Practical application case of large-scale TCP/IP network access control system
[ad_1]
This article uses an actual engineering case to illustrate the advantages of large-scale network access control and analyze it according to customer needs. Finally, I will describe the issues that need attention in the design and construction of the system. This article is a large-scale enterprise with branches in major cities in China. In order to facilitate the convenience and uniformity of personnel travel and attendance between enterprises, the company decided to use a unified access control and attendance system for branches across the country.
Develop system architecture and functional module implementation methods according to customer needs
According to customer requirements, after analysis, customers have relatively high customization requirements for the access control system. The enterprise’s management requirements for access control are higher than ordinary access control, and it is hoped that the access control system this time will directly participate in the management process of the internal company. Regardless of the higher customization requirements for the software part of the access control system, the requirements for the customization part of the access control hardware itself are also higher than ordinary access control.
1. In the most important controller part of the access control, in the access control controller part according to the various needs of customers, it is decided to choose the TCP/IP network controller based on the LINUX system.
Analysis and reasons:
Each branch and factory of the enterprise has network conditions. It is most suitable to use a network controller. This not only ensures the convenience of controller debugging, but also facilitates the use of the network to build the system architecture. Because the network controller does not occupy much network bandwidth (generally The network controller can use 256K bandwidth), which can completely use the enterprise’s VPN local area network for networking.
The network controller in this solution can set the IP address itself, and the operation process is simple, which is also convenient for the company to change the IP address in the future, and the local ordinary network technicians can change it, without the need for access control professionals to visit the door for maintenance.
The network controller of this solution is based on the LINUX system, and the controller itself is a small system. The on-site installer can log in to the controller’s IP and make settings for the controller. Even if the network is not connected, the on-site technicians can always Can carry on debugging work, does not need the software of the remote place to carry on the two-way synchronization support. The access control controller based on LINUX operating system is also convenient for the secondary development of the controller. The secondary development of the controller for the customer is relatively simple under the network controller of Huiyou.
The high configuration of the system’s network controller itself and the high bandwidth of the TCP/IP network compared to the RS485 bus can completely process the authorization of 2W cards and the complex access authority settings within 10 minutes. The high configuration of the network controller also satisfies the customer’s changes to the controller’s card swiping methods at different periods of time, and provides sufficient conditions for linkage with the alarm controller.
2. In the access control card reader part, we decided to use a CPU card reader with LCD screen display function according to customer needs. For the office attendance part, we decided to use a network fingerprint time attendance machine to collect attendance data.
Analysis and reasons:
Some door areas of the company are linked to the alarm controller. Customers need to confirm whether the area has been armed before swiping the card, and there should be a prompt message after the card is rejected, so that the card reader can know the status of the card at any time.
The card reader has a liquid crystal display, so that when the card user is rejected, he can immediately understand what caused the card to fail to access the door. This reduces the customer’s doubts in use and enhances the relationship between the access control user and the access control. comminicate.
The use of the network fingerprint attendance machine can prevent the phenomenon of entrusted check-in, and improve the management control of the personnel attendance part of the enterprise.
3. The CPU card of Fudan Microelectronics selected for the access control card
Analysis and reasons:
Enterprises have high security requirements. In order to prevent the possibility of cards being copied, we chose CPU cards. CPU cards are much safer than ICs. The CPU encryption technology completely prevents the possibility of cards being copied. Shanghai employees need a card + password to enter and leave the office during non-working hours, which further ensures the security of the entire enterprise.
4. The main entrances and exits of the enterprise factory and the key areas of the factory decided to use barrier-free passages for entry and exit management. In cooperation with the fast-track manufacturers, the access controller of Huiyou is built into the control part of the fast-track, so that the access controller can be used Control the mechanical part of the channel.
Analysis and reasons:
The company has a large number of people in the factory, and the workshop assembly lines are relatively confidential and isolated. The company’s factory prohibits irrelevant personnel from entering and exiting the assembly line. However, due to the large number of people entering and exiting the assembly line during get off work hours, in order to solve the safety problems of the assembly line in and out and the mobility of personnel The problem is that we have adopted barrier-free passages similar to those of the Shanghai Metro. The use of barrier-free passages can not only ensure the efficiency of personnel entry and exit, but also facilitate the delivery of goods to the assembly line workshop.
For some key areas of the factory, not only barrier-free passages are used to ensure the entry and exit of people and the transportation of goods, but also the LCD screen displays real-time photos of the people who swipe the card, so that the guards can compare the photos of the people who enter and exit at any time.
5. In the end, the system determines the overall development framework of the software. The software is an integral part of the man-machine dialogue in the access control system. All functions of the access control system need to be embodied by software and completed by humans and software. Although the company will eventually import the personnel ERP into the access control system software, the management of the access control system of each branch is still completed by the personnel of the local branch. Based on these circumstances, we decided to use the B/S architecture for the software operation method. That is, the IE browser interface that everyone is familiar with. Use the WEB service interface method in connection with each enterprise ERP.
Analysis and reasons:
There are three reasons to use the B/S architecture. First, there is no need to install technicians to install client software for each operator. Developers only need to maintain server software; second, for the current operating system that is constantly upgraded, if you use traditional software clients, then Every time after the customer upgrades the operating system, we need to update the client software. The update of the client software requires the reinstallation of the client software, which increases the maintenance cost. For the browser update, the developer only needs to update the server. Thirdly, due to the large number of computers used by the branch office, there is no guarantee that the client software will not conflict with other software and enterprise domain management. The use of IE browser has solved the software compatibility problem:
The linkage and data sharing between the access control system software and other ERP systems is carried out by WEB SERVICE. The ERP system of this enterprise is developed by multiple software companies, and the development environment and database selected are different. Fortunately, there is a WEB SERVICE method. Help us solve these difficulties.
WEB SERVCIE, or Web Service, is a network-based, distributed modular component that performs specific tasks and abides by specific technical specifications. These specifications enable Web Service to interoperate with other compatible components.
6. The application of door sensor alarm and mobile phone text message is an indispensable part of this access control system. Although the door sensor was installed in the access control system of each branch of the company before, due to the negligence of the personnel, the door was often unsuccessful. Completely closed, although the door sensor has alarmed, but since all personnel have left after get off work, no one will handle the alarm even if the alarm is issued. According to the customer’s request, the door sensor alarm will be notified to the relevant personnel via SMS, so that the relevant personnel can deal with it. In order to ensure the safety of entering and exiting enterprises after get off work.
7. The linkage function of the access control controller and the alarm controller. This function is also specially proposed by the company. In the past, due to the negligence of the company’s employees, the alarm controller entered the armed area when the alarm controller was not disarmed, causing the direct alarm controller to alarm. Since all the alarm controllers are connected to 110, 110 rushed to the country several times, and it was discovered that it was an accidental break-in, which caused a lot of trouble to the enterprise. According to customer requirements, we pass the access control, and it is forbidden to swipe the card to open the door when the alarm controller is armed. Because the selected LINUX-based network controller has passed the state detection of the input and output of the alarm port, this problem is solved well, so the rich interface of the access controller is also the standard of a good controller.
Some of the above solutions and function definitions have solved all the needs of customers. From the above 7 points, the diversification of network controllers based on LINUX and the convenient secondary development have solved the needs of customers. The function of this, so as to meet the security requirements of customers for the access control system. The developmental design of the software also reduces the difficulty of secondary development. It can share data more smoothly with other systems and execute the instructions sent by each system. Some brands of network controllers are modular in design, which means that the controller hardware itself is divided into three parts, namely, the basic processing module, the door processing module, and the alarm processing module. Huiyou’s network controller can freely add the required modules according to its own needs. If you need a 6-door network access controller, you only need to purchase the basic processing module and 3 door processing modules. If you need an alarm, just add more Alarm processing module. The advantage of this hardware design is that it can be purchased according to the requirements of different locations. Because each basic processing module can use 4 door processing modules and 1 alarm processing module, even if it is configured with 6 door access control at the time , And suddenly need to increase to 8 doors, you only need to purchase another door processing module, no need to replace the access control controller, thus increasing the system redundancy, reducing the cost of system expansion.
Concluding remarks
After the completion of this project, readers can more clearly recognize the development direction and improvement of the access control system. Personally summarize the following points.
1. Compared with the traditional RS485 bus access controller, the TCP/IP network access controller has the advantages of non-regional, convenient expansion, and less interference. Especially in the large-scale access control system, it is an established fact to replace the 485 access control system.
2. With the development of CPU technology, the access control controller will become more powerful, and the ability to process data will be faster. With the high bandwidth of the network, the speed of the software transmitting data to the controller will be faster. Each function will be modularized and linked to more related equipment. The access controller uses the LINUX system as the basis. Due to the development of CPU technology, the access controller is also turned into an access controller PC, from a common solidified operating platform to an open operating platform, so that the controller functions can be loaded. Enhance the processing function of the controller itself, and it is likely to develop into a touch screen in the future, so that all technicians can understand the real-time status of the controller.
3. The card reader adds a screen. Although the card reader has a small screen, it can display the status of the controller on the screen at any time, so that all users can understand the status of the access control.Although the screen of this case is only to let the customer know that the controller is in the armed state or for what reason the card is refused to enter, I believe that in the near future, the screen of the card reader can be used to operate the settings of the controller, so that the technicians can be in any access control Zone adjustment controller status and settings
4. The access control system will be more and more connected with other systems, whether it is software or hardware. As an important part of the weak current system, the access control system will work more closely with other systems, and it is not only security system.
5. The fast track will also be popularized in various factories and business buildings. The safety and personnel mobility of the fast track are very suitable for those places that need to enter and exit safely and are crowded with people.
[ad_2]