1 72

Architect and Engineering Specifications


Contents

1 General 4

1.1 Summary 4

1.1.1 References 4

1.1.2 System Overview 4

2 Products 5

2.1 System Software Requirements 5

2.1.1 Multi-User/Network Capabilities 6

2.1.2 Concurrent Licensing 6

2.1.3 Microsoft Certifications 6

2.1.4 Security Key 8

2.1.5 Access Control Software Suite 8

2.1.6 Terminal Services 11

2.1.7 Operating System 11

2.1.8 Relational Database Management System 11

2.1.9 LDAP/ Microsoft Active Directory Services 12

2.1.10 OLE-DB 12

2.1.11 Unicode 12

2.1.12 Encryption 12

2.2 Operational Requirements 13

2.2.1 System Operations 13

2.2.2 Access Control Functional Requirements 21

2.2.3 System Administration 40

2.3 Hardware Requirements 44

2.3.1 Hardware Support 44

2.3.2 Server/Workstation Hardware Configuration 45

2.4 Field Controllers 46

2.4.1 System Controllers 46

2.4.2 Cardkey Controllers: 54

2.5 Enclosure 55

2.6 Electrical Power Requirements 55

2.7 Environmental Conditions 56

2.8 System Interfaces 56

2.8.1 Analog CCTV Switchers 56

2.8.2 Digital Video Recording 58

2.8.3 Paging / E-Mail 59

2.8.4 Stentonfon Intercom Interface 60

2.8.5 Visitor Management System (VMS) 61

3 Execution 66

3.1 Examination 66

3.2 Installation 66

3.3 Testing and Certification 66

A CPU Minimum Requirements 67

A.1 Pro-Watch Professional Edition 67

A.2 Pro-Watch Corporate Edition 69

A.3 Pro-Watch Enterprise Edition 71

1  General

1.1  Summary

The intent of this document is to specify the minimum criteria for the design, supply, installation, and activation of the Security Management System, which shall be a modular and network enabled access control system. The System shall be capable of handling large proprietary corporations with multiple remote sites, alarm monitoring, video imaging and badging, paging, digital video control and a CCTV switching that allows for easy expansion or modification of inputs and remote control stations.

1.1.1  References

1.1.1.1  Federal Communications Commission (FCC):

·  FCC Part 15 – Radio Frequency Devices

·  FCC Part 68 – Connection of Terminal Equipment to the Telephone Network

1.1.1.2  Underwriters Laboratories (UL):

·  UL294 – Access Control System Units

·  UL1076 – Proprietary Burglar Alarm Units and Systems

1.1.1.3  National Fire Protection Association (NFPA):

·  NFPA70 – National Electrical Code

1.1.1.4  Electronic Industries Alliance (EIA):

·  RS-232C – Interface between Data Terminal Equipment and Data Communications Equipment Employing Serial Binary Data Interchange

·  RS-485 – Electrical Characteristics of Generators and Receivers for use in Balanced Digital Multi-Point Systems.

Document 7-501083, Revision 00 Architect and Engineering Specification

© 2005 Honeywell International. Confidential. 1 Pro-Watch 3, Release 6, Service Pack 2

Architect and Engineering Specifications

1.1.2  System Overview

The Security Management System shall integrate Access Control, Alarm Monitoring, CCTV, Digital Video, Video Badging, and Database Management. A modular and network enabled architecture shall allow maximum versatility for tailoring secure and dependable access and alarm monitoring solutions for medium and large facilities. The System shall at a minimum include the following capabilities:

·  Direct wire operation, local area network (LAN) (Ethernet) or wide area network (WAN) operation, or remote operation via modem. When configured for dial-up, any one port can support multi dialup locations.

·  A flexible and modular design shall provide ease of installation, robustness, reliability, and expansion.

·  Distributed architecture shall allow controllers to operate independently of the host. The architecture shall place key access decisions, event/action processing, and alarm monitoring functions within the controllers, eliminating degraded mode operation.

·  Communication between the server/workstations, controllers, and other hardware shall be via the Security Management System software.

·  Proprietary software programs and control logic information used to coordinate and drive system hardware shall be stored in read-only memory (PROM).

·  Upgrades to the hardware and software shall occur seamlessly without the loss of database, configurations, or historical report data.

·  Flash memory shall support firmware updates and revisions to be downloaded to the system via modem or system communication.

·  Both supervised and non-supervised alarm point monitoring shall be provided. Upon recognition of an alarm, the system shall be capable of switching CCTV cameras that are associated with the alarm point.

·  Manual or automatic arming or disarming alarm points shall be performed by time of day and day of week.

·  Database partitioning shall provide the option to restrict access to sensitive information by user ID.

2  Products

2.1  System Software Requirements

The Security Management System, hereinafter referred to as the System, shall be a modular and network enabled access control system. The System shall be capable of controlling multiple remote sites, alarm monitoring, video imaging, video badging, paging, digital video and CCTV switching and control that allows for easy expansion or modification of inputs and remote control stations. The System control at a central computer location shall be under the control of a single software program and shall provide full integration of all components. It shall be alterable at any time depending upon facility requirements. System reconfiguration shall be accomplished on-line through system programming. The System shall include the following:

2.1.1  Multi-User/Network Capabilities

The System shall support multiple operator workstations via local area network/wide area network (LAN/WAN). The communications between the workstations and the Server computer shall utilize the TCP/IP standard over industry standard IEEE 802.3 (Ethernet). The communications between the Server and workstations shall be supervised, and shall automatically generate alarm messages when the Server is unable to communicate with a workstation. The operators on the network Server shall have the capability to log on to workstations and remotely configure devices for the workstation. Standard operator permission levels shall be enforced, with full operator audit.

Document 7-501083, Revision 00 Architect and Engineering Specification

© 2005 Honeywell International. Confidential. 1 Pro-Watch 3, Release 6, Service Pack 2

Architect and Engineering Specifications

2.1.2  Concurrent Licensing

The System shall support concurrent client workstation licensing. The System application shall be installed on any number of client workstations, and shall provide the ability for any of the client workstations to connect to the database server as long as the maximum number of concurrent connections purchased has not been exceeded.

Document 7-501083, Revision 00 Architect and Engineering Specification

© 2005 Honeywell International. Confidential. 1 Pro-Watch 3, Release 6, Service Pack 2

Architect and Engineering Specifications

2.1.3  Microsoft Certifications

·  A Microsoft Gold Certified Partner shall develop the System Software. Microsoft Gold Certified Partners meet a higher set of criteria for each category, including enhanced certification and a portfolio of real-world customer references, and are thus identified as the most skilled partners in specific solution areas. Microsoft Gold Certified Partners encompass a broad range of technical expertise, including specialized disciplines such as e-commerce, networking, collaboration, and commitment to emerging technology and providing excellence in customer solutions.

·  The System shall be certified for both Windows 2000 Server as well as Windows 2000 Professional. Systems that are not certified for BOTH operating systems shall be unacceptable.

2.1.3.1  Microsoft Windows 2000 Certification Common Requirements.

The System shall:

·  Perform primary functionality and maintain stability

·  Provide 32-bit components and document any 16-bit code

·  Support Long File Names and UNC paths

·  Support printers with long names and UNC paths

·  Not read from or write to WIN.INI, SYSTEM.INI, AUTOEXEC.BAT or CONFIG.SYS

·  Ensure non-hidden files outside of your application directory have associated file types, and all file-types have associated icons, descriptions and actions

·  Perform Windows version checking correctly

·  Hardware drivers must pass WHQL testing

·  Install using a Windows Installer-based package that passes validation testing

·  Install to Program Files by default

·  Support Add/Remove Programs properly

·  Ensure correct uninstall support

·  Not attempt to replace files that are protected by Windows File Protection

·  Support standard system size, color, font, & input settings

·  Ensure compatibility with the High Contrast option

·  Provide documented keyboard access to all features

·  Expose the location of the keyboard focus

·  Not place shortcuts to documents, help or uninstall in the Start Menu

2.1.3.2  Microsoft Windows 2000 Professional Unique Certification requirements:

In addition to the Common Requirements, the System shall:

·  Support AutoPlay of compact disks

·  Observe rules in componentization

·  Identify shared components

·  Component Producers: Build side-by-side components

·  Application developers: Consume and install side-by-side components

·  Install any non side-by-side shared files to the correct locations

·  Classify and store application data correctly

·  Degrade gracefully on access denied:

o  Run in a secure Windows environment

o  Adhere to system-level Group Policy settings

o  Applications that create ADM files shall properly store their ADM file settings in the registry

o  Not rely exclusively on sound

o  Support multiple monitors

2.1.3.3  Microsoft Windows 2000 Server Unique Certification requirements:

In addition to the Common Requirements, the System shall:

·  Not overwrite non-proprietary files with older versions

·  Install shared files to the correct locations

·  Recount all shared application files during installation

·  Decrement the count on shared application files during uninstall

·  Document services that require more than User level privileges to run

·  Win32 clients running in the context of a trusted domain account must support Single Sign-On.

2.1.4  Security Key

The System shall only require a single security key dongle to be present on the database server for the System to operate. Security keys shall not be required at the client workstations. The System shall allow a user to read the information that is programmed on the server security key dongle. The System shall support export of the information using the ‘Export Dongle information’ button, which shall allow the user to forward to the integrator when upgrading new dongle features.

2.1.5  Access Control Software Suite

The System shall offer a premier security management software suite available in three scalable versions: Professional, Corporate, and Enterprise Editions. The System platform shall offer a complete access control solution; alarm monitoring, video imaging, badging and CCTV control. All three editions of software shall provide a convenient growth path from small to midsize applications to global enterprise solutions.

2.1.5.1  Professional Edition

Professional Edition shall provide an economical solution for small to midsize applications. Professional Edition shall operate efficiently without the requirement of a server-based operating system. The System shall utilize Microsoft Data Engine (MSDE 2000 or later) for smaller applications from 1 to 5 users and up to 64 doors.

The System shall provide a complete set of MSDE database tools designed to easily backup, restore, and maintain the System database. The System shall allow for expansion to Corporate and/or Enterprise Edition without changing the user interface or database structure. The common platform shall include the following features and benefits:

·  Certified for Microsoft® Windows™ 2000 Professional and Server

·  Leverages existing network infrastructure by using standard network protocols to communicate to all system hardware

·  CHIP hardware protocol support (communicates to existing NexWatch Star II series controllers)

·  PW series hardware protocol support (communicates to existing NexWatch PW-2000, PW-3000, and PW-5000 series controllers)

·  SEEP hardware protocol support (communicates to existing NexWatch Star I, 4100, and 800 series controllers)

·  Comprehensive database-partitioning scheme shall allow extensive flexibility in managing operator permissions

·  Real-time status monitor shall provide “at a glance” status of the entire system and the ability to quickly evaluate the details of any point in the system.

·  Report Manager shall provide savable report templates, exporting options, and a scheduler for added user convenience.

·  Integrated Digital Video Solutions from Honeywell Video Systems including Rapid Eye Series, Fusion Series Recorders, as well as IP based solutions from the Digital Video Manager (DVM) Series.

·  Database Import/Export utility shall allow information to be transferred dynamically to and from third party databases, enabling a convenient interface to HR or Active Directory controlled systems.

·  Integrated Precise Biometric Smart Card enrollment allows for fingerprint capture and programming shall be done within the System application.

·  Direct import of AutoCAD drawings with layer views.

·  Integrated Badging and CCTV functions in a single user interface shall eliminate the need for multiple software systems and reduces data entry time.

·  The System shall provide support for hardware protocols from a variety of manufacturers.

·  The System shall support up to 5 users and 64 doors.

·  The System shall use Microsoft SQL based MSDE 2000, or later, Data Engine

·  The System shall operate on Windows® 2000 or XP Professional as well as Windows® 2000 or 2003 Server.

2.1.5.2  Corporate Edition

Corporate Edition shall be provided for more demanding security management applications. The System shall operate in the Windows® 2000 server environment and utilize SQL 2000 as the database engine.

In addition to the features listed for the Professional Edition, Pro-Watch™ Corporate Edition shall also includes the following features and benefits:

·  Flexible software licensing packages and hardware components shall allow the system to be tailored to individual application needs.

·  E-Mail capability to assign an email address that the system shall notify should the alarm originate from the designated point. This process shall be a function of SQL 2000 Server, which shall negotiate E-mail transfer to the Microsoft Exchange Server.

·  The System shall support 2 users and 96 readers as a standard, and will be upgradeable to unlimited users and readers.

·  The System shall utilize Microsoft® SQL Server 2000 Standard Edition Data Engine.

·  The System shall utilize Windows® 2000 or 2003 Server as Primary Operating System.

2.1.5.3  Enterprise Edition

Enterprise Edition shall incorporate regional server architecture to meet the needs of global business. Regional sites shall operate autonomously with all information required to maintain security locally.

The enterprise server shall maintain any critical system information via synchronization with each regional site. This system of synchronization shall ensure the integrity of data throughout the enterprise.

The Regional Server Architecture shall provide an unparalleled degree of reliability and flexibility through the use of multiple regional Windows PCs sharing a common master Cardholder and Photo ID Badging database.