization Menu: Device > Data Synchronization You can manually execute the data synchronization command by clicking ‘Synchronize’, the command will be delivered to the Master unit to automatically synchronize the Master with all Slave units. By default, the synchronization function is automatically performed by the Master unit periodically or automatically when the database information is changed; for example, when a new user is enrolled or deleted. In this menu, you can also set the time for daily date/time adjustment function. VP-II X will adjust its time and date with the DBMS server daily at the time set by this menu.
4.5 Get User List and Installer Info. From VP-II X On the main screen, right click on the VP-II X icon when showing normal status to get user list or Installer information. This menu is unavailable when the VP-II X is not in operation. Get User List All user PINs or Card numbers along with user type (user or manager) will be retrieved from the VP-II X and listed. It will also show the synchronization status of user and control tables such as timezone table. Installer Info. Installer is a temporary manager that can be enrolled on each VP-II X unit for installation and initial setup, only while the VP-II X’s are in Test Mode, and it is strongly recommended that you delete Installer once initial setup and training is complete. This menu will show installer ID (PIN) if exists, and allow you to delete it.
41
5. User Management Functions 5.1 User Group Definition Menu: User > User Group Definition This menu is used to define user groups by department, position and/or location for management convenience in searching, setting user information collectively by group, generating a report, etc. Create groups by department, position and/or other group. In the example below there are three user groups in department; Accounting, R&D and Sales. The item ‘Other Group’ may be used to group users by location, as an example: New York Office, Canadian Office or European Office.
5.2 User Definable Fields Menu: User > User Definable Fields In addition to default user information fields such as name and employee ID, you can create unlimited additional fields as required for use for more information such as driver license number, etc.
42
5.3 User Enrollment Menu: User > User Enrollment The master unit must be in operation to proceed with user enrollment. This menu is to enroll a new user. To modify user information of the previously enrolled users or to enroll vascular pattern template for the pre-enrolled users, use the function ‘Modify User’ described in the next section Chapter 2 5.5 Modify User. To enroll a new user, you must select the Verification Method (PIN or Card) and enter a PIN if PIN is selected. And then select a VP-II X device location to be used for enrollment. You can also enter user name and employee ID and/or more user information (Click Detail/Basic button) such as user group, security level, access area group, expiration time, option for password use and more.
User Type: User or Manager Active/Inactive If you select Inactive, the user will not be accepted to gain access although all user information including vascular template is stored in the database, until this option is set to Active later. Bypass If this option is enabled, the user can gain access at all units in the network only using the PIN or card without verifying hand vascular. Duress See Chapter 1 3.10 Duress for duress operation.
43
Active Time / Expiration Time These settings allow managers to set time to activate and/or expire a user: a user that has passed the expiration date can be reactivated later by adjusting these settings without re-enrolment of vascular data and re-input of user information. Access Area Group Assign an access area group to logically restrict access areas. By default, the ‘Please select’ will allow the user to access all areas when enrolled. To limit a user(s) to specific access areas, the areas must be setup as per instructions in 3.3 Access Area Group Tables and then selected here. Enroll Vascular Template / Enroll Password According to management policy please select either one or both. Users can be enrolled with only vascular data or password, or both. If ‘Enroll Password’ is selected, you will need to enter a password for the user being enrolled, and the user automatically becomes a password user who can gain access with the password without verifying their hand. The password can be removed or assigned from the Modify User function of the User Management menu. See Chapter 2 5.5.1 User Information for more details.
5.4 User Management Menu Menu: User > User Management You can enroll, modify, delete, import or export users from this menu. Select a user group or all from the left window, and enter a PIN and/or name to search all users with PINs or names containing the entered character(s). For example, if you enter just ‘1’ in the PIN field, it will display all users whose PIN in any position of digits contains ‘1’. Click Search All to list all users, or click Advanced Search to search users with the detailed conditions such as department, user group, security level, expiration time, user definable fields, etc. You can use any of the information to search users with similar word and/or whole matched word. See the following sections for details on each menu function. The User Enrollment menu will bring up the user enrollment window which is same as that of ‘User – User Enrollment’ menu. Please see above Chapter 2 5.3 User Enrollment for this function.
44
5.4.1 Verification Select a user and click the Verification button and then choose a VP-II X unit for verification to which the selected PIN or card number will be sent for verification. The user must then place their hand to the unit without entering a PIN or presenting a card.
5.4.2 Delete User / Manager Select a user or multiple users from the user list and click Delete User button. Selected users will be removed from the database. The Master unit must be in operation to proceed with this function. Manager Deletion: Managers are not deleted by the Delete function. You must first change the user type from Manager to User to delete a manager, using the Modify User function described below:
5.5 Modify User Menu: User > User Management > Modify User To enter or modify user information, double click a user from the list or click Modify User button after selecting one or more users. Below is the window that appears when one user is selected. When multiple users are selected, only the items available for duplicate settings for multiple users will appear. The Master unit must be in operation to modify any items from this menu as all user information needs to be synchronized with those in the VP-II X devices.
45
5.5.1 User Information / Password You can enter or change any of items shown in this window other than PIN and Enrolled Date. Set appropriately and click Modify to apply. See above Chapter 2 5.3 User Enrollment for the description of each item. The option of Password Verification is available only when a password is assigned to the user. First assign a password to use this function. You can assign or delete a password from the Password tab. You need to assign a new password if forgotten as the program does not show the password assigned to individuals.
5.5.2 User Definable Fields You can enter or modify the contents of user definable fields if pre-defined. See Chapter 2 5.2 User Definable Fields to learn how to define and use the user definable fields.
5.5.3 Enroll Vascular Template / Re-enroll You can enroll vascular template for pre-enrolled users, or update (re-enroll) vascular templates for previously enrolled users. Pre-enrolled users are those whose information such as PIN, name or employee ID were already enrolled by Pre-Enrollment function or imported from an excel file but vascular templates have not been enrolled. The menu below shows the status of vascular templates enrolled; Select either 1 or 2 (vascular template number) or none and click ‘Enrol Vascular Template/Re-Enroll’ button to enroll/update vascular template. The VP-II X unit to be used for enrolment must be assigned. You can enrol either one or two templates to either left or right hand, one template for each hand or none. Input a description for each template such as left hand, right hand or none.
46
5.6 User Import / Export / Pre-enrollment Menu: User > User Management > Import/Export
5.6.1 Export User Information In the user list from the user management window, select users to export and click the Import/Export button. When the window below appears, execute Export to File. The data shown is stored in a Microsoft Excel format file. To edit the exported Excel file, you may need to unlock the cells as they are locked by the NetControl-X.
5.6.2 Import User Information Users can be imported from other applications by importing a Microsoft Excel file. Click ‘File Open’ to import users. The data fields and formats must meet the specified requirements which is the same as is exported by NetControl-X. The required fields and data formats in the Excel file are shown below: Options Option 1 [Create user data automatically for PINs which do not exist in the database] If this option is selected, when PINs or card numbers which do not exist in the NetControl-X database (not enrolled users), the NetControl-X will pre-enroll those users without vascular templates which will need to be separately enrolled using the ‘Enroll Vascular Template/Re-enroll’ function. See ‘Chapter 2 5.5.3 Enroll Vascular Template / Re-enroll’ to learn how to enroll vascular templates. If not selected, those users will not be imported.
47
Option 2 [When applying to the system, use the default value for items with a format or content that is incorrect] If this option is selected, the default values will be used if a wrong format or content is found in the imported file. If not selected, the data with the wrong format or content will not be accepted. Data fields and format The first row is not imported as it is supposed to be filled with item names. User data must be filled from the second row. Cell format should be set to general or text. Data in the fields indicated with [ ] must be located between a square bracket like [00] for PIN users. The data length must be the same as shown in the description below: Column A, B and J are mandatory fields to be filled. If there is no data or wrong information in columns A or J, a default value will be automatically used if the above option 2 is selected or the user will not be imported if the option is not selected (Default PIN Type = [00], Default User Type = [0]). User whose PIN (column B) is unavailable will not be imported in any case. Column O, P and Q are also mandatory when PIN Type is [01] which means a card user. Non-mandatory fields can be left blank. A
B
C
D
E
F
G
H
1
PIN Type
PIN
First Name
Last Name
Employee ID
Department
Position
User Group
2
[]
[]
PIN or Card
[PIN]
[00] PIN
[Card No]
Up to 50 characters each
[01] Card
I
J
K
L
M
1
Security Level
User Type
Active Time
Expiration Time
Active/Inactive
2
[]
[]
[]
[]
[]
[0] Use VP-II X level
[0] User
[yyyy-mm-dd hh:mm]
[1] ~ [5] Personal level
[1] Manager
[1] Active [0] Inactive
N
O
P
Q
1
Access Area Group
Total bit length
Site code bit length
Site code
2
[] Wiegand bit length
0~126
Site code value
Table No. (3 digits) [001] ~ [200]
26 ~ 128
Example
48
5.6.3 Pre-Enrollment Menu: User > User Management > Import/Export > Pre-Enrollment Pre-enrollment allows the enrolment of users whose user information PINs and/or card numbers have been previously entered or imported. Users enrolled from this menu will need to enroll their vascular template using the ‘Enroll Vascular Template/Re-enroll’ function. See ‘Chapter 2 5.5.3 Enroll Vascular Template / Re-enroll’ to learn how to enroll vascular template. Verification Method Select ID type to enroll; PIN, Proximity or Smart card. Total Bit Length / Site Code When enrolling card numbers, select total Wiegand bit length and enter the site code. You can enter the site code only for the defined Wiegand format using the menu ‘Set – Set Wiegand Format’. If you select a none-defined Wiegand format, the site code will not be used, which means all bits except parity bits will be used for card number. User PIN Length When enrolling PINs, you can set the length of PIN digits along with a padding character. For example if you set the PIN length to 5 and enter 0 for padding, the PIN will be 00123 when you enter 123 for PIN. You can also set User Type, Active Time, Expiration Time and Access Area Group.
49
6. Report / Event Viewer 6.1 Report User access events, time and attendance records and system logs can be exported to a Microsoft Excel file so that it can be used for generating reports.
6.1.1 Common Options for Report Function Key Option
This option is for time and attendance reports. When the system is used for time and attendance, the function keys (F1/F2) on the VP-II X are typically used in association with a PIN or card for the purpose of time and attendance record. F1 is assigned for attendance (punch in) and F2 for leaving (punch out). In this case, users are supposed to enter a function key prior to entering a PIN or presenting a card, and the function key information, either F1 or F2, if entered will be included in the event data of the user transaction. If you select ‘Create a report only for the events associated with function keys(F1 or F2)’, only the events associated with a function key F1 or F2 will be used to make a time and attendance report or to calculate working time (from attendance to leaving) for a day. If no event associated with a function key is found on a selected day, it will remain blank and the report not calculate the working time for the day. If you select ‘Create a report for all events (with or without function keys)’, the report will pick the earliest event of the day for attendance and the latest event for leaving without regard to a function key record. In the above example, if it is assumed that the user did not enter the F1 key for attendance by mistake but was actually verified, there should be a verification success event in the database and that will be used for the report. Reference Time This means the time to be considered as the start of a day which is typically 12:00am. For example, you may set this to 22:00(10:00pm) if a user works from 10:00pm to 6:00am the next day. The record of the said user should be ‘punch-in at 10:00pm of the previous day’ and ‘punch-out at 6:00am of the selected day’, and the report should calculate the attendance time for the selected day from 10:00pm of the previous day to 5:59pm of the selected day. Include the Events Recorded Before the Date of Enrollment
The above option is to decide whether the events recorded before the date of enrollment should be included or not in the report. If a user was deleted for some reason and re-enrolled during the selected period, you may select this option because the events recorded before the date of enrollment are also assumed to be the events of the selected user. (NetControl-X only keeps the date of latest enrollment)
50
If a user was newly enrolled with the same PIN or card which was already used for a previous user, you may un-select this option as the events recorded before the date of enrollment might be of the previous user and should not be included in the report for the current user. Preview / Save to File If you click Preview, it will open a report window for the selected report as shown below as an example. Click Save to export the data to a Microsoft Excel file. Currently the NetControl-X does not support a print-out function directly. Users may print out the data using the exported excel file or import the data from the file to their application to print out with their own format.
Exported file example
6.1.2 Daily Time and Attendance Report A time and attendance report for all users can be selected and generated for a selected day. Select a function key option and set the reference time as indicated in the above section. An example is shown in the above example.
6.1.3 Time and Attendance Per User Reports for selected user(s) during the selected time period can be generated. Input a search condition to search the desired users or click All User to list all users. Then select user(s) from the list and set the desired time period and options. ‘User’ means the users currently available in the database. You can also create a report for deleted users to allow a complete history report.
51
6.1.4 Access Report Reports can be generated for all access records during the selected period per user (PIN or name), per device or group. Select a verification type (Verification success or failure), set the desired period, and then input/select a PIN, name, a group and/or device. The report can show all information used for access including duress, bypass, hand or password, number of tries until verification success, template No., etc.
52
6.1.5 Device Events/Logs A device report can be generated by device, device group or all devices from the events listed below for the selected period: User enrollment/Deletion, User information can be changed from the manager menu on the VP-II X, VPII X parameters change, device status log and door logs. Select the desired device or device group and event type(s).
6.1.6 Command Log This provides a report showing all history of commands executed by NetControl-X. This may be useful to track the history of all NetControl-X operations if required for troubleshooting. This function is not recommended to be used by end users.
6.2 Event Viewer The event viewer shows all logs (user transaction events, system logs and commands executed by the system or users) recorded in the database. This is used for system management to provide history of all system and user transaction history.
53
Chapter 3 Appendix 1. Installation 1.1 System Requirements to Install NetControl-X XAgent
DBMS Server
NetControl-X
XConfig
Item
Basic specification
Recommended specification
CPU
Above Pentium 4 - 2.4GHz
Above Pentium 4 - 3GHz
RAM
512 MB
1 GB
OS
Above Windows XP Professional,
Above Windows XP Professional,
Windows 2000 Server
Windows 2003 Server
CPU
Above Pentium 4 - 2.4GHz
Above Pentium 4 Xeon (dual CPU) 3GHz
RAM
512 MB
2 GB
OS
Above Windows XP Professional,
Above Windows XP Professional,
Windows 2000 Server
Windows 2003 Server
CPU
Pentium III – 600MHz
Pentium 4 - 2GHz
RAM
256Mbyte
512Mbyte
OS
Above Windows XP
Above Windows XP
CPU
Pentium III – 600MHz
Pentium 4 - 2GHz
RAM
256Mbyte
512Mbyte
OS
Above Windows XP
Above Windows XP
54
1.2 Installation The installation program will start automatically when the installation CD is inserted, or run AUTORUN.EXE from the installation CD. The following installation window will appear. Then select ALL SETUP or a component to install, and click INSTALL to start. Each component can be also installed separately by executing the ‘setup.exe’ file located in each component’s directory in the installation CD.
For the first step, you will need to select a language to be used while installing the program. Select one and follow the instructions as indicated by the installation program. See the following sections for details.
Default directories where the NetControl-X components are to be installed are as follows: C:\Porgram Files\HVPR\NetControl-X C:\Porgram Files\HVPR\HVPR-X DB C:\Porgram Files\HVPR\XAgent C:\Porgram Files\HVPR\XConfig HVPR stands for Hand Vascular Pattern Recognition system.
55
1.3 Installing DBMS (MS-SQL) NetControl-X uses MS-SQL as its database. The NetControl installer will install Microsoft SQL Server 2005 Express if no SQL Server is found on your computer.
1.3.1 Installing the Microsoft SQL Server 2005 Express If the Microsoft SQL Server is not found, the following window appears. Click the [Install] button to move onto the next step to install the Microsoft SQL Server 2005 Express.
It will first install the components necessary to install the Microsoft SQL Server 2005 Express such as Windows Installer 3.1 and Microsoft .Net Framework 2.0. Then Microsoft SQL Server 2005 Express will be automatically installed. This takes a few minutes. Wait until the installation is completed and the window to install the NetControl database, as shown in the next section, appears which means the Microsoft SQL Server 2005 Express has been successfully installed. Troubleshooting:
If the above error occurs during the installation, please discontinue by clicking the [No] button and check the followings: Microsoft SQL Server Native Client If the Microsoft SQL Server Native Client is not properly installed, the error shown above can occur. Remove it by using the “Add or Remove Programs” from the control panel, and re-install the DBMS.
56
System Requirements If the error did not disappear by re-installing the Microsoft SQL Server Native Client, please check the following minimum system requirements for the installation of the Microsoft SQL Server 2005 Express: O/S: Windows 2000 SP5, Windows Server 2003 SP1, Windows Vista, Windows XP SP2 Minimum hard disk space: 2.0GByte Mandatory items to be installed: Internet Explorer 6.0 SP1 or above, Windows Installer 3.1 or above, Microsoft Data Access Components (MDAC) 2.8 SP1, Microsoft .NET Framework 2.0.
1.3.2 Using the Existing Microsoft SQL Server If Microsoft SQL Server is found, the NetControl installer will skip the above step and will bring you directly to the next installation step of the NetControl database. See the following section. Troubleshooting: If the NetControl installer tries to install Microsoft SQL Server 2005 Express although you already have a Microsoft SQL Server installed on your computer, quit the installation and check the value in the system registry as shown below. The NetControl installer checks the registry value and decides that there is no existing Microsoft SQL Server if no data or value is found in the system registry.
57
1.3.3 Installing the NetControl Database When completing the installation of the MS-SQL Express 2005 Server, the NetControl installer will continue installing the NetControl Database. This will create an account and tables in the SQL database to be used for NetControl. Click Next to continue.
It will first promt you to select a database server and authentication method as shown below:
If you use an existing Microsoft SQL server, input an IP address where the SQL database is installed or select the server from the Browser. Enter the Login ID and Password of the administrator of the existing SQL server so that it can be accessed by NetControl. If Microsoft SQL 2005 Express is being used and was installed by the NetControl installation, just click the [Next] button to continue. The Login ID ‘sa’ is the administrator account created by the NetControl installer by default. The default password is ‘sql2005’. A system manager may change the password later.
58
The “Windows authentication credentials of current user” may also be used if the database is installed on the same computer you are installing (127.0.0.1) and if you logged in with the Windows administrator’s account. If you did not login as an administrator, Windows may limit some access rights to the system. Troubleshooting: Re-installing the DBMS When you re-install the NetControl database after removing the existing one, the following error may occur:
If the above error occurs, you should delete the ‘HVPRX.mdf’ and ‘HVPR_log.ldf’ files from the ‘data’ folder where the SQL Server was installed, as shown below:
59
1.4 Installing XAgent / Wibu-Key The XAgent program requires the SQLNCLI component installed on the computer. If not found, it will install it prior to installing XAgent.
Click install and follow the instructions indicated by the installer until the step shown below. As the XAgent requires a Wibu-key for software protection purpose, it will also install the drivers for the WibuKey.
Click the Next button and follow the instructions indicated by the Wibu-key installer until the installation of the Wibu-Key is completed, and click Finish button to complete XAgent installation. The XAgent, once it has been successfully installed, requires an initial setup to link to the DBMS. Refer to Chapter 1 2.3 XAgent Setup for the details. The XAgent runs automatically when the PC starts up, and is located in the Windows Services.
1.5 Installing XConfig / NetControl-X Installation of the XConfig and NetControl-X is simple. Just follow the instructions shown on the installation windows.
60
2. XConfig The XConfig is a software tool that is used to setup network parameters of the VP-II X units, register the VP-II X units to the database, upgrade the firmware and backup/restore the database from/to a VP-II X . Note: The XConfig uses the TCP/IP port number 5001 and 5002. When these ports are already occupied by another application, XConfig will not start. When you run the program or click Search (F5), XConfig shows all VP-II X units currently connected to the network within the broadcasting range.
2.1 Setup VP-II X Network Parameters Select a VP-II X(s) to modify by checking the check-box as shown in the red circle in the figure below. You can also select all units by checking Check All (F1). And then double click on a column to edit or select/unselect DHCP or Master/Slave option, and click Save (F6) button to apply. If you do not execute Save (F6), it will not be applied. To save the changes, you need to enter the network password which is ‘admin’ by default. Processing result will be shown in the Result column. Check the result, it will show OK if successful, please retry if it shows timeout or failure. Master IP – An IP address of master unit. Server IP – An IP address of server where the XAgent runs. DHCP – When this option is checked, the VP-II X will gain an IP address from a DHCP server. The master unit may not use this option and have the same IP address at all times. IP, subnet mask and gateway are not allowed to modify when DHCP is enabled. Port – TCP/IP communication port. H.B (Master interval) – This sets the time interval for heart-beat protocol between master and slave units. Slave units periodically send a heart-beat protocol to the master unit to check communication status. Master / Slave – Only one unit must be set to master. All others must be slaves. Firmware Version – There are 5 firmware programs applied to a VP-II X (Boot, Kernel, Ramdisk, Application and Media). This column shows only application firmware version, the others are shown at the bottom.
61
Batch (F8) This is a function to set the common parameters for multiple VP-II Xs at one time. Select the desired units by clicking the check boxes, and click the Batch button to pop up the following window. Enter the parameters and click the OK button to apply. Undesired items can be left blank.
2.2 Firmware Download Select a VP-II X(s) to download the firmware (Check-box at the left-end), and click Download (F7) to load a firmware file. And then enter the network password when the following window appears. Default password is “admin”.
After selecting a firmware file from a Windows file search window, click Start button to start downloading.
Wait until it shows the installation complete message. The VP-II X will also show the progress status while downloading, and will reboot automatically after writing the firmware to the flash memory. The VP-II X power must be kept on in order to write the complete firmware to its memory. Removing power while upgrading firmware may hang up the system due to incomplete firmware installation.
2.3 VP-II X Registration to DBMS – Add to DB (F2) This is to register the VP-II X information to the NetControl database to be used by the NetControl-X or another application that may be implemented using the SDK. This is a mandatory process to be executed prior to running the NetControl-X. Select the check boxes of the VP-II X units and click Add to DB (F2) button.
62
In the ‘DBMS Location’ field, input the IP address of the server where the DBMS is installed, and then click OK to register. If the DBMS is installed on your local computer, enter ‘127.0.0.1’ as shown in the below example. If you select the ‘Manually input’ option, you can manually input the database name, account and password. Otherwise it will connect to a default database created by the NetControl installation.
2.4 Password / Backup / Restore Password (F9) You can change the network password which is ‘admin’ by default. The password is used for all communications between NetControl-X components and VP-II X. The password is also required to execute network parameters setup or firmware download as explained in the above sections.
Backup (F3) / Restore (F4) These functions are currently unavailable.
63