printer friendly version

To integrate or not to integrate: no longer the question?

One of the popular issues you will find in almost every security publication is that of integration. Not only will you find it high on the list of buzzwords in the media, but even at security events and exhibitions around the world, integration is where it’s at.

The drive to integration has even reached the access control and identity management market where companies are promoting the integration of traditional access control with other applications with the aim of simplifying management and improving automation. Of course, the idea of simplifying is a sticky one, integration itself is not simple, but if done correctly, the results could simplify business and security processes – take time and attendance (T&A) as an example.

The reality however, is that not everyone wants their access integrated with everything else. Some of the articles in this handbook show that there are those that are quite happy leaving access as it is and opting for best-of-breed solutions for each function they want to secure. Others see integration as the future and can’t imagine why anyone would not want their systems integrated.

Gordon Moore, product manager at ADI Global

Hi-Tech Security Solutions spoke to two industry experts who are in the know about integration from their work in the security market. Gordon Moore is product manager at ADI Global, and Kelly McLintock is the Group MD of UTM, a systems integrator.

Kelly Mclintock, Group MD of UTM

We started by asking them what is the state of integration in the access and identity market? Are they finding that clients want more than simple access and are asking for integration into other security or business processes and technology?

Moore says there “is most definitely an increase in requests for integrated solutions in the industry right now. The mere fact that the latest ONVIF standards (2.1 'S' profile) now includes access control shows the increase in requirements.”

Moore sees three main drivers for the integration of access control:

1) The convergence of the physical and logical access control. With the introduction of the HID crescendo smart cards with multi-technology, it has opened up the door for the convergence of physical and logical access control allowing one card to securely be used for both. Examples include being able to give network rights now based on where the user is – if they are connecting remotely they may have less rights on the network than when they are actually in the building.

2) Building management solutions. There are huge cost savings in being able to control lighting and air-conditioning of a building based on the occupancy within areas. Security is also increased by being able to arm and disarm zones within a building based on people’s access rights. Health and safety processes also benefit by, for example, knowing who is in the building during an emergency. Finally, asset management and tracking is also boosted when integrated with access control.

3) With the introduction of NFC, there is going to be an increased requirement of access control integration into other systems.

McLintock agrees, noting that “protecting employees and assets remains of utmost importance for organisations of all sizes in South Africa as the threat landscape continues to evolve and attack patterns grow in sophistication. Access control is the first level of threat mitigation and UTM believes users are realising that there are three components to a complete security solution – access control, video and audio. This shows that the access market is in a state of maturity where integration is becoming the norm.”

To illustrate his point, McLintock give the following examples of how integration delivers speed of process, improved security and automation:

* Full fire system integration. Unlocking specific doors by controllers in case of a fire alarm being activated.

* Visitor management. Automated visitor announcement and access depending on the application.

* IP surveillance. The ability to integrate surveillance with access control is no longer considered a luxury in the market, but a necessary step to providing a comprehensive picture of security operations. As an individual is read in the video stream, he is bound to the transaction for later interrogation, which allows for visual verification.

* Additionally, the ability to integrate number plate recognition for opening gates and/or recognising the vehicle via the access control system is another advantage.

* RFID. Integration of RFID into the access control system to activate specific functions like opening a boom.

* Power automation. Using access control to activate specific processes like turning on or off lights and or HVAC.

Standards and openness

While integration may be beneficial and even desirable, the technicalities of integration can cause more problems than they are worth. If systems are not designed to interoperate with other systems, the process of integration can be arduous and problems are almost certain to arise later on when one system is upgraded or has its software updated and is then suddenly no longer ‘talking’ to the other systems.

Moore says this is one of the biggest challenges. Who is the front end? “If we look at products like Milestone and Prowatch, they both offer integrated solutions, but come from two very different backgrounds.

“Milestone is traditionally a VMS solution and Prowatch an access control solution: which would work out best as the front end? We are starting to see access control manufactures providing SDKs for other products to be able to do enrolments and a few other management processes from their GUI. However, in many cases the level of integration is still limited to the database level where enrolments and management are done on the access control system and the integration is purely for event management. The introduction of the access standards from ONVIF will definitely open this up for future integration.”

“Open integration should be a key fundamental in making a decision to buy an access control system,” adds McLintock. “However, UTM believes this is based on the manufacturer’s platform and to what level of integration the customer wants to go.

“The larger manufacturers have allowed specific SDKs (software development kits) to offer full integration to their platforms. However, certain manufacturers preach the ability to integrate (which they can do), however, only with the same brand so the customer is then tied to that specific product and the cost for upgrades and or replacement is debilitating.”

He also believes that standards such as the new access standards from ONVIF will have a positive effect on the market, however, he warns that, like ONVIF in the surveillance market, UTM does not believe it will be to the level of full openness as this would eliminate the uniqueness of specific manufacturers’ platforms to offer a true building management system.

The issue with standards and openness is that all the manufacturers will need to cooperate if the idea is to get anywhere, which is one of the more difficult aspects of the integration concept. Nobody likes to give customers the option to use another company’s products.

And while many companies do offer SDKs to allow for integration, some don’t in an effort to keep their customers loyal. McLintock says that in cases where there is no SDK, nor an I/O analogue interface (in the case of older systems), “it poses a problem. However, with some out-of-the box thinking we can generally get around the issues.”

Integrating and interfacing

Integrators and installers, as well as the end users need to ensure they have the appropriate skills on board when looking at integrating systems. Moore says the skills required depend on to what level they are integrating: are you integrating or interfacing. He says integrating is done at a software level and interfacing is done by mapping I/Os on the various products or sharing database information.

“Additionally, more manufacturers are now providing SOAP modules (Simple Object Access Protocol), which allows the system integrator to easily map the data from one database to another without having a software programmer.”

As to what constitutes integration and what is interfacing, Moore explains:

* Also known as a bridge, an interface is where two or more separate software products communicate under limited capacity. Data is maintained in multiple locations; thus, requiring more administration.

* A fully integrated system means that the products are one. This happens when two or more products work closely together to combine different functionalities into one product. The data is maintained in one location.

“Looking at these two definitions, interfacing is easily done by the system integrators with tools provided by the manufacturers. The challenge comes in when one is integrating, I find the trend here is to make sure one of the manufactures is willing to write the software required. There are some larger companies out there that can afford to have a software person available to do the integrating.”

As the integration message reaches more people, Moore says another challenge is in the large corporates, “getting people in different departments to actually talk to each other and see where there are overlaps that could be explored to enable them to purchase a fully integrated solution”.

On the other hand, McLintock says the majority of customers in the South African market are not aware of the capabilities of their current systems or what is available from an integration perspective. Most have the perception that integration is way beyond their price point. This once again highlights the old issue of whether security shows an ROI (return on investment).

He adds that there are two sides to integration capabilities:

1) Security: The total security integration solution is in within reach of the majority of South African SMEs as the costs for a fully integrated solution have come down dramatically, specifically in the basic level of integration of visitor management, fire systems and surveillance.

2) Process automation: This is the more complicated as it involves putting down a platform which can do both disciplines and having a integrator that understands both sides. This requires highly skilled engineers.

The integration question is not one that can be answered overnight. There are significant benefits to integration, as well as significant challenges. Some may say that opting for a single brand for all the systems you want integrated is the ideal solution, but that could lock the customer into a product range that may not continue delivering the goods. The ideal solution for customers is to determine what they want now, what they will want in a few years and then find the products, integrators and vendors with similar ideas and capabilities.

A product question

To round off the discussion, Hi-Tech Security Solutions asked Moore and McLintock what products they recommend in the access control field.

Moore says ADI provides a few options, but its enterprise solution would be Honeywell Prowatch. “The reason we recommend it is clear. It covers the entire ecosystem, including access control, visitor management, intrusion management, compliance report management and video management. With all the logical integration it provides a comprehensive solution and it has the HSDK module allowing for anything that is not currently included.”

McLintock recommends Impro. “Besides being a local manufacturer with state-of-the-art access control and product identification systems with good support, the level of development and third-party integration which the IXP 400i platform allows for makes it a market leader in functionality and price.” He notes, however, that a number of manufacturers are strong competitors for the top position.

Contacts

Gordon Moore, www.adiglobal.co.za, +27 (0)11 574 2500.

Kelly McLintock, www.utmgroup.co.za, 0860 626 222.

Share this article:

Further reading: