Click here to load reader
Embed Size (px)
Transcript of ASSA ABLOY
ASSA ABLOYCertified Integrator IP Enabled Lock TrainingWELCOMESyou to
The Purpose of this class Teaching you to set up and program the lock.
The Purpose of this class We will NOT be teaching: Computer Networking Network Installation Network Encryption Network SecurityOnly Whats Needed To Make The Lock Work!
If More Information Is Needed We Can Provide The Documents That Will Answer Your Questions!
Agenda: Conducting a site survey Setting up the lock Using the software
Sequence of Events
First, A Site Survey is conducted to ensure proper wireless coverage
Second, The Network Administrator provides information about the network
Third, He enters this information into the NCT Program, providing a file for the CI
Fourth, The CI enters info about the lock using the LCT Program
Fifth, He Uploads all this info into the lock
Sixth, The Lock Communicates To the Host Computer
Seventh, Users, Time Zones and other info is programmed using EAC Software
The First Step We need to verify the wireless network coverage at the door.We do this by conducting a site survey.A successful installation begins with verifying the network coverage at the opening.
Site SurveyNecessary for successful deployment of wireless LocksetsCreates a Wireless coverage picture of the facilityHot SpotsDead ZonesDetermines if more APs are needed
A laptop will not work for this. It has a large WiFi Antenna.The Lock has a small antenna in a metal case.
Site Survey Tool (SST)The Cisco AIR-CB21AG-A-K9 can be purchased. The card covers 802.11A/B/G standardsIt comes with a Cisco Site Survey Tool utilityAllows for use with any laptop with a PCMCIA CardBus slot.Provides Real Time Data
Cisco Aironet Utility Associate with networkInsert the Cisco card into your LaptopOpen the Cisco Aironet Utility and find and associate with the wireless networkClick on the Scan buttonHow to conduct a site survey
Cisco Aironet Utility Associate with networkFind the SSID that the IT department has given youClick Activate
Cisco Aironet Utility Associate with networkType in a familiar name for you to remember the settings on the Profile Name field
Cisco Aironet Utility Associate with networkClick the Security tab.You can see the type of security being used on this wireless network.You have now ASSOCIATED with the AP and wireless network.You can now run the Cisco Site Survey Utility Program.
Cisco SST UtilityClick the first tab, Associated Access Point (AP) statusThe utility provides a graphical and numerical representation ofSignal strengthNoise Signal/Noise ratio in dBLink Speed in MbpsThe utility also gives information about what AP it is currently associated with.
Cisco SST UtilityA second tab, AP scan list, shows all available APsThis is helpful in determining conditions like over lapping channels and adjacent (Cisco suggests five channel separation between APs)It also gives a general overview of available APs and SSIDs in the area
How to conduct a Site SurveyWhat you needClose all doors that the signal must pass through from the AP to the lock to emulate worst case scenarioLaptop with/ Cisco SST software installedCisco Aeronet CardSite Survey Forms 1 per doorIT InformationNeed SSIDNeed encryption info
Site Survey Form - IT
Ports Available/Open (2571 & 8023)DCHP or Static IPs:MAC Address Reservations?Potential Lock IP (If static):Static IP Address Possible for Host PC?Host PC IP Address:Wireless Encryption type:Subnet (if not DHCP):Gateway IP (if not DHCP):
Survey tool used:Signal Strength on battery side of lockSignal/Noise Ratio on battery side of lockEstimated distance to AP:
How to Site SurveyWalk to Lock locationGet Signal, noise and signal to noise ratio on the outside and inside of the door (with the door closed)Record values on Site Survey SheetView the AP list for overlapping APs in the areaNote any overlap in channelsRepeat for every doorEvaluate results for each door
ExampleThis is a comparison between two doors Signal Strength is not the only factor in a site SurveyThe picture on the left is a lock that has stable communicationThe picture on the right is a lock that has intermittent communicationNote the top lines or signal strength is almost the same picture to picture. But the non working lock on the right has a red for transmit speed and shows a lower Signal/Noise ratio. This indicates a bad connection.
How to Complete a Site SurveyAny questions about conducting a site survey?
Need more information?Please visit:For an online versionwww.AssaAbloyAmericasUniversity.com
Sequence of Events
Setting up the lock WHO? WHAT? WHERE? WHEN? HOW?Five questions we need to answer
Setting up the lock We have to tell the lock WHO it isDetermine WHAT system it will talk toTell the lock WHERE that system isWHEN the lock will communicateHOW it will communicate
A Sixth questionWHY are we taking these steps????The Lock Doesn't Know Anything!
To answer these questions, we will be using two tools:Lock Configuration Tool - LCTNetwork Configuration Tool - NCT
Network & Lock Configuration ToolsThe lock and network configuration tools were created to ease the install process by creating a tool that uses simple GUIs Network Configuration ToolSimple for IT professionals to enter IT information in a secure fashion to the installers Lock Configuration Tool Uses the data you entered into the NCT program and inputs that into the lock
Easy to use GUI that allows for lock installers to set up locks with little IT knowledge
Wireless Lock ConfigurationConfigurable Items:IP AddressDHCP or StaticHost IP (Computer that runs the Access Control Software) Always a Static Value!SubnetEncryptionSerial Number (Electronic serial number in the lock)Set by Factory
How to use NCTOpen the NCT file on your computer
Configuration Tool NCT OverviewUsed to create site fileEach lock is defined and namedFile contains all IT infoIP AddressSubnetEncryptionSSIDPortHost IP
NCT Enter Site NameSite nameThe site name is the designation for this set of locks and is typically represented by the company name, company plus division, etc.
NCT Enter Inactivity TimeoutInactivity TimeoutThe Inactivity Timeout determines how long the LCT will wait for user input before automatically terminating. This is a security measure. The default value is 300 seconds or 5 minutes.
NCT Enter Installer PasswordInstaller Password The Installer Password allows the installer to use the data but not to view the network communication parameters.
NCT Enter IT PasswordIT Password The IT Password allows the IT administrator to view and edit all network communication parameters for all defined locks.
NCT 2. Lock Info (if DHCP)Lock Info By default the Locks section will be in View Mode. To create a new lock entry, click on the New button.The Lock area will change color and Add Mode will be displayed Information can now be entered.
NCT Enter Lock Name (if DHCP)Name Helps the installer identify the lockWest Stairwell DoorRear Exterior Door, etcUse meaningful names
NCT Enter Lock Serial Number (if DHCP)Serial Number Serial number - 16 character identifier taken from the label on the lock controller or from the lock information sticker included in each box
NCT Check Box DHCP (if DHCP)DHCP DHCP If this box is checked, the IT department has determined that the locks will be assigned IP addresses dynamically by their systemIn this case, the IP Address, Subnet Mask and Gateway fields remain blank
NCT Enter IP Info (if Static)Static IPsIf this DHCP box is un-checked, the locks need to be assigned the IP Address, Subnet Mask and Gateway as determined by the IT department
NCT Enter SSID (DHPC or Static)SSIDFor determining which wireless network should the locks communicate through to the networkInformation must be supplied by the IT departmentCase sensitive
NCT Enter EAC IP Address (DHPC or Static)EAC IP AddressEAC IP Address (Host Address)Must be a static IP address of the Access Control Software Server
NCT Enter EAC Port Info (DHPC or Static)Ports2571 by defaultThis allows the locks to communicate directly to the computer that controls the locks (Host PC)The IT department may need to open ports for these locks to talk directly to the Host PC and no where else on the network
NCT Enter Encryption Info (DHPC or Static)Encryption Encryption Type (optional)WPA, WEP or LEAPIf WPA-PSK, (WPA-TKIP) insert Key given by ITIf WEP, insert Key given by IT (must be HEX)If LEAP, enter the Key, LEAP User Name and LEAP Password
NCT Enter the AES Key Info (DHPC or Static)LOCK AES Key - Encrypts the data from the lock to the host PC and vice-versaThe 128 bit AES Key (for packetized data) If used:Enter the Key by hand, orThe system will generate the Key when you push the Generate button
NCT DPAC Info and DPAC RateDPAC (Lock Radio Module)The fields DPAC User Name and DPAC Password are not used at this time
NCT Save your input (DHPC or Static)Save You must SAVE TWICE First, use the SAVE button at the bottom of the screen to save this particular locks infoSecond, Click File at the top of the screen and use Save As to save the actual Network Configuration File. (*.slct)
NCT Saving a Configuration FileSave & CloseAlways