SECTION 28 10 00
ACCESS CONTROL
Display hidden notes to specifier. (Don't know how? Click Here)
Copyright 2014 - 2015 ARCAT, Inc. - All rights reserved
PART 1 GENERAL
1.1
1.2
1.3
SECTION INCLUDES
A.
Access and security management system. (Pro-Watch)
B.
Integrated security management system. (Win-Pak)
C.
Web based modular access control system. (NetAXS-4 Access System)
D.
Web based access control system. (NetAXS-123 Access System)
E.
Visitor management system. (Lobbyworks)
F.
Access control readers.
G.
Access control credentials.
H.
Access control Cables
RELATED SECTIONS
A.
Section 26 05 00 - Common Work Results for Electrical.
B.
Section 26 05 00 - Common Work Results for Electrical.
C.
Section 27 11 23 - Communications Cable Management and Ladder Rack.
REFERENCES
A.
Electronic Industries Alliance (EIA):
1.
RS232C - Interface between Data Terminal Equipment and Data Communications
Equipment Employing Serial Binary Data Interchange.
2.
RS485 - Electrical Characteristics of Generators and Receivers for use in Balanced
Digital Multi-Point Systems.
B.
Federal Communications Commission (FCC):
1.
FCC Part 15 - Radio Frequency Device.
2.
FCC Part 68 - Connection of Terminal Equipment to the Telephone Network.
C.
Federal Information Processing Standards (FIPS):
1.
Advanced Encryption Standard (AES) (FIPS 197).
2.
FIPS 201: Personal Identity Verification (PIV) of Federal Employees and Contractors.
D.
National Fire Protection Association (NFPA):
1.
NFPA70 - National Electrical Code.
28 10 00-1
1.4
E.
Homeland Security Presidential Directive 12 (HSPD-12).
F.
Underwriters Laboratories (UL):
1.
UL294 - Access Control System Units.
2.
UL1076 - Proprietary Burglar Alarm Units and Systems.
DEFINITIONS
A.
The following definitions apply to this Section:
1.
Access Card: A coded employee card, usually the size of a credit card, recognizable
to the access control system and read by a reader to allow access. It can be used for
photo identification of the cardholder and for other data collection purposes. Card
technologies include magnetic strips, wiegand-effect, proximity (active/passive),
barium ferrite, and smart/intelligent cards.
2.
Abstract Device: An Abstract Device (ADV) is a logical representation of a physical
device. The ADVs can be associated with any hardware device, including
communication interfaces, panels, alarm points, entrances, and CCTV equipment.
The ADVs help in monitoring the device status and controlling the actions of a
physical device through the Control Map, Floor Plan, or Alarm View.
3.
Access Control System: An interconnected set of controllers, managing the entrance
and exit of people through secure areas.
4.
Access Level: The door or combination of doors and/or barriers an individual is
authorized to pass through.
5.
Anti-Pass back (Anti-Tailgating): This feature protects against more than one person
using the same card or number. It defines each system card reader and card ID
number as IN, OUT or other. Once a card is granted access to an IN reader, it must
be presented to an OUT reader before another IN reader access is granted. Cards will
continue to have access to all authorized OTHER readers.
6.
Alarm: A signal that indicates a problem.
7.
Alarm input: A device that is monitored by the access control panel. An alarm signal
will be generated if the device is activated.
8.
Badge: Badge is a template or a design for creating a card. WIN-PAK includes a fullfeatured badge layout utility for designing, creating, and printing badges. Badge
design includes magnetic stripe encoding, bar coding, signatures, and so on.
9.
Bar Code: A method of encoding information using lines and blank spaces of varying
size and thickness to represent alphanumeric characters.
10.
Biometrics: A general term for the verification of individuals using unique biological
characteristics (i.e. fingerprints, hand geometry, voice analysis, the retinal pattern in
the eye).
11.
Card and Card Holder: A card is an identity proof of a person and a card holder is a
person who holds the card. Multiple cards can be assigned to a single card holder to
provide different access.
12.
Controller: A microprocessor based circuit board that manages access to a secure
area. The controller receives information that it uses to determine through which doors
and at what times cardholders are granted access to secure areas. Based on that
information, the controller can lock/unlock doors, sound alarms, and communicate
status to a host computer.
13.
Communication Port: A hardware device that allows a computer to communicate with
external devices.
14.
Card Reader: A device that retrieves information stored on an access card and
transmits that information to a controller.
15.
Network or Digital Video Recorder (DVR): A security system device that records the
video from the surveillance cameras (IP and/or Analog) on a hard disk.
16.
Door: A generic term for a securable entry way. In many access control applications a
"door" may actually be a gate, turnstile, elevator door, or similar device.
17.
Duress: Forcing a person to provide access to a secure area against that person's
28 10 00-2
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
1.5
wishes.
Guard Tour: A defined route of a security guard.
Host Computer: The central controlling computer from which access control software
applications are run.
Input: An electronic sensor on a controller that detects a change of state in a device
outside the controller
Keypad: An alphanumeric grid which allows a user to enter an identification code. A
flat device which has buttons that may be pressed in a sequence to send data to a
controller, and which differs from a typewriter-like computer board.
Online Help: A reference program within most software programs that provides basic
descriptions and instructions on how to use that software program.
Output Relay: A device that changes its state upon receiving a signal from a
controller. Typically the state change prompts an action outside of the controller such
as activating or inactivating a device. The auxiliary relays found in access control
panels or NODES that control external devices.
Reader: A device that "receives" an identification code from a card, key tag, magnetic
stripe card, bar code card, or related item. Refers to the "front end" that a user must
interact with to allow access. Readers can be keypads, card readers, proximity
readers, and so on.
RS232: A serial communication protocol used for connecting data terminal devices.
RS-232 is the most commonly used communication protocol.
Server: The host computer, which has the ISMS functions.
Shunt Time: The length of time a door open alarm is suppressed (shunted) after a
valid card access or free egress request. This time should be just enough to allow a
card user to open a door or gate, pass through, and then close it.
Time zones: "Schedules" that allow cards to function or not function depending on the
time of day. This is used to limit access to the facility. The schedule may include not
only time but which days of the week a card is valid.
Wiegand Card: An access control card based on the Wiegand effect. Small bits of
specially processed wire are embedded in the card in a pattern that uniquely identifies
the card. This identification information can then be decoded by a Wiegand reader.
Wiegand Reader: A reader capable of reading the information encoded on a Wiegand
card.
Video Management System (VMS): An enterprise-class video management and
storage solution.
SUBMITTALS
A.
Submit under provisions of Section 01 30 00 - Administrative Requirements.
B.
Product Data: Manufacturer's data sheets on each product to be used, including:
1.
Preparation instructions and recommendations.
2.
Storage and handling requirements and recommendations.
3.
Installation methods.
C.
Shop Drawings: Submit complete shop drawings indicating system components, wiring
diagrams and load calculations.
D.
Verification Samples: For each finish product specified, two samples, minimum size 6 inches
(150 mm) square representing actual product, color, and patterns.
E.
Record Drawings: During construction maintain record drawings indicating location of
equipment and wiring. Submit an electronic version of record drawings for the system not
later than Substantial Completion of the project.
F.
Operation and Maintenance Data: Submit manufacturer's operation and maintenance data,
customized to the system installed. Include system and operator manuals.
28 10 00-3
G.
1.6
1.7
QUALITY ASSURANCE
A.
Manufacturer: Manufacturer shall have a minimum ten years experience in manufacturing
and maintaining access control systems. Manufacturer shall be Microsoft Gold Certified.
B.
Installer Qualifications: Installer shall be certified by Honeywell Integrated Security Dealer
Service Certification Program (DSCP).
DELIVERY, STORAGE, AND HANDLING
A.
1.8
Store products in manufacturer's unopened packaging until ready for installation.
PROJECT CONDITIONS
A.
1.9
Maintenance Service Agreement: Submit a sample copy of the manufacturer's maintenance
service agreement, including cost and services for a two year period for Owner's review.
Maintain environmental conditions (temperature, humidity, and ventilation) within limits
recommended by manufacturer for optimum results. Do not install products under
environmental conditions outside manufacturer's recommended limits.
WARRANTY
A.
Manufacturer's Warranty: Submit manufacturer's standard warranty for the access control
system.
PART 2 PRODUCTS
2.1
2.2
MANUFACTURERS
A.
Acceptable Manufacturer: Honeywell Security and Fire, which is located at: 2700
Blankenbaker Pkwy. Suite 150; Louisville, KY 40299; Toll Free Tel: 800-323-4576; Tel: 502297-5700; Fax: 502-666-7021 ; Email:request info (Deborah.paterson@honeywell.com);
Web:www.security.honeywell.com
B.
Substitutions: Not permitted.
C.
Requests for substitutions will be considered in accordance with provisions of Section 01 60
00 - Product Requirements.
ACCESS AND SECURITY MANAGEMENT SYSTEM (PRO-WATCH)
A.
Security Management System Manufacturer: Pro-Watch Security Management Suite as
manufactured by the Honeywell Security Group.
B.
The Security Management System shall function as an electronic access control system and
shall integrate alarm monitoring, CCTV, digital and network video, ID badging and database
management into a single platform. A modular and network-enabled architecture shall allow
maximum versatility for tailoring secure and dependable access and alarm monitoring
solutions.
C.
Access Control Software Suite: The Security Management System shall offer a security
management software suite available in four scalable versions: The Security Management
System platform shall offer a complete access control solution: alarm monitoring, video
imaging, ID badging and video surveillance control. Provide the following software system:
1.
Pro-Watch Lite Edition: The Security Management System shall utilize the Microsoft
SQL Express database for applications with one to four users and up to 32 controlled
doors. The Security Management System shall operate in Windows 7
28 10 00-4
2.
3.
4.
D.
Ultimate/Professional as the host operating system.
Pro-Watch Professional Edition. Professional Edition: The Security Management
System shall utilize Microsoft SQL Express (SQL 2008 or later) database for
applications from one to five users and up to 64 controlled doors. The Security
Management System shall provide a set of tools to easily backup, restore and
maintain the Security Management System database. The Security Management
System shall allow for expansion to Corporate and/or Enterprise Edition without
changing the user interface or database structure. The Security Management System
shall operate in Windows 7 Ultimate/Professional as the host operating system.
Pro-Watch Corporate Edition: The Security Management System shall operate in the
Windows Server 2012 (64-bit) and Windows Server 2012 R2 (64-bit) environment and
utilize SQL Server 2012 SP1 (32-bit and 64-bit) as the database engine.
Pro-Watch Enterprise Edition: The Security Management System shall incorporate
regional server architecture. Regional sites shall operate autonomously with all
information required to maintain security locally. The enterprise server shall maintain
any critical system information via synchronization with each regional site. A single
enterprise server shall provide global management of all regional servers and shall act
as a central collecting point for all hardware configurations, cardholder and clearance
code data and transaction history. The enterprise server and regional server(s) shall
support Windows Server 2012 (64-bit) and Windows Server 2012 R2 (64-bit).
Software Requirements: The Security Management System shall be a modular and networkenabled access control system. The Security Management System shall be capable of
controlling multiple remote sites, alarm monitoring, video imaging, ID badging, paging, digital
video and CCTV switching and control that allows for easy expansion or modification of
inputs and remote control stations. The Security Management System control at a central
computer location shall be under the control of a single software program and shall provide
full integration of all components. It shall be alterable at any time depending upon facility
requirements. Security Management System reconfiguration shall be accomplished online
through system programming. The Security Management System shall include the following:
1.
Multi-User/Network Capabilities: The Security Management System shall support
multiple operator workstations via local area network/wide area network (LAN/WAN).
The communications between the workstations and the server computer shall utilize
the TCP/IP standard over industry standard IEEE 802.3 (Ethernet). The
communications between the server and workstations shall be supervised, and shall
automatically generate alarm messages when the server is unable to communicate
with a workstation. The operators on the network server shall have the capability to
log on to workstations and remotely configure devices for the workstation. Standard
operator permission levels shall be enforced, with full operator audit.
2.
Concurrent Licensing: The Security Management System shall support concurrent
client workstation licensing. The Security Management System application shall be
installed on any number of client workstations, and shall provide the ability for any of
the client workstations to connect to the database server as long as the maximum
number of concurrent connections purchased has not been exceeded.
3.
Security Key: The Security Management System shall only require a software security
key to be present on the application server for the Security Management System to
operate. Security keys shall not be required at the client workstations. The Security
Management System shall allow a user to read the information that is programmed on
the server security key. The Security Management System shall support the
installation, update, and termination of the security key.
4.
Terminal Services: The Security Management System shall support Windows Server
2008 Terminal Services. Terminal Services shall allow the Security Management
System server application to reside on the Windows Terminal Server. Operating
systems supporting a standard web browser shall be capable of utilizing the thin client
architecture. The Security Management System shall support unlimited connections,
based on concurrent licensing, to the Security Management System software. Full
28 10 00-5
5.
6.
7.
8.
9.
10.
11.
12.
13.
functionality shall be obtained through the intranet connection allowing full
administration and monitoring without the need for a local installation.
Relational Database Management System: The Security Management System shall
support industry standard relational database management systems. This shall
include relational database management system Microsoft SQL Server 2012 SP1.
Database Partitioning: The Security Management System shall provide the option to
restrict access to sensitive information by user ID.
Memory: Proprietary software programs and control logic information used to
coordinate and drive system hardware shall be stored in read-only memory.
LDAP/ Microsoft Active Directory Services: The Security Management System shall
provide support of Lightweight Directory Access Protocol (LDAP) for enabling the user
to locate organizations, individuals, and other resources such as files and devices in a
network, whether on the public internet or on a private intranet. The Security
Management System shall provide a direct link to Microsoft Active Directory Services.
The Security Management System shall allow the transfer of Active Directory users
into the database via the Data Transfer Utility. Conversely, Security Management
System users shall be capable of being exported to the Active Directory.
Unicode: The Security Management System shall utilize Unicode worldwide character
set standard. The Security Management System shall support double-byte character
sets to facilitate adaptation of the Security Management System user interface and
documentation to new international markets. Language support shall include at a
minimum English, Spanish, Portuguese, French, German and Simple Chinese.
Encryption: The Security Management System shall provide multiple levels of data
encryption
a.
True 128-bit AES data encryption between the host and intelligent controllers.
The encryption shall ensure data integrity that is compliant with the
requirements of FIPS-197 and SCIF environments. Master keys shall be
downloaded to the intelligent controller, which shall then be authenticated
through the Security Management System based on a successful match.
b.
Transparent database encryption, including log files and backups
c.
SQL secure connections via SSL
Supervised Alarm Points: Both supervised and non-supervised alarm point monitoring
shall be provided. Upon recognition of an alarm, the system shall be capable of
switching CCTV cameras that are associated with the alarm point.
Compliance and Validation: The Security Management System shall incorporate
signature authentication where modifications to Security Management System
resources will require either a single or dual signature authentication. Administrators
will have the ability to select specified devices in the Security Management System
where data manipulation will be audited and signatures will be required to account for
the data modification. Upon resource modification, the user will be required to enter a
reason for change or select a predefined reason from a list. All data will be securely
stored and maintained in the database and can be viewed using the reporting tool.
This functionality will meet the general requirements of Validation and Compliance
through Digital Signatures with special attention to the case of Title 21 CFR Part 11
Part B compliance.
Clean Room Solution:
a.
Overview: The Security Management System shall provide a clean room
solution which enables users to manage their "Clean Environments" or other
areas requiring special restricted access through a process-oriented graphical
user interface (GUI).
b.
Configuration: The user shall have the capability of adding, editing, or deleting
clean rooms. Each "clean room" shall be capable of having a contamination
level set. Entry to a higher level contamination area shall automatically restrict
access to cleaner level areas. Individual cards shall be capable of being reset
on an immediate one time, automatic, or per-hour basis.
28 10 00-6
E.
Security Management System Operational Requirements:
1.
System Operations:
a.
Windows Authentication Login: The Security Management System shall use an
integrated login method which accepts the user ID of the person who has
logged on to Windows.
b.
Password: The Security Management System shall use an integrated
authentication method which utilizes Windows user accounts and policies.
c.
Information Access: The Security Management System shall be capable of
limiting operator access to sensitive information. Operators shall have proper
authorization to edit the information.
d.
Shadow Login: The Security Management System shall allow users to login
over a currently logged-on user without having the current user log off the
Security Management System or out of the Windows operating system.
e.
Graphical User Interface: The Security Management System shall be fully
compliant with Microsoft graphical user interface standards, with the look and
feel of the software being that of a standard Windows application, including
hardware tree-based system configuration.
f.
Guard Tour: The Security Management System shall include a guard tour
module, which shall allow the users to program guard tours for their facility. The
tours shall not require the need for independent or dedicated readers.
g.
Secure Mode Verification (e.g., force guard to do a visual verify): The Security
Management System shall provide ' secure mode' control from the verification
viewer. This shall allow a user or guard to decide the access of an individual
who presents his/her card at a designated secure mode reader.
h.
Database Partitioning: The Security Management System shall support
dynamic partitioning. A Security Management System in which partitions are
set up at installation and cannot be easily changed shall not be acceptable.
i.
Status Groups: The Security Management System shall support a real-time
system status monitor that graphically depicts all logical devices.
j.
Keyboard Accelerators: The Security Management System shall allow the user
to use a shortcut key to enable designated system commands.
k.
Automatically Disable Card upon Lack of Use: The Security Management
System shall allow system operators to set a predefined time period in which
cardholders shall swipe their card through a card reader in the Security
Management System.
l.
User Functions and ADA Ability: The Security Management System shall
provide user functions and ADA (Americans with Disabilities Act) ability that
provides the capability to trigger an event at the Security Management System
intelligent controller when a defined card is presented.
m.
Pathways: The Security Management System shall support the capability of
programming pathways. A pathway shall be an object that combines input
points to be masked (shunted) for a set duration, and an output point to be
activated, when a particular card receives a local grant at a reader.
n.
Database Audit Log: The Security Management System shall be capable of
creating an audit log in the history file following any change made to the
Security Management System database by an operator.
o.
Operator Log: The Security Management System shall be capable of creating
an action log in the history file following actions performed by an operator.
p.
Alarm Routing: The Security Management System shall be capable of defining
routing groups that determine what event information shall be routed to a user
or class of users.
q.
Global and Nested Anti-passback: The Security Management System shall
support the use of an optional anti-passback mode, in which cardholders are
required to follow a proper in/out sequence within the assigned area.
r.
Two Person Rule: The Security Management System shall support a "two
person rule" to restrict access to specific access areas unless two cardholders
28 10 00-7
2.
present two different valid cards to the reader one after the other within a period
time defined by the door unlock time multiplied by a factor of 2.
s.
Occupancy Restrictions: The Security Management System shall allow the user
to define the minimum and maximum occupancy allowed in a designated area.
t.
Multiple Sequential Card Swipes to Initiate Procedure: The Security
Management System shall allow the user to define a logical device, quantity of
consecutive identical events, a time period and a Security Management System
procedure to trigger when the event occurs a maximum quantity of times in the
allocated time period.
u.
Hardware Templates: The Security Management System shall include the
ability to define hardware templates (door templates) in order to simplify the
process of creating an access control system. Hardware templates shall allow a
user to define a "typical" door configuration and then use that template over
and over in the process of defining doors.
Access Control Functional Requirements: Functions shall include validation based on
time of day, day of week, holiday scheduling, site code verification, automatic or
manual retrieval of cardholder photographs, and access validation based on positive
verification of card/PIN, card, and video. The following features shall be
programmable and shall be capable of being modified by a user with the proper
authorization:
a.
Time Zones: Shall define the period during which a reader, card, alarm point,
door, or other system feature is active or inactive. In addition to MondaySunday, there shall be at least one day of the week called Holiday.
b.
Holidays: The application shall allow holidays to be entered into the Security
Management System. Holidays shall have a start date plus duration defining
multiple days. Holidays shall have a holiday type of 1, 2, or 3, which may be
defined by the user.
c.
Response Codes: The Security Management System shall allow the user to
enter a predefined code to represent a response to an alarm occurring in the
facility.
d.
Clearance Codes: The Security Management System shall allow the user to
establish groups of readers at a facility for the purpose of granting or denying
access to badge holders. Clearance codes shall be assigned to companies and
individuals employed by the company, and may be modified for individual users
in the badge holder maintenance application.
e.
Companies: Each badge holder entered into the Security Management System
shall be assigned a company code identifying the individual's employer. The
company information dialog box displays and maintains information related to
companies having access to the facility.
f.
Group Access: The Security Management System shall allow a user or group of
users via company selection, a temporary denial of access to specific readers
or areas based on a preconfigured event. The group access function shall limit
access to a group of cardholders, overriding all other access criteria.
g.
Event Types: Definitions shall be shipped with system software but shall be
capable, upon installation, of being modified, added to, or deleted from the
Security Management System.
h.
Alarm Pages: Security Management System shall include the capability to
create an unlimited number of customized alarm pages for the alarm monitor
and each shall be assignable to users and user classes.
i.
Event Types: Definitions shall be shipped with system software but shall be
capable, upon installation, of being modified, added to, or deleted from the
Security Management System.
j.
Dynamic Graphical Maps: The Security Management System shall provide the
user with the means to add maps and indicator icons to maps that shall
represent input/output points, logical devices, or cameras located throughout
the Security Management System. Security Management System maps shall
28 10 00-8
3.
4.
display the state and condition of alarm points. The Security Management
System shall also provide the ability to monitor the channels or panels.
k.
Brass Keys: Shall maintain information related to assets that are issued in the
facility, including brass keys, laptops, RSA keys, cell phones, company cards,
etc.
l.
ID Badging Client: The Security Management System Shall maintain
information related to a badge holder's card access privileges. Upon entering
this application, a window shall appear on the screen and all actions (add,
modify, or delete) involving badges and cards shall be initiated from this
window. Access privileges shall be linked to the cards used to gain access to
doors in the facility. Modifications shall be made by adding or deleting
clearance codes, or by door types assigned to the cards or to a badge holder.
m.
ID Badging System: The Security Management System shall include
seamlessly integrated ID badging system.
n.
Users: Information related to the users of the Security Management System
software shall be stored in the database. Users entered into the Security
Management System shall be assigned the access privileges of the class to
which they are assigned.
o.
Elevator Control: The elevator control shall be of the Security Management
System intelligent controller-based line of devices. The elevator control shall
include the following functional features:
1)
Elevator call: Valid card read calls elevator to the floor. No reader in the
elevator car.
2)
Floor control: Valid card read in the elevator car enables selectable floor
buttons.
3)
Floor select: Valid card read in the elevator car enables selectable floor
buttons and logs which floor is selected after the card is presented.
p.
Data Transfer Unit (DTU): The DTU enables data to be imported from an
external system directly into the Security Management System database and
also exported from Pro-Watch to an external system.
1)
Insert only: If a "data file key column #" shall be provided, the DTU will
only insert a new badge record if the key column value is not found. An
error shall be displayed in the log file if an existing badge record is found.
If no "data file key column #" is provided, every record will be inserted
into the Security Management System.
2)
Updates only: The DTU shall use the "data file key column #" to look for
the matching Security Management System record. An error shall be
logged in the log file if the badge holder is not found in the Security
Management System database.
3)
Inserts, updates: The DTU shall use the "data file key column #" to look
for the matching Security Management System record. If a matching
record is not found, the DTU shall insert the data. If a matching record is
found, the record shall be updated.
q.
Generic Channel Interface: The Security Management System shall provide the
ability to define generic communications channels over serial port or TCP/IP
network socket including IP address and port/socket, to support custom
integration of external foreign devices. The Security Management System shall
generate events based on data received from the channel matching operator
pre-defined instructions.
Application Localization: The Security Management System shall support at least
seven languages including English. The languages available shall include German,
French, Spanish, Italian, Chinese (simplified), Portuguese (Brazil), Norwegian,
Chinese (Traditional), Danish, and Dutch, All database resources will be localized,
and will include a standard U.S. English help file.
Event Manager: The Security Management System shall utilize an event manager as
a component of system administration and offer the ability to have users control the
28 10 00-9
amount of data stored as well as a quick snapshot of the logged data in the system.
Using the various logs in event manager, the user will be able to gather information
about events, auditing, and operator actions. The logs are defined as follows: Event
log, audit log, unacknowledged alarms.
F.
Intelligent Controllers - Hardware Requirements:
1.
Distributed architecture shall allow controllers to operate independently of the host.
The architecture shall place key access decisions, event/action processing and alarm
monitoring functions within the controllers, eliminating degraded mode operation.
2.
Flash memory management shall support firmware updates and revisions to be
downloaded to the system. Upgrades to the hardware and software shall occur
seamlessly without the loss of database, configurations, or historical report data.
3.
Manufacturers: Subject to compliance with requirements, provide Field Controllers or
comparable product by one of the following:
a.
Honeywell Security PW-6000
b.
Honeywell Security PW-6101ICE
c.
Honeywell Security Star II(Legacy)
d.
Honeywell Security PW-2000(Legacy)
e.
Honeywell Security PW-3000
f.
Honeywell Security PW-5000
4.
Cardkey Controllers: The Security Management System software suite shall provide
functionality to Cardkey Controllers using Nodal Protocol B, the Cardkey Controllers
D620 (Firmware revision PS-143D or PS143-E), and the Cardkey D600AP (Firmware
Revisions PS-155A or PS-155B). Supported interface is currently, but not limited to,
standard STI and STIE devices. Minimum functionality to be supported:
a.
Controller to host communications.
b.
Downloading of cards.
c.
Downloading of Security Management System parameters.
d.
Downloading of reader parameters.
e.
Downloading of input point parameters.
f.
Downloading of relay output point parameters.
G.
Field Hardware:
1.
The security management system shall be equipped with access control field
hardware required to receive alarms and administer all access granted/denied
decisions. All field hardware shall meet UL requirements.
a.
Intelligent Controller Board.
1)
PW3K1IC (Legacy Only).
2)
PW6K1IC.
3)
PW6K1ICE.
b.
Single Reader Module (SRM).
1)
PW6K1R1.
2)
PW6K1R1E.
c.
Dual Reader Module (DRM).
1)
PW6K1R2.
d.
Alarm Input Module (AIM).
1)
PW6K1IN.
e.
Relay Output Module (ROM).
1)
PW6K1OUT.
f.
Mercury Family Hardware
1)
EP-1501.
2)
EP-2500 with Wiegand Reader.
3)
MR-16IN (16 Input Board).
4)
MR-16OUT (16 Output Board).
5)
MR-50 (Single Reader Board).
6)
MR-51E (Single Reader Board ETHERNET).
28 10 00-10
g.
h.
i.
H.
7)
MR-52 (2-Reader Board).
8)
SCP/SCP2.
9)
SCPC.
10) Mercury M5 Bridge.
Lenel Family Hardware .
1)
LNL-500 with Wiegand Reader.
2)
LNL-1000 with Wiegand Reader.
3)
LNL-1100 (16 Input Board).
4)
LNL-1200 (16 Input Board).
5)
LNL-1300 (Single Reader Board).
6)
LNL-1320 (2-Reader Board).
7)
LNL-2000 with Wiegand Reader.
8)
LNL-2210.
9)
LNL-3300.
10) LNL-8000.
SALTO Locksets .
1)
Locksets compatible with SVN - Salto's Virtual Network.
Card Readers
1)
Honeywell Security.
a)
OmniProx.
b)
OmniClass.
c)
DigiReaders.
2)
HID.
a)
ProxPro.
b)
MiniProx.
c)
MaxiProx.
d)
ThinLine II.
e)
ProxPro II.
f)
ProxPoint Plus.
3)
Indala
a)
FlexPass.
b)
FlexPass Linear.
c)
FlexPass Arch.
d)
FlexPass Curve.
e)
FlexPass Long Range.
f)
FlexPass Wave.
4)
Biometric Readers.
a)
BioScrypt.
b)
Recognition Systems.
5)
WSE Readers (SNET Protocol) - Star I, Star II, PW-6000 (Legacy Only)
a)
DR4201.
b)
DR4203.
c)
DR4205.
d)
DR4205K.
e)
DR4208.
f)
DR4208K.
g)
DR4220.
h)
MSR42-GW.
6)
Wireless Readers
a)
IR Wireless Reader.
b)
AD-400 Wireless Locks.
c)
SALTO SALLIS Wireless Reader.
d)
ASSA ABLOY APERIO Wireless Reader.
e)
SCHLAGE Wireless Reader.
Network and Digital Video Recording Systems
28 10 00-11
1.
2.
The Security Management System shall provide fully integrated support for a powerful
network and digital video recording and transmission system. The Security
Management System shall record, search and transmit video, and shall provide users
with live, pre- and post- event assessment capabilities. The NVRs/DVRs shall be
seamlessly integrated with existing video equipment and incorporated into any TCP/IP
network. The NVRs/DVRs shall provide multiple levels of integration with the Security
Management System software, providing control of the network or digital video system
from the access control application.
Manufacturer and part numbers:
a.
Honeywell MAXPRO NVR.
b.
Honeywell MAXPRO NVR HYBRID.
c.
Honeywell Fusion digital recorders (Legacy only).
d.
Honeywell Rapid Eye Multi-Media series digital recorders (Legacy only).
I.
Video Management Systems (VMS):
1.
With integration to VMS, Security Management System shall control multiple sources
of video subsystems in a facility to collect, manage and present video in a clear and
concise manner. VMS intelligently determines the capabilities of each subsystem
across various sites, allowing video management of any analog or digital video device
through a unified configuration and viewer. Disparate video systems are normalized
and funneled through a common video experience. Drag and drop cameras from the
Security Management System hardware tree into VMS views. Leverage Security
Management System alarm integration and advanced features such as pursuit that
help the operator track a target through a set of sequential cameras with a single click
to select a new central camera and surrounding camera views.
2.
Manufacturer and part numbers:
a.
Honeywell Security MAXPRO VMS.
J.
Intercom Interface:
1.
The interface shall provide control of both remote and master intercom stations from
within the Security Management System application. The Security Management
System shall allow the user to define the site, channel, description, and address as
well as provide a checkbox for primary station.
2.
Administrators shall have the capability to program a list of intercom functions that
report to the alarm-monitoring module as events. These functions shall coincide with
the intercom functions provided with the intercom system. For each intercom function,
Security Management System administrators shall be able to define an alphanumeric
event description 1 to 40 characters in length and shall also be able to set the
parameter value of that function.
3.
The intercom interface shall allow for secondary annunciation of intercom calls,
events, and alarms in the alarm-monitoring window. Intercom reporting to the alarm
monitoring window shall report as any other access control alarm and shall have the
same annunciation and display properties as access control alarms.
4.
All intercom calls, events, and alarms that report into the Security Management
System shall be stored in the system database for future audit trail and reporting
capabilities. Intercom events shall include but not be limited to: Station busy, Station
free, Intercom call to busy station, Intercom call to private station, Station
disconnected, Function dialed outside connection, Intelligent station ID, Station reset,
Station lamp test, Audio program changed, Group hunt occurred, Mail message, Digit
dialed during connection, Direct access key pressed, Handset off hook, M-key
pressed, C-key pressed
5.
Manufacturer(s) and part numbers:
a.
Stentofon/Zenitel Alphacom series intercoms
b.
Commend series intercoms.
K.
Intrusion Detection Panels:
28 10 00-12
1.
2.
Honeywell VISTA-128FBP, VISTA-128BPE, VISTA-128BPT, VISTA-250FBP, VISTA250BPE, and VISTA-250BPT Controllers:
a.
General Requirements: The Security Management System shall support
hardwired and TCP/IP communication for the VISTA 128FBP/VISTA-250 FBP
panel. Each panel shall have 8 partitions and 15 zone lists. Zones, partitions,
and the top-level panel shall have an events page, with all supported events
present. Features:
1)
Disarm and unlock a door on card swipe.
2)
Arm and lock a door on card swipe.
3)
Common area arm/disarm.
4)
Access denied if intrusion system is in alarm or armed.
5)
Monitor and log intrusion system events and alarms in the Security
Management System.
6)
Associate intrusion system events and alarms to video surveillance
integrations.
Honeywell Galaxy Dimension GD264 and GD520 Controllers:
a.
Security Management System users are able to control and monitor group and
zone status using the Security Management System client, and control the
individual zones and groups using Security Management System Access
control credentials. Depending on the combined user profiles and access
permissions defined in Security Management System, a Security Management
System cardholder is allowed or denied permission to arm/disarm zones and
groups. The access control functionality of the intrusion panel is disabled when
the integration is operational. Features:
1)
Disarm a zone on a card swipe.
2)
Arm a zone on consecutive card swipes. Security Management System
will support definition of quantity of swipes required and the timeout time
in seconds to recognize consecutive swipes.
3)
Security Management System supports linking of intrusion panel users
with Security Management System cardholders.
4)
Security Management System operators may be given control
permissions for intrusion input and output alarms.
5)
Security Management System can associate alarm events with video
commands to look at current or historic footage.
6)
Security Management System stores and reports on intrusion events.
L.
Software Development Kit (SDK)
1.
Security Management System shall permit custom integration with other third party
systems through an SDK. SDK shall support the OBIX communication protocol and
interface directly with the Niagara Framework for support of additional
communications protocols.
2.
Manufacturer and part numbers:
a.
Honeywell Security HSDK.
M.
Visitor Management System
1.
The Visitor Management System shall allow the user to track visitors, employees,
assets and deliveries as they enter and exit the facilities.
2.
The system shall also support printing of custom designed visitor passes with details
like expiration date, visit area, host being visited, and visit purpose.
3.
Manufacturer and part numbers:
a.
Honeywell Security LobbyWorks.
N.
Web Client:
1.
Web Alarms.
2.
Web Events.
28 10 00-13
O.
2.3
Supported Web Browsers:
1.
(Windows) Internet Explorer 9.
2.
(Windows) Google Chrome Version 30.
3.
(Windows) Firefox Version 27.
INTEGRATED SECURITY MANAGEMENT SYSTEM
A.
Product: WIN-PAK Access System as manufactured by the Honeywell Security Group.
B.
The Integrated Security Management System (ISMS) shall function as an electronic access
control system and shall integrate the alarm monitoring, CCTV, digital and network video, ID
badging and database management into a single platform. ISMS shall function as a one-stop
gateway for all the access control needs. A modular and network-enabled architecture shall
allow maximum versatility for tailoring secure and dependable access and alarm monitoring
solutions. The ISMS shall offer a security management software suite that includes all the
features bundled in the following three editions:
1.
Express Edition (XE): Shall include all the following features: Single concurrent user
license, one communication server 256 readers, 10,000 card holders and NetAXS123, NetAXS-4, NS2 and NS2+ panel support.
2.
Standard Edition (SE): Shall include the following features: Single/Five user
concurrent license, one communication server, 512 readers, 25,000 card holders and
PRO3200, PRO2200, NetAXS-123, NetAXS-4, N1000/PW2000, NS2 and NS2+ panel
support.
3.
Professional Edition (PE): Shall include all the features of Standard Edition plus the
following additional features: Unrestricted concurrent users, multiple communication
servers, 255 IP connections per communication server, 100,000 card holders and
PRO3200, PRO2200, NetAXS-123, NetAXS-4, N1000/PW2000, NS2 and NS2+ panel
support.
C.
ISMS Components:
1.
The ISMS shall be divided into three components: Database Server, Communication
Server, and User Interface. These components shall run on a single computer or on
multiple computers, allowing flexibility in configuring a networked system.
a.
Database Server: The database server is used for storing the database tables.
This data is accessible to communication server and user interface for
retrieving and generating the reports. The database server shall be installed on
the client computer or any other computer connected to the network.
b.
Communication Server: The communication server routes user interface
requests as well as the access transactions to the panel. The panel in-turn
processes the transactions and sends the information to the database server as
well as responses to the user interface through the communication server.
When the communication server is sending information to the database server,
it can also receive a request from the user interface. In this scenario, the
communication server considers the user request as a higher priority and stops
the panel-database server communication until the user request is processed.
The communication server shall be installed on the client computer or any other
computer connected to the network.
c.
User Interface (ISMS Client): The user interface helps ISMS operators to
communicate with the access control system. The user interface shall be
installed on the computer where the database server or the communication
server is installed or any other computer connected to the network. Several
client computers can be run simultaneously and can access the single
database server simultaneously. The number of client computers varies based
on the licensing information of ISMS.
2.
The ISMS includes the Command File Server: A command file server provides text
files containing device instructions that shall be stored in the command files database.
28 10 00-14
The commands in the command files can be sent to the devices automatically on
receiving, acknowledging, or clearing an alarm. Also, the command files can be
manually executed.
a.
Guard Tour server: A guard tour is a defined series of check points a guard
must activate within a given amount of time. The check points are readers or
input points where the guard presents the card or presses the button.
b.
Tracking and Muster Server: A muster server is enabled in the event of an
emergency and allows the card holders to swipe the readers. Muster areas are
logical areas that contain readers to be used by the card holders, only if there is
a call for muster (in the event of a disaster, for example).
c.
Schedule Server: A schedule server schedules the list of events to be
performed at a predetermined time and intervals such as hourly, daily, or
monthly.
d.
Video Management Server: A video management server provides interface to
connect to various DVR's/NVR's. In addition, it also provides CCTV control with
live monitor display, PTZ control of cameras and video playback operations.
D.
Integrated Security Management System Operational Requirements:
1.
The ISMS shall be a modular and network-enabled access control system capable of
controlling multiple remote sites, alarm monitoring, video imaging, ID badging, paging,
digital video and CCTV switching and control that allows for easy expansion or
modification of inputs and remote control stations. The ISMS control at a central
computer location shall be under the control of a single software program and shall
provide full integration of all components. It shall be alterable at any time depending
upon facility requirements. The ISMS reconfiguration shall be accomplished online
through system programming.
2.
The ISMS application shall have the major functional capabilities (considered
essential for the system) categorized as follows:
a.
General:
1)
All the databases shall have the ability to add, delete, report, view, and
edit information.
2)
All the system transactions shall be saved in a retrievable file.
3)
All the events shall be logged by date and time.
4)
All the system transactions or selected system transactions shall be
saved in a disk file.
5)
The end-user shall have the provision to make any system configuration
changes such as, but not limited to door open time, door contact shunt
time, point and reader names, when and where a cardholder is valid, and
the ability to add or modify card databases at any time.
6)
Shall support "Global Anti-pass back", feature allowing cardholder to
enter/exit any such defined card reader on the same intelligent control
panel or RS-485 drop-line consisting of 2 and 4 door controllers.
7)
Anti-pass back modes shall include: hard (no forgiveness), soft (allows
access but generates an alarm event) and timed for all readers on the
intelligent controller, on specified reader or card for a definable period of
time up to 32,000 seconds.
8)
Shall support the "Duress" feature, where a PIN is used in conjunction
with a card read; the numbers of digits are selected using the keypad
where the PIN number is a value different from the normal PIN.
9)
Shall support the "Two card holder" rule, where two valid, non-identical
"cards" must be used within a 20 second period to grant access.
10) Shall have the option to display the time when a card holder using a
reader has accessed (opened) the door or the card was used, but the
door was not opened.
11) Shall support the "Latch mode" operation where the first card read
unlocks the door and the second card read locks it.
28 10 00-15
12)
13)
14)
15)
16)
17)
18)
19)
20)
21)
22)
23)
24)
25)
26)
Shall provide a mode of system operation that stores system commands
not accepted by the hardware.
Shall provide a mode of system operation that requires the operator to
enter a response to an event when acknowledging it from the alarm view
window.
Shall provide a mode of system operation that allows acknowledged
alarms to be automatically cleared.
Shall provide a mode of system operation where when an
acknowledged, but not cleared event will be reissued requiring
acknowledgement when the event changes to an alarm or trouble state.
Shall provide a mode of system operation that does not allow the
operator to clear an alarm before prior to it being restored to normal.
Shall provide the ability for manual operator control of system output
relays. The manual functions shall include the ability to energize, deenergize, return to time zone, or pulse the output relay. The pulse time
shall be a programmable setting.
Shall provide the ability for manual operator control of system doors. The
manual functions shall include the ability to Lock, Un-Lock, Disable, Card
only, Card-Pin only, Pin only, exit only and site code only.
Shall provide the ability to automatically display stored "video image" of
cardholder, and switch real-time camera from CCTV or digital video
server to card reader location for specific card usage.
The cardholder "video image" pop-up shall be activated based on a
priority level set to the cardholder or reader. Information in the pop-up
shall include, but not be limited to the card holder's primary image a live
video pop-up showing the person who initiated the pop-up, entrance
name, time, date, cardholder name, and status. User shall be able to
display up to 40 note fields. The size of the pop-ups shall be adjustable
by the operator.
Shall support multiple card reader technology including: Proximity,
Wiegand effect, Biometrics, Magnetic stripe, Bar Code, Keypad,
Card/keypad (PIN), High-speed long range Vehicle ID, and Smart Card.
Shall provide an option for taking scheduled automatic backups of any or
all database system files. A means to restore these files from a simple
menu shall exist.
Shall provide the ability to address up to 255 serial communication ports
per communication server, where each port can be configured for either
hardwired, or dial-up. When configured for dial-up, any one port can
support multiple dial-up locations.
Communication from the access control communication server to the
remote intelligent control panels shall be selectable. Communication
options shall be RS-232 directly to the intelligent control, via RS-485
converter, dial-up, leased line from a defined communication port or by
LAN/WAN using an IP address for direct connection to the intelligent
controller via network interface card. When using IP addressing it shall
be un-acceptable to use a communication port converter device on the
communication server side of the transmission. A minimum of 255 such
IP connections shall be allowed per communication server.
All commands and updates to the panels shall be verified and shall
automatically retry if communications fail.
Shall provide a system scheduler that shall automatically: Call remote
locations to retrieve history transactions and update panel information,
including time and date, Activate or deactivate cards locally or at remote
dial-up sites, Initiate a pre-programmed command event/action,
Synchronize system to intelligent controller time, Run a pre-defined
(template) History report, Run a pre-defined (template) Card Holder
28 10 00-16
b.
c.
d.
e.
f.
g.
h.
i.
report, Card frequency report defined by reader(s), over a defined period
of time with disposition options to automatically report or report and deactivate card or change the access level of the card, Frequency shall be
defined as Never, Now, Once, Hourly, Daily, and Weekly, Once per 2
weeks, and Monthly.
27) Shall provide drop boxes for all system-required information that the user
has previously entered.
28) Shall provide the ability to initiate an email (via SMTP) or page to a
paging system based on a transaction state. A transaction state shall be
defined as but not limited to Normal, Alarm, Trouble, Ajar, Trace, Not
Found, Anti-Pass back Violation, PIN Violation, Time Zone Violation, Site
Code Violation, Door Used, Duress, No Second Card Presented, Trace
Card or Expired Card, and System Alarms including, Panel Com, Panel
Power Failure, Modem Pool, Guard Tour, and Tamper. Intrusion partition
events including but not limited to: Alarm, Alarm Cancel, Aram Away,
Arm Stay, Auto Arm, Auto Disarm, Bypass, Disarm, Early Arm, Early
Disarm, Fail to Arm, Fail to Disarm, Normal, Not Ready, Part Arm, Quick
Arm, Recent Close, Remote Arm, Remote Disarm, Unbypass, User Code
Added, User Code Deleted, user Code Edited. Intrusion zone events
including but not limited to: Alarm, Alarm Restore, Bypass, Fault, Fault
Restore, Normal, Trouble, Trouble Restore, and Unbypass. Intrusion
output events including but not limited to: Alarm, Communication Loss,
Normal, Tamper, and Tamper Restore. Intrusion panel events including
but not limited to: Access Denied, Automatic Test, Comm Fail, Comm
Restore, Faults, Faults Restore, Line Restore, Line Trouble, Manual
Test, Pager Restore, Pager Trouble, AC Restore, AC Trouble, Alarm,
Battery Low, Battery Low Restore, Disarm, Normal, Recent Close,
Reset, Panic Alarm, Power Up, Program begin, Program Changed,
Program End, System Shutdown, System Shutdown Restore, Tamper
Alarm, Tamper Restore, Test End, Test Start, Time/Date changed.
29) Shall include a "host grant" mode of operation that requires the host
computer to grant accesses to "valid" cards. An alternate host grant
mode shall allow the card access information to be downloaded along
with unlocking the door for "valid" cards.
Cards: Shall provide a simple card and card holder database import utility. The
utility shall be password protected and accessible only to administrators of the
access control system. Information that can be imported shall include but not
be limited to: First Name, Last Name, Card Number, Activation Date, Deactivation Date, Status, up to 40 note fields and Photo Images. A simple CSV
(comma separated value) file shall be used for the importing of data and image
file names.
Access Levels: Shall provide an option to define specific access times and
specific readers for access. Shall provide a template of a defined access level
detail, where changes can be made to the template and saved as a new access
level detail.
Video Management Server: Shall support the following Recorders: MAXPRO
NVR, MAXPRO NVR HYBRID, RapidEye, HRDP, and Fusion from Honeywell.
Camera Control:
Alarm Monitoring - Alarms Only View:
Alarm Monitoring/System Control - Tree View: Shall provide the ability for
dynamic alarm monitoring of alarm points in real time on the system computer's
video display terminal.
Operator Database: Shall allow the assignment of operator levels to define the
system components that each operator has access to view, operate, change, or
delete.
Access Control Panels: Shall provide ability to program Action Messages and
28 10 00-17
j.
k.
l.
m.
n.
o.
p.
q.
E.
assign an alarm event priority. .
Reports: Shall provide Card holder report capability with filter options to define
door(s) that a card holder has access to, reporting card holder name, Card(s),
Access Level/schedules, Activation/Expiration.
Tracking/Muster Report: A tracking feature shall allow the system operator to
identify an area and the person(s) in that area.
Time Zones: Time zone definitions shall include Starting time, Ending time,
Days of the week, and Holiday override.
Floor Plan Graphic: Shall provide the ability to import floor plan graphics stored
in a WMF format.
Remote Locations: Shall provide the ability to place remote control panels in an
offline mode. In the offline mode, the remote control panels shall retain all panel
history events. The amount of historical events shall be limited to the panels'
buffer capacity.
Guard Tour: Guard Tour shall allow the operator to program a series of guard
check points that must be activated to accomplish the task of a Guard Tour.
ID Badging System/Video Image System: Shall allow any card data fields to be
assigned to a badge.
Networking: Shall provide networking capabilities (LAN or WAN) as allowed by
the computer's operating system license.
ISMS Hardware and Software Requirements:
1.
The ISMS shall be installed in a computer that supports 1 to 10 readers, 250 cards,
and 2 communication ports. The minimum hardware and software requirements to
fulfill this installation are:
a.
Processor: Dual Core Intel(R).
b.
CPU: 2.4 GHz.
c.
RAM: 2 Gigabytes (GB).
d.
Hard Disk: 80 GB SATA with minimum 5 GB free space.
e.
Serial Communication Ports: 2.
f.
Secondary Storage: Tape or DVD burner.
g.
Printer port: 1 (2 if badging).
h.
Monitor Display: Size: 15 Inches SVGA, Resolution: 1024 x 768, Colors: 256.
i.
Pointing Device: Mouse (USB preferred).
j.
Operating System: Microsoft Windows 7 SP1.
k.
Database: Microsoft SQL Server 2012 Express Edition.
2.
The ISMS shall be installed in a computer that supports 1 to 100 readers, 5,000 cards,
and 8 communication ports. The recommended hardware requirements to fulfill this
installation are:
a.
Processor: Quad Core Intel Xeon® .
b.
CPU: 2.4 GHz.
c.
RAM: 4 Gigabytes (GB).
d.
Hard Disk: 250 GB SATA or SCSI.
e.
Serial Communication Ports: 2.
f.
Secondary Storage: Tape or DVD burner.
g.
Printer port: 1 (2 if badging).
h.
Monitor Display: Size: 17 Inches SVGA, Resolution: 1024 x 768, Colors: True
color.
i.
Pointing Device: Mouse (USB preferred).
j.
Operating System: Microsoft Windows 7 SP1.
k.
Database: Microsoft SQL Server2012 Express Edition.
3.
The ISMS shall be installed in a computer that supports that supports more than 100
readers, 100,000 cards and 255 communication ports, The maximum/performance
hardware requirements to fulfill this installation are:
a.
Processor: Intel(R) Quad Core E5504 Xeon.
b.
CPU: 2.4 GHz.
28 10 00-18
c.
d.
e.
f.
g.
h.
i.
j.
F.
RAM: 8 Gigabytes (GB).
Hard Disk: Minimum 500 GB SATA 7200 RPM, recommended 15kRPM.
Serial Communication Ports: As per the requirement.
Secondary Storage: Tape or DVD burner.
Monitor Display: Size: 19 Inches SVGA, Resolution: 1280 x 1024, Colors: True
color.
Pointing Device: Mouse (USB preferred).
Operating System: Microsoft Windows Server 2012 R2.
Database: Microsoft SQL Server2012 with processor/core license.
Hardware Requirements:
1.
Intelligent Controllers:
a.
Distributed architecture shall allow controllers to operate independently of the
host. The architecture shall place key access decisions, event/action
processing, and alarm monitoring functions within the controllers, eliminating
degraded mode operation.
b.
Flash memory management shall support firmware updates and revisions to be
downloaded to the system. Upgrades to the hardware and software shall occur
seamlessly without the loss of database, configurations, or historical report
data.
c.
Manufacturers: Subject to compliance with requirements, provide Field
Controllers or comparable product by one of the following:
1)
Honeywell NetAXS Controller (NetAXS-123 and NetAXS-4 are the two
types of NetAXS controllers).
2)
Honeywell P-Series Controller (PRO-2200 (Legacy), PRO-3200 are the
types of P-Series controllers).
3)
Intelligent Controller Board: Honeywell Security PRO32IC
4)
Honeywell N-1000 or PW-2000 Controller (Legacy only).
5)
Honeywell Security NS2 or NS2+ (Legacy only).
2.
Field Hardware:
a.
The security management system shall be equipped with access control field
hardware required to receive alarms and administer all access granted/denied
decisions. All field hardware shall meet UL requirements.
b.
Intelligent Controller Board: Honeywell Security PRO32IC
c.
Single Reader Module (SRM): Honeywell Security PRO22R1
d.
Dual Reader Module (DRM): Honeywell Security PRO32R2
e.
Alarm Input Module (AIM): Honeywell Security PRO32IN. 16 Inputs 2 Outputs.
f.
Relay Output Module (ROM): Honeywell Security PRO32OUT. 16 Outputs 2
Inputs.
g.
NetAXS-4 Access System as manufactured by the Honeywell Security Group
1)
NX4S1: 4 Door Control Panel (Standard Enclosure)
2)
NX4L1: Pre-wired 4 Door Control Panel (Deluxe Enclosure)
h.
NetAXS-123 Access System as manufactured by the Honeywell Security Group
1)
NX1P: One-door compact (plastic) enclosure with tamper switch
2)
NX1MPS: One-door standard (metal) enclosure with tamper switch,
power supply, and battery
3)
NXD1: One-door add-on board (to NX1P or NX1MPS) for two-door
capacity
4)
NXD2: Two-door add-on board (to NX1P or NX1MPS) for three-door
capacity
i.
Card Readers:
1)
Proximity.
2)
Magnetic Stripe.
3)
Wiegand.
4)
Barcode.
28 10 00-19
G.
System Integrations:
1.
Network and Digital Video Recording Systems:
a.
The Security Management System shall provide fully integrated support for a
powerful network and digital video recording and transmission system. The
Security Management System shall record, search and transmit video, and
shall provide users with live, pre and post- event assessment capabilities. The
NVRs/DVRs shall be seamlessly integrated with existing video equipment and
incorporated into any TCP/IP network. The NVRs/DVRs shall provide multiple
levels of integration with the Security Management System software, providing
control of the network or digital video system from the access control
application.
b.
WIN-PAK shall support the following Network (NVRs) and Digital Video
Recorders (DVRs).
1)
MAXPRO NVR.
2)
MAXPRO NVR HYBRID.
3)
HRDP.
4)
Rapid Eye (Legacy only).
5)
Fusion (Legacy only).
2.
Access Control Panels(Controllers):
a.
Honeywell P-Series Controller (PRO-2200 (Legacy), PRO-3200 are the types
of P-Series controllers), Honeywell NetAXS Controller (NetAXS-123 and
NetAXS-4 are the two types of NetAXS controllers). Honeywell N-1000, PW2000, NS2, and NS2+ Controller are legacy controllers and are listed for
reference to existing systems only.
b.
P Series Panels shall have the following capabilities:
1)
Supports ABA and WIEGAND card formats.
2)
Types of P-Series panels are: PRO-2200, PRO-3200.
3)
Eight SIO Boards are included in the PRO-2000 panel. A maximum of 16
SIO boards are supported by the PRO-3200 panel. SIO boards enable
extended input and output capabilities to the panel.
4)
Readers, inputs, and outputs that can be connected to the panel are
based on the type of SIO Board that is added to the panel. The SIO
Board types include 16-Zone Input/Output (16 inputs, 2 outputs, and 0
readers), 16-Relay Output (0 inputs, 16 outputs, and o readers), 2Reader I/O (2 inputs, 8 outputs, and 6 readers), and 1-Reader I/O (1
input, 2 outputs, and 2 readers).
c.
NetAXS Panels shall have the following capabilities:
1)
Types of NetAXS panels available are: NetAXS-4 panel and NetAXS-123
panel.
2)
Panels (NetAXS-123 and NetAXS-4) are called as Gateway panels when
added directly to the communication server.
3)
NetAXS-4 Gateway panel supports the downstream devices feature.
This feature shall extend the input and output capabilities of the NetAXS4 panels.
4)
NX4IN and NX4OUT
a)
NX4IN is a 32 input and 0 output downstream add on device
b)
NX4OUT is a 2 input and 16 output downstream add on device
5)
Supports only the WIEGAND card format. The NetAXS panel allows
multiple sets of card numbers and site codes embedded in a card format.
These multiple embedded sets will be represented as A, B, C, and D
sets of card numbers and site codes. The A set shall be used as the
default / primary card and site code numbers. The resulting maximum
length of the card number will be 64-bits in length (20-digit card number).
This is the reason that the system defaults will incorporate the ability to
select a 20-digit card number size in addition to the existing 5, 12 and 16
digit
28 10 00-20
6)
d.
Supports 128 time slots and 256 holidays (per holiday group). Holidays
shall be definable in two different holiday types thus allowing for different
operational time definitions for each holiday type. The NetAXS panels
shall have a provision to add a new time zone while within the panel
database. After creating the new time zone, it shall be added to the Time
Zones database and applied to the panel's database.
7)
Panel options such as Anti-passback, Groups, Forgiveness, Continuous
Card Reads, Reverse Read LEDs, Host Grant, Site Codes, and
Command File can be set for providing access to the readers, input
points, and output points attached to the NetAXS panels.
8)
NetAXS-4 panel shall allow configuring of 14 inputs with default values.
NetAXS-123 panel shall allow configuring 17 inputs with default values.
9)
NetAXS-4 panel shall allow configuring of 16 inputs with default values.
NetAXS-123 panel shall allow configuring 14 inputs with default values.
10) NetAXS-4 panel shall support 4 readers. NetAXS-123 shall support 6
readers controlling 3 doors where the "A" reader is the primary reader for
the door and the "B" reader is the Out reader for the door when so used.
The B Reader can be programmed separately regarding name,
Advanced Options, Anti-Passback configuration, and Intrusion support.
The B Reader cannot work alone as a Reader only. When used, the B
reader will be tied to the A reader in terms of the interlock relationships
pertaining to Door operation. The Advanced Options selection shall
provide several advance features not normally used in the typical system
and thus the reason they are accessed separately to reduce confusion
for typical installations. For the NetAXS-123, Reader A and Reader B
shall support their own settings.
11) The Groups option shall be supported only by the NetAXS-4 panels. A
maximum of 64 groups shall be defined with a maximum of 76 relays.
N-1000 Series Panels (Legacy) shall have the following capabilities:
1)
Stores 5,000 cards/key codes, expandable to 25,000 with memory
upgrade.
2)
Supports ABA and WIEGAND card formats.
3)
Stores eight format (software) commands, allowing use of cards with
various bit structures and encoding schemes.
4)
Supports an option to define 63 time zones. Each time zone shall include
a start time, end time, day of week specification and holiday
specification. Time zones may be assigned to cards via access levels to
define when the card is allowed access. Time zones may be assigned to
input points, to define when the input points are shunted (de-activated).
Time zones may be assigned to output points (relays), to define when
the output points are energized, for timed control of doors or devices.
5)
Supports setting of panel options such as anti-passback, groups, and
keypads for providing access for the readers, input points, and output
points attached to the panel.
6)
Supports the use of card readers in conjunction with keypads, in which
users are required to enter a PIN, followed by a card, to gain access.
7)
Supports an option to assign shunt times to input points, from 1-63
seconds, minutes, or hours, and debounce times to input points, from 1255 seconds.
8)
Supports an option to assign pulse times to output points, from 1-63
seconds, minutes, or hours.
9)
Supports the option to interlock selected input and output points, in any
combination. An interlocked input or output point shall take action based
upon a change of state from another input or output point.
10) Stores 32 relay group definitions. Each group may be controlled with the
same options available for individual relays.
28 10 00-21
11)
3.
Supports an option to define 32 holidays, for override of normal system
operation.
12) Supports the followings mechanical and electrical specifications:
a)
Mechanical specifications: Height: 14.6 inches (370mm), Width:
12.6 inches (320mm), Depth: 3.5 inches (89mm), Weight: 5.51 lb.
(2.5kg).
b)
Electrical Specifications: 16.5VAC 50 VA or +24 VDC @ 1.25
Amps
e.
NS2+ Series Panels (Legacy) shall have the following capabilities:
1)
Stores 10, 000 cards/key codes. (NS2 = 2,000 cards/key codes)
2)
Supports WIEGAND card format.
3)
Stores eight format (software) commands, allowing use of cards with
various bit structures and encoding schemes.
4)
Supports an option to define 63 time zones. Each time zone shall include
a start time, end time, day of week specification and holiday
specification. Time zones may be assigned to cards via access levels to
define when the card is allowed access. Time zones may be assigned to
input points, to define when the input points are shunted (deactivated).Time zones may be assigned to output points (relays), to
define when the output points are energized, for timed control of doors or
devices.
5)
Supports setting of panel options such as anti-passback, groups, and
key pads for providing access for the readers, input points, and output
points attached to the panel.
6)
Supports the use of card readers in conjunction with keypads, in which
users are required to enter a PIN, followed by a card, to gain access.
7)
Supports an option to assign shunt times to input points, from 1-63
seconds, minutes, or hours, and debounce times to input points, from 1255 seconds.
8)
Supports an option to assign pulse times to output points, from 1-63
seconds, minutes, or hours. Output points shall also have the ability to
report in change of state status in the same way an alarm point would.
This provides added awareness of door operation in critical installations.
9)
Supports the option to interlock selected input and output points, in any
combination. An interlocked input or output point shall take action based
upon a change of state from another input or output point.
10) Supports an option to define 32 holidays, for override of normal system
operation. Holidays shall be definable in two different holiday types thus
allowing for different operational time definitions for each holiday type.
11) Supports the followings mechanical and electrical specifications:
a)
Mechanical specifications: Height: 14.6 inches (370mm), Width:
12.6 inches (320mm), Depth: 3.5 inches (89mm), Weight: 5.51 lb.
(2.5kg).
12) Electrical Specifications: 16.5VAC 50 VA or +24 VDC @ 1.25 Amps.
Intrusion Detection Panels:
a.
Honeywell VISTA-128FBP, VISTA-250FBP Controllers, Honeywell VISTA 128BPT, and Honeywell VISTA-250BPT.
1)
General Requirements: The Security Management System shall support
hardwired and TCP/IP communication for the VISTA 128FBP/VISTA-250
FBP panel. Each panel shall have 8 partitions and 15 zone lists. Zones,
partitions, and the top-level panel shall have an events page, with all
supported events present. Features:
a)
Disarm and unlock a door on card swipe.
b)
Arm and lock a door on card swipe.
c)
Common area arm/disarm.
d)
Access denied if intrusion system is in alarm or armed.
28 10 00-22
e)
b.
H.
Monitor and log intrusion system events and alarms in the Security
Management System.
f)
Associate intrusion system events and alarms to video
surveillance integrations.
Honeywell Galaxy Dimension Controllers: GALAXY__GD264,
GALAXY_GD_48, GALAXY_GD_96 GALAXY_GD_520, Firmware 6.02 and
above, Ethernet module firmware 2.08 and above controllers. Honeywell
Galaxy Grade 3 Controllers: GALAXY_144, GALAXY_20, Firmware 5.04/5.50
and above, Ethernet module firmware 2.01 and above. Honeywell Classic
Panel Controllers: GALAXY_60, GALAXY_128, GALAXY_500, GALAXY_504,
GALAXY_512, Firmware 4.50 and above, Ethernet module firmware 2.10 and
above.
1)
Security Management System users are able to control and monitor
Group and zone status using the Security Management System client,
and control the individual zones and groups using Security Management
System Access control credentials. Depending on the combined user
profiles and access permissions defined in Security Management
System, Security Management System cardholder is allowed or denied
permission to arm/disarm zones and groups. The access control
functionality of the intrusion panel is disabled when the integration is
operational. Features:
a)
Disarm a zone on a card swipe.
b)
Arm a zone on consecutive card swipes. Security Management
System will support definition of quantity of swipes required and
the timeout time in seconds to recognize consecutive swipes.
c)
Security Management System supports linking of intrusion panel
users with Security Management System cardholders.
d)
Security Management System operators may be given control
permissions for intrusion input and output alarms.
e)
Security Management System can associate alarm events with
video commands to look at current or historic footage.
f)
Security Management System stores and reports on intrusion
events.
Controller for High Density Installations (PRO3200):
1.
Designed for high density installations. Supporting up to 16 readers per enclosure and
32 readers per intelligent controller along with up to 100,000 card capacity provides a
combination of small installation footprint and superior cost per door ratio.
2.
The PRO22R1 provides I/O support for one card access reader, while the PRO32R2
supports two card access readers. Both interface with the intelligent control module
(PRO32IC). In the event that communication to the intelligent control module is lost,
the card access readers can be individually configured to allow entrance based on
security needs. This customization allows for a door to be configured as locked,
unlocked, or access only via valid facility code.
3.
The PRO32OUT interfaces with the intelligent control module (PRO32IC) providing up
to 12 or 16, Form C, 12 VDC, 2A relay output controls depending if the board is rack
or tile-mounted and power fail and panel tamper when tile mounted. Relays may be
used for elevator control, status annunciation and for general facility control, such as
door monitoring.
4.
The PRO32IN interfaces with the intelligent control module (PRO32IC) providing 16
supervised alarm inputs and a dedicated power fail and panel tamper when tile
mounted. An analog to digital converter samples the input values and the digitized
result is filtered and processed. Filter parameters are configurable for each input
point, resulting in the ability to specify a custom End-Of-Line (EOL) resistance value,
sensitivity range and timing parameter.
5.
The PRO3200 Series of access modules are designed to accommodate various
28 10 00-23
6.
7.
8.
2.4
mounting options. Units can be mounted in a rack configuration (PRO22ENC1,
PRO22ENC2 and PRO22ENC5) when space is limited, or in a tile-mount
configuration (PRO22ENC3).
PRO22ENC1 is a wall-mounted enclosure rack unit.
PRO22ENC2 is a 19 inch rack-mounted enclosure rack unit.
PRO22ENC5 is a rack unit which fits inside a customer's enclosure.
WEB BASED MODULAR ACCESS CONTROL SYSTEM
A.
System: NetAXS-4 Access System as manufactured by the Honeywell Security Group.
1.
NX4S1: 4 Door Control Panel (Standard Enclosure)
2.
NX4L1: Pre-wired 4 Door Control Panel (Deluxe Enclosure)
B.
The Honeywell NetAXS modular access control system shall function as a web-based open
architecture facility management system that tracks individuals, defines and controls access
levels, monitors alarms, and generates reports. The system shall include the capability to
configure alarms and incorporate scheduled events that may be activated by either time or a
specific programmed event. Access shall be controlled through a password-protected user
interface. Operators can communicate with the system either through a host software
system or by connecting to the web server through an Ethernet connection.
1.
The system control panels will be fully upgradeable using flash memory firmware.
C.
System Architecture:
1.
The access control and alarm monitoring system shall be a flexible single-user, openarchitecture facility management system. The system shall be designed using reliable
state-of-the-art technology allowing for easy and economical expansion. The
scaleable design shall allow for operation from an embedded Web based server
without a dedicated server or PC workstation. The panel shall also have the capability
to operate in a hosted mode with WIN-PAK XE/SE/PE/CS access control software.
2.
The system shall feature embedded Linux software that intelligently controls the
reader network to provide automated data collection and configuration updates,
facilitating seamless operation from controllers. All control panels shall utilize off-line
distributed processing concepts including inter-controller communication if upgraded.
3.
Connecting to the NetAXS web server shall be accomplished via USB, Ethernet
through a web server hub connection or Ethernet through web server direct
connection.
D.
System Software:
1.
The software suite shall comprise various integrated software modules that allow for
the full integration and retrieval of transactions from the hardware, as well as alarm
monitoring, reporting, and scheduling capabilities. The software modules shall allow
editing of personnel, access levels, system configuration and reporting to be
controlled by a password protected user interface. System operation for individual
operators shall be possible using assigned passwords only.
2.
The user shall have the ability to perform hardware configuration changes during or
after the installation which shall include functions such as door open time, door
contact time, location and reader names, and access rights configuration.
3.
The system software shall support configuration of alarms triggering the system.
4.
The system shall incorporate scheduled events activated by either time or a specific
programmed event, therefore being time or event triggered.
5.
Access control functions shall include validation based on time of day, day of week,
holiday scheduling, and access validation based on positive verification of card or
card + PIN (Personal Identification Number).
6.
Zone-related Software Features:
7.
Supervisor card unlock.
8.
Card-related Software Management:
a.
Time-limited access.
28 10 00-24
b.
c.
d.
e.
f.
g.
h.
i.
j.
k.
l.
E.
PIN codes.
Suspension of cards.
Multiple card access.
Card access groups.
Time patterns (schedules).
Anti-pass back (APB) control.
Reporting.
First Card Rule (Activates the door time zone).
Two Card Rule-Supervisor card and regular card to allow access.
Time zone card toggle for door locks.
Latching mode for door locks.
Hardware:
1.
The quantities of components shall be determined and installed by the Contractor
based on the requirement to provide a fully operational integrated access control
system as per the intent of the design.
2.
Communication between components i.e. gateway controller shall be RS485.
3.
All terminals and controllers shall allow for direct Firmware upgrade from the RS485
network connection. The units shall be upgradeable during normal system operation.
Therefore should one unit be in upgrade mode all other units will continue to operate
normally. The firmware shall be stored in FLASH memory on the individual units.
4.
System Controller:
a.
The system controller shall be the Honeywell NetAXS-4 controller. Each
controller loop shall be capable of 31 panels or 124 readers.
b.
The standard controller configuration shall support 10,000 card capacity and
25,000 event capacity.
5.
Door Control: The terminals and remote readers supported by the controller shall be
any combination of the following: card only, card and pin, card or pin, pin only,
lockdown, disabled, supervisor, escort, limited use card, expire on date, first card rule,
snow day rule, time zone toggle and anti-passback with local/global capability and
hard and soft implementation.
6.
Honeywell OmniProx: The reader shall be fully sealed and potted electronics for use
outdoors. It shall include 3 bezels color including black, charcoal and ivory. It shall
have an integral optical tamper and security screw. The unit shall be able to
communicate with the proximity cards at a read range of 2 to 3 inches (51 to 76 mm).
7.
Inputs: Provides 14 fully configurable four-state supervised input points. System
capacity shall have a total of 78 inputs
8.
Outputs: Provides 8 SPDT Form C relay outputs rated at 10A @ 28vdc, 8 open
collector's outputs 16ma @12vdc, 4 reader LED aux output and 4 reader buzzer
output.
9.
Cards and Database: The card and event buffer capacity shall be 10,000 card
capacity and 25,000 event capacity. The firm ware revision shall have on-board flash
memory for field firmware revisions and feature expansion. Offline database backup
shall be available. Export capabilities for card database, alarms and events. The panel
shall support 128 unique card formats and 8 site codes. Maximum card format size
shall be 75bit suitable for handling the card format of PIV, TWIC, and FRAC cards.
The time zones support will be a minimum of 127 with 128 access levels and 255
holidays.
10.
Reports and Analysis: The system shall be capable of integrated reports,
import/export of card database and alarms and events can be exported and saved in
offline storage.
11.
Embedded Web Server: Supported browsers shall include Internet Explorer. The web
browser control will allow full control monitor, view live events and manually control
doors and readers. Secure web browsing shall be SSL and SHA-1 secure socket
layer encryption.
12.
System Information: The system shall support Global Geographic Time Zone support
28 10 00-25
13.
14.
2.5
and Daylight Saving Time support. The processor will be Freescale Coldfire 32-bit.
The system shall be CE and FCC compliant with UL-294 listing.
System Testing: The Contractor shall demonstrate the functionality of the system
upon completion of installation, and shall document the result of all tests and provide
these results to the Customer.
Warranty: All equipment and systems shall be guaranteed by the Contractor for a
period of one year commencing with the filing date of the Notice of Completion,
provided the system has been inspected and signed off by the Owner. The guarantee
shall cover all costs for Warranty Service, including parts, labor, prompt field service,
pick-up, transportation, and delivery.
WEB BASED ACCESS CONTROL SYSTEM
A.
System: NetAXS-123 Access System as manufactured by the Honeywell Security Group.
1.
NX1P: One-door compact (plastic) enclosure with tamper switch.
2.
NX1MPS: One-door standard (metal) enclosure with tamper switch, power supply,
and battery.
3.
NXD1: One-door add-on board (to NX1P or NX1MPS) for two-door capacity.
4.
NXD2: Two-door add-on board (to NX1P or NX1MPS) for three-door capacity.
B.
The Access Control System shall function as a Web-based open-architecture facility
management system that tracks individuals, defines and controls access levels, monitors
alarms, and generates reports. The system shall include the capability to configure alarms
and incorporate scheduled events that may be activated by either time or a specific
programmed event. Access shall be controlled through a password-protected user interface.
Operators can communicate with the system either through a host software system or by
connecting to the Web server through an Ethernet connection.
C.
The NetAXS-123 Door Access System shall include, as a minimum, the following
performance:
1.
The NetAXS-123 Door Access System shall be protected by the most extensive
support services in the industry, including Customer Service, Pre-Sales Applications
Assistance, After-Sales Technical Assistance, access to Technical Online Support,
and Online Training using web conferencing.
2.
The NetAXS-123 Door Access System and its components shall be thoroughly tested
before shipping from the manufacturer's facility.
3.
The door access system shall support easy remote management anywhere with an
Internet connection.
4.
The door access system shall allow you to purchase the exact amount of access
control doors immediately required, and to easily add more access controlled doors in
the future.
5.
The door access system shall be capable of being web based and controlled using a
web browser, and seamless integration with Honeywell's MAXPRO Cloud and/or WINPAK XE, WIN-PAK SE, Win-PAK PE, and WIN-PAK CS access control software.
6.
The door access system web user interface shall support Internet Explorer and
Mozilla Firefox browsers.
7.
The door access system shall support SSL and SHA-1 secure socket layer
encryption.
8.
The door access system shall allow each TCP/IP network connected door controller to
support connection of up to 31 downstream door controllers by way of a standard
RS485 data bus, for control of up to 123 downstream doors in a single web interface.
9.
The door access system shall support up to 10,000 user cards and up to 128 unique
card formats, cards a up to 75 bits, and eight site codes.
10.
The door access system shall support up to 127 time zones, 128 access levels, and
255 holidays.
11.
The door access system shall maintain up to 25,000 status event log.
28 10 00-26
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
The door access system shall provide a number of door control modes including Card
only, card and PIN, PIN only, lockdown, disabled, supervisor, escort, limited use card,
expire on date, first card rule, snow day rule, time zone toggle, local and global antipassback, duress and others.
The door access system shall support interlocks for custom actions.
The door access system shall include integrated basic reports, import/export of the
card database, and Alarms and event exporting to offline storage in a CSV database.
The door access system shall be designed to be user friendly and shall be easily to
train the system user.
The door access system shall feature dynamic screen updating over a web
connection, continually collecting and displaying door and system status for
immediate display.
The door access system browser shall feature full control of the system to monitor and
view live events and to manually control doors and readers.
Door access system status shall include the door state, alarms, events, inputs,
outputs, power and other operational status.
The door access system shall feature a Supervisor First capability that allows a
supervisor to present his ID card once to the reader and to give individual access. If a
supervisor presents a card twice, this shall enable access for their team, allowing
members of the team to gain access during a specified time zone.
The door access system shall feature an Escort mode for a Non-supervisor
cardholder. The system allows the supervisor to first present his card, and then an
escorted person to present his card to maintain accompanied access while in the
escort mode.
The door access system shall offer options to be powered by PoE (Power over
Ethernet), or to be powered by way of an external power supply.
The door access system enclosure shall offer connection to one, two or three doors
by simply exchanging optional cards to accommodate the door control requirement.
The door access system processors shall features a System MTBF (Mean Time
between Failure) of 250,000 hours.
The door access system shall provide a multi-lingual user interface, including English,
Italian, French, Dutch, Spanish, Czech, and Simplified Chinese and Arabic.
D.
The NX1P Door access Controller shall have the following mechanical specifications:
1.
Unit Dimensions: 7.75 inches H x 7.75 inches W x 2.75 inches D (20 mm H x 20 mm
W x 7 mm D).
2.
Ethernet Connector: RJ45.
3.
Enclosure Type: High Impact Plastic.
4.
Wiring Access Holes: 7.
E.
The NX1MPS Door Access Controller shall have the following mechanical specifications:
1.
Unit Dimensions: 13.9 inches H x 11.9 inches W x 4.7 inches D (35 mm H x 31 mm W
x 12 mm D).
2.
Enclosure Type: Metal.
3.
Wiring Access Holes: 19.
F.
The NX1P access door controller shall have the following electrical specifications:
1.
Voltage: 450mA @ 12VDC.
2.
Power over Ethernet 802.3af.
3.
Power Consumption: < 6 Watts.
G.
The NX1MPS access door controller shall have the following electrical specifications:
1.
Voltage: 93VAC to 264 VAC, 50/60 Hz, 12VDC @ 3.5A.
2.
Power Consumption: < 45 Watts.
H.
The NetAXS-123 Door Access System shall be designed to meet the following
environmental conditions:
28 10 00-27
1.
2.
3.
4.
2.6
Operating Temperature: 32 to 122 degrees F (0 degrees to 50 degrees C).
Storage Temperature: -67 degrees to 185 degrees F (-55 degrees to 85 degrees C).
Emissions: FCC: Part 15, Class B.
CE: EN55013.
VISITOR MANAGEMENT SYSTEM
A.
Product; Lobbyworks as manufactured by the Honeywell Security Group: The Visitor
Management System shall allow the user to track visitors, employees, assets and deliveries
as they enter and exit the facilities. The system shall also support printing of custom
designed visitor passes with details like expiration date, visit area, host being visited, and
visit purpose.
B.
The Visitor Management System shall allow the user to:
1.
Keep track of contractors and consultant timesheets.
2.
Track which employees have regular personal visitors.
3.
Secure visitor log.
4.
Clearly identify visitors by category, to restrict access to vulnerable goods and
information.
5.
Designate special areas for visitors with custom badges.
6.
Process most visitors in 20 seconds.
7.
Track and print temporary parking passes.
8.
Print vehicle window stickers.
9.
Use self-expiring badges to tighten security.
10.
Generate end-of-day reports to ensure regulatory compliance.
11.
Label information packets with personalized customer information.
C.
Visitor Pre-Registration:
1.
Visitor pre-registration to include security level, length of stay, and maximum entries.
2.
Visitor pre-registration by using FrontDesk, Microsoft Office Outlook Calendar or
through Web-based application.
3.
Group/Event pre-registration, pre-loading of visitor picture, badge pre-printing, and
arrival instructions.
4.
Complete visitor registration processing within 20 seconds.
D.
Visitor Information Capture:
1.
Quick and complete capture of visitor information as an essential component for
proper record keeping and security checks.
2.
Capture of visitor information using various hardware devices. The tasks that can be
performed include scanning business cards, scanning driver license, capturing visitor
photo, capturing visitor signature, and 2D barcode scanning of driver licenses.
3.
Quick processing of large groups of visitors through queuing of captured data.
E.
Visitor Authentication:
1.
Recalling previous visit information (including pictures) when a visitor revisits.
2.
Detecting each attempted visit and deterring potential security breaches before they
affect the user facilities.
3.
Importing guests ranging from disgruntled ex-employees to known felons into the
watch list to alert personnel of a potential threat to the organization.
4.
Authenticating a person as having proper identification and determining that he or she
is who they claim to be.
F.
Visitor Authorization:
1.
Enforcing visitor authorization prior to printing a badge, entering the premises,
authorizing visits at reception, security lobby, or remotely by the host employee.
2.
Delegating authorization responsibility to specific individuals.
3.
Providing a denied visitors list.
28 10 00-28
G.
Visitor Badges Generation:
1.
Provide quick, cost-effective, and individualized badging as an essential component of
proper visitor identification.
2.
Allow printing of individualized visitor badges containing name, picture, expiration
date, and valid access areas.
3.
Customize badge templates for visitors, VIPs and contractors.
4.
Supports tight integration with Pro-Watch Security systems that allow the assignment
of access control privileges via barcode or card to visitors
H.
Host Notification:
1.
Of a visitor's arrival by e-mail messages or real-time network messaging.
2.
When a visitor does not sign out.
I.
Visitor Tracking:
1.
Track events automatically by an accurate log as they relate to the visitor's activities
on site.
2.
Track the number of times the visitor signs in and signs out.
3.
Support quick sign in and out using a barcode scanner.
4.
Provide proactive checking for expired visits and network notification to hosts and
visitors of expired visits.
5.
Provide web access to the visitor manifest.
J.
Security Policies:
1.
Provide accurate and consistent application of security policies.
2.
Provide a means to view picture and a person's attributes, reason for being on the
watch list, and the action to be performed upon visitor's arrival.
3.
Check each visitor against his/her previous visit information.
4.
Ensure that visitors sign out by tracking expired visits and informing their hosts.
5.
Allow host to extend a visit or assign host responsibilities to another employee.
K.
Host Management:
1.
Assign the capabilities available to employees based on their requirement.
2.
Differentiate permanent and temporary employees; limit the number of daily and
concurrent visitors per host.
3.
The Front Desk operator shall:
a.
Assign temporary day cards in Pro-Watch for Pro-Watch employees who have
forgotten their card.
b.
Have an option to assign either Pro-Watch access privileges to match their
permanent card or a visitor privilege. The permanent card is automatically
disabled while the temp card is active.
c.
Be able to do a visual verify of the employee to their photo at the Front Desk.
L.
Traffic Reporting:
1.
Traffic reports - per station, per building, per company, per employee, and per
department.
2.
Detailed visit reports.
3.
Time and attendance reports for contractors and other visitors.
4.
Reports on demand, or schedule reports for regular generation and e-mail delivery.
M.
Assets and Deliveries:
1.
Track assets and deliveries as they arrive and depart premises.
2.
Generate asset and delivery tags and scan assets and deliveries in and out with a
barcode scanner.
3.
Provide e-mail notification of delivery recipient for unreturned assets.
N.
Self-Registration Kiosk:
1.
Provide a fully featured visitor kiosk to handle visitor registration needs in a busy or
28 10 00-29
2.
3.
O.
2.7
unattended lobby. The Kiosk shall be used to perform touchscreen visitor registration
using a visitor's business card or driver license.
Allow to sign visitors in and out with voice agent scripted behavior, voice, and text
message prompts. The Kiosk shall be used to take picture of visitors for true visitor
identification, as well as display visitation rules/non-disclosure agreement.
Print a visitor badge at the self-registration station or at a remote FrontDesk and allow
for remote authorization of the visit by the host or security desk. The Kiosk shall notify
the hosting employee when their visitor arrives.
Security Audit Compliance:
1.
Secure database
2.
Audit log
3.
Tamper proof visitor records
4.
Audit reports
5.
Backup and restore capabilities
ACCESS CONTROL READERS
A.
Contactless Smart Card Readers:
1.
Contactless Smart Card readers shall be "single-package" type, combining electronics
and antenna in one package in the following configurations:
2.
Provide surface mounting style 13.56 MHz or 13.56 MHz and 125 kHz prox
contactless smart card readers suitable for minimal space mounting configurations as
shown on the project plans.
3.
Contactless smart card readers shall comply with ISO 15693, ISO 14443A (CSN), and
ISO 14443B and shall read credentials that comply with these standards.
4.
Contactless smart card readers shall output credential data in compliance with the SIA
AC-01 Wiegand standard as follows:
a.
Reads standard proximity format data from OmniClass cards and outputs data
as encoded.
b.
Reads card serial number (CSN) of a MIFARE or DESFIRE card with
configurable outputs as 26-bit, 32-bit, 34-bit, 40-bit, or 56-bit.
5.
Data security with OmniClass cards shall use up to 128-bit authentication keys to
reduce the risk of compromised data or duplicate cards. The contactless smart card
reader and OmniClass cards shall require matching keys in order to function together.
All RF data transmission between the card and the reader shall be encrypted, using a
secure algorithm. Card readers shall be provided with keys that are compatible with
the OmniClass cards.
6.
The reader shall be of potted, polycarbonate material, sealed to a NEMA rating of 4X
(IP65).
7.
The contactless smart card reader shall provide the ability to change operational
features in the field through the use of a factory-programmed command card.
Additionally, firmware may be updated by flashing the reader. Command card
operational programming options shall include:
a.
Output configurations.
b.
LED & Audio configurations.
c.
Keypad configurations.
8.
Contactless smart card readers shall provide the following programmable audio/visual
indication:
a.
An audio transducer shall provide various tone sequences to signify: access
granted, access denied, power up, and diagnostics.
b.
A high-intensity light bar shall provide clear visual status (red/green/amber) that
is visible even in bright sunlight.
9.
Contactless smart card readers shall meet the following certifications:
a.
UL 294.
b.
Canada/UL 294.
28 10 00-30
10.
11.
12.
c.
FCC Certification.
d.
Canada Radio Certification.
e.
EU and CB Scheme Electrical Safety.
f.
EU - R&TTE Directive.
g.
CE Mark (Europe).
h.
IP55 Rated.
i.
C-Tick (New Zealand/Australia/Taiwan).
Contactless smart card readers shall meet the following environmental specifications:
a.
Operating temperature: -30 to 150 degrees F (-35 to 65 degrees C).
b.
Operating humidity: 5% to 95% relative humidity non-condensing.
c.
Weatherized design suitable to withstand harsh environments.
Contactless smart card reader cabling requirements shall be:
a.
Manufacturer: Honeywell Cable
b.
Cable distance: (Wiegand): 500 feet (150m).
c.
Cable type: 6-conductor #22 AWG minimum with overall foil shield and copper
drain wire.
d.
Standard reader termination: 18 inches (.5m) cable pigtail.
Warranty of contactless smart card readers shall be lifetime against defects in
materials and workmanship.
B.
Product: OM15 Mullion 13.56 MHz Contactless Smart Card Readers as manufactured by the
Honeywell Security Group:
1.
Typical contactless smart card read range shall be:
a.
2 inches - 3 inches (5.0 - 7.6 cm) using OmniClass card.
b.
1 inches (2.5 cm) using OmniClass Key Fob.
c.
1 inches(2.5 cm) using OmniClass Sticker (Tag).
d.
1 inches - 1.5 inches (2.5 - 3.8 cm) using OmniClass + HID 125KHz Prox card.
e.
1 inches - 2 inches (2.5 - 5.0 cm) using MIFARE Card (card serial number
only).
2.
Contactless smart card readers shall meet the following electrical specifications:
a.
Operating voltage: 5 - 16 VDC, reverse voltage protected. Linear power supply
recommended.
b.
Current requirements: (average/peak) 60/90mA @ 12 VDC.
3.
Contactless smart card readers shall meet the following physical specifications:
a.
Dimensions: 1.90 inches x 6 inches x .90 inches (4.8 cm x 15.3 cm x 2.3 cm).
b.
Weight: 3.2.oz (90.7 g).
c.
Material: UL94 Polycarbonate.
d.
Two-part design with separate mounting plate and reader body.
e.
Color: Black.
C.
Product: OM16 Mullion 13.56 MHz Contactless Smart and 125 kHz Prox Card Readers as
manufactured by the Honeywell Security Group:
1.
Typical contactless smart card read range shall be:
a.
2 inches - 3 inches (5.0 - 7.6 cm) using OmniClass card.
b.
1 inches (2.5 cm) using OmniClass Key Fob.
c.
1 inches(2.5 cm) using OmniClass Sticker (Tag).
d.
1 inches - 1.5 inches (2.5 - 3.8 cm) using OmniClass + HID 125KHz Prox card.
e.
1 inches - 2 inches (2.5 - 5.0 cm) using MIFARE Card (card serial number
only).
f.
1 inches - 3.5 inches (2.5 - 8.9 cm) using 125 kHz Prox card
2.
Contactless smart card readers shall meet the following electrical specifications:
a.
Operating voltage: 5 - 16 VDC, reverse voltage protected. Linear power supply
recommended.
b.
Current requirements: (average/peak) 75/100mA @ 12 VDC.
3.
Contactless smart card readers shall meet the following physical specifications:
a.
Dimensions: 1.90 inches x 6 inches x .90 inches (4.8 cm x 15.3 cm x 2.3 cm).
28 10 00-31
b.
c.
d.
e.
Weight: 3.2.oz (90.7 g).
Material: UL94 Polycarbonate.
Two-part design with separate mounting plate and reader body
Color: Black.
D.
Product: OM30 Mini-Mullion 13.56 MHz Contactless Smart Card Readers as manufactured
by the Honeywell Security Group:
1.
Typical contactless smart card read range shall be:
a.
2 inches - 3 inches (5.0 - 7.6 cm) using OmniClass card.
b.
1 inches (2.5 cm) using OmniClass Key Fob.
c.
1 inches(2.5 cm) using OmniClass Sticker (Tag).
d.
1 inches - 1.5 inches (2.5 - 3.8 cm) using OmniClass + HID 125KHz Prox card.
e.
1 inches - 2 inches (2.5 - 5.0 cm) using MIFARE Card (card serial number
only).
2.
Contactless smart card readers shall meet the following electrical specifications:
a.
Operating voltage: 5 - 16 VDC, reverse voltage protected. Linear power supply
recommended.
b.
Current requirements: (average/peak) 60/90mA @ 12 VDC.
3.
Contactless smart card readers shall meet the following physical specifications:
a.
Dimensions: 1.90 inches x 4.04 inches x .80 inches (4.83cm x 10.26 cm x 2.03
cm).
b.
Weight: 3.2.oz (90.7 g).
c.
Material: UL94 Polycarbonate.
d.
Two-part design with separate mounting plate and reader body.
e.
Color: Black.
E.
Product: OM31 Mini-Mullion 13.56 MHz Contactless Smart and 125 kHz Prox Card Readers
as manufactured by the Honeywell Security Group:
1.
Typical contactless smart card read range shall be:
a.
2 inches - 3 inches (5.0 - 7.6 cm) using OmniClass card.
b.
1 inches (2.5 cm) using OmniClass Key Fob.
c.
1 inches(2.5 cm) using OmniClass Sticker (Tag).
d.
1 inches - 1.5 inches (2.5 - 3.8 cm) using OmniClass + HID 125KHz Prox card.
e.
1 inches - 2 inches (2.5 - 5.0 cm) using MIFARE Card (card serial number
only).
f.
1 inches - 3.5 inches (2.5 - 8.9 cm) using 125 kHz Prox Card
2.
Contactless smart card readers shall meet the following electrical specifications:
a.
Operating voltage: 5 - 16 VDC, reverse voltage protected. Linear power supply
recommended.
b.
Current requirements: (average/peak) 75/100mA @ 12 VDC.
3.
Contactless smart card readers shall meet the following physical specifications:
a.
Dimensions: 1.90 inches x 4.04 inches x .80 inches (4.83cm x 10.26 cm x 2.03
cm).
b.
Weight: 3.2.oz (90.7 g).
c.
Material: UL94 Polycarbonate.
d.
Two-part design with separate mounting plate and reader body.
e.
Color: Black.
F.
Product: OM40 US Single-Gang 13.56 MHz Contactless Smart Card Readers as
manufactured by the Honeywell Security Group:
1.
Typical contactless smart card read range shall be:
a.
2.5 inches - 4.5 inches (6.3 - 11.4 cm) using OmniClass card.
b.
1 inches (2.5 cm) using OmniClass Key Fob.
c.
1 inches (2.5 cm) using OmniClass Sticker (Tag).
d.
1.5 inches - 2 inches (3.8 - 5.0 cm) using OmniClass + 125KHz HID Prox card.
e.
1 inches - 2 inches (2.5 - 5.0 cm) using MIFARE Card (card serial number
28 10 00-32
2.
3.
only).
Contactless smart card readers shall meet the following physical specifications:
a.
Dimensions: 3.30" x 4.80" x .85" (8.38cm x 12.19 cm x 2.16 cm).
b.
Weight: 8.8.oz (249.5 g).
c.
Material: UL94 Polycarbonate.
d.
Two-part design with separate mounting plate and reader body.
e.
Color: Black.
Contactless smart card readers shall meet the following electrical specifications:
a.
Operating voltage: 5 - 16 VDC, reverse voltage protected. Linear power supply
recommended.
b.
Current requirements: (average/peak) 65/90mA @ 12 VDC.
G.
Product: OM41 US Single-Gang 13.56 MHz Contactless Smart and 125 kHz Prox Card
Readers as manufactured by the Honeywell Security Group:
1.
Typical contactless smart card read range shall be:
a.
2.5 inches - 4.5 inches (6.3 - 11.4 cm) using OmniClass card.
b.
1 inches (2.5 cm) using OmniClass Key Fob.
c.
1 inches (2.5 cm) using OmniClass Sticker (Tag).
d.
1.5 inches - 2 inches (3.8 - 5.0 cm) using OmniClass + 125KHz HID Prox card.
e.
1 inches - 2 inches (2.5 - 5.0 cm) using MIFARE Card (card serial number
only).
f.
1 inches - 3.5 inches (2.5 - 8.9 cm) using 125 kHz Prox Card
2.
Contactless smart card readers shall meet the following physical specifications:
a.
Dimensions: 3.30 inches x 4.80 inches x .85 inches (8.38 cm x 12.19 cm x 2.16
cm).
b.
Weight: 8.8 oz (249.5 g).
c.
Material: UL94 Polycarbonate.
d.
Two-part design with separate mounting plate and reader body.
e.
Color: Black.
3.
Contactless smart card readers shall meet the following electrical specifications:
a.
Operating voltage: 5 - 16 VDC, reverse voltage protected. Linear power supply
recommended.
b.
Current requirements: (average/peak) 85/100mA @ 12 VDC.
H.
Product: OM55 13.56 MHz Contactless Smart Card with Keypad Readers as manufactured
by the Honeywell Security Group:
1.
Typical contactless smart card read range shall be:
a.
3 inches - 4 inches (7.6 - 10.1 cm) using OmniClass card.
b.
1 inches - 1.5 inches (2.5 - 3.8 cm) using OmniClass Key Fob.
c.
1 inches - 1.5 inches (2.5 - 3.8 cm) using OmniClass Sticker (Tag).
d.
1.5 inches - 2.0 inches (3.8 - 5.0 cm) using OmniClass + 125KHz HID Prox
card.
e.
1 inches - 2 inches (2.5 - 5.0 cm) using MIFARE Card (card serial number
only).
2.
Contactless smart card readers shall meet the following physical specifications:
a.
Dimensions: 3.30 inches x 4.80 inches x .90 inches (8.38cm x 12.19 cm x 2.28
cm).
b.
Weight: 10oz (283.4 g).
c.
Material: UL94 Polycarbonate.
d.
Two-part design with separate mounting plate and reader body.
e.
Color: Black.
3.
Contactless smart card readers shall meet the following electrical specifications:
a.
Operating voltage: 5 - 16 VDC, reverse voltage protected. Linear power supply
recommended.
b.
Current requirements: (average/peak) 85/100mA @ 12 VDC.
28 10 00-33
I.
Product: OM56 13.56 MHz Contactless Smart and 125 kHz Prox Card W/ Keypad Readers
as manufactured by the Honeywell Security Group:
1.
Typical contactless smart card read range shall be:
a.
3 inches - 4 inches (7.6 - 10.1 cm) using OmniClass card.
b.
1 inches - 1.5 inches (2.5 - 3.8 cm) using OmniClass Key Fob.
c.
1 inches - 1.5 inches (2.5 - 3.8 cm) using OmniClass Sticker (Tag).
d.
1.5 inches - 2.0 inches (3.8 - 5.0 cm) using OmniClass + 125KHz HID Prox
card.
e.
1 inches - 2 inches (2.5 - 5.0 cm) using MIFARE Card (card serial number
only).
f.
1 inches - 3.5 inches (2.5 - 8.9 cm) using 125 kHz Prox Card
2.
Contactless smart card readers shall meet the following physical specifications:
a.
Dimensions: 3.30 inches x 4.80 inches x .90 inches (8.38cm x 12.19 cm x 2.28
cm).
b.
Weight: 10oz (283.4 g).
c.
Material: UL94 Polycarbonate.
d.
Two-part design with separate mounting plate and reader body.
e.
Color: Black.
3.
Contactless smart card readers shall meet the following electrical specifications:
a.
Operating voltage: 5 - 16 VDC, reverse voltage protected. Linear power supply
recommended.
b.
Current requirements: (average/peak) 95/105mA @ 12 VDC.
J.
Contactless Proximity Card Readers:
1.
Card readers shall be "single-package" type, combining electronics and antenna in
one package in the following configurations:
2.
Provide surface mounting style 125kHz contactless proximity card readers suitable for
minimal space mounting configurations as shown on the project plans.
3.
Contactless proximity card readers shall output credential data in compliance with the
SIA AC-01 Wiegand standard as follows:
a.
Reads standard proximity format data from OmniProx cards and outputs data in
Wiegand format.
b.
Reads card number with formats up 84 bits.
4.
The reader shall be of potted, polycarbonate material, sealed to a NEMA rating of 4X
(IP65).
5.
The contactless proximity card reader shall provide the ability to change operational
features in the field through the use of a factory-programmed command card.
Additionally, firmware may be updated by flashing the reader. Command card
operational programming options shall include:
a.
Output configurations.
b.
LED & Audio configurations.
c.
Keypad configurations.
6.
Contactless proximity card readers shall provide the following programmable
audio/visual indication:
a.
An audio transducer shall provide various tone sequences to signify: access
granted, access denied, power up, and diagnostics.
b.
A high-intensity light bar shall provide clear visual status (red/green/amber) that
is visible even in bright sunlight.
7.
Contactless proximity card readers shall meet the following certifications:
a.
UL 294.
b.
Canada/UL 294.
c.
FCC Certification.
d.
ROHS compliant
e.
Canada Radio Certification.
f.
CE Mark (Europe).
8.
Contactless proximity card readers shall meet the following environmental
28 10 00-34
9.
10.
specifications:
a.
Operating temperature: -25 to 145 degrees F (-31 to 63 degrees C).
b.
Operating humidity: 0% to 95% relative humidity non-condensing.
c.
Weatherized design suitable to withstand harsh environments.
Contactless proximity card reader cabling requirements shall be:
a.
Manufacturer: Honeywell Cable
b.
Cable distance: (Wiegand): 500 feet (150m).
c.
Cable type: 6-conductor #22 AWG minimum with overall foil shield and drain
wire.
d.
Standard reader termination: 18 inches (.5m) cable pigtail.
Warranty of contactless proximity card readers shall be lifetime against defects in
materials and workmanship.
K.
Product: OP10 Mini-Mullion 125kHz Contactless Proximity Card Readers as manufactured
by the Honeywell Security Group:
1.
Typical contactless proximity card read range shall be:
a.
1.5 inches - 4 inches (3.8 - 10.2 cm) using OmniProx card
2.
Contactless proximity card readers shall meet the following electrical specifications:
a.
Operating voltage: 5.0 - 16 VDC, reverse voltage protected. Linear power
supply recommended.
b.
Current requirements: 60/120mA @ 12 VDC.
3.
Contactless proximity card readers shall meet the following physical specifications:
a.
Dimensions: 3.15 inches x 1.57 inches x 0.50 inches (80cm x 40 cm x 12.8
cm).
b.
Material: UL94 Polycarbonate.
c.
Two-part design with separate reader body and cover.
d.
Color: Black, charcoal gray & ivory interchangeable bezels.
4.
Contactless card reader shall be Honeywell OP10 compatible with selected card
media.
L.
Product: OP30 Mullion 125kHz Contactless Proximity Card Readers as manufactured by the
Honeywell Security Group:
1.
Typical contactless proximity card read range shall be:
a.
1.5 inches - 4 inches (3.8 - 10.2 cm) using OmniProx card
2.
Contactless proximity card readers shall meet the following electrical specifications:
a.
Operating voltage: 5.0 - 16 VDC, reverse voltage protected. Linear power
supply recommended.
b.
Current requirements: 60/120mA @ 12 VDC.
3.
Contactless proximity card readers shall meet the following physical specifications:
a.
Dimensions: 5.71 inches x 1.69 inches x 0.79 inches (145cm x 43 cm x 20 cm).
b.
Material: UL94 Polycarbonate.
c.
Two-part design with separate reader body and cover.
d.
Color: Black, charcoal gray & ivory interchangeable bezels.
4.
Contactless proximity card reader shall be Honeywell OP30 compatible with selected
card media.
M.
Product: OP40 Single-Gang (US) 125kHz Contactless Proximity Card Readers as
manufactured by the Honeywell Security Group:
1.
Typical Contactless proximity Card read range shall be:
a.
1.5 inches - 4 inches (3.8 - 10.2 cm) using OmniProx card
2.
Contactless proximity Card readers shall meet the following electrical specifications:
a.
Operating voltage: 5.0 - 16 VDC, reverse voltage protected. Linear power
supply recommended.
b.
Current requirements: 60/120mA @ 12 VDC.
3.
Contactless proximity Card readers shall meet the following physical specifications:
a.
Dimensions: 4.33 inches x 2.95 inches x 0.59 inches (110cm x 75 cm x 15 cm).
28 10 00-35
4.
2.8
b.
Material: UL94 Polycarbonate.
c.
Two-part design with separate reader body and cover.
d.
Color: Black, charcoal gray & ivory interchangeable bezels.
Contactless proximity Card reader shall be Honeywell OP40 compatible with
selected card media.
N.
Product: OP45 Single-Gang (EU/APAC) 125kHz Contactless Proximity Card Readers as
manufactured by the Honeywell Security Group:
1.
Typical Contactless proximity Card read range shall be:
a.
1.5 inches - 4 inches (3.8 - 10.2 cm) using OmniProx card
2.
Contactless proximity Card readers shall meet the following electrical specifications:
a.
Operating voltage: 5.0 - 16 VDC, reverse voltage protected. Linear power
supply recommended.
b.
Current requirements: 60/120mA @ 12 VDC.
3.
Contactless proximity Card readers shall meet the following physical specifications:
a.
Dimensions: 3.5 inches x 3.5 inches x 0.595 inches (88.9 cm x 88.9 cm x 15
cm).
b.
Material: UL94 Polycarbonate.
c.
Two-part design with separate reader body and cover.
d.
Color: Black, charcoal gray & ivory interchangeable bezels
4.
Contactless proximity Card reader shall be Honeywell OP45 compatible with selected
card media.
O.
Product: OP90 Single-Gang (US) 125kHz Contactless Proximity Card Vandal Resistant
Readers as manufactured by the Honeywell Security Group:
1.
Typical Contactless proximity Card read range shall be:
a.
1.5 inches - 4 inches (3.8 - 10.2 cm) using OmniProx card
2.
Contactless proximity Card readers shall meet the following electrical specifications:
a.
Operating voltage: 5.0 - 16 VDC, reverse voltage protected. Linear power
supply recommended.
b.
Current requirements: 60/120mA @ 12 VDC.
3.
Contactless proximity Card readers shall meet the following physical specifications:
a.
Dimensions: 4.5 inches x 3.15 inches x 0.59 inches (114cm x 80 cm x 15 cm).
b.
Material: UL94 Polycarbonate.
c.
Two-part design with reader body and cover.
d.
Color: Silver.
4.
Contactless proximity Card reader shall be Honeywell OP90 compatible with
selected card media.
P.
Product: OP95 Single-Gang (US) 125kHz Contactless Proximity Card Vandal Resistant
Readers + Keypad as manufactured by the Honeywell Security Group:
1.
Typical Contactless proximity Card read range shall be:
a.
1.5 inches - 4 inches (3.8 - 10.2 cm) using OmniProx card
2.
Contactless proximity Card readers shall meet the following electrical specifications:
a.
Operating voltage: 5.0 - 16 VDC, reverse voltage protected. Linear power
supply recommended.
b.
Current requirements: 60/120mA @ 12 VDC.
3.
Contactless proximity Card readers shall meet the following physical specifications:
a.
Dimensions: 4.5 inches x 3.15 inches x 0.59 inches (114cm x 80 cm x 15 cm).
b.
Material: UL94 Polycarbonate.
c.
Two-part design with separate reader body and cover.
d.
Color: Silver
4.
Contactless proximity Card reader shall be Honeywell OP95 compatible with selected
card media.
ACCESS CONTROL CREDENTIALS
28 10 00-36
A.
Access cards shall be used with access readers to gain entry to access controlled portals
(e.g.; doors, gates, turnstiles) and to hold information specific to the user and shall be
Contactless Smart Card or Contactlesss Proximity Card technology credentials.
B.
Contactless Smart Cards
1.
Single Technology Access Card:
a.
The card shall meet the following standards for contactless smart cards: ISO
15693 and ISO 14443B2.
b.
The card shall meet ISO 7810 specifications for length, width, thickness,
flatness, card construction and durability, and shall be in a form suitable for
direct two-sided dye-sublimation or thermal transfer printing on the specified
badge printer.
c.
Presentation to the access control reader at any angle within a minimum of one
inch (25 mm) shall result in an accurate reading of the card.
d.
Unique 64-bit, fixed card serial number, used for anti-collision and key
diversification.
e.
The card shall support capability, with a minimum of 2 Kbits (256 bytes) of
EEPROM memory or 16 Kbits (2048 bytes) of EEPROM memory. The 2 Kbit
card shall have a minimum of 2 Application Areas, and the 16Kbit shall have
either 2 or 16 Application Areas to support future applications. Data retention
shall be 10 years, nominal. Wiegand card data up to 84 bits in length shall be
factory programmed in Application Area 1 for use with access control systems.
f.
Each Application Area on the card shall be secured with up to a 128-bit unique,
diversified security key, such that data stored in that area cannot be accessed
or modified until the card and reader have completed a mutual authentication
process.
g.
The card shall be capable of completing any write operation, even if the card is
removed from the RF field during that operation.
h.
The card shall be warranted against defects in materials and workmanship for
two years, or if multiple technologies are used: with a magnetic stripe the card
shall have a fifteen month warranty; or with a contact chip, the card shall have a
one year warranty.
i.
Provide "smart" access cards, compatible with the specified card readers.
Cards shall be encoded with Wiegand card data, at the factory.
j.
The card shall not carry any identification showing the location of the property
unless otherwise specified herein.
k.
The card shall be capable of accepting a slot punch on one end, allowing it to
be hung from a strap/clip in a vertical orientation.
2.
Multiple Technology Access Card:
a.
The card shall support 13.56 MHz OmniClass contactless smart chip and
antenna plus any or all of the following technologies, simultaneously:
1)
125 kHz HID Proximity chip and antenna.
2)
Magnetic Stripe.
3)
Embedded Contact Smart Chip Module.
b.
The card shall be available with a 13.56 MHz OmniClass contactless smart chip
and antenna plus a Wiegand Strip with an optional magnetic stripe, meeting all
ISO 7810 standards except for card thickness, which shall be 0.037 inch (0.939
mm). The card will not be available with 125 kHz proximity technology and/or
an embedded contact smart chip module.
3.
Access Key Fob:
a.
The Key Fob shall meet the following standards for contactless smart cards:
ISO 15693 and ISO 14443B2.
b.
The Key Fob shall be constructed of durable injection molded polycarbonate
plastic, with a slot molded into one end, and shall be suitable for placement on
a key ring.
c.
Presentation to the access control reader at any angle within one inch (25 mm)
28 10 00-37
shall result in an accurate reading of the key fob.
Provide key fobs compatible with the specified card readers.
The key fob shall not carry any identification showing the location of the
property unless otherwise specified herein.
f.
The key fob shall be warranted against defects in materials and workmanship
for two years.
Access Sticker:
a.
The Sticker shall meet the following standards for contactless smart cards: ISO
15693 and ISO 14443B2.
b.
The Sticker shall be a flat disc-shaped unit with a polycarbonate cover and a
self-stick adhesive back.
c.
The Sticker shall be capable of affixation to non-metallic personal items such as
PDAs, cell phones, business assets, or to existing access control or
identification cards for the purpose of transitioning from earlier technologies to
contactless smart cards.
d.
The Sticker shall not be used with tractor-feed (full insertion) readers.
e.
Presentation to the access control reader at any angle within one inch (25 mm)
shall result in an accurate reading of the Sticker.
f.
The Sticker shall be warranted against defects in materials and workmanship
for two years.
g.
Provide Access Stickers compatible with the specified card readers.
h.
The Sticker shall not carry any identification showing the location of the
property unless otherwise specified herein.
d.
e.
4.
C.
2.9
Contactless Proximity Cards
1.
The card shall meet the following standards for contactless proximity cards:
a.
125 kHz HID Proximity chip and antenna
b.
The card shall meet ISO 7810 specifications for length, width, thickness,
flatness, card construction and durability, and shall be in a form suitable for
direct two-sided dye-sublimation or thermal transfer printing on the specified
badge printer.
c.
Presentation to the access control reader at any angle within a minimum of one
inch (25 mm) shall result in an accurate reading of the card.
d.
The card shall be capable of completing any write operation, even if the card is
removed from the RF field during that operation.
e.
The card shall be warranted against defects in materials and workmanship for
two years, or if multiple technologies are used: with a magnetic stripe the card
shall have a fifteen month warranty.
f.
Provide "smart" access cards, compatible with the specified card readers.
Cards shall be encoded with Wiegand card data, at the factory in 26 or 34 bit
formats.
g.
The card shall not carry any identification showing the location of the property
unless otherwise specified herein.
h.
The card shall be capable of accepting a slot punch on one end, allowing it to
be hung from a strap/clip in a vertical orientation
ACCESS CONTROL CABLES
A.
Access Control System components shall be connected using the following Honeywell
Genesis Series Cables:
1.
Shielded 6-Conductor Reader Cables: foil shielded with drain wire, stranded copper
conductors: General Purpose Rated: Polypropylene Insulation, PVC Jacket: CM, CL2,
Sunlight Resistant listed.
a.
22AWG:
1)
General Purpose Rated: CM, CL2, Sunlight Resistant Listed: Part #:
1206.
28 10 00-38
2.
3.
4.
5.
2)
Riser Rated: CMR, CL2R, FT4, Sunlight Resistant Listed: Part #: 2206.
3)
Plenum Rated: CMP, CL2P, FT6 Listed: Part #: 3206.
b.
18AWG:
1)
General Purpose Rated: CM, CL2, Sunlight Resistant Listed: Part #:
1216.
2)
Riser Rated: CMR, CL2R, FT4, Sunlight Resistant Listed: Part #: 2216.
3)
Plenum Rated: CMP, CL2P, FT6 Listed: Part #: 3216.
Unshielded 18AWG 2-Conductor Power/Door Cables: Stranded copper conductors:
a.
General Purpose Rated: CM, CL2, Sunlight Resistant Listed: Part #: 1118.
1)
Riser Rated: CMR, CL2R, FT4, Sunlight Resistant Listed: Part #: 2114.
2)
Plenum Rated: CMP, CL2P, FT6 Listed: Part #: 3114.
Shielded 22AWG 2-Conductor Alarm Cables: foil shielded with drain wire, stranded
copper conductors: General Purpose Rated: Polypropylene Insulation, PVC Jacket:
CM, CL2, Sunlight Resistant listed.
a.
General Purpose Rated: CM, CL2, Sunlight Resistant Listed: Part #: 1202.
1)
Riser Rated: CMR, CL2R, FT4, Sunlight Resistant Listed: Part #: 2202.
2)
Plenum Rated: CMP, CL2P, FT6 Listed: Part #: 3202.
Bundled Access Control Cables: 4 components, Profusion unjacketed bundle.
a.
Part #: 2195, Riser Rated, CMR, CL2R, FT4, Sunlight Resistant Listed.
1)
Component 1: 22 AWG, 6 stranded conductors, shielded.
2)
Component 2: 18 AWG, 4 stranded conductors.
3)
Component 3: 22 AWG, 2 stranded conductors.
4)
Component 4: 22 AWG, 4 stranded conductors.
b.
Part #: 2295, Riser Rated, CMR, CL2R, FT4, Sunlight Resistant Listed.
1)
Component 1: 22 AWG, 6 stranded conductors, shielded.
2)
Component 2: 18 AWG, 4 stranded conductors, shielded.
3)
Component 3: 22 AWG, 2 stranded conductors, shielded.
4)
Component 4: 22 AWG, 4 stranded conductors, shielded.
c.
Part #: 3195, Plenum Rated, CMP, CL2P, FT6 Listed.
1)
Component 1: 22 AWG, 6 stranded conductors, shielded.
2)
Component 2: 18 AWG, 4 stranded conductors.
3)
Component 3: 22 AWG, 2 stranded conductors.
4)
Component 4: 22 AWG, 4 stranded conductors.
d.
Part #: 3295, Plenum Rated, CMP, CL2P, FT6 Listed.
1)
Component 1: 22 AWG, 6 stranded conductors, shielded.
2)
Component 2: 18 AWG, 4 stranded conductors, shielded.
3)
Component 3: 22 AWG, 2 stranded conductors, shielded.
4)
Component 4: 22 AWG, 4 stranded conductors, shielded.
Bundled Access Control Cables: 4 components, Overall jacketed bundle.
a.
Part #: 2196, Riser Rated, CMR, CL2R, FT4, Sunlight Resistant Listed.
1)
Component 1: 22 AWG, 6 stranded conductors, shielded.
2)
Component 2: 18 AWG, 4 stranded conductors.
3)
Component 3: 22 AWG, 2 stranded conductors.
4)
Component 4: 22 AWG, 4 stranded conductors.
b.
Part #: 2296, Riser Rated, CMR, CL2R, FT4, Sunlight Resistant Listed.
1)
Component 1: 22 AWG, 6 stranded conductors, shielded.
2)
Component 2: 18 AWG, 4 stranded conductors, shielded.
3)
Component 3: 22 AWG, 2 stranded conductors, shielded.
4)
Component 4: 22 AWG, 4 stranded conductors, shielded.
c.
Part #: 3196, Plenum Rated, CMP, CL2P, FT6 Listed.
1)
Component 1: 22 AWG, 6 stranded conductors, shielded.
2)
Component 2: 18 AWG, 4 stranded conductors.
3)
Component 3: 22 AWG, 2 stranded conductors.
4)
Component 4: 22 AWG, 4 stranded conductors.
d.
Part #: 3296, Plenum Rated, CMP, CL2P, FT6 Listed.
1)
Component 1: 22 AWG, 6 stranded conductors, shielded.
28 10 00-39
2)
3)
4)
Component 2: 18 AWG, 4 stranded conductors, shielded.
Component 3: 22 AWG, 2 stranded conductors, shielded.
Component 4: 22 AWG, 4 stranded conductors, shielded.
PART 3 EXECUTION
3.1
EXAMINATION
A.
3.2
3.3
3.4
PREPARATION
A.
Clean surfaces thoroughly prior to installation.
B.
Prepare surfaces using the methods recommended by the manufacturer for achieving the
best result for the substrate under the project conditions.
INSTALLATION
A.
System, including but not limited to access control, alarm monitoring and reporting, time
management, and user identification cards shall be installed in accordance with the
manufacturer's installation instructions.
B.
Supervise installation to appraise ongoing progress of other trades and contracts, make
allowances for all ongoing work, and coordinate the requirements of the installation of the
System.
FIELD TESTING AND CERTIFICATION
A.
3.5
Do not begin installation until substrates have been properly prepared. If substrate
preparation is the responsibility of another installer, notify Architect of unsatisfactory
preparation before proceeding.
Testing: The control, alarm monitoring and reporting, time management, and user
identification cards shall be tested in accordance with the following:
1.
Conduct a complete inspection and test of all installed access control equipment.
2.
Provide staff to test all devices and all operational features of the System for witness
by the Owner's representative and authorities having jurisdiction as applicable.
3.
Correct deficiencies until satisfactory results are obtained.
4.
Submit written copies of test results.
PROTECTION
A.
Protect installed products until completion of project.
B.
Touch-up, repair or replace damaged products before Substantial Completion.
END OF SECTION
28 10 00-40