Networked Access Control Systems | Serious Security Sydney & Melbourne

Access-control system guide

Networked access control connects door controllers to a management platform so authorised administrators can manage users, schedules and events across several openings. The network improves coordination; it also creates infrastructure and cybersecurity responsibilities that a standalone device does not have.

Discuss the right credential and system design

Serious Security access control planning illustration relevant to Networked Access Control Systems
Serious security access control planning illustration.

Keep door decisions resilient

A sound design defines what each controller can do without the management server or network. Normal authorised entry often continues from locally held rules, while new enrolments, central monitoring or remote commands may be unavailable.

Specify event buffering, time synchronisation and recovery after reconnection. A network outage should not create an undocumented choice between locking everyone out and leaving doors unsecured.

Design the network boundary

Identify controller connections, management servers, gateways, workstations, remote access and third-party interfaces. Coordinate addressing, segmentation, firewall rules, DNS, time services and monitoring with the organisation’s IT team.

Do not expose controller or management interfaces directly to the public internet. Use supported secure access methods and change default credentials before handover.

Build maintainable access groups

Central management is valuable when permissions are structured. Use role and location groups, controlled schedules and expiring temporary access rather than accumulating person-by-person exceptions.

Define who approves access, who enters the change and who reviews privileged roles. Technical centralisation does not replace governance.

Size for realistic growth

Count doors, readers, inputs, outputs, users, credentials, event volume, sites and integrations. Allow for spare controller capacity where justified, but verify all capacities against current product versions and licences.

Growth includes administration and network support, not merely spare terminals in an enclosure.

Back up and control change

Retain supported backups of databases and configurations, document restoration, and record firmware and software versions. Test recovery in a way appropriate to the system’s risk.

Use change control for access groups, integrations, server moves and updates. A working configuration can be damaged by an undocumented “small” change.

Understand what becomes networked

Layers in a networked access-control system
Layer Role Design question
Reader and door equipment Captures a credential, monitors door state and operates the locking arrangement through the designed control path. Does the door continue to make authorised decisions and permit safe egress if upstream communications fail?
Door or field controller Stores relevant rules, makes decisions and records events for one or more openings. Is it installed in a protected location, supervised and backed by an appropriate power supply?
Site network Connects controllers, management services and authorised workstations. Who supplies addressing, switching, segmentation, firewall rules, time services and monitoring?
Management application Administers people, access groups, schedules, events and integrations. Who owns privileged accounts, backups, patches, licences and recovery?
Remote or multi-site service Provides authorised management or coordination beyond one local network. What data leaves the site, how is access authenticated, and what happens during WAN or service loss?

Specify outage behaviour before commissioning

A useful design states separately what happens when a reader loses its controller, a controller loses the server, the site loses its WAN connection and the management application becomes unavailable. “The system works offline” is incomplete unless it identifies which cached users, schedules, anti-passback rules, events and administrative functions remain available.

Acceptance testing should disconnect each relevant path in a controlled manner, confirm local door operation, verify event buffering and recovery, and document any manual procedure. Emergency egress remains a door and life-safety requirement rather than a network feature.

Questions about networked access control

How many doors justify a networked system?

There is no fixed threshold. Frequent user changes, central reporting, schedules or multi-site administration can justify networking even with relatively few doors.

Do controllers need their own network segment?

Segmentation may reduce exposure and simplify control, but the design should follow the organisation’s architecture and manufacturer requirements.

Can entry continue if the server fails?

Often local controllers retain authorised rules, but this must be confirmed for the proposed design and tested during commissioning.

Who should manage the server?

Agree responsibilities among the business, IT team, security administrator and service provider for backups, updates, accounts and recovery.

Can an existing network be used?

Possibly, after capacity, cabling, security, addressing, power and support responsibilities are agreed with IT.

Assess the site before selecting a platform

Send door photographs or plans, user numbers, credential preferences, integrations and operating requirements. Serious Security can assess commercial projects in Sydney and Melbourne.

Request an access-control site assessment