Transcript
PART I .1
GENERAL
INTRODUCTION A. This document provides all information necessary to produce a complete proposal for a highly secure and dependable access control and alarm management system that provides the speed and flexibility of 32-bit multple-technology controllers that can be managed by a UNIX Server and Windows NT 4 Operator Stations using an intuitive graphical user interface.
.2
GENERAL DESCRIPTION A. The required Security Management System shall be a powerful, multi-function security and access management system. B.
Security Management System Server shall operate on a high quality Hewlett-Packard computer running SCO UNIX Operating System.
C.
Security Management System Operator Stations shall operate on a high quality Hewlett-Packard computer running Windows NT 4 Operating System.
D. Security Management System shall be designed to grow as project needs grow. E.
The system shall be simple and economical enough to support a single site, yet powerful enough to manage a continent-wide, multi-site network.
F.
Modular software shall allow for future system features to be added as management recognizes requirements.
G. The system shall have true multi-tasking and remote terminal capability. The system provided shall monitor and control independent activities simultaneously at different locations. H. Security Management System shall be designed to control WSE second-, third-, and fourth-generation security architecture. This architecture currently consists of the 708P, 800 Series, SE 422, NexSentry 4100 Series Controllers, and additional OEM peripheral components. I.
J.
Security Management System shall be designed to control, and/or interface with, a variety of OEM peripheral equipment. This equipment shall include, but not be limited to: 1.
Opto 22: non-supervised input/output devices.
2.
Stellar: input/output devices.
3.
Burle: CCTV equipment.
4.
Vicon: CCTV equipment.
5.
American Dynamics CCTV equipment.
6.
DataCard Integrated Photo ID systems and components.
7.
Radionics: alarm panels.
8.
Recognition Systems: ID-3DR hand geometry readers.
System shall use modular architecture to allow easy integration of the following capabilities: 1.
Elevator control.
2.
Time and attendance.
3.
Parking lot and revenue control.
4.
CCTV switcher integration
5.
Remote dial-up interface.
6.
Visitor electronic directory.
WSE • 3/1/1999
16720 — 1
NexSentry Access Control System
7.
Guard tour, alarm receiver interface.
8.
Custom report generator.
9.
Unlimited capacities
10. Two-man rule. 11. 3D biometrics. 12. Video image capture. .3
DESCRIPTION OF WORK A. General 1.
The Systems Integrator Partner (SIP) shall include all necessary labor, tools, equipment, and ancillary materials required to furnish and install a complete and operational access control and security management system.
2.
The access control and security management system will manage access to [building] [and] [selected areas] using [encoded cards,] [and/or coded keypads] [and/or magnetic stripe cards].
3.
Requirements are indicated elsewhere in these specifications for work including, but not limited to, raceways and electrical boxes and fittings required for installation of control equipment and wiring: not the work of this section.
4.
The extent of access control and security management system work is defined to include, but not by way of limitation: a.
[_____ NexSentry Command Center Operator/server Stations.]
b.
[_____ NexSentry Command Center Operator stations.]
c.
[_____ wall mounted central controllers.]
d.
[_____ external keyboard and printer (directly or via central host).]
e.
[_____ digital proximity card reading sensors.]
f.
[_____ keypads.]
g.
[_____ magnetic stripe readers.]
h.
[_____ monitor input/relay output (MIRO) modules.]
i.
Wiring, power supplies, switches and ancillary equipment.
WSE • 3/1/1999
16720 — 2
NSCC Security Management System
B.
.4
Installation: Installing and bringing the system to operational status requires the following major steps: 1.
Determine operational requirements and plan software to implement them.
2.
Select computer sites.
3.
Install and configure, where necessary, the communications network providing communications between the operator and server computer workstations.
4.
Install and integrate access control, alarm monitoring, security management and related hardware.
5.
Configure NexSentry Controllers and NexSentry Command Center to communicate with one another.
6.
Enter data into the security system database.
7.
Connect between host system, Controllers, readers and related hardware.
8.
Test security system communications and operation, including additional terminals as required.
9.
Train operators.
SUBMITTALS A. Product Data: Submit for prior approval, [__________] copies of manufacturer’s data on digital proximity or magnetic stripe access control system and components. B.
C.
Shop Drawings: Submittals shall include drawings detailing all connected devices. This document shall be adequate to ensure that all parties involved can determine that the recommended software meets security system requirements. These shop drawings shall include the following: 1.
All system device locations indicated on architectural floor plans. No other system(s) shall be included on these plans.
2.
Full schematic wiring information on drawings for all devices. Wiring information shall include cable type, conductor routings, quantities, and connection details at devices.
3.
A complete access control system diagram.
4.
A statement of the system sequence operation.
One Line Diagram: System integrator shall submit a diagram of the system configuration proposed if it differs from that illustrated in the riser diagram included in these specifications. Submittals indicating typical riser diagrams are not acceptable.
D. Product Data: Provide complete product data, which includes the following:
E.
F.
1.
Manufacturer’s data for all material and equipment, including terminal devices, local processors, computer equipment, access cards, and other equipment required for the complete access control and security management system.
2.
A system description, including analysis and calculations used in sizing equipment required by the access control and security management system. Description to show how the equipment will work as a system to meet performance requirements.
3.
A description of the operating system and application software.
Contract Close-out Submittals: Provide manuals including: 1.
Operating instructions.
2.
Maintenance recommendations.
3.
Parts list, including: wiring and connection diagrams.
As-Built 1.
Drawings:
During system installation, the contractor shall maintain a separate hard copy set of drawings, elementary diagrams, and wiring diagrams of the access control and security management system to be used for record drawings.
WSE • 3/1/1999
16720 — 3
NexSentry Access Control System
2.
This set shall be accurately kept up to date by the contractor with all changes and additions to the access control and security management system.
G. Operator’s Manual: Submit for prior approval, [__________] copies of manufacturer’s manual for programming and operating the host system and controllers system and its related components. .5
QUALITY ASSURANCE A. Manufacturer: Manufacturer of products defined in this section must have:
B.
C.
1.
Industry experience: Company must have at least 25 years experience in manufacturing and servicing access control and security management systems.
2.
ISO 9001 Certification: Manufacturing process of company must meet stringent standards of ISO 9001 Certification.
Systems Integrator Partner (SIP): The Systems Integrator Partner (SIP) shall: 1.
Be a local representative and factory-authorized local service organization for WSE.
2.
Have been regularly engaged in the installation and maintenance of integrated access control and alarm monitoring systems for no less than five years.
3.
Be an authorized product Systems Integrator for WSE integrated Security Management Systems.
4.
Be able to provide certification proving their installation and service technicians are competent, factory-trained personnel capable of installing and maintaining the system.
System
Checkout:
1.
Pre-testing: All components and assemblies of the Controller[s], readers and other hardware components are to be pre-tested at the factory prior to shipment.
2.
On-site testing: Manufacturer-trained and authorized SIP shall functionally test each component in the system after installation to verify proper operation and confirm that the panel wiring and addressing conform to the wiring documentation.
3.
Service facility: SIP shall have service facilities within [_____] miles of the installation.
D. Regulatory 1.
NEC Compliance: All electrical wiring work shall comply to NEC.
2.
NEMA Compliance: Electrical equipment shall comply with applicable portions of NEMA.
3.
FCC Emissions: All assemblies shall be in compliance with FCC emission standards.
4.
E.
Requirements:
a.
Microprocessor-based controller: Part 15, Subpart F, Class A.
b.
Digital proximity card-reading sensors: Part 15, Subpart F.
c.
Dial-up modems: Part 68.
UL-1012 and CSA: All power supplies shall be in compliance with Underwriters Laboratories standard 1012 and CSA standards for power supplies.
Host system computer workstations: If NexSentry Command Center is bundled with a Hewlett-Packard PC workstation or approved alternative, hardware shall meet UL and FCC requirements for class A computing devices.
WSE • 3/1/1999
16720 — 4
NSCC Security Management System
.6
WARRANTY A. Host system software: The manufacturer shall support software for the selected system product family. B.
Access control system components: 15 (fifteen) months from shipment date or 12 (twelve) months from date of purchase by SIP, whichever comes first.
C.
ID Credentials: No less than 1 (one) year.
D. Computer workstation: If NexSentry Command Center is purchased with computer hardware, hardware shall be warranted for at least 15 months from the date of shipment from the factory. The manufacturer shall support hardware repair for the system through Hewlett-Packard’s worldwide service organization. E.
Extended warranty: Extended warranty terms at reasonable rates shall be available from the installing SIP.
F.
Systems Integrator: The Systems Integrator shall be the focal point of all service problems or questions (with manufacturer’s full support).
PART II .1
PRODUCTS
MANUFACTURER A. WSE
.2
NEXSENTRY COMMAND CENTER SECURITY MANAGEMENT SYSTEM A. General:
B.
1.
The Security Management System shall consist of multiple functional components and be compatible with the WSE access control hardware connected.
2.
The following section describes the required functions and operation of Security Management System.
Architecture: 1.
Server computer: a.
b.
General: 1)
Server computer shall be the nucleus of the required system. It shall provide all necessary capabilities to manage access and alarm activity.
2)
Server shall be the single computer that supports all the functions of Access Control and Alarm Monitoring, including file management, reporting and real-time monitoring / control of security hardware devices.
Local Controller (LC): 1)
In order to provide modular expansion, beyond that required of a Standalone system, the configuration shall include Local Controllers (LC).
2)
An LC shall support real time monitoring and control of access and monitoring of alarms, while responsibility for file management and reporting shall remain with Security Management System.
3)
An LC shall have the ability to be downloaded with the necessary information about cardholders, access privileges, and alarm processing from Security Management System and to perform its monitoring and control functions independently.
4)
The LC shall also store and upload information about access and alarm events when requested by Security Management System in real time via a serial or network connection.
5)
While alarm servicing is to be performed on Security Management System, the LC shall monitor the activity in real time using text and/or real time graphic floor plans which show access portals as well as alarm points.
WSE • 3/1/1999
16720 — 5
NexSentry Access Control System
c.
d.
e.
Remote Location Controller (RLC): 1)
A Remote Location Controller (RLC) shall be required in configurations where the need for LC functionality is combined with dial-up communications capabilities of a multi-location network.
2)
An RLC shall call Security Management System immediately upon an event occurring which has been defined by the system administrator as an alarm condition such as a door forced open, intrusion, power failure, etc.
3)
RLC shall be periodically called by Security Management System to download the necessary information about cardholders, access privileges, and alarm processing plus upload accumulated information about normal access activity.
Remote Dial-up Interface (RDI): 1)
One or more Remote Dial-up Interface(s) (RDI) may be required to allow the integration of remote standalone WSE Controllers into a multi-location network.
2)
An RDI shall provide a reliable and efficient interface with a dial-up network, as well as event transaction buffering for not less than 6,000 transactions.
3)
RDIs shall integrate remote standalone SE 800 Series controllers into a single Security Management System-controlled network.
4)
NOTE: It shall be the responsibility of the Authorized WSE dealer, or system integrator, to determine and recommend the optimum arrangement of Security Management System and associated computers and peripherals to satisfy the design requirements unless they are specifically stated in the text of this specification. Multiple design configurations may be considered.
System Redundancy: The NSCC shall have the capability to provide three solutions to the requirement for redundant/back-up systems. These approaches to redundancy shall consist of: 1)
Stand-by System: (i) This level of redundancy shall provide a second CPU which shall be easily accessible, but not connected, to the primary system. (ii)
In the event of failure the Stand-by System shall include an Hewlett-Packard XM3 PC of the same capability as Security Management System, with processor, hard drive, tape drive, SVGA video board, standard memory, additional memory, corollary board, Security Management System bus adapter if required for the specified configuration, and all essential software to operate the system.
(iii) This system shall replace a failed Security Management System CPU, shall have all necessary system applications loaded, and shall be activated by connection to the proprietary security key device utilized with Security Management System system. (iv) The Redundant Stand-By System shall only be activated only in the event of hardware failure at the Primary System. 2)
Security Management System/LC: (i) The second level of redundancy is available through the standard architectural design of the NSCC. (ii)
In the event of a failure of the LC computer, Security Management System / LC design shall be implemented through the configuration of Security Management System to accommodate manual switch-over to the LC computer.
(iii) At the time of switch-over the pollers shall be activated through Security Management System rather than through the LC. Security Management System would then function as the LC for monitoring purposes until the LC was again functional. (iv) If a Security Management System failure is experienced, the LC would continue to perform in its usual manner. 3)
Fault Resistant System (FRS): (i) This level of redundancy shall support simultaneous reads and writes to two disks of two duplicate platforms configured identically. (ii)
WSE • 3/1/1999
Under normal conditions the Primary Security Management System would be the main functioning system writing all transactions to the disk of the Secondary system in real-time.
16720 — 6
NSCC Security Management System
(iii) In the event of Primary Security Management System failure, the FRS CPU will automatically seize control of the entire system until the Primary Security Management System is restored and control returned to the Primary Security Management System. C.
Manufactured Units: 1.
2.
The NSCC Security Management System product family shall consist of the following: a.
Security Management System(s): Hewlett-Packard XM3 Pentium® PCs for ultimate system control.
b.
Local Controller(s): Hewlett-Packard XM3 Pentium® PCs for local control of specific system sub-units.
c.
Remote Location Controller(s): Hewlett-Packard XM3 Pentium® PCs for remote dial-up control of specific system sub-units.
d.
Remote Dial-up Interface(s): Remote Interface to WSE Alto 818 Series Controllers (Controllers).
e.
Additional Monitors: Hewlett-Packard Monochrome or Color Graphics terminals.
f.
Additional Printers: Hewlett-Packard LaserJet 5 Report, Hewlett-Packard LaserJet 5L, Okidata Serial Log, Okidata Parallel.
g.
Access Control / Alarm Monitoring: SE 708P, SE 800 Series, Alto 818 Series SE 422 Series, NexSentry 4100 Series, Stellar RDU-200.
The access control and alarm monitoring devices available for Security Management Systems are listed below. For specifications on these products please refer to the corresponding Guideform Specifications: a.
WSE model 708P Controllers.
b.
WSE model 800 Series Controllers.
c.
WSE model SE 422 Series Controllers.
d.
WSE model NexSentry 4100 Series Controllers.
e.
Opto 22 alarm input/output units.
f.
Stellar RDU-200 alarm input/output units.
g.
Radionics Systems ID 3DR hand geometry readers.
D. Software Platform: 1.
Operating System: SCO UNIX.
2.
Database Management System:
3.
4.
5.
a.
System shall utilize a high-performance relational database management system such as UNIFY Accell/SQL.
b.
The system shall be capable of multi-user and multi-database support in a UNIX environment.
Advanced Visual Report Writer: a.
The system shall utilize a powerful visual information and retrieval tool to extend the reporting power of UNIFY Accell SQL application development system.
b.
The retrieval tool shall work seamlessly with Accell SQL to provide rapid generation of custom reports and business graphics.
Screen Interface System (on Ethernet only): a.
X-windows capabilities shall be provided to support File Maintenance, Reporting, Monitor and Graphics Windows.
b.
These functions shall be available on the PC Terminals connected to the system, and shall incorporate XWindows software.
Networking: a.
Networking capability shall be necessary to implement large scale and/or multi-location systems with security devices and/or computers distributed to remote locations while overall control of the network is maintained at a central location. Local Area Networks (LANs) or Wide Area Networks (WANs) connected via dedicated or dial up communications lines may be required.
WSE • 3/1/1999
16720 — 7
NexSentry Access Control System
6.
E.
“C” Programming Language: a.
The application shall be written in the “C” programming language.
b.
This standardization shall provide for greater ability to support and enhance the system in the future.
Operator 1.
Sophisticated Operator Interface: The required system shall provide a sophisticated, easy to operate interface for security operators. The following aspects of the system shall contribute to the effectiveness of the operator interface: a.
b.
c.
Graphical user interface: 1)
A graphical user interface, based on the X-Windows system, which permits a user to view and operate multiple screens in several areas of the system simultaneously.
2)
The operator shall have the capability to customize the individual screen sizes and locations, in relationship one to the other, on the display.
Menu driven operation: 1)
Menu driven screen selection shall allow even an infrequent operator to move through and manage the functions of the system easily and with a minimum of training.
2)
There shall be no need to memorize complicated commands or procedures.
Function 1)
d.
2.
Interface/Operations:
keys:
Function key control of actions must provide the ability to control the system with simple keystrokes.
Windowing: 1)
The system shall provide windowing (a ZOOM feature) for additional information and/or explanation.
2)
The ZOOM capability shall allow the operator to look up information in supporting files, and to access other screens without leaving the screen they are presently using. For example, while entering data for a cardholder, the operator may require auxiliary information regarding access codes. The operator may ZOOM to the access code screen, key on the correct information and dynamically add that data to the Keyholder Entry screen.
3)
All this shall be accomplished without having to exit one screen, move through the menus, enter another screen to retrieve the necessary information, then move back through the menus in order to make the entry in the original location.
4)
This feature shall exist throughout the system, wherever categorical descriptions are kept in lists.
Multi-Terminal and Multi-Tasking: a.
b.
c.
General: 1)
Multi-Terminal operation for interaction by additional operators shall be available at local or remote sites.
2)
Independent operations may be performed at different operator terminals with minimal degradation of performance.
Terminals supported: 1)
The system shall be able to support up to: [4 terminals] [4 terminals (NSCC 1 Star)] [8 terminals (NSCC 2 Star)] [12 terminals (NSCC 3 Star)] in any combination of monochrome and SVGA color PC terminals.
2)
Maximum additional terminal configurations require additional memory.
Connection: 1)
Additional terminals shall either be directly connected to Security Management System system via a serial link or network connection or shall available on a dial-up line.
2)
In any of the available configurations, additional terminals shall have the same capabilities as the main console.
WSE • 3/1/1999
16720 — 8
NSCC Security Management System
3) d.
e.
3.
4.
5.
Routing Alarm Reports: 1)
The system shall have the ability to provide the routing of alarms and alarm instructions to more than one CRT or printer, dependent upon end-user customization requirements.
2)
This routing capability shall include categorizing alarms based on “zones” (physical grouping) and “tenants” (people grouping) and then assigning “zone” and “tenant” responsibility to specific monitoring stations and personnel.
Routing of Alarms by Tenant: 1)
The system shall allow for a certain sub-set of cardholders, doors, and alarm points to be assigned to one tenant.
2)
A tenant is defined as having exclusive access to a specific set of cardholders, doors and alarm points located within a pre-defined geographic area. This definition is in keeping with the system capability which enables multiple, separate companies to share the same global information on a single system, while at the same time, maintaining specific proprietary information as necessary for each company.
3)
Any operator for a single tenant shall receive alarms and access activity exclusive to their respective part of the system, and invisible to other system tenants. These alarms and transactions shall be distributed based on operator's password and authorization level rather than the terminal being used.
System Password Protection/Program Security Levels: a.
Access to all menus and screens, and the corresponding capability for each screen, shall be controlled via operator and password authorization levels.
b.
Accessibility to the over 160 individual screens shall be defined on an individual basis by the System Administrator to limit a system user to specific screens and functions.
c.
Additional authorization protection shall be provided by means of defining, on a screen by screen basis, whether a user is granted permission to View, Add, Delete or Modify the information on that particular screen or perform control functions such as Lock/Unlock doors, Shunt/Unshunt alarms, etc. This added level of control shall serve to protect the system and prevent unauthorized changes to information which could compromise the data integrity and the system security.
d.
Not less than 1,000 operators shall be allowed, each with a completely unique set of individually defined capabilities.
Real Time Alarm Reporting and Display: a.
The system shall process alarms in real-time, using not less than 10 priority levels defined by the System Administrator. The System Administrator shall have the capability to assign the priority levels into categories such as fire, intrusion or duress.
b.
Alarm displays shall be in color. The system shall have the ability to assign unique colors for different alarm priority levels.
c.
Unacknowledged alarm messages shall be repeated after a user-defined time period.
d.
The system shall associate color graphic maps with alarm points and shall display maps in real-time. Graphic maps shall update automatically and shall not require a “Refresh” command.
Real-time Status Reports: a.
6.
Operations at any terminal shall be limited by operator name and password (refer to “System Password Protection/Control” section below).
System status reports shall be available by alarm category, security area device and monitor points.
Override Command Capability: a.
The system shall provide the operator the ability, based on previously defined password authorization, to override pre-set conditions.
b.
The overrides shall include: 1)
Unlock / Relock doors.
2)
Shunt / Unshunt alarm monitor points.
3)
Open. Limit and/or Close the areas covered by specific Controllers.
WSE • 3/1/1999
16720 — 9
NexSentry Access Control System
7.
4)
Forgive anti-passback status in individual Controllers.
5)
Shunt, unshunt and restart Controllers.
6)
Halt and restart pollers.
7)
Activate/Deactivate project schedules.
8)
Activate/Deactivate relay outputs.
High Resolution Color Graphics at Operator Console: a.
SVGA resolution with 256 colors minimum.
b.
Vector resolution for maps: 1)
Utilizing a mouse to facilitate the selection and placement of graphic symbols, the system shall define maps representative of the site. The symbols shall be associated with alarm points.
2)
Mapping shall support a “Jump” function which shall allow definition of maps of a lower level detail than the map currently displayed.
3)
The mapping system shall support output to the following printers: (i) Hewlett-Packard LaserJet 5. (ii)
Hewlett-Packard LaserJet 5L.
(iii) Okidata Serial Log. (iv) Okidata Parallel Log. 8.
Powerful System Diagnostic Software: This feature shall provide operators with greater ability to examine the status of the system components and communications. These capabilities are particularly useful to diagnose suspected problems. a.
b.
Card Reader Status: 1)
A status screen shall show the condition of all card readers attached to the system.
2)
This screen shall show the status of card readers, coax cables.
Card Reader Activity: 1)
Access activity at doors associated with a particular card reader shall be displayed as it occurs.
2)
Information displayed shall include the following: (i) Door name. (ii)
Access time.
(iii) Card number/PIN. (iv) Door status: closed, open, held open or forced open. (v)
Keyholder Name.
(vi) ID number. (vii) Lock status: locked, unlocked, manually unlocked or auto unlocked. (viii) Monitor Point Status: Active, clear, communications failure, device failure. c.
Communications 1)
9.
Monitor:
Communications between the card readers and the computer must be monitored. This function shall be used during installation to verify proper connection of communication cables, and during standard system operations to monitor the status of device connections.
High Security Mode and Complete Audit Trail: a.
This feature shall be implemented to provide a complete history of data changes to the system, by documenting all changes to the database, excluding system generated transactions or logs.
b.
The information to be tracked shall include the user making the change, the data that was changed, and the date the change occurred.
c.
The Audit Trail implementation shall include reporting on the information that affects keyholder access and alarm events, including the following files:
WSE • 3/1/1999
16720 — 1 0
NSCC Security Management System
1)
Keys holders.
2)
Pollers.
3)
Devices.
4)
Readers.
5)
Points.
6)
Holidays.
7)
Access Groups.
8)
Access Codes.
9)
Employee Access Assignments.
10) Time Codes. 11) Instructions. 12) Auto Opens/Activates. 13) Device Reports PIN Definition 14) PIN Hardware Definition. 15) Dialers. 16) All SQL database items. d.
The audits for these files shall be stored in an independent flat file resident outside of the database.
e.
The audit trails shall contain all fields of the affected record, not just the field that was changed. in order to provide a "before and after" image of the data.
f.
The File Maintenance programs of each of the affected files shall be modified to log the audit records to the flat file.
g.
A report shall be provided for each of the audit files, and shall print all of the fields of the audit record in addition to the date and time of change, the log-in name of the user making the change, a serial number identifying the line of audit, and whether the change was a modify, add or delete.
h.
Each Audit file shall be able to be archived to tape. Once the audit record is successfully written to tape, the on-line audit record shall be deleted.
10. Event and Task Programming: a.
Custom programming, to define a set of tasks to be performed as the result of a specific event, shall be achieved through the Event and Task programming option.
b.
Events such as an access event, alarm condition, or timer may be linked to an output. The capability for this level of customization is standard on the NSCC system.
c.
The creation and implementation of special Event / Task relationships depend upon careful definition of customized transactions under a resident program facility.
d.
One Event is capable of driving one, or multiple, Tasks.
e.
Event / Task would be implemented to activate certain alarms or indicators any time a specific event took place at a critical point in the facility.
f.
Example: If a Command Key which is not valid is presented at a critical door, a special alarm message can be programmed to appear at the monitor screen while, simultaneously, lights and audible alarms are activated at the site of attempted entry.
11. Project
Schedules:
a.
Implement the capability to use project schedules to alter access to certain doors by activating and deactivating “projects” in the NSCC. This functionality shall work with access codes and privilege levels to provide another level of clearance checking to the system.
b.
Doors per project: 16 maximum. Doors included in an active project can be accessed only by cardholders who are assigned a project that includes that door.
WSE • 3/1/1999
16720 — 1 1
NexSentry Access Control System
c.
Projects: 128 maximum. The system shall provide the capability to define, modify, add and delete projects.
d.
Access Override:
e.
f.
F.
1)
Implementation of an Access Override feature shall enable one to quickly turn on and off access, manually or by date, to particular sites of a facility.
2)
This feature shall incorporate Access Override Codes (AOC), each of which may be given a description, a range of dates, and whether access shall be allowed or denied during the range of dates.
3)
Subsequently, these codes may be assigned to one or more of the access privileges assigned to each keyholder. Therefore, each cardholder's individual Access Code, or Group Records may be assigned an Access Override Code. As a result, in addition to controlling access by door, time of day, and day of week, access privileges may also be controlled by date.
The system shall not only check access by door, time and day, it shall check to see if access has been limited to a range of dates, and whether access should be allowed or denied through that range of dates. This method of implementation shall, therefore contain several properties, as follows: 1)
Identical Access may be assigned to a group of cardholders, but restrictions may be applied to a subset of cardholders.
2)
Identical Access may be assigned to a group of cardholders, but restrictions may be applied differently.
3)
Different Access may be assigned, subject to the same date restrictions.
Keyholders whose Access Privilege Records have not been assigned an Access Override Code shall be unaffected by this feature. This feature shall be functional for Security Management System decisions.
System Management: The required system shall perform all of the following functions: 1.
Simple
System
Administration:
a.
To administer Security Management System computer, the system shall provide control of all system administration functions via menu accessed screens.
b.
There shall be no need to memorize complicated commands or to learn the syntax of the UNIX operating system.
c.
System administrative functions shall include: 1)
Adding and deleting system users.
2)
Maintaining user passwords.
3)
Checking database statistics.
4)
Performing system and database backups.
5)
Defining and maintaining program security levels.
6)
Displaying current system activity.
7)
Performing transaction archives.
8)
Initiating data transfer to remote devices.
9)
Defining and maintaining user-controlled fields.
10) Performing alarm transaction clean-up. 11) Displaying those users currently logged on the system. 12) Key holder loading. 13) ID Security maintenance. 2.
Security System Hardware Definition: a.
The capability to define the system hardware to the following degree shall be allowed: 1)
Access control/alarm monitoring devices.
2)
Communications characteristics.
3)
Grouping by zone and tenant.
WSE • 3/1/1999
16720 — 1 2
NSCC Security Management System
4)
Grouping by Anti-passback levels.
5)
Defining readers.
6)
Defining points.
7)
Defining CONTROLLER reports.
8)
Defining auto activate/open periods: (i) Proximity access control. (ii)
Magnetic card access control.
(iii) Keypad access control. (iv) Alarm monitor points. 3.
Define Security System Software: The system shall allow for the specific definition of system software in the following areas: a.
Keyholder
information:
1)
The system shall be capable of keyholder information entry independent of the assignment of card numbers. It shall also have the capability to assign each keyholder to multiple access groups.
2)
In central processing mode, the number of possible access groups shall be not less than 100.
3)
Keyholder information shall include the following: (i) ID number. (ii)
Card number.
(iii) Personal Identification Number (PIN) (iv) Employee name. (v)
Tenant.
(vi) Card valid date. (vii) Card expiration date. (viii) Six user-definable sort fields with field look-up (ZOOM) capability. (ix) Seven text-based data entry field. (x) b.
Address, telephone number and other applicable fields.
Time periods: 1)
Time periods shall include: (i) Start time. (ii)
Stop time.
(iii) One or more days of the week. c.
d.
e.
Holidays: 1)
In addition to the time zones, days of week and doors for access, the system shall allow the System Administrator to add holidays to the access definition.
2)
Holiday definition allows days defined as holidays to have automatic and access parameters different from their normal definitions.
Zones: 1)
The system shall have the capability of dividing the physical site into zones for anti-passback control and for arm/disarming security functions.
2)
Zone definitions shall be applied to card readers into or out of the zone.
Tenancy: 1)
The system shall allow for security hardware, areas, and cardholders to be grouped as tenants in the case of multiple tenant occupied facilities.
2)
An operator assigned to a particular tenant group can manage data, acknowledge alarms or execute reports only for data and events defined for that tenant group.
WSE • 3/1/1999
16720 — 1 3
NexSentry Access Control System
4.
5.
6.
7.
Maximum Database Capabilities: a.
Maximum storage capabilities are dependent on Security Management System and Controller configurations selected.
b.
Refer to Appendix B for database requirements.
Database Download to Distributed Local Controllers: a.
In situations where Controllers with distributed intelligence are connected to the system, Security Management System must download all information pertinent to that particular control unit.
b.
The system shall execute downloads automatically when data is added or changed, or by manual initiation.
Powerful and Meaningful Reports: System shall have the following reporting capabilities: a.
System shall offer rapid generation of custom reports and business graphics, through time-saving features such as visual report writing; batch reporting; and database, output, arithmetic, selection and sorting functions.
b.
System shall provide a simple, logical tool for producing custom reports without programmer assistance, without compromising the security and integrity of the DBMS.
c.
System shall be able to execute reports without intervening with, or impacting the performance of, the realtime operation of the security system.
d.
System shall track and report the dates of archived events available for reporting. It shall have the capability to generate reports for activity spanning any time period through the use of disk files, tape archives or a combination of both forms of media.
e.
System shall separate reports by tenant, when defined, so that an operator assigned to a particular tenant group shall be inhibited from accessing data and reports on areas of the security system from outside the defined tenant group.
f.
System shall provide reports for every data file maintained in the system. These reports provide for data entry verification and printed back-up.
g.
Reports may be customized to any reporting format desired from an unlimited number of files or tables, and select, sort and perform calculations on any fields in those files.
h.
The system shall provide Unify ACCELL DBMS for data storage and manipulation. Unify ACCELL DBMS is a relational database manager which supports SQL, the electronic industry standard for interfacing with sophisticated data management systems. The system shall also employ a tool for customized report generation.
On-Line Storage of Security Events: a.
8.
9.
Minimum on-line log transactions: 100,000 on a low-end system (NSCC One-Star); 400,000 to 2,000,000 on a high-end system (NSCC Three-Star).
Archiving of Security Events: a.
The system shall provide the ability to backup to streaming tape all events stored in the transaction file through a user-selected date.
b.
Reports shall be generated from the archived data.
Backup and Restoration of Security System Definitions: a.
The system shall provide the capability to backup to streaming tape the security system definition, including both hardware and user information.
b.
System back-up shall be initiated by a menu option for optimal simplicity.
c.
In the event of data corruption, tampering, or other loss of data integrity, the security system definitions shall be capable of being restored to the on-line system from the backup tape.
d.
Database back-up functions shall be transparent to the system administrator and to the system functionality. Back-up of the NSCC database and transaction logs does not require the system to be shut down. Operator interaction, such as monitoring, file maintenance and database entry, shall continue in an uninterrupted state during the process of archiving.
WSE • 3/1/1999
16720 — 1 4
NSCC Security Management System
e.
The system shall provide capability for a complete back-up of the system via the user interface, with an accompanying restore ability. The back-up function, presented as a menu option, offers the choice of either a complete system back-up or a database-only back-up. This functionality also keeps track of the last date of each type of back-up for historical reference. Additionally, the application employs a dedicated user log-in to facilitate the recovery of database back-up tapes, providing a faster, easier, more efficient method of restoring a database.
G. Access Control Operation: The system shall have the capability to control access via either central processing or distributed processing. With central processing, Security Management System or Local/Remote Location Controller shall make all decisions when controlling WSE Access Control Units (Controllers). For distributed processing, an intelligent WSE Controller is required to make all decisions locally. Since the system shall operate differently in these two modes, the following section is divided into three parts, as follows 1.
Common Requirements (both Central and Distributed Processing): a.
b.
Expanded Growth Capacity: 1)
Through new Security Management System systems, additional controllers, and computer hardware upgrades, the system shall provide support for large scale systems with an extremely large number of cardholders, card readers, alarm points, operator terminals, or transaction events. This unlimited expansion capability shall provide a secure foundation for future growth and, also retain the investment in the initial system components.
2)
Modular software architecture and performance-oriented programming techniques shall optimize the system to provide minimum response time. From the speed with which doors are unlocked, and the speed with which reports are produced, the system software must be able to meet the stringent specification for capacity as listed in Appendix B.
Expanded Network Support: 1)
c.
d.
Event Capture from Access Control Units (Controllers): 1)
Security Management System computer shall receive and record all events that occur at all Local Controllers.
2)
Event capture shall occur either real-time (to hard-wired devices) or when required (to dial-up connected devices). These devices may include Local Controllers, Remote Location Controllers, Remote Dial-up Interfaces, Controllers, and alarm monitor units.
Dial-up Reporting from Controllers: 1)
e.
f.
When alarms or other priority events occur, Remote Location Controllers or Controllers connected via dial-up lines shall call Security Management System computer to report the event.
Failsoft
Operation:
1)
If for any reason, communications between the computer and the Controller is interrupted, the system shall resume control upon restoration of communication.
2)
While connected to Security Management System, the system shall constantly update the Controllers with the information necessary to operate in failsoft mode.
Automated System Control: 1)
g.
The system shall have the capability to implement large scale or multi-location systems with security devices or computers distributed to remote locations while maintaining overall control of the network at a central location. Systems may use Local Area Networks (LANs) or Wide Area Networks (WANs) connected via dedicated or dial-up communications lines.
The system shall provide the ability to automatically change the state of certain devices and/or areas based on time.
Multiple Identification Required for Access: 1)
Selected entrances and exits require multiple methods of confirming identity for entry.
2)
The required system must support any combination of the following access controlling devices: (i) Proximity card readers. (ii)
WSE • 3/1/1999
Magnetic stripe card readers.
16720 — 1 5
NexSentry Access Control System
(iii) PIN keypad. (iv) Biometrics (hand geometry readers). h.
2.
[Electronic Visitor Directory: 1)
The visitor access control system (Electronic Visitor Directory) shall provide the ability to track visitors who are not issued an access card.
2)
The operator may enter a visitor ID number and the employee ID number of the person they are visiting. A quick look up must be provided for visitors by last name and all visitor records shall be saved for future reference.
3)
The optional capability must exist to print a visitor's badge with the valid date and person being visited. The badge must be able to be printed in different colors representing the day of the week.
4)
When the system prints a badge, it shall also provide a permanent log of every visitor and the person the visitor is seeing.
5)
NOTE: The Specifier should carefully select the portions of this section that fit the intended application. Particular attention should be paid to employ only the text for the processing (Central or Distributed) and corresponding Controllers that match the end user's requirements. The presence of any existing WSE Controllers (708P, 800 Series or SE 422) should be carefully considered in determining the ultimate nature of the system.
6)
If central processing is to be used, select the features desired for your system from the list of features defined in PARTII.3.F.2 Central Processing below. Budgetary considerations are very important in selecting these features since many of them require additional hardware and/or software. Consult WSE, or your local Authorized Dealer, for application configuration assistance and local contact information.]
Central
Processing:
a.
Systems with large numbers of cardholders or access groups, high security environments requiring antipassback, two-man rule, access decisions based on multiple events (such as card presentation, PIN entry, biometrics identification, or display of a cardholder's photo) shall require central processing.
b.
Central processing shall be dictated in situations where loss of communications between a Controller and Security Management System computer is considered a potential attack on the system and, as a result, the access privileges must be minimized until appropriate personnel have been notified and communication restored.
c.
Smart Failsoft Operation:
d.
e.
1)
If for any reason communications between the Security Management System and the Controller is interrupted, the Controller shall recognize that event and shall automatically begin operation in a stand alone mode based on predetermined access control criteria.
2)
When communication is restored, the system will resume control and receive all stored transactions.
Anti-passback: 1)
Zoned anti-passback: The system shall provide zoned anti-passback, which requires users to alternate the presentation of cards to entrance and exit readers.
2)
Assigning passback zones: The system shall be able to assign a passback zone and a direction (in or out) to each card reader. A data log shall be generated, and passage denied, when there is failure to alternate entry and exit. The system shall be able to assign a zone number for an adjacent zone number; for example, the system can define a single card reader entering zone 1 and exiting zone 2.
3)
Passback forgiveness: Ability to forgive passback status shall be available via operator overrides. Passback forgiveness shall be provided to a single cardholder or for all cardholders. In the event of system failure, the system must automatically forgive all passback status upon return to an operational state.
4)
Concentric security areas: must also be definable by the system administrator.
Trace: 1)
The system shall provide the capability to trace activity for specific cardholders at specific doors.
2)
The system shall issue a report whenever a cardholder marked for “Trace” is presented at any door.
WSE • 3/1/1999
16720 — 1 6
NSCC Security Management System
f.
3.
3)
For a cardholder the system shall report activities throughout the system. The system shall display trace activities with the alarm functions to alert the operator.
4)
Whether access is being traced or not, the system shall store the last 20 (twenty) access attempts, even after archiving of logs to tape.
[Two Man Rule/ Escort Required Access: (optional module) 1)
This application shall provide the capability for the system to require an access request by more than one person before access is granted into a controlled area.
2)
Access shall not be granted unless two individuals with valid access privileges present their keys within a predetermined period of time. The system shall be able to assign this capability to any door.
3)
Additional individuals may enter the area after the first two have entered. However, at no time may fewer than two people remain in the room. Thus, if two people are in the room, and one decides to exit, the system shall NOT grant access to exit unless the second person also presents a card for exit access.]
Distributed
Processing:
a.
Distributed processing decision making is supported by all WSE Controllers. These intelligent controllers make access decisions at the peripheral device, or door level, independent of Security Management System computer unless the card number is not in the memory of the Controller, or has been modified as a Security Management System controlled card via the Smart Failsoft feature. In that case, Security Management System shall check access privileges and, if access is permitted, shall command the Controller to open the door within 1 second or less when interfaced with a WSE' front end security system.
b.
Automated Download of Data to Distributed Controllers: 1)
NSCC maintains a central database on all access control equipment. The database includes cardholders, access levels, automatic events (such as auto unlock), etc.
2)
Database sorts this information and sends it to the appropriate intelligent Controller, allowing the local Controller to make all necessary decisions without the NSCC Security Management System support.
H. Alarm Monitoring Operation: 1.
2.
3.
General: a.
The system shall provide full Alarm Monitoring and Acknowledgment functionality on both Security Management System computer and the Local Controller (LC) for ease in maintaining data integrity and in the event that communications between Security Management System and the LC is lost.
b.
The system shall also provide automatic uploading of alarm acknowledgment data from the LC to Security Management System.
c.
Automatic transfer of map data entered on Security Management System, in addition to the ability to display and print maps, shall be available at the LC.
d.
NOTE: System requirements may include some or all of the following alarm monitoring standards. The Specifier should carefully select the portions of this section that fit the intended application.
Line Supervision / Response Time: a.
Security Management System, LC or RLC shall interrogate each alarm point at a minimum of twice per second.
b.
When utilizing WSE Controllers, Security Management System system shall monitor the alarm points in two states: secure or alarm.
c.
An end-of-line resistor indicates the point is secure.
d.
Security Management System optionally may communicate with input points via Opto 22 and Stellar alarm input/output units.
Configurable Alarm Instructions: a.
The system shall provide the capability to assign up to eight (8) lines of forty (40) characters each for each alarm or monitor point in the system.
b.
The system shall have the capability to assign alarm instructions to monitor points in the system for unique responses to any circumstance.
WSE • 3/1/1999
16720 — 1 7
NexSentry Access Control System
4.
5.
Operator Alarm Response: a.
When acknowledging an alarm, the operator shall have the capability to enter up to eight (8) lines of forty (40) characters each in describing actions taken regarding this alarm event.
b.
User definable fields which contain specific instructions for operator alarm acknowledgment shall be available to the operator, and access to them controlled via pre-defined security levels.
c.
The system shall save alarm acknowledgment with the respective event for future recall and reference.
Recall Alarm Activity: a.
The system shall save to disk information associated with each alarm that occurred within the system.
b.
The corresponding alarm instructions and any comments an operator made when acknowledging the alarm shall also be saved to disk. The operator shall not be able to modify or delete this information. Hence, all information is available to the operator viewing an alarm.
6.
Alarm Conditions: 100 minimum.
7.
Monitor Point Status Display:
8.
a.
The system shall provide a display that summarizes the current condition of all (or a portion) of the monitor points.
b.
The status display shall indicate normal, active, shunted and communication line status.
Shunting / Unshunting Alarms and Alarm Points: a.
9.
I.
The system shall provide the capability to shunt and unshunt alarm points via the following methods: 1)
Automatically: based on time of day, day of week or holiday.
2)
Manually by operator override: The operator must previously have been provided the capability of shunt/unshunt via the password definition.
3)
Status of another point can determine whether a point is active or shunted.
4)
Card Presentation or PIN entry: This allows a group of readers or keypads to be combined to shunt/unshunt alarms within that area.
Operator Definable Alarm Task Programming: a.
Tasks available: 100 per event minimum.
b.
The operator shall be provided with the capability to define a set of tasks to be performed by the system as a result of a specific action. For example, an event such as an alarm condition (smoke detector activated), access event (invalid access attempt) or time trigger (60 seconds after a duress button was pressed) shall initiate a task or series of tasks.
c.
The tasks performed may consist of activation of an output relay and/or control commands sent to a CCTV switcher.
Additional Security Operations: 1.
[Elevator Control: a.
b.
General: 1)
Elevator Control shall be provided via software which provides complete floor by floor access control for elevator cars by allowing activation of only those buttons which control floor access as defined for each specific cardholder.
2)
Elevator Control shall operate without dependence upon any particular elevator panel, thus allowing interface with virtually any commercial elevator operating system.
Elevator Control capabilities include: 1)
Floor by Floor Cardholder Access Control: (i) As a card is presented to a reader installed within the elevator car, dependent upon the access privileges previously defined, specific floor buttons are enabled to allow specific floor access. (ii)
WSE • 3/1/1999
The floor buttons remain enabled for a user-definable length of time before automatically defaulting to the deactivated mode. 16720 — 1 8
NSCC Security Management System
2)
Multiple Hardware Support for Output Control: (i) The Elevator Control program shall interface with WSE Controllers, and Opto 22 input/output multiplexer devices to control the enabling and disabling of elevator buttons.
3)
Controllable Fail-soft Operation: (i) In conjunction with Opto 22 multiplexer boards controlling output contacts, the Elevator Control option shall provide for the programming of the elevator button profile in the event of lost communications with Security Management System computer. (ii)
4) 2.
This form of watchdog operation provides the capability of enabling specific buttons, as required, during a communications failure.
The Elevator Control software shall be included as part of the basic application on a high end system.]
[CCTV Control (optional module): a.
General: 1)
b.
Closed Circuit Television communication interface shall enable the system to monitor and control specific elements of a CCTV system through the security management system.
Functions: 1)
Camera/Monitor Control: (i) Manual selection of the camera scene for viewing on CCTV monitors from Security Management System, thus eliminating the requirement for remote switcher control. (ii)
Response to system events shall be provided to allow the assignment of a specific camera scene to a specific monitor at the occurrence of a pre-defined alarm condition. When camera sequencing is enabled, the system shall provide the capability to halt the sequencing and display the requested camera scene at a specific monitor. Sequencing shall then be re-initiated at the discretion of the operator.
(iii) Preset camera and monitor control shall be provided to preset the pan, tilt, zoom and focus for optimum view of a particular area or location. c.
3.
System Information Entry: 1)
The system shall allow for the programming of camera titles at any camera or alarm location that is part of the automatic sequence, or is selected manually.
2)
The system shall allow for the display of the date and time at the CCTV control monitors.]
[NSCC Integrated ID System (IDS): (optional module) a.
General: 1)
The system shall interface with an Image Capture module that provides the capability to capture and store photographs of cardholders, and transfer those digital photographs to the access control database in order to be retrieved and displayed on a terminal screen for visual verification of identification.
2)
The System shall utilize a Windows® based image creation environment which shall provide a single integrated database to eliminate redundant data entry.
3)
Alphanumeric text shall be incorporated into the information printed on both the badge and CRT display.]
4)
Systems requiring synchronization of two or more databases will not be accepted.
b.
Image Storage: 15,000 minimum.
c.
Image Recall: by command, alarm event or card reader transaction logs.
d.
Media Options: 1)
Thermal.
2)
PVC: PVC media must be capable of direct-to-card printing on both sides of the card with the ability to hole punch for either horizontal or vertical display.
3)
The system shall support both color and black & white images, and have the capability for simultaneous access on multiple terminals.]
WSE • 3/1/1999
16720 — 1 9
NexSentry Access Control System
4.
[Guard Tour Monitoring (optional module): a.
5.
Define, schedule, monitor and report the status of guard tours.
2)
Define the route, timing and locations.
3)
Schedule, monitor, cancel and resume tours.
4)
Provide printed reports on tour activity and history selectable by scheduled time, guard, route or status, shall be included in the application.
The system shall provide the capability to query and display the status of a tour in progress, showing the location of the guard at any given time during the tour, both by text and map display.
c.
Deviations from the tour schedule shall be capable of generating an alarm.
d.
The system shall also provide the capability to shunt and unshunt monitor points, via time schedule, in order to allow the guard tour to proceed from one station to another without restriction. Readers, as well as monitor points, shall be allowed as guard tour points.]
[Time & Attendance (optional module):
b.
7.
1)
b.
a.
6.
General: The Guard Tour option shall have the capability to:
General: The system shall provide a real-time personnel time data collection system with capability to: 1)
Automate the capture of hours worked
2)
Provide error free input data to a payroll system
3)
Provide timely and accurate time reporting
Functionality: 1)
Dual functionality readers that function both as access control readers and as time and attendance clock stations, with a simultaneous read for both activities.
2)
Single or dual directional stations with either one reader for clock in/out or both clock in and clock out readers.
3)
Automatic transaction logging to the time and attendance database. The logs shall include card holder id, no less than 6 user definable fields, clock in/out date and time.
4)
Time transaction editing capability to ensure that data is accurate and complete prior to transmittal to an ancillary database.
5)
Time transaction reporting to provide a means of verifying the accuracy of any transactions to be exported to a payroll system.]
[Electronic Visitor Directory (optional module): a.
General: The system shall provide an Electronic Visitor Directory option by which to process and monitor visitors to a facility. This module shall provide the capability of storing both permanent and current information for each visitor, as well as flexible reporting and badge printing capabilities.
b.
Database: A permanent database entry shall exist for each visitor, that can be retrieved, modified and expanded with each ensuing visit, and transferred to the correct files for badge creation, storage and reporting.
c.
Reporting: Visitor reporting shall be selectable according to specific search criteria.
d.
Pre-registration: The system shall also provide the capability for pre-registration and advance preparation of visitor badges in order to facilitate the visitor registration process.]
[Remote Dial-up Interface (optional hardware): a.
b.
General: 1)
The system shall provide dial-up capability through an intelligent link between Security Management System and multiple Controllers, via dial-up phone lines.
2)
A microprocessor-based hardware platform in conjunction with application software shall provide remote dial-up support for no less than 3 Controllers.
Functions: The functionality of a remote dial-up interface shall include the following:
WSE • 3/1/1999
16720 — 2 0
NSCC Security Management System
8.
1)
Automatic, high-speed download of data from Security Management System to the Controller, thereby eliminating data integrity problems and the need for human intervention between the two device types.
2)
Error free download of data through a communications protocol to provide error detection and acknowledgment of each transaction as it is received by Security Management System computer.
3)
Automatic re-transmission of downloaded data upon detection of an error through a database verification and memory check procedure.
4)
Buffer storage capacity of no less than 6,000 transactions, with an automatic dial-out upon a pre-defined threshold.
5)
Immediate call in, to Security Management System computer, of alarms based upon a user-definable table of alarm conditions.
6)
Redundant communications path with no less than 3 programmable, alternative phone numbers to the RDI unit, which shall be used in the event of a communications failure to Security Management System computer. Upon dial-out of an alternative phone number, the alarm condition or transaction buffer shall be routed to an optional computer, thereby triggering a report of the communications failure to the primary computer.]
[Parking/ Revenue Control (optional module): a.
General: The system shall provide the capability to control access to, and the revenue generated by, a parking facility. Through integration of cardholder access control with the cashiering function required for transient parkers, the system shall provide total control of a parking facility by tracking entry and egress of any type.
b.
Functions: The parking control system shall encompass both the control of cardholder parking and the control of transient parking by providing the following functionality: 1)
Keyholder Parking Control: (i) The same system that controls access to any facility shall control access to parking, thereby optimizing the use of a single access card per cardholder. (ii)
The capability shall be provided to define parking access privileges by day of week, time of day, and card reader.
(iii) Anti-passback shall also be supported. (iv) Nesting control shall be provided in order to monitor and track a cardholder who has parked outside of a designated area. The system shall provide the capability for a reader, or series of readers, to be defined for the sole purpose of allowing access to an inner, or nested, parking area. A flag shall be triggered whenever a reader in the “nesting” path is accessed. Upon accessing the reader in the designated area, the flags shall be removed. However, if the designated reader is not accessed, an alert shall generated and a permanent transaction shall be logged for reporting. (v) 2)
Transient Parking Control: (i) The system shall provide support for interface with standard parking ticket spitters, cash ticket processing, validated ticket processing, online ticket validation, no ticket processing, and daily cash control through report generation. (ii)
WSE • 3/1/1999
The system shall provide the capability to maintain a tenant file for billing and revenue control in association with parking control, and to monitor and track the parking population on demand.
NOTE: The Specifier should carefully select the portions of this section that fit the intended application. Budgetary considerations are very important in selecting these features since many of them require additional hardware and/or software.]
16720 — 2 1
NexSentry Access Control System
.3
ACCESS CONTROL SYSTEM A. System 1.
B.
Description:
The access control and security management system (System) within the building shall consist of microprocessorbased Controllers, Monitor Input/Relay Output modules, [reader types] Readers, [credential type] credentials, and other components. The access control and security management system shall be monitored and managed by a NexSentry Manager client/server network (See Part II.2). To accommodate growth and to facilitate implementation of future technologies, System components shall be modular and expandable.
Controller (NexSentry 4100 Series Controller): 1.
2.
General: a.
[4100 only: The NexSentry 4100 Controller (Controller) shall be an 8- (eight) door controller]
b.
[4104 only: The NexSentry 4104 Controller (Controller) shall be a 4- (four) door controller]
c.
[4102 only: The NexSentry 4102 Controller (Controller) shall be a 2 (two) door controller]
d.
Controller shall have with an onboard INTEL 32-bit microprocessor, battery backup, database, user defined reports, and several communication ports.
e.
Controller shall have two S-Net communication channels to which a variety of S-Net devices can be connected.
f.
Controller shall support one hardware module daughter-board for additional memory and/or for future feature enhancements.
g.
Controller shall provide the following functions: 1)
Provides central control for all devices attached.
2)
Makes decisions for access.
3)
Responds to monitor activity.
4)
Receives input to control its decision-making.
5)
Reports activity to other devices.
Capacities: a.
Addressable 1)
devices:
Proximity readers: (i) [4100 only: up to 8 (eight)]. (ii)
[4104 only: up to 4 [four].
(iii) [4102 only: up to 2 (two)]. 2)
Magnetic stripe readers: (i) [4100 only: up to 8 (eight)]. (ii)
[4104 only: up to 4 [four].
(iii) [4102 only: up to 2 (two)]. 3)
Magnetic stripe readers with integrated keypads: (i) [4100 only: up to 8 (eight)]. (ii)
[4104 only: up to 4 [four].
(iii) [4102 only: up to 2 (two)]. 4)
Keypads: (i) [4100 only: up to 8 (eight)]. (ii)
[4104 only: up to 4 [four].
(iii) [4102 only: up to 2 (two)]. b.
Monitor inputs: Station switch, tamper, power fail, and alarm.
WSE • 3/1/1999
16720 — 2 2
NSCC Security Management System
3.
4.
5.
6.
7.
c.
Relay outputs: Building Mode and Alarm.
d.
MIRO module: System shall connect with up to 9 (nine) monitor input/output module via S-Net.
e.
Expansion Bus: Controller shall support 1 (one) hardware module daughter-board for memory expansion and/or for future feature enhancements, including: LON controller.
2)
Ethernet controller.
3)
ISA Bus interface.
Specifications: a.
Controller card dimensions: 7 X 15 X 1.5 in. (17.78 X 38.1 X 3.81 cm).
b.
[Controller enclosure dimensions: 7.574 X 16.778 X 1.993 in. (19.24 X 42.64 X 5.06 cm.)]
c.
[Controller/MIRO enclosure dimensions: 21 X 25 X 4 in. (53.3 X 63.5 X 10.2 cm).
Environmental: a.
Humidity: 0 to 95% non-condensing.
b.
Temperature: 20° to 120° F (-7° to 49° C).
Mounting: a.
The Controller shall be available [as a board-only option.] [in an enclosure.]
b.
If enclosure is used, the front cover shall contain 4 (four) snap fasteners which shall remove for easy access to internal switches and parts.
P o w er : a.
Source: Power is provided via twisted pair (shielding optional) wiring from a power supply unit.
b.
Consumption: Less than 5 (five) watts with 17 to 28 volts D.C.
c.
[Battery: A low voltage battery (such as a lithium cell) shall maintain the internally stored database setup when no power is available to the controller.]
Wiring: a.
b.
8.
1)
Connectors: Twisted pair (shielding optional) wiring shall supply both power and communications to system devices using the following connectors: 1)
Host: 9-pin D-sub DTE. Also includes a passive 20mA loop.
2)
Terminal port: 9-pin D-sub DCE.
3)
Reader: Phoenix-type.
4)
Power supply: Phoenix-type.
5)
Monitor Inputs and Relay Output (MIRO) units: Phoenix-type.
Cable
limitations:
1)
S-Net data channel shall not exceed 4,000 feet.
2)
Every S-Net device requires 16 VDC minimum for power.
3)
S-Net power cable length shall be limited by the cable losses, the length of the cable, and the devices to which it is connected.
Communications: a.
S-Net devices: RS-485 through the system’s twisted pair (shielding optional) wiring.
b.
Host or printer: SEEP Protocol through RS-232 port or 20mA current loop interface.
c.
Terminal: ASCII through Terminal Port.
WSE • 3/1/1999
16720 — 2 3
NexSentry Access Control System
9.
Feedback: To facilitate trouble-shooting, LED indicators shall be included for every serial port.
10. Diagnostics: LED status lights shall indicate: a.
Operational status of the controller.
b.
Lock status of controlled entries.
11. Self-protection: The Controller shall have inputs to detect: a.
Power input failures.
b.
Controller tampering.
12. Software features: a.
b.
General: 1)
Controller shall have the capability to act as a standalone unit with the software features described below.
2)
Additional functionality and features may be added by networking system with a Security Management System computer (see specification for WSE Security Management System software); however, the purpose of this section is to highlight the software features that are pre-programmed into the Controller.
Database: Database shall store all user operating data and handle event reporting for all possible attached devices, and shall contain memory capacity for the following: 1)
Users with unique ID: 20,020 maximum (standard) [50,000 maximum with optional RAM upgrade)].
2)
Access Codes: The access code shall define where and when the cardholder will be granted access. (i) Number available: 120. (ii)
Capacity: 4 (four) maximum time periods for each door in the system.
(iii) Definable time periods: Time of Day, Day of week, and Holidays.
c.
3)
Time intervals: 128.
4)
User-definable holidays: up to 30.
5)
Transaction buffer: 4,000 maximum in Host port, 100 circular in the Terminal port.
6)
Event Report Schedules: 32.
Operational modes: Controller shall operate in one of two modes, as follows: 1)
Standalone mode: (i) Controller shall not attach to a Security Management System computer. (ii)
User interaction shall be via the user terminal or via access control card readers, keypads, etc.
(iii) All functions shall still be operable and commands normally done via the Security Management System computer shall still be done directly on the Controller via user terminal. (iv) All system activity messages to Operator shall be printed in plain English Language Text. Mnemonic type or transaction code type operator messages are not acceptable. 2)
Networked mode: (i) Controller shall be connected to a Security Management System computer. (ii)
Changes to the database in the Controller shall be made on the Security Management System computer then downloaded to Controller.
(iii) Log messages shall be stored on the Security Management System. (iv) If communications between Security Management System and Controller fails, Controller shall continue processing without degradation in function or responsiveness and log messages shall be stored in Controller memory until they can be delivered to Security Management System. (v)
All system activity messages to the Security Management System shall be hexadecimal for efficient data communications supporting SEEP protocol.
(vi) The Security Management System shall have the responsibility for acknowledging and translating the received messages.
WSE • 3/1/1999
16720 — 2 4
NSCC Security Management System
(vii) While operating in Security Management System mode, a second port on the Controller shall be available for standalone mode connection and output. d.
Building Mode: Controller shall operate in one of three Building modes to determine if access will be allowed or denied. 1)
Building Modes shall be defined as follows: (i) OPEN mode: designates any cardholder, privileged or not, may enter the building provided he has a valid access code (used during peak normal hours). (ii)
LIMIT mode: designates when a privileged cardholder may enter the building, provided he has a valid access code.
(iii) CLOSED mode: is used when the building is unoccupied. Although a privileged cardholder may enter a closed building, he must put the structure in the open or limited mode within one minute or an alarm will be activated.
e.
2)
Any key shall have means to be programmed as PRIVILEGED and be authorized to arm or disarm the building mode feature.
3)
If the key is not authorized to disarm mode alarm system, the key user shall be unable to gain entry, regardless if user’s Access Code has been programmed for that period.
Operator Modes: Controller shall always operate in one of two states, depending on whether or not an operator is present, as follows: 1)
Operate Mode: System shall operate in OPERATE Mode whenever Operator is not logged on. Log records shall be displayed on the screen as they are generated, if so configured.
2)
Command Mode: System shall operate in COMMAND Mode whenever an operator is logged onto the Controller. All operations can be performed from the terminal or from the Security Management System computer. Command Mode shall have three functions: (i) To configure the system. (ii)
To override the system.
(iii) To use print commands. f.
Readers: 1)
System shall be able to assign a 12-character name for each reader.
2)
System shall be capable of defining which reader and at what times they are to report valid access reports.
3)
User shall be able to select which times and at what reader key trace reports are generated.
4)
User shall be able to define which are CLOSED readers (readers where privileged keys function).
5)
Type: Controller shall support 4 (four) reader types, as follows: (i) NORMAL: Shall operate during all building modes for all users who meet the regular access criterion for that door. Privileged access criterion shall be disregarded. (ii)
OPEN: Shall operate only during the Building OPEN mode: everyone shall be denied access during the LIMITED and CLOSED modes.
(iii) CLOSED: Shall operate during all modes, but, during the LIMITED and CLOSED modes it shall operate under the regular access criteria only for users with privileged access. (iv) STATION: Shall be available if the Building Mode feature is used. Shall allow authorized users to change the Building operation mode to or from OPEN, LIMITED or CLOSED. Building modes may be completely controlled by direct commands. The STATION Type Reader shall have the same operation restrictions as the CLOSED Type Reader. g.
Anti-passback: 1)
System shall have capability to designate any command key so that when it is used to enter an area it must be used to exit that area before it can be reused for entry.
2)
System shall have capability to manually or automatically reset the location of all command key’s passback status at any time.
3)
Anti-passback modes:
WSE • 3/1/1999
16720 — 2 5
NexSentry Access Control System
4)
h.
i.
j.
k.
l.
(i)
HARD mode: Denies re-entry and reports passback violation.
(ii)
SOFT mode: Allows re-entry but reports passback violation.
Auto-forgive: A supervisor shall have a method of selectively disabling anti-passback protection. During the time auto-forgive is active, the system shall ignore the anti-passback protection and reset the keys that use the door within the building to UNKNOWN.
Alarm monitoring and control functions: 1)
Latch Alarm: Any monitor point can drive a report that shall trigger the Controller’s latched alarm contact. This alarm shall stay on until an operator performs the “SILENCE” command to turn it off.
2)
Alarm points: Alarm monitors, such as electronic eyes, motion detectors, etc., shall be monitored constantly by the Controller. These shall be capable of being programmed to cause output contacts to be closed to sound alarms or activate other devices.
3)
Output contacts: 8 (eight) shall be used to activate silent alarms or to report alarms to the central station or to control devices such as pumps and sirens.
4)
Alarm Silence: Latched alarm may be silenced via either the user interface or from the Security Management System computer. The alarm may be turned on again if the alarm trigger is still activated.
5)
Alarm shunts: System shall have means to connect presence detecting device to shunt alarms when authorized employee uses an alarmed exit. Exit reporting shall be selected by user.
6)
Open door detection: Any time a door is left open for more than the configured amount of time, a configured action can be taken.
7)
Forced door detection: Any time a door is forced open, a configured action can be taken.
8)
Loss of power alarm: Controller shall indicate when the UPS is about to run out of power. If possible, a POWER FAIL log message shall be produced.
9)
Tamper detection: Controller shall indicate when the unit’s enclosure is being tampered with.
User interface: 1)
System shall support an ASCII character-based line-oriented interface via the RS-232 “Terminal” line.
2)
If Controller is configured without a Security Management System connection, then the User interface may also be performed via the “Security Management System” port.
Passwords: 1)
Authorization levels: Each password shall be assigned to one of 6 (six) authorization levels.
2)
Operator passwords: up to 8 (eight) defined.
3)
Duplication: If a password is duplicated, Controller will only recognize the first occurrence.
4)
Identification of operators for terminal use: 8 (eight) different operators.
5)
User definable passwords: Up to 12- (twelve) character user definable passwords shall be used to log on to the system.
System
diagnostics:
1)
System shall be capable of automatic system diagnostics and automatic alarming based on detected faults in the controller, readers, monitor input and relay controlling devices and keypads.
2)
System shall be capable of off-line diagnostics for checking the integrity of controller’s memory (RAM and PROM test), Relay outputs, RAM, serial communication ports and other functions.
Control
operation:
1)
Control operation shall be based on the ability to force relay lock outputs to an operating mode.
2)
Forcing action may be initiated by: (i) Time-of-Day schedule. (ii)
Switch Closure.
(iii) Command Key Presentation. (iv) Keyboard Command. WSE • 3/1/1999
16720 — 2 6
NSCC Security Management System
m . Card/Key Commands and Functions: 1)
Cardholders allowed: (i) Standard configuration: (a) Standard Controller configuration shall allow up to 20,020 unique numeric identification numbers to be entered, or up to 10,010 unique numeric identification numbers with up to 12character description, or PIN number. (ii)
Optional configuration with 2 MB RAM upgrade: (a) With optional 2 MB RAM upgrade, Controller shall allow up to 50,000 cardholders with userdefinable PIN codes.
2)
Both keys with and without names shall be allowed within the same database.
3)
Bulk program keys in groups and remove any key from the database.
4)
Any key usage may be traced by the system and a key trace report generated.
5)
Access parameter definition: any single key can be programmed to open a given door during four different time periods.
6)
Modification of key access parameters: may be modified at any time by an operator with a sufficient authorization level.
n.
Pre-programming: The access control and security management system shall have pre-programmed default data for ease in start-up and testing of equipment.
o.
Printed Data Output: 1)
System shall be capable of selecting which access and monitor point activity messages are to be output to the printer.
2)
System shall be capable of printing the following information: (i) Key Definitions: (a) Keycodes (b) Names (c) Access Codes (d) Location (In-Out status for anti-passback) (e) Key trace function (Enable/Disable) whether Privileged or not. (ii)
Monitored Point Parameters.
(iii) Door Parameters. (iv) Access Code Parameters. (v)
User Names, Passwords, and Access Levels.
(vi) (System Status (real time report). (vii) All Report Types. p.
Relay outputs: Each Controller shall initiate up to 16 relay output commands based on:
1)
Card Access Activity.
2)
Operator Keyboard Inputs.
3)
Pre-programmed Time Schedule. 4)
q.
Switch Input.
Monitoring: 1)
Supervised alarm contacts: up to 32 per Controller.
2)
Character names: up to 24 characters defined by user.
3)
Monitor points shall: (i) Be designated by the user as an alarm or non-alarm event. (ii)
WSE • 3/1/1999
Be elected to either monitor at all times or during selected time periods. 16720 — 2 7
NexSentry Access Control System
(iii) Be capable of being enabled/disabled from terminal or externally from cardholder. (iv) Be capable of enabling any lock output or annunciator output including the latched alarm contact. (v) r.
Work with the controller to provide immediate re-lock after cardholder has gained access into a facility. Systems re-locking only after adjustable time delay shall be acceptable.
Forced Entry Alarms: 1)
System shall have means to select which doors shall report forced entry alarms or door held open alarms.
2)
On a door by door basis, user shall be able to select which doors are to report forced entry and during what time periods.
3)
User shall be able to select whether such alarms will be generated at all times or when system is in LIMITED/CLOSED mode.
s.
Disk backup: The access control and security management system shall allow for disk backup and restoration of user data in the event of database loss if connected to a Security Management System computer.
t.
Battery backup: The access control and security system shall include internal battery backup to maintain controller database, program, time, date, and building mode during a power loss.
13. Manufacturer: WSE 14. M o d e l :
C.
a.
[4100 only: NexSentry 4100 Controller.]
b.
[4104 only: NexSentry 4104 Controller.]
c.
[4102 only: NexSentry 4102 Controller.]
[4100 only: NexSentry MIRO 16/8 Monitor Input/Relay Output Board: 1.
2.
3.
4.
General: a.
NexSentry MIRO 16/8 Monitor Input/Relay Output Board (MIRO 16/8) shall be a module that monitors inputs that occur over the S-Net and sends them to the Controller.
b.
MIRO 16/8 shall execute relay commands received from the controller out to S-Net devices.
Capacities: a.
Relay Outputs: 8 (eight) Normally opened (NO) or Normally Closed (NC) via strap position.
b.
Monitor Inputs: 16 (sixteen) four-state monitor points.
Specifications: a.
Board dimensions: 5 X 15 X 1.25 in. (12.7 X 38.1 X 3.175 cm)
b.
[Enclosure dimensions: 16.788 X 4.6 X 5.474 in. (42.64 X11.68 X 13.9 cm)]
Environmental: a.
Humidity: 0 to 95% non-condensing.
b.
Temperature: 19° to 120° F (-7° to 49°C).
5.
Mounting: MIRO 16/8 shall be mounted in an enclosure with the Controller or standalone in a controlled area.
6.
P o wer :
7.
a.
Source: Twisted pair (shielding optional) connected to Controller.
b.
Consumption: Less than 3 watts with 16 to 28 volts d.c.
Wiring: a.
Connectors: Twisted pair (shielding optional) wiring shall supply both power and communications to system devices using the following connectors: 1)
Monitor Inputs: Phoenix-type.
2)
Relay Outputs: Phoenix-type.
WSE • 3/1/1999
16720 — 2 8
NSCC Security Management System
8.
Communication: S-Net Communications through 2 (two) RS-485 connectors via the twisted pair (shielding optional) wiring.
9.
Manufacturer: WSE, Model: NexSentry MIRO 16/8.]
D. [4104 only: NexSentry MIRO 8/4 Monitor Input/Relay Output Daughterboard: 1.
2.
3.
4.
General: a.
MIRO 8/4 Monitor Input/Relay Output Daughterboard (MIRO 8/4) shall be a daughterboard that provides eight (8) 4-state monitor inputs and four (4) relay outputs.
b.
MIRO 8/4 shall be mounted directly onto expansion connectors of the NexSentry Controller to allow an inexpensive solution for small access control applications (4 doors or fewer).
c.
All circuits shall be designed for compliance with UL-294 and FCC requirements.
Capacities: a.
Relay Outputs: 4 (four) Normally Opened (NO) or Normally Closed (NC) via strap position.
b.
Monitor Inputs: 8 (eight) four-state monitor points.
Specifications: a.
Board dimensions: 7 X 6 in. (17.8 X 25 cm)
b.
Enclosure dimensions: N/A (MIRO 8/4 shall be mounted directly onto expansion connectors of the NexSentry Controller and shall not require its own separate enclosure).
c.
Weight: 6-oz. (168 g).
Environmental: a.
Humidity: Zero to 95% non-condensing.
b.
Temperature: 19° to 120° F (-7° to 49°C).
5.
Mounting: MIRO 8/4 shall be mounted directly onto expansion connectors of the NexSentry Controller.
6.
P o w er :
7.
a.
Source: NexSentry Controller
b.
Consumption: 215 mW with all relays active
Wiring: 1)
E.
MIRO 8/4 shall be mounted directly onto expansion connectors of the NexSentry Controller and shall not require extra wiring.
8.
Communication: MIRO 8/4 Daughterboard shall have a surge protected interface controllable by the NexSentry Controller.
9.
Manufacturer: WSE, Model: NexSentry MIRO 8/4.]
[Not currently available: NexSentry MIRO 64/0 Monitor Input Unit: 1.
General: NexSentry MIRO 64/0 Monitor Input Unit shall be a module that sends input changes to the NexSentry Controller via S-Net communications, and shall have the following features: a.
64- (sixty-four) 4-state-state monitor inputs.
b.
1- (one) RS-485 communication channel to an SNET host designed for daisy chain (1 connector in, 1 connector out).
c.
Power conversion circuitry required for use with a 24V-power supply.
d.
One input for tamper detection.
e.
Reset switch with power-up reset logic.
f.
All circuits shall be designed for compliance with UL-294 and FCC requirements.
WSE • 3/1/1999
16720 — 2 9
NexSentry Access Control System
2.
Performance: MIRO 64/0 shall filter input contacts such that only changes lasting 100 msec or more are reported. No valid changes shall be missed.
3.
Capacities:
4.
5.
a.
Relay Outputs: None.
b.
Monitor Inputs: Sixty-four (64 four-state monitor inputs, one (1) input for tamper detection.
Specifications: a.
Board dimensions: 5 X 15 X 1.25 in. (12.7 X 38.1 X 3.2 cm).
b.
Enclosure dimensions: 5 X 16.25 X 1.825 (12.7 X 41.3 X 4.7 cm).
c.
Weight: 16 oz. (448 g).
Environmental: a.
Humidity: Zero to 95% non-condensing.
b.
Temperature: 19° to 120° F (-7° to 49°C).
6.
Mounting: MIRO 64/0 shall be mounted in an enclosure with the Controller or standalone in a controlled area.
7.
P o wer :
8.
a.
Source: NexSentry Controller
b.
Consumption: 215 mW with all relays active
Wiring: a.
9.
Connectors: Twisted pair (shielding optional) wiring shall supply both power and communications to system devices using the following connectors: 1)
Monitor Inputs: Phoenix-type.
2)
Relay Outputs: Phoenix-type.
Communication: S-Net Communications through 2- (two) RS-485 connectors via the twisted pair (shielding optional) wiring.
10. Manufacturer: WSE, Model: NexSentry MIRO 64/0.] F.
[NexSentry MIRO 2/24 Relay Output Unit: 1.
2.
3.
General: MIRO 2/24 Monitor Input Unit (MIRO 64/0) shall be a module that accepts relay commands from the NexSentry Controller via S-Net communications, and shall have the following features: 1)
Twenty-four Form C relays
2)
One input for tamper detection
3)
One input for use as an override command to cause all relays to energize
4)
One RS-485 communication channel to an SNET host designed for daisy chain (1 connector in, 1 connector out)
5)
Power conversion circuitry required for use with a 24V-power supply.
6)
One input for tamper detection
7)
All circuits shall be designed for compliance with UL-294 and FCC requirements.
Performance: MIRO 2/24 shall provide: a.
Timed ON output pulses in increments of 100msec.
b.
Timed OFF output pulses.
c.
Alternating ON/OFF timed cycles as directed by NexSentry Controller.
Capacities: a.
Relay Outputs: Twenty-four (24) Form C relays.
b.
Monitor
WSE • 3/1/1999
Inputs: 16720 — 3 0
NSCC Security Management System
4.
5.
1)
One (1) for use as an override command to cause all relays to energize.
2)
One (1) input for tamper protection.
Specifications: a.
Board dimensions: 5 X 15 X 1.25 in. (12.7 X 38.1 X 3.2 cm)
b.
Enclosure dimensions: 5 X 16.25 X 1.825 (12.7 X 41.3 X 4.7).
c.
Weight: 16-oz. (448 g.)
Environmental: a.
Humidity: Zero to 95% non-condensing.
b.
Temperature: 19° to 120° F (-7° to 49°C).
6.
Mounting: MIRO 2/24 shall be mounted in an enclosure with the Controller or standalone in a controlled area.
7.
Po w e r :
8.
a.
Source: NexSentry Controller
b.
Consumption: 215 mW with all relays active
Wiring: a.
9.
Connectors: Twisted pair (shielding optional) wiring shall supply both power and communications to system devices using the following connectors: 1)
Monitor Inputs: Phoenix-type.
2)
Relay Outputs: Phoenix-type.
Communication: S-Net Communications through 2 (two) RS-485 connectors via the twisted pair (shielding optional) wiring.
10. Manufacturer: WSE, Model: NexSentry MIRO 64/0.] G. [NexSentry MIRO 4/2 Monitor Input Unit: 1.
2.
3.
General: NexSentry MIRO 4/2 Monitor Input Unite (MIRO 4/2) shall send input changes and perform commands as directed by S-Net messages from the NexSentry Controller. MIRO 4/2 shall have the following: a.
Two (2) relay outputs.
b.
Four (4) four-state monitor inputs.
c.
One input for use as an override command to cause all relays to energize
d.
One (1) RS-485 communication channel to an SNET host designed for daisy chain (1 connector in, 1 connector out)
e.
Power conversion circuitry required for use with a 24V-power supply.
f.
One 4-state input for tamper detection.
g.
Reset switch with power-up reset logic.
h.
All circuits shall be designed for compliance with UL-294 and FCC requirements.
Performance: MIRO 4/2 shall digitally filter input contacts such that only changes lasting 100 msec or more are reported. No valid changes shall be missed. MIRO 4/2 shall also provide: a.
Timed ON output pulses in increments of 100msec.
b.
Timed OFF output pulses.
c.
Alternating ON/OFF timed cycles as directed by NexSentry Controller.
Capacities: a.
Relay Outputs: Two (2) 5-Amp form C relays.
b.
Monitor Inputs: Four (4) 4-state monitor points.
WSE • 3/1/1999
16720 — 3 1
NexSentry Access Control System
4.
5.
Specifications: a.
Board dimensions: 5 X 5 X .75 in. (12.7 X 12.7 X 3.175 C).
b.
Enclosure dimensions: 7.5 X 6 X 1.25 in. (19.05 X 15.24 X 3.175 C).
c.
Weight: 10 oz. (280 g)
Environmental: a.
Humidity: Zero to 95% non-condensing.
b.
Temperature: 19° to 120° F (-7° to 49°C).
6.
Mounting: MIRO 4/2 shall be mounted in an enclosure with the Controller or standalone in a controlled area.
7.
P o wer :
8.
a.
Source: NexSentry Controller.
b.
Consumption: accepts 9 to 32 volts D.C. and consumes 1.2 watts when all relays are energized.
Wiring: a.
9.
Connectors: Twisted pair (shielding optional) wiring shall supply both power and communications to system devices using the following connectors: 1)
Monitor Inputs: Phoenix-type.
2)
Relay Outputs: Phoenix-type.
Communication: One (1) RS-485 communication channel to an SNET host designed for daisy chain (1 connector in, 1 connector out).
10. Regulatory Requirements: NexSentry MIRO 4/2 shall meet the requirements specified by the following: a.
UL294 Standard for Safety: Access Control Units.
b.
FCC EMI and EMC Class A.
c.
En55022 EMI and EMC Class A.
11. Manufacturer: WSE, Model: NexSentry MIRO 4/2.] H. [MIRO 4/0 Monitor Input Unit: 1.
General: NexSentry MIRO 4/0 shall send via the SNET any input changes to the NexSentry Controller. MIRO 4/0 shall have the following: a.
1- (one) 4-state input for tamper detection.
b.
4- (four) (4) 4-state monitor inputs.
c.
1- (one) RS-485 communication channel to an SNET host designed for daisy chain (1 connector in, 1 connector out).
d.
One coax adapter to provide power and S-Net over coaxial cable for retrofit locations.
e.
Power conversion circuitry required for use with a 24V D.C. power supply.
f.
Reset switch with power-up reset logic.
g.
All circuits shall be designed for compliance with UL-294 and FCC requirements.
2.
Performance: MIRO 4/0 shall digitally filter input contacts such that only changes lasting 100 msec or more are reported. No valid changes will be missed.
3.
Capacities: a.
Relay Outputs: N/A.
b.
Monitor
Inputs:
1)
4- (four) 4-state monitor inputs.
2)
1- (one) 4-state input for tamper detection.
WSE • 3/1/1999
16720 — 3 2
NSCC Security Management System
4.
5.
Specifications: a.
Board dimensions: 5 X 5 X .75 in. (12.7 X 12.7 X 3.175 C)
b.
Enclosure dimensions: 7.5 X 6 X 1.25 in. (19.05 X 15.24 X 3.175 C).
c.
Weight: 10 oz. (280 g)
Environmental: a.
Humidity: Zero to 95% non-condensing.
b.
Temperature: 19° to 120° F (-7° to 49°C).
6.
Mounting: MIRO 4/0 shall be mounted in an enclosure with the Controller or standalone in a controlled area.
7.
Power:
8.
a.
Source: NexSentry Controller
b.
Consumption: Accepts 9 to 32 volts D.C. and consumes 0.3 watts when all inputs are shorted.
Wiring: a.
9.
Connectors: Twisted pair (shielding optional) wiring shall supply both power and communications to system devices using the following connectors: 1)
Monitor Inputs: Phoenix-type.
2)
Relay Outputs: Phoenix-type.
Communication: S-Net Communications through one (1) RS-485 connectors via the twisted pair (shielding optional) wiring.
10. Manufacturer: WSE 11. Model: NexSentry MIRO 4/0.] I.
[NexStar S-Net Multiplexer: ********** Note: • If the system must use a home-run wiring scheme, rather than the standard daisy-chain wiring scheme of a typical NexSentry Controller installation, you must use a NexStar S-Net Multiplexer to join the multiple wire runs into a single wire run that feeds into the NexSentry Controller or NexSentry MIRO. • If system uses a daisy-chain wiring scheme, delete this section. ********** 1.
2.
General: NexStar S-Net Multiplexer (NexStar) shall: a.
Be a 5-port RS485 multiplexer that provides a link between a WSE access control unit and multiple S-Net runs.
b.
Provide maximum flexibility for wiring RS-485 communications in an installation through multi-drop connections.
c.
Consist of a single printed circuit assembly (PCA) in a two-part housing. Male Phoenix connectors on the PCA shall be accessed through the side of the housing for port connections.
d.
Allow home run wiring to connect between S-Net communication devices and a controller.
e.
Be able to be used with all multi-door controllers that support S-Net protocol using twisted pair wire.
f.
[Conversion Solutions only: Provide an easy conversion path from analog technology to digital technology. Using WSE’s DataLine or PowerLine adapters, existing coax can be used in a digital system.
g.
[Wiegand system upgrades only: Provide an easy upgrade path for Wiegand style networks to advanced RS485 using the existing twisted-pair wiring.
h.
Provide network-wiring lengths up to 20,000 feet.
Specifications: a.
Dimensions: 4.10 X 7.25 X 1.35 in. (10.41 X 18.42 X 3.43 cm)
b.
Construction:
WSE • 3/1/1999
16720 — 3 3
NexSentry Access Control System
c. 3.
4.
7.
9.
Sheet Metal ESD protected enclosure.
2)
Five identical ports.
Weight: 13 oz. (400 g)
Environmental: a.
Operating Temperature range: 4° F to 120° F (-20° C to 50° C)
b.
Operating humidity range: 0 to 90%, non-condensing
Mounting: a.
5.
1)
Wall mount, four screws.
P o we r: a.
Input voltage: +15 to+28 VDC
b.
Operating current: 50 mA
c.
Pass through current: 2A
6.
Connectors: Phoenix.
Compatibility: a.
DigiReader Series digital proximity readers.
b.
NexSentry 4100 Series Controllers.
c.
Alto 818 SC Controllers.
8.
Communications: S-Net communications through single twisted pair wire with overall shield.
Wiring: a.
Single S-Net run using twisted pair wiring up to 4,000 feet (1,200).
b.
Using all NexStar’s five symmetrical ports, the end-to-end S-Net length shall be able to span up to 8,000 feet (2400 meters) and contain up to 20,000 feet (6,000 meters of installed wiring.
c.
Separate twisted-pair cables for data and power shall be used when wire run lengths exceed 500 feet (150) meters.
10. Feedback: a.
5- (five) port LEDs shall illuminate when the associated port is transmitting.
b.
The COM ACTIVE LED shall be illuminated when any data is being passed through NexStar.
11. Manufacturer: WSE. 12. Model: NexStar.] .4
READERS A. [Digital Proximity Reader (DigiReader): *********** Note: There are a number of DigiReader digital proximity readers available to meet varying needs of most installations. Each reader provides different read ranges. When compiling Specifications, use the “Read Range Matrix” (Appendix) to determine the reader and card that best suit the specific application. Determine which reader best suits your application and enter the appropriate model number in place of the “[XX]”. *********** 1.
General: a.
DR 42[XX] DigiReader digital proximity reader shall read WSE digital proximity ID credentials and send signal to Controller for processing.
b.
[DR 4205K version shall have an integrated keypad for additional security, be weatherized for external use, and comply with the ADA. Keypad shall provide a standard 12-key telephone pad layout with 10-digit numeric entry pad, and “*” (star) and “#” (pound) keys.]
WSE • 3/1/1999
16720 — 3 4
NSCC Security Management System
c.
2.
[42[XX]E version shall be weatherized and splash-proof for external use.]
d.
[4205GM version shall feature a glass-mount kit with LED status display on front and back of reader.]
e.
[DR 4205W version shall be a Wiegand proximity reader that interfaces to NexSentry 4100 Series controllers through a NexSentry Wiegand Interface Unit and operates using 26- or 34-bit 5-wire Wiegand standard.]
f.
DR4226/DR4238 shall be extended range readers providing easiest hands free access for credential holders.
Capacities: a.
DR 42[XX] shall read digital proximity keys supporting phase shift signals to a distance of [_____] (enter optimum read range as defined in DigiReader/Prox Card Read Range Matrix in appendix) inches and does not require contact with the reader.
3.
Construction: Material shall be high-impact Lexan with 94V-2 UL flame class rating, and shall be UV resistant, sealed, water and weather resistant, and tamperproof.
4.
Environmental:
5.
6.
7.
a.
Humidity: 10% to 90% non-condensing. [“E” version: 5% to 100% condensing].
b.
Temperature: -4° to +140° F (-20° to +60° C) [“E” version: -31° to 150° F (-35° to 66° C)]
P o w er : a.
Source: Via the network twisted pair (shielding optional) wiring.
b.
Consumption: 1)
[DR 4203: Less than 2.0 watts.]
2)
[DR 4205 Series: Less than 2.0 watts.]
3)
[DR 4226: Less than 17 watts.]
4)
[DR 4238: Less than 17 watts.]
Regulatory: Controller shall be designed to meet the following regulatory requirements: a.
UL294 Listing Standard for Safety.
b.
FCC EMI and EMC Class A.
c.
EN55022 EMI and EMC Class A.
d.
American with Disabilities Act (ADA).
Mounting: a.
DR shall have the capacity to be mounted and operated behind any non-metallic, non-conductive surface, including glass.
b.
[(DR 4203 only) DR 4203 shall have the capability to be mounted on any metal door frame.]
8.
Wiring: Twisted pair (shielding optional) with 4,000 foot maximum recommended length.
9.
Feedback: a.
Single tri-color LED (green/amber/red) shall provide capability for diagnostic feedback.
b.
Tri-color LED shall be programmable.
c.
An audio tone shall indicate successful digital proximity card read and access granted.
10. Diagnostics: DR and data-line integrity shall be monitored continuously and shall alarm if failure is detected and indicate device and location of fault. 11. S e l f - p r o t e c t i o n : a.
Physical damage, including breaking open sensor housing, shall not allow access to any circuitry which would allow the system to be compromised.
b.
Transmission of any frequency (or set of frequencies) into the sensor at any power level shall not compromise the system.
12. Manufacturer: WSE. WSE • 3/1/1999
16720 — 3 5
NexSentry Access Control System
13. Model:
B.
a.
[DR 4203]
b.
[DR 4205], [DR 4205E], [DR 4205GM], [DR 4205K]
c.
[DR 4205W], [DR 4205WE], [DR 4205WGM]
d.
[DR 4208]
e.
[DR 4226]
f.
[DR 4238]
[Magnetic Stripe Pass Through Reader (MSR): *********** Note: There are currently two models of MSR 42 Series Magnetic Stripe readers. Both MSR42 and MSRK 42 readers are identical in every way, with one exception: MSRK 42 adds an integrated key pad for numeric verification of magnetic stripe input data. When compiling spec, determine which reader best suits your requirements, or whether you want to use both for different applications on the same system. Delete the [bracketed] information that does not apply to your specification. *********** 1.
2.
3.
4.
5.
6.
7.
General: a.
[MSR42: MSR shall read magnetic stripe cards that have been encoded with standard ISO/ABA Track II card numbering format.]
b.
[MSRK42: MSRK shall read magnetic stripe cards that have been encoded with standard ISO/ABA Track II card numbering format, and shall have an integrated 12-key pad for numeric entry to verify magnetic stripe input data.]
c.
Magnetic stripe cards shall be read in either direction while being swiped through the MSR.
Capacities: a.
Readers shall read all 40 (forty) digits of the swiped magnetic stripe card.
b.
[MSRK42: MSRK readers with integrated keypad shall allow numeric entry for additional security.]
Specifications: a.
Dimensions: 1.95 X 1.30 X 5.50 in. (5 X 3.3 X 14 cm).
b.
Card accommodation: Credit card sized magnetic stripe card (2.125 X 3.375 X .030 in., +/- .003 in.; 75 bip; ANSI X 4.16).
c.
Read speed: 3 to 50 ips.
Environmental: a.
Humidity: 0% to 95% RHNC (weatherized option to 100%).
b.
Temperature: -31° F to 150° F (-35°C to +66°C).
Mounting: Wall-mounted either horizontally or vertically on a standard single-gang handy box (preferred method), on any flat surface, on a structured door frame (mullion), or as a Wiegand (Sensor Model 30387) reader replacement using matching hot holes on the adapter plate. a.
[MSR42: MSR42 is designed for indoor use, but can be used for most sheltered outdoor applications.]
b.
[MSRK42: MSRK is weatherized for outdoor use and can withstand direct exposure to the elements.]
Power: a.
Source: Powered from the system twisted pair (shielding optional) wiring connected to the Controller.
b.
Current: 50mA.
c.
Wiring: Twisted pair cable with maximum recommended length of cable being 4,000 feet.
Feedback: a.
Reader shall provide a two state LED that indicates door status as follows:
WSE • 3/1/1999
16720 — 3 6
NSCC Security Management System
b.
1)
A red light indicates active but locked;
2)
A green light indicates unlocked.
Realer shall sound an alarm upon improper card entry.
8.
Diagnostics: Reader shall perform a power-up self test, which indicates the success or failure of the test.
9.
Self-protection: a.
Physical damage, including breaking open reader housing, shall not allow access to any circuitry which would allow the system to be compromised.
b.
A special latch release tool to access concealed latches provides additional tamper resistance.
10. Manufacturer: WSE. 11. Model:
C.
a.
[MSR42-G, Magnetic Stripe Card Reader.]
b.
[MSR42-GW, Weatherized Magnetic Stripe Card Reader.]
c.
[MSRK42-G, Magnetic Stripe Card Reader with Keypad.]
d.
[MSRK42-GW, Weatherized Magnetic Stripe Card Reader with Keypad.]]
[Keypad (VIP-2): 1.
2.
4.
5.
6.
General: a.
The system shall have the means to utilize a numeric keypad for entry of a Personal Identification Number (PIN).
b.
The Keypad shall provide information to the Controller, either alone or in conjunction with a [DigiReader Series digital proximity reader] [credential reading device], thereby providing an additional level of security.
c.
The system shall have the means to recognize special duress codes that can be entered into the Keypad to be available to any user during an emergency.
d.
System administrator shall have capability to program a reaction based on keypad duress code input.
Capacities: a.
Keypad shall provide a standard 12-key telephone pad layout with 10-digit numeric entry pad, and “*” (star) and “#” (pound) keys.
b.
The user shall be able to enter a 4- to 8-digit Personal Identification Number (PIN).
3.
Specifications: The keypad unit shall be housed in a double gang metal utility box, 4.50 H X 4.56 W X 2.19 D in. (11.43 X 11.58 X 5.56 cm).
Environmental: a.
Temperature: 20° F to 120° F (-7° C to +49° C).
b.
Humidity: 10% to 95% non-condensing.
Regulatory: The unit shall meet the following regulatory requirements: a.
FCC Class A computing device when installed in the system.
b.
ANSI/NEMA Standard 250 for Type 4x enclosures.
Mounting: a.
Keypad shall be mounted on the outside of a building, in a wall, or against it.
b.
After the keypad is installed and operations have been verified, decal shall be placed over the cover plate to conceal mounting plate and to provide a weather seal.
WSE • 3/1/1999
16720 — 3 7
NexSentry Access Control System
7.
Power: Keypad receives power from the network twisted pair wiring.
8.
Wiring: Twisted pair cable with a maximum recommended cable length of 4,000 feet.
9.
Feedback: Keypad shall provide three LED status’ for awaiting card presentation, awaiting keypad entry and acknowledgment of successful access granted and door unlock.
10. Self-protection: Keypad is protected against the circuitry being removed from the outlet box or the box being forcibly removed from the wall by means of a strategically placed internal tamper switch. 11. Manufacturer: WSE, Model:
.5
a.
[VIP-2.]
b.
[VIP-2W (weatherized.)]]
[FASTLANE ACCESS OPTICAL TURNSTILE A. General: The optical turnstile shall be able to: 1.
Completely compatible with WSE Access Control and Security Management Systems specified herein.
2.
Available in a free standing OEM form to be placed in custom built enclosures, or for flush wall mounting.
3.
Detect unauthorized persons entering the protected area.
4.
Detect unauthorized persons from entering, more than 6 inches (at waist height), behind authorized persons, i.e. tailgating.
5.
Process a high number of people without security guard intervention, unless access is rejected by the system or a system anomaly occurs.
6.
Verify entry into the protected area following card presentation.
7.
Allow safe emergency egress without the hindrance of a physical barrier.
8.
Allow free movement for wheelchair users.
9.
Allow bi-directional or unidirectional movement
10. Enable counting and accurate monitoring of building population levels and the analysis of population flows. 11. Be easy to use. 12. Provide alarm outputs on detection of a violation by means of: a.
Local sounders.
b.
A relay contact closing.
13. Detect direction of movement, i.e. entry or exit. 14. Minimize alarms with infrared beams connected to intelligent detection algorithms. B.
Software/Firmware: 1.
2.
General: The optical turnstile shall be capable of detecting and signaling the following: a.
Entry and/or exit with an authorized card.
b.
Entry and/or exit without an authorized card.
c.
Authorized card being read by the system but no entry or exit taking place.
d.
Card presented for exit but entry occurring.
e.
Card presented for entry but exit occurring.
f.
Obstruction of an infrared beam path.
g.
An unauthorized person following an authorized person through the beam path i.e. tailgating.
Capabilities: The software shall provide: a.
Fast/Normal personnel throughput settings for operation respectively with/without personnel counting.
WSE • 3/1/1999
16720 — 3 8
NSCC Security Management System
Selection means for all timed duration and function.
c.
Means of ascribing location/identity to each lane.
d.
At the default programmed sensitivity setting, user behavior shall be tolerated by the software, with out generating an alarm condition due to: 1)
Part passage through the beams and moving back out again.
2)
Hesitation in the beam field for less than a pre selected number of seconds.
3)
Presenting a card for authorization, while within the beam field, but before completing passage through it.
3.
Operator interface: The optical turnstile system shall be supplied with a user friendly PC based Windows software programming package utilized to control operational parameters of the optical turnstile.
4.
Detection
5.
C.
b.
delay:
a.
There shall be a time delay of no greater than 100mS in signaling passage through the beams and readying the optical turnstile for the next user except when a greater delay is caused by the attached access control system.
b.
There shall be no significant detection delay.
Adjustable sensor beams: a.
To minimize nuisance alarms the optical turnstile shall be fitted with four infra-red beams controlled by intelligence capable of differentiating between relatively smaller inanimate objects and human targets, for example an umbrella and a person, an empty wheelchair (of certain design) and an occupied wheelchair.
b.
The sensitivity of the infra-red beams will be adjustable via a user friendly Windows based PC software programming package to make the turnstiles more or less forgiving of user behavior in the infra-red beam path.
Hardware: 1.
General: a.
The optical turnstile shall consist of two or more adjacent pedestals with a transmit pedestal and receive pedestal on the outside edges. Further pedestals (with transmit and receive electronics back to back in one pedestal) may be inserted to increase the number of lanes of access.
b.
The optical turnstile pedestals shall be made up of 2 x brushed stainless steel end pieces, dark Plexiglas infrared filter sides, a dark Plexiglas lid and a stainless steel base. Stainless steel side panels shall be available for row ends where beam passage is not required.
c.
The pedestals shall be fitted with quick release bases complete with connectors allowing for rapid temporary removal. Also supplied shall be a cover plate to protect the base and connectors whilst the pedestal is not in place.
d.
Each lane shall be protected by four pulsed infrared beams. The optical turnstile infrared beams shall be synchronized to prevent interference between adjacent paths and other nearby optical turnstiles.
2.
Power requirement: 12V DC (11.9 - 14V), supply current 1A nom per lane including vacuum fluorescent display.
3.
Communications: The optical turnstile shall be provided with a RS485 multi-drop serial port for transmitting flow and other operational data.
4.
Inputs: Inputs to the optical turnstile shall be voltage-free switching (current sense 1mA typical).
5.
Outputs: The optical turnstile shall utilize voltage free outputs for remote flow displays, alarm indicators and to provide turnstile and entry and exit door emulation. The outputs shall also be able to drive alternative graphic array displays.
6.
Display: a.
For ease of use, the optical turnstile shall be fitted with 2 x 20 character vacuum fluorescent displays per lane.
b.
Displays shall be used to instruct, greet, control flow of, and warn users.
c.
Display messages shall be easily programmable via a Windows based software-programming package.
WSE • 3/1/1999
16720 — 3 9
NexSentry Access Control System
7.
8.
Alarms: a.
The optical turnstile shall utilize a voltage free, normally energized closed output to signal alarm situations.
b.
Each lane shall be fitted with an audible alarm which will be triggered in an alarm condition via a voltage free relay contact, rated 0.5A 28V DC. This relay contact shall be able to be utilized to trigger alternative alarm, CCTV and reaction systems.
c.
Each lane shall thus provide outputs for: 1)
Local alarm sounders.
2)
Remote alarm sounder.
3)
Normally open.
4)
Relay contact.
Installation: a.
Turnstile shall be installed at a suitable separation so as to deter side by side entry and encourage single file traffic whilst being of suitable width for wheelchair movements.
b.
Readers shall be mounted on turnstile pedestals.
D. Manufacturer: WSE. Model: FastLane Access Optical Turnstile.] .6
CREDENTIALS *********** Note: There are a number of credentials available to meet varying needs of most installations. In most situations, more than one kind of credential can be used with certain readers. When compiling Specifications, use the “Read Range Matrix” (Appendix) to determine the reader and card that best suit the specific application. Determine which card, or cards, best suits your application delete the other options from your specification. *********** A. [QuadraKey Digital Proximity Card: 1.
2.
3.
4.
General: a.
QuadraKey Digital Proximity Card (Card) is an ISO-compliant, single-coil passive digital proximity ID credential that supports multiple technologies on one card, including: digital proximity, magnetic stripe, bar code and photo ID.
b.
Design shall be capable of smart chip insertion, color imaging on both sides and hole punch horizontal or vertical for using the card as a badge.
c.
Note: Active circuit type cards (those requiring batteries) shall not be acceptable.
Capacities: a.
QuadraKey shall be able to generate a minimum eight-digit access number.
b.
Cards shall have numeric encoded data embedded in an integrated circuit within the card.
c.
Each card shall be encoded so that it is unique and exists in no other system anywhere in the world.
Specifications: a.
Dimensions: ISO standard size and thickness of 3.37 X 2.125 X 0.032 in (8.55 X 5.39 X 0.081 cm).
b.
Material: Single-coil in PVC.
c.
Magnetic stripe material: single-layer 3M type 5203 High Coercivity, 4000 Oerstad using Track 2, without exception.
d.
Magnetic stripe dimensions: The stripe shall minimally extend from 0.333 in. to 0.493 in. from the upper card edge and for the entire length of the card.
Environmental: a.
Temperature: 14° to 140° F (-10° to 60° C).
WSE • 3/1/1999
16720 — 4 0
NSCC Security Management System
b. 5.
Regulatory: N/A (Card is totally passive requiring no approval.)
6.
Po w e r : a.
Communication: Via low-power radio frequency, providing read ranges up to [22] inches depending on the selected DigiReader. (see "DigiReader/Prox Card Read Range Matrix" in Part IV.1 for actual figures).
8.
Manufacturer: WSE Model: QuadraKey.]
[NexKey Digital Proximity Badge: 1.
2.
3.
4.
General: a.
NexKey Digital Proximity Command Badge (Card) is a single-coil passive digital proximity ID credential that can, through add-on options, support additional technologies, including: bar code and photo ID with lamination.
b.
Card shall be highly resistant to face abrasion or bending.
c.
Card shall have a slot in the vertical position for use as a badge.
d.
Note: Active circuit type cards (those requiring batteries) shall not be acceptable.
Capacities: a.
Card can generate a minimum eight-digit access number.
b.
Cards shall have numeric encoded data embedded in an integrated circuit within the card.
c.
Each card shall be encoded so that it is unique and exists in no other system anywhere in the world.
Specifications: a.
Dimensions: 3.37 X 2.125 X 0.075 in. (8.55 X 5.93 X 0.19 cm).
b.
Construction: Single-coil in ABS polycarbonate base covered with Lexan skin.
Environmental: a.
Temperature: 14° to 140° F (-10° to 60° C).
b.
Humidity: 0% to 100% humidity.
5.
Regulatory: N/A (Card is totally passive requiring no approval.)
6.
Power: Passive-powered by DigiReader digital proximity reader.
7.
Communication: Card shall communicate via low-power radio frequency, providing read ranges up to [22] inches depending on the selected DigiReader. (See "DigiReader/Prox Card" read range matrix for actual figures). 8.
C.
Source: Passive-powered by DigiReader digital proximity reader.
7.
9. B.
Humidity: 0% to 100%.
Manufacturer: WSE, Model: NexKey.]
[DuraKey Digital Proximity Card: 1.
2.
General: a.
DuraKey Digital Proximity Card (Card) is a highly durable, dual-coil passive digital proximity card that, through add-on options, supports multiple card technologies on one card, including: bar code and photo ID with lamination.
b.
Note: Active circuit type cards (those requiring batteries) shall not be acceptable.
Capacities: a.
Digital Proximity Card can generate a minimum eight-digit access number.
b.
Cards shall have numeric encoded data embedded in an integrated circuit within the card. Each card shall be encoded so that it is unique and exists in no other system anywhere in the world.
WSE • 3/1/1999
16720 — 4 1
NexSentry Access Control System
3.
4.
Specifications: a.
Dimensions: 3.37 X 2.125 X 0.099 in. (8.55 X 5.93 X 0.25 cm).
b.
Construction: Dual-coil in ABS polycarbonate base with Lexan covering.
Environmental: a.
Temperature: 14° to 140° F (-10° to 60° C).
b.
Humidity: 0% to 100% relative humidity.
5.
Regulatory: N/A (Card is totally passive requiring no approval.)
6.
Power: Passive-powered by DigiReader digital proximity reader.
7.
Communication: Card shall communicate via low-power radio frequency, providing read ranges up to [36] inches depending on the selected DigiReader. (See "DigiReader/Prox Card read range matrix" for actual figures)
8.
Manufacturer: WSE, Model: DuraKey.]
D. [KeyMate Proximity Key Fob, Radio Frequency Identification (RFID tag): 1.
2.
3.
4.
E.
General: a.
KeyMate Digital Key Fob is a compact, single-coil passive digital proximity access credential for use in environments requiring a flexible alternative to access cards for tracking people, items or inventory.
b.
Fobs shall be constructed of a lightweight yet highly durable, waterproof polypropylene material and feature one built-in slot for easy conversion to a key chain, bracelet or commercial ID tag.
c.
Note: Active circuit type cards (those requiring batteries) shall not be acceptable.
Capacities: a.
KeyMate Digital Key Fob shall generate a minimum eight-digit access number.
b.
Numeric encoded data shall be embedded in an integrated circuit within each fob. Each fob shall be encoded so that it is unique and exists in no other system anywhere in the world.
Specifications: a.
Dimensions: 1.375 X 1.625 X .125 in. (3.49 X 4.13 X .125 cm).
b.
Construction: Single-coil molded in durable polypropylene material.
Environmental: a.
Temperature: -31° to 270° F (-35° to 132° C).
b.
Humidity: 0% to 100% condensing.
5.
Regulatory: N/A (Fob is totally passive requiring no approval).
6.
Power: Passive-powered by DigiReader digital proximity reader.
7.
Communication: KeyMate Digital Key Fob shall communicate via low power radio frequency, providing read ranges up to [15] inches depending on the selected DigiReader (See DigiReader/Prox Card read range matrix for actual figures).
8.
Manufacturer: WSE, Model: KeyMate.]
[DuraTag Radio Frequency Identification Tag: 1.
General: a.
DuraTag is a compact, single-coil passive digital proximity access credential and identification tag for use in environments requiring a flexible alternative to access cards for tracking people, items or inventory.
b.
Tags shall be constructed of a lightweight yet highly durable, waterproof polypropylene material.
c.
Dual-slot configuration shall allow tags to be fastened easily and securely to items, or to be adapted for wristband use.
d.
Note: Active circuit type cards (those requiring batteries) shall not be acceptable.
WSE • 3/1/1999
16720 — 4 2
NSCC Security Management System
2.
3.
4.
F.
Capacities: a.
DuraTag Digital Key tag shall generate a minimum eight-digit access number.
b.
Numeric encoded data shall be embedded in an integrated circuit within each tag. Each tag shall be encoded so that it is unique and exists in no other system anywhere in the world.
Specifications: a.
Dimensions: 1.37 in. D X 0.192 in. thick (3.45 cm D X 4.84 mm thick).
b.
Construction: Single coil molded in durable polypropylene.
Environmental: a.
Temperature: -31° to 270° F (-35° to 132° C).
b.
Humidity: 0% to 100% condensing.
5.
Regulatory: N/A (Fob is totally passive requiring no approval).
6.
Power: Passive-powered by DigiReader digital proximity reader.
7.
Communication: DuraTag Digital Key Fob shall communicate via low power radio frequency, providing read ranges up to [15] inches depending on the selected DigiReader (See DigiReader/Prox Card read range matrix for actual figures).
8.
Manufacturer: WSE, Model: DuraTag.]
[Magnetic Stripe Card — ISO/ABA format: 1.
General: The ISO/ABA format magnetic stripe card shall conform to the ISO/ABA standards for size and encoding characteristics.
2.
Capacities:
3.
4.
a.
Each card shall support up to 40 digits in an ISO/ABA format on track two of the magnetic stripe.
b.
The information contained in the 40 digits shall include at least a 4- to 8-digit number for identification or access purposes.
c.
Additional information can include a site code (4 digits) and an expiration date of month and year (4 digits).
Specifications: a.
Dimensions: 2.125 X 3.375 X .030 in. (5.4 X 8.57 X .07 cm)
b.
Construction: Polyester and appropriate adhesive-based materials.
c.
Magnetic stripe material: Single layer 3M type 5203 High Coercivity, 4000 Oerstad using Track 2, without exception.
d.
Magnetic stripe dimensions: From 0.333 in. to 0.493 in. minimum from the upper card edge and for the entire length of the card.
e.
Photo ID ready: Photo ID Badge shall be available as an add-on to all magnetic stripe systems. It uses the NexSentry Imaging Solutions system with ANSI X4.16-1983 encoding.
Environmental: a.
Temperature: -30° to +122° F (-35° to 50° C).
b.
Humidity: 5% to 95% relative humidity.
WSE • 3/1/1999
16720 — 4 3
NexSentry Access Control System
.7
5.
Communication: Via physical read by a Magnetic Stripe Reader.
6.
Manufacturer: WSE, Model: ISO/ABA Magnetic Stripe Card.]
POWER A. Power Supply (PI-1) Power Inserter: 1.
General: Un-interruptable power source module shall provide low voltage DC power. It shall also support optional external lead acid batteries to maintain all controller operations for at least 4 (four) hours in event of power failure.
2.
Capacities:
3.
a.
28 volt DC output to readers.
b.
Limited lock power output at 24 Volts DC.
c.
5 ampere output current.
d.
Power failure output.
e.
Battery charger output.
f.
Additional power supplies may be required based upon system configuration of other devices and wiring distances.
Specifications: a.
4.
5.
Dimensions: 12 X 5.25 X 3.375 in. (31 X 13.4 X 9.5 cm).
Environmental: a.
Humidity: 10% to 90% non-condensing.
b.
Temperature: 20° to +120° F (-7° to +49° C).
Regulatory: UL 1012 or 1310 and CSA or cUL listed. a.
NOTE: The PI-1 Power Inserter is required when configuring NexSentry with a keypad and/or digital readers to meet FCC requirements.
6.
Mounting: Power supply should be installed in a secure area at least two feet from the Controller.
7.
Power: 115VAC/60Hz source.
8.
Wiring: a.
Power Supply shall be connected to the controller and keypad network wiring via twisted pair wire (shielding optional) of at least 18 AWG.
b.
Connectors: Phoenix-type.
WSE • 3/1/1999
16720 — 4 4
NSCC Security Management System
9.
Feedback: A single LED indicates power ON condition.
10. Self-protection: PI-1 shall send a POWER FAIL signal to the controller. 11. Manufacturer: WSE, Model: PI-1, or other manufacturer-approved device. .8
ACCESSORIES: A. [Terminal:
B.
C.
1.
General: Optional terminal shall be a standard video display terminal (CRT) with full keyboard and display.
2.
Throughput: Terminal shall be capable of data throughput at 300, 1200, 2400, 4800, and 9600 baud.
3.
Plans: WSE Dealer shall furnish as shown on plans.
4.
Manufacturer: WSE, Model: #57101-L-1 (110v)/57101-L-2 (230v) or equal.]
[Printer: 1.
General: Printer shall be standard RS-232 serial communications printer.
2.
Throughput: Printer shall be capable of data throughput at 300, 1200, 2400, 4800, and 9600 baud.
3.
Plans: WSE Dealer shall furnish as shown on plans.
4.
Manufacturer: WSE; Model: parallel/serial 57184-V (115v) / 57184-V (230v) or equal.]
[Modem: 1.
Baud Rate: 300, 1200, or 2400, 4800, 9600 baud.
2.
Regulatory: FCC registered, UL listed.
3.
Manufacturer: WSE, Model: #5200 local / remote or equal.]
D. [Locking Hardware: 1.
E.
[Switches: 1.
F.
Provide all necessary monitoring and manual switches as shown on plans and which are used in conjunction with access control and security management system.]
[External UPS batteries: 1.
PART III .1
WSE Dealer shall furnish all system electrified locking hardware as shown on plans and which is used in conjunction with access control and security management system.]
Provide necessary batteries to be used with UPS power supply to maintain all controller operations and provide limited DC lock power at either 12VDC or 24VDC.] EXECUTION
FIELD QUALITY CONTROL A. T e s t s : 1.
The selected system integrator shall supply a proposed acceptance test procedure.
2.
Testing the system shall be the sole responsibility of the system integrator.
3.
Communications tests: a.
Controllers to Security Management System, Local Controller or Remote Location Controller.
b.
Local Controllers or Remote Location Controllers to Security Management System.
c.
Additional terminals or printers attached to Security Management System or controller.
d.
Remote dial-up support.
WSE • 3/1/1999
16720 — 4 5
NexSentry Access Control System
B.
C.
Inspection: 1.
The selected system integrator shall provide, on the job site, a factory-trained technician to assist, advise or manage installing personnel.
2.
All final connections shall be made under the direct supervision of the system integrator.
Field
Service:
1.
A systems integrator, authorized by the manufacturer, shall provide first line support for both the hardware and software properties of the selected system.
2.
The system integrator shall in turn be provided second line support directly from the manufacturer, or manufacturer's OEM, for all component and computer hardware, and all operating and application software which comprise the complete system.
3.
The systems integrator shall determine and report all problems to the manufacturers’ customer service departments.
4.
Support shall be available to the integrator via the following methods: a.
Phone inquiries.
b.
Direct dial-in to the customer system for remote system troubleshooting by a qualified Field Service Engineer.
c.
On-site visits if required, upon approval by the manufacturer's Customer Service Manager.
5.
Manufacturer shall provide reliable field service support for the computer hardware utilizing Hewlett-Packard service.
6.
A complete Hewlett-Packard On-site Warranty/Service Agreement is provided with each standard system utilizing Hewlett-Packard computer hardware. This agreement shall provide complete on-site service with a one-day response time guaranteed, from Monday through Friday, 8:00 am to 5:00 p.m. from a local Hewlett-Packard Service Center.
7.
Extended and peripheral service and maintenance agreements shall be available for purchase by the customer.
D. On-Site
commissioning
and/or
training:
1.
The manufacturer shall provide direct participation in the On-Site Commissioning (OSC) activity of new systems, in conjunction with the systems integrator.
2.
The OSC shall provide the systems integrator with the manufacturer’s expertise on installing, configuring and commissioning the system to the customer’s specific requirements; and to provide on-site training on system operation and administration.
3.
On-site factory training shall be available for system administrators, operators and other qualified personnel.
4.
The OSC shall include the following: a.
Hardware set-up and test.
b.
Communication configuration and test.
c.
Preventative maintenance and troubleshooting training for the systems integrator.
d.
End-user training.
e.
Database configuration and build assistance.
WSE • 3/1/1999
16720 — 4 6
NSCC Security Management System
.2
SCHEDULES A. System Integrator Assisted Preparation: 1.
Data Requirements.
2.
Operators & privileges.
3.
Access Hardware.
4.
Sensors.
5.
Monitor Points.
6.
Keyholders.
7.
Keyholders security codes.
8.
Maps.
9.
Prepare room for system installation.
10. Receive equipment. B.
System 1.
Install security management hardware.
2.
Factory and dealer On-Site Commissioning.
3.
Initial startup and verification.
4.
Data Entry. 5.
C.
Verify
Data Entry listing & verification. Installation:
1.
Connect access control hardware to security management system.
2.
Download data and verify correct operation.
3.
Testing total access and management system.
4.
Sample Reports.
5.
Daily Operation and Monitoring. 6.
.3
Installation:
Dealer deliver “as built” drawings.
INSTALLATION A. General: 1.
The access control and security management system shall be installed and wired completely as shown on the plans by a trained and authorized WSE Systems Integrator Partner (SIP).
2.
SIP shall make all necessary wiring connections to external devices and equipment. 3.
B.
The contractor shall install all system components and appurtenances in accordance with the manufacturer’s instructions, and shall furnish all necessary interconnections, services, and adjustments required for a complete and operable system as specified and shown. Control signal, communications, and data transmission line grounding shall be installed as necessary to preclude ground loops, noise, and surges from adversely affecting system operation. Required mounting hardware shall be provided.
Schedules: 1.
SIP Preparation: a.
Data Requirements.
b.
Operators & privileges.
c.
Access Hardware.
WSE • 3/1/1999
16720 — 4 7
NexSentry Access Control System
2.
3.
C.
d.
Card readers and/or keypads.
e.
Monitor Points.
f.
Keyholders.
g.
Keyholders access codes.
h.
Maps.
i.
Prepare room for system installation.
j.
Receive equipment.
System
Installation:
a.
Security management hardware.
b.
On-site commission of SIP and manufacturer (when ordered).
c.
Initial startup and verification.
d.
Data entry.
e.
Data entry listing & verification.
Verify
Installation:
a.
Connect access control hardware to security management system.
b.
Data downloaded and correct operation verified.
c.
Total access and management system.
d.
Sample Reports.
e.
Daily Operation and Monitoring.
f.
SIP deliver “as-built” drawings.
Telephone
Lines:
1.
The owner shall arrange for dedicated or dial-up telephone lines for the telecommunications equipment as shown on the plans.
2.
Each phone line shall be terminated in an RJ-11 telephone jack. 3.
Note: Any connections to the public telephone system require notification of the local telephone company. See specific instructions in manual for modem used.
D. Field Quality Control: 1.
2.
Tests: a.
The selected SIP shall supply a proposed acceptance test procedure.
b.
Testing the system shall be the sole responsibility of the SIP.
c.
Communications tests: 1)
Controllers to NexSentry Command Center server.
2)
NexSentry Command Center server to operator.
3)
Remote dial-up support.
Inspection: a.
The selected SIP shall provide an on-sight, factory-trained technician to assist, advise or manage installing personnel.
b.
The manufacturer shall make available on-site inspection.
c.
All final connections shall be made under the direct supervision of the SIP.
WSE • 3/1/1999
16720 — 4 8
NSCC Security Management System
3.
4.
Field
Service:
a.
A SIP, authorized by the manufacturer, shall provide first line support for both the hardware and software properties of the selected system.
b.
SIP shall in turn be provided second line support directly from the manufacturer, or manufacturer’s OEM, for all component and computer hardware, and all operating and application software which comprise the complete system.
c.
SIP shall determine and report all problems to the manufacturer’s customer service departments.
d.
Support shall be available to the integrator via the following methods: 1)
Phone inquiries.
2)
Direct dial-in to the customer system for remote system troubleshooting by a qualified Field Service Engineer.
3)
On-site visits if required, upon approval by the manufacturer's Customer Service Manager.
e.
Manufacturer shall provide reliable field service support for the computer hardware utilizing Hewlett-Packard service.
f.
A complete Hewlett-Packard On-site Warranty/Service Agreement is provided with each standard system utilizing Hewlett-Packard computer hardware. This agreement shall provide complete on-site service with a one-day response time guaranteed, from Monday through Friday, 8:00 am to 5:00 p.m. from a local HewlettPackard Service Center.
g.
Extended and peripheral service and maintenance agreements shall be available for purchase by the customer.
On-Site
commissioning
and/or
training:
a.
The manufacturer shall provide direct participation in the On-Site Commissioning (OSC) activity of new systems, in conjunction with the systems integrator.
b.
The OSC shall provide the systems integrator with the manufacturer’s expertise on installing, configuring and commissioning the system to the customer’s specific requirements; and to provide on-site training on system operation and administration.
c.
On-site factory training shall be available for System Administrators, Operators and other qualified personnel.
d.
The OSC shall include the following: 1)
Hardware set-up and test.
2)
Communication configuration and test.
3)
Preventative maintenance and troubleshooting training for the systems integrator.
4)
End-user training.
5)
Database configuration and build assistance.
WSE • 3/1/1999
16720 — 4 9
NexSentry Access Control System
E.
.4
Documentation: 1.
Accurate “as built” drawings shall be furnished by the SIP to aid the owner in programming. These should indicate the door(s) controlled by each lock output, the monitoring points for the door controlled area, and any relay outputs or special inputs into the system.
2.
The SIP shall supply operating and maintenance manuals to aid the owner in the programming of the system.
SERVICE AND SUPPORT A. Startup:
B.
C.
1.
After the system has been installed, the documentation delivered to the owner and the telephone lines are operational in compliance with Part III.1 above, the SIP shall verify correct operation of all system components.
2.
The SIP shall guarantee all material and workmanship involving the system for up to [_____] year after startup.
Training: 1.
After system startup, the SIP shall instruct owner’s personnel in how to program the system.
2.
On-site training from manufacturer shall be available.
3.
Manufacturer-direct training shall be available through WSE University, Santa Clara, CA.
Warranty Support: 1.
The authorized SIP shall be available during the warranty period to answer programming and application questions to support owner’s personnel during this period.
2.
[Option: The authorized SIP shall have capability to have a remote terminal for programming the Controller to support the owner’s personnel during this period. The owner’s system shall include a modem, necessary cabling and telephone extension to support this telecommunications operation.]
3.
[Option: The authorized SIP shall have the training and capability to provide additional support services including: a.
Regular testing and inspection of all system components and to submit reports on the results.
b.
Emergency service for repairs and adjustments to the system and part replacement if necessary.]
WSE • 3/1/1999
16720 — 5 0
NSCC Security Management System
