TruPortal™ SOFTWARE USER GUIDE P/N 461043001B • REV 01.
Interlogix® TruPortal™ Software User Guide, product version 1.6. This guide is item number 461043001B, dated October 31, 2014. Copyright © 2014 United Technologies Corporation. Interlogix is part of UTC Building & Industrial Systems, a unit of United Technologies Corporation. All rights reserved. Trademarks and patents Interlogix, TruPortal, TruVision, and logos are trademarks of United Technologies.
There is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures: • • • • Reorient or relocate the receiving antenna. Increase the separation between the equipment and receiver.
OpenSSL, AstraFlex Components and LIGHTTPD are licensed under a Modified BSD License Copyright © 1998—2011 The OpenSSL Project. All rights reserved. Copyright © 2008, Yahoo! Inc. All rights reserved. Copyright © 2004, Jan Kneschke, incremental. All rights reserved. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
gSOAP is licensed under the gSOAP Public License (modified MPL license) Copyright © 2001-2009 Robert A. van Engelen, Genivia Inc. All Rights Reserved. THE SOFTWARE IN THIS PRODUCT WAS IN PART PROVIDED BY GENIVIA INC AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
Table of Contents CHAPTER 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Conventions Used in this Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2 CHAPTER 2 Installing Hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 System Architecture Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents Configuring Card Formats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 Add a Card Format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 Remove a Card Format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 Configuring Devices . . . . . . . . . . . . . . . . . .
Table of Contents Understanding Triggers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Understanding Actions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Add an Action Trigger Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Copy an Action Trigger Record . . . . . . . . . . . . . .
Table of Contents Door Command Menus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Event View Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Schedule View Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Door Fallback Mode . . . . . . . . . . . . . .
Table of Contents CHAPTER 9 Reference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105 System Capacities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .105 Configuring IP-Based Single Door Controllers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .106 Preparing Client Workstations to Use the Integrated Configuration Tool (ICT) . . . . . . . . . . . . . . . . .
Table of Contents vi TruPortal Software User Guide
CHAPTER 1 Introduction TruPortal™ is a web-based access control solution that is designed to be simple to use, yet sophisticated. It is compatible with a variety of access control hardware components, including: • Input devices that detect conditions or events, such as door bells or alarms. • Output devices such as lights and locks that respond to input devices and/or action triggers. • TruVision™ Digital Video Recorders (DVRs) and Network Video Recorders (NVRs).
Introduction • The Import/Export Wizard can be used to import persons and credentials data from an existing database in Comma Separated Values (CSV) format, as well as export data. It can also be used to delete persons and credential data in batch mode and export events. See the Import/Export Wizard User Guide included on the Utilities disc for details.
CHAPTER 2 Installing Hardware The first step in setting up the System is to install the hardware components that will be used by the System (inputs, outputs, doors, readers, cameras, etc.) according to manufacturer instructions. Be sure to record data about door configurations that can be used later in naming the devices, reader groups, and areas when the devices are configured in the User Interface. Note: Existing TruPortal 1.0 or goEntry 3.
Installing Hardware System Architecture Overview The System Controller functions as the brain of the System that receive information and sends out information. It contains the database that stores all data for devices, schedules, persons, etc., as well as the User Interface software that can be accessed from a computer via a web browser.
Documenting the Physical Location of Each Device Documenting the Physical Location of Each Device As each device for each door (locks, sensors, readers) is installed, provide a description for each device, and list the serial numbers of devices associated with each door in an installation chart like the one provided below. This data can be used later when devices are configured in the User Interface.
Installing Hardware Door Description Reader Serial Numbers Door Controller Serial Numbers I/O Expansion Serial Number Linked Camera In: Out: In: Out: In: Out: In: Out: In: Out: In: Out: In: Out: Connecting to a Local Client Workstation or LAN The System Controller can be connected directly to a local client workstation or to a Local Area Network (LAN). There are two RJ-45 100BaseT Ethernet jacks on the System Controller. Port 1 is configurable; Port 2 has a fixed IP (Internet Protocol) address, 169.
CHAPTER 3 Preparing for Configuration After hardware devices are installed, the following steps should be performed before launching the User Interface to perform a full configuration of the System: 1. Consult with the site network administrator to decide how network settings should be configured. See Determining Network Settings on page 8. 2. If you are an existing TruPortal 1.0 or goEntry 3.
Preparing for Configuration Determining Network Settings Before using the Installation Wizard to perform an initial configuration of the System Controller, consult with the site network administrator to determine the answers to the following questions: • Should the IP address of the System Controller be static or dynamic? Operators will access the User Interface by typing the System Controller’s IP address into a web browser address field.
Using the Installation Wizard Using the Installation Wizard This section describes how to use the Installation Wizard to: • Detect the System Controller on the local area network. • Change the default password for the main Administrator account to enhance security. • Synchronize the date and time on the System Controller with the local client workstation. • Configure the network settings of the System Controller.
Preparing for Configuration Note: After the initial configuration is complete, the System can be synchronized with a Network Time Protocol (NTP) server. See Setting the Date and Time on page 15 11. Click [Next] to continue to the Network Configuration page. 12. Select Static or Dynamic as the connection type for the System Controller. To configure a static IP address: a. Type the IP Address for the System Controller that users will type into an Internet web browser to connect to the System. b.
Using the Upgrade Wizard Using the Upgrade Wizard Existing TruPortal 1.0 or goEntry 3.0 customers can use the Upgrade Wizard to upgrade the System Controller remotely from a local client workstation from one version of the product to another version (for example, from version 1.0 to version 1.5). This process involves downloading files from the product website, and then using the Upgrade Wizard to back up data, update the firmware and core code on the System Controller, and then restore data.
Preparing for Configuration 6. Log in as a user with Execute permissions for the Firmware Updates feature, and then click [Next]. The Source File page displays details about the firmware on the System Controller. 7. Click [...] to browse to the folder where the NGP.bin file was downloaded. 8. In the Open dialog box that appears, click the NGP.bin file to select it, and then click [Open]. The Source File page displays details about the NGP.bin file. 9. Click [Next]. 10.
CHAPTER 4 Configuring the System TruPortal is designed so that, once configured, persons and credentials can be added and removed quickly, and access to a facility can be managed. During configuration, the following information will be defined: • The areas, doors, credential readers, video surveillance, and auxiliary security systems at a site. • Access levels needed by the various groups of persons who work at a site. • Access schedules for regular days and holidays.
Configuring the System IMPORTANT: 14 If any IPSDCs are installed, configure them to recognize the IP address of the System Controller before configuring them in the User Interface. See Configuring IP-Based Single Door Controllers on page 106. 1. Logging into the System. 2. Setting the Date and Time. 3. Create a Certificate Signing Request. 4. Import a Security Certificate. 5. Configure Network Settings. 6. Configure Site Security. 7. Set the System Language. 8. Add a Card Format. 9.
Logging into the System Logging into the System 1. Launch an Internet browser. 2. Type the IP address for the System in the browser address bar. Note: If the default service port for the System was changed, append the port number to the IP address (e.g., https://IP address:port). 3. If using Internet Explorer® and a warning about the security certificate appears, select Continue to this website (not recommended). 4. Type a Username. 5. Type a Password. 6.
Configuring the System 6. c. Type the IP address of the NTP server. d. Click [Accept Changes]. e. Click [Sync now]. Click [Accept Changes]. Configuring Network Security The Network Configuration tab of the System Administration > System Settings page displays various network settings and can be used to assign a security certificate and configure network properties, including secure browsing.
Configuring Network Security 2. Click the Network Configuration tab. 3. Click [Import Certificate]. The Upload Certificate dialog box appears. 4. Click [Select File]. 5. Browse to and select the certificate file. 6. Click [Open]. 7. Click [Upload]. The System Controller will reboot automatically.
Configuring the System 11. Click [Save] to accept the network configuration changes. A message will appear to indicate that the System Controller must be rebooted to apply the changes to the network configuration. 12. Click [Save Changes]. The System will reboot. Any users that are currently logged in will lose their connection and must log in again. If the IP address of the System Controller changed, update any IPSDCs in the System to recognize the new IP address.
Configuring Security Set SSH Password for Service Account An SSH connection can be enabled on the Security tab of the System Administration > System Settings page to authenticate remote users (including technical support representatives) that log into the System. Use the [Set SSH Password for Service Account] button to set the password. IPSDCU Fallback Mode Credential information is stored on the System Controller.
Configuring the System • All Access: Access is granted if the card matches any format defined on the System Administration > Card Formats page. • Use Local Cache Table: Access is granted if the card matches one of the last 50 credentials used to successfully gain access. 10. (Recommended) Leave the Encrypt IPSDCU Terminations check box to encrypt communications between the System Controller and IPSDCs and enhance data security 11. Click [Accept Changes].
Configuring Card Formats • A raw card format does not include a facility code, but instead treats all data bits on the card as part of the access credential. Raw format credential cards are easier to configure than cards with facility codes included for this reason. • Many standard card formats include a facility code as part of the credential ID. This allows for greater sophistication in configuring site security, but also adds complexity to configuration.
Configuring the System Configuring Devices This section describes how to configure the following devices: • System Controller • Inputs and outputs • Door controllers • Doors • Readers • Input/output expansion modules To learn about configuring DVRs/NVRs and cameras, see Configuring Video Devices on page 33. Before You Begin Before configuring devices on the System Administration > Devices page, complete the following steps: 1.
Configuring Devices IMPORTANT: Door controllers will go offline during the scan, which usually takes several minutes. 1. Select System Administration > Devices. 2. Select the System Controller. 3. Click [Scan for Hardware Changes]. 4. Click [Accept Changes].
Configuring the System 1. Select System Administration > Devices. 2. Select the System Controller. 3. Click the General tab. 4. Select a Linked Camera if one is configured to monitor the System Controller’s physical location. 5. Click the Inputs tab. 6. For each general purpose auxiliary input that is connected: a. Select Enabled. b. Type a meaningful name. c. Select the Type. d. (Optional) Select Unlock All Doors if the input is from an alarm or emergency system. e.
Configuring Devices Configure a Door Controller Note: If any IPSDCs are installed, configure them to recognize the IP address of the System Controller before configuring them in the User Interface. See Configuring IP-Based Single Door Controllers on page 106. Dual door controllers can be connected to as many as four readers on two doors. IPSDCs can be connected to two readers on a single door. Each door may have two readers, one for access and one for exit, commonly used with Anti-passback. 1.
Configuring the System Configure Doors Each door needs to be configured for: • The length of time it should be unlocked when a valid credential is presented. • The length of time it can be held open before triggering an alarm. • The type of door strike used (either standard locks or magnetic locks). • Whether a reader is required for access only, or for both access and exit. • The types of events and alarms monitored by the door circuitry. • Auxiliary inputs and relays.
Configuring Devices Note: The Aux and Tamper inputs listed above do not apply to doors connected to IPSDCs. 17. Click [Accept Changes]. 18. Repeat for each door. Configure a Door for Disabled Access Events are recorded whenever doors are held open too long and when access is granted but the door is not opened. With an optional alarm light or klaxon, the System can trigger a physical alarm if the door is forced or held open too long.
Configuring the System c. 16. Select an Aux Relay On Time. Configure the sensor Input Types for: • Door Contact sensor • Request to Exit button or sensor • Aux input from the Extended Request to Exit or magnetic lock contact sensor • Tamper circuitry Note: The Aux and Tamper inputs listed above do not apply to doors connected to IPSDCs. 17. Click [Accept Changes]. 18. Repeat for each door.
Configuring Devices 16. (Optional) If an alarm light or klaxon is wired to the door, select “Door Held/Forced” from the Aux Relay list. 17. Configure the sensor Input Types for: • Door Contact sensor • Request to Exit button or sensor • Aux input from the Extended Request to Exit or magnetic lock contact sensor • Tamper circuitry Note: The Aux and Tamper inputs listed above do not apply to doors connected to IPSDCs. 18. Click [Accept Changes]. 19. Repeat for each door.
Configuring the System Do Not Activate Strike on RTE A Request to Exit contact is typically a button located near the associated door. Select this option to prevent the door strike from energizing when the RTE contact closes. When a cardholder pushes the button, an RTE is sent to the System Controller. (RTEs are also known as REXs.) If this check box is selected, the door strike will NOT energize when the RTE contact closes.
Configuring Devices Note: The Tamper option controls the tamper input point only, not the Door Contact, Request to Exit, or Aux Input points. Also, this option will not appear on the System Administration > Devices page if a door is connected to an IPSDC, which does not support reader tamper input. Aux Input Note: This field will not appear on the System Administration > Devices page if a door is connected to an IPSDC, which does not support auxiliary input/output types.
Configuring the System Input Types NO (Normally Open) The sensor switch is normally open. NC (Normally Closed) The sensor switch is normally closed. Unsupervised The circuit is not wired with a continuity circuit to detect tampering. Supervised The circuit is wired with a continuity circuit to detect tampering. Note: For IPSDCs, refer to the IP-based Single Door Controller Quick Reference for information about how to configure the switch settings based on input type selection. Configure Readers 1.
Configuring Video Devices Configure I/O Expansion Modules 1. Select System Administration > Devices. 2. Select the IO Expander. 3. Click the General tab. 4. Select a Linked Camera if one is configured to monitor the System Controller’s physical location. 5. Select Tamper Alarm Enabled if the enclosure is wired for tamper detection. 6. Click the Inputs tab. 7. For each general purpose auxiliary input that is connected: 8. 9. a. Select Enabled. b. Type a meaningful name. c.
Configuring the System Add a DVR/NVR Before adding a DVR/NVR, see the Release Notes to determine the minimum firmware revision required. Consult the DVR/NVR documentation for firmware update instructions. 1. Select System Administration > Devices > Video Devices. 2. Click [Add] and choose the appropriate DVR/NVR model. If the model of the TruVision recorder is not listed, try to add it by selecting TVR Generic or TVN Generic. 3. Type a descriptive name for the device in the Device Name field. 4.
Configuring Video Devices Add Video Layouts Video layouts determine how many camera inputs can be monitored from a computer screen at one time. 1. Select Monitoring > Video Layouts. 2. Click [Add]. 3. Type a descriptive name in the Video Layout Name field. For example, if four cameras are watching the loading dock area, create a 2x2 layout and name it “Loading Dock Cameras.” 4. Select a Video Layout Type. 5. Select a camera for each cell of the layout. 6. Click [Accept Changes].
Configuring the System Configuring Areas Areas represent the spaces in the physical floor plan of a facility, specifically the entrances and exits to those spaces. Defining areas allows users to identify which readers lead into those spaces, and which readers lead out of those spaces into adjoining areas. Areas are used to track the physical location of persons in the facility, which can be viewed in the Roster Report, and for Anti-passback (APB) tracking of credentials.
Configuring Anti-Passback Remove an Area Note: The Default Area cannot be removed. 1. Select Access Management > Areas > Area Definition. 2. Select the area to remove. 3. Click [Remove]. The Remove Item dialog box appears. 4. Click [Remove]. Configuring Anti-Passback Anti-passback requires a credential be used to enter and exit an area so that the System knows which area the credential holder is currently occupying.
Configuring the System Creating Holiday Groups Holidays are exceptions in workplace schedules.Creating a holiday group for those days will cause the System to override the regular schedule on those days. If a holiday should not override a certain schedule, then the holiday group must be included in that schedule. For example, a facility may be open every Monday to Friday except for certain annual holidays, when only the housekeepers and network administrators should have access to the facility.
Creating Holiday Groups Add a Holiday Group IMPORTANT: The creation of a holiday group will take effect immediately. The holidays added to this group will be excluded from ALL schedules, thereby removing the specified days from normal operations on that particular date or set of dates and causing the System to override the regular schedule. Refer to Creating Holiday Groups on page 38 for details. 1. Select Access Management > Holidays. 2. Click [Add]. 3.
Configuring the System 5. Make changes to holidays in the copied group as needed. 6. Click [Accept Changes]. Remove a Holiday Group Note: A holiday group that is in use cannot be deleted. 1. Select Access Management > Holidays. 2. Select the holiday group to be removed. 3. Click [Remove]. The Remove Item dialog box appears. 4. Click [Remove]. Creating Schedules Schedules are used to determine when a person will be granted access at a reader, or when a door will automatically lock or unlock.
Creating Schedules Add a Schedule 1. Select Access Management > Schedules. 2. Click [Add]. 3. Type a descriptive name in the Schedule Name field. 4. Click Holiday Groups. 5. Select the holiday groups that are included in this schedule. Note: 6. Holidays are exceptions to normal access schedules. Including a holiday group in a schedule keeps that holiday group from overriding that schedule.
Configuring the System 2. Select the schedule to remove. 3. Click [Remove]. The Remove Item dialog box appears. 4. Click [Remove]. Creating Reader Groups Reader groups are useful when a large number of readers and doors exist in a facility. Reader groups allow users to cluster several readers according to a common characteristic, and assign these as a group to access levels. For example, all the readers in the basement of a building might be added to a group.
Configuring Access Levels Configuring Access Levels Access levels determine which doors a credential has access to and when. For example, if a facility has an office and a warehouse, and office workers are not allowed in the warehouse, then an Access level for office workers could be created which includes only those doors in the office area. The Access Management > Access Levels page is used to assign schedules to readers and reader groups.
Configuring the System operator individually, the operator role feature allows users to assign access privileges common to each type of operator based on their respective job roles. Note the following details about operator roles: • The predefined settings cannot be changed for the Administrator role. • Only an Administrator can modify settings for the Operator, Guard, View Only, and Dealer roles. • The Administrator role cannot be deleted.
Configuring Email 1. Select System Administration > Operator Roles. 2. Select the role to be copied. 3. Click [Copy]. 4. Type a descriptive name for the role in the Role Name field. 5. Change the Permission for each feature, as needed. 6. Click [Accept Changes]. Remove an Operator Role Note: Roles that are currently assigned to users cannot be deleted. 1. Select System Administration > Operator Roles. 2. Select the role to be removed. 3. Click [Remove].
Configuring the System If the email server uses SSL, the default value is 465; otherwise, the default value is 25. 4. c. If the email server uses SSL, select the Requires SSL check box. d. Type the user name for the email service account in the User field. e. Type the password for the email service account in the Password field. If connecting to an email server that does not require a user name and password, leave the Enable Authentication check box unselected. a.
Configuring User-Defined Fields c. 5. Type the email address of the person in the Email Address field. When finished adding recipients to the email list, click [Accept Changes]. Remove an Email List Note: An email list cannot be deleted if it is currently being used by the System. 1. Select System Administration > Email > Email Lists. 2. Click the email list to select it. 3. Click [Remove]. The Remove Item dialog box appears. 4. Click [Remove].
Configuring the System personal information and users with the Guard role should be able to view only non-protected personal information, change the operator role settings as shown in the following table: 48 Role User-Defined Fields Setting Protected user Fields Setting Operator View Only View Only Guard View Only None TruPortal Software User Guide
Scheduling Door and Reader Behavior Add User-Defined Fields The user-defined fields are part of the Person records in the database. A field must be enabled to appear on the Access Management > Persons page. 1. Select System Administration > System Settings. 2. Click the User-Defined Fields tab. 3. For each field: 4. a. Select Enabled. b. Type a Label. c. (Optional) Select Required. d. (Optional) Select Protected. Click [Accept Changes].
Configuring the System > Devices) and request a credential and PIN after business hours (Monitoring > Doors > Schedule View). Note: Do not confuse door and reader behavior with access. The Access Management > Access Levels page is used to assign schedules to readers and reader groups. Access levels are then assigned to credentials, determining what days and times a person with that credential can gain entry through the readers in that access level.
Configuring Action Triggers Configuring Action Triggers With the Action Triggers feature, a set of trigger conditions can be defined along with corresponding actions that will be executed when the trigger conditions are satisfied. For example, if an exterior door is forced open between the hours of 7 p.m. and 7 a.m., an action trigger can be executed that will cause sirens to blare, lights to flash, and an automated email to be sent to all site supervisors.
Configuring the System Trigger conditions Notes Held Open Becomes true when door held open alarm is active. Becomes false when door held open alarm is restored. Forced Open Becomes true when door forced open alarm is active. Becomes false when door forced open alarm is restored. Tamper Becomes true when door tamper alarm is active. Becomes false when door tamper alarm is restored. Includes tamper on Door Contact, Request to Exit, Auxiliary Input, and Tamper. Open Becomes true when door is open.
Configuring Action Triggers Trigger conditions Notes Granted - Entry Made Becomes true when door is opened and reader leads to non-outside area. Granted - Entry Made Soft APB Becomes true/false if door is opened and reader leads to non-outside area and soft APB violation. Granted - No Entry Soft APB Becomes true/false if the door is not opened, and the reader leads to a non-outside area with a soft APB violation.
Configuring the System Trigger conditions Notes 15 Minutes Before Start Becomes true when 15 minutes prior to schedule start. Becomes false when schedule starts. 15 Minutes Before End Becomes true when 15 minutes prior to schedule end. Becomes false when schedule ends. Entity: System Lockout All Doors Command Becomes true when lockout goes active. Becomes false when lockout is no longer active. Unlock All Doors Command Becomes true when unlock goes active.
Configuring Action Triggers • If a system entity (for example, a reader) is defined in a condition statement and then the entity is deleted from the System, the corresponding condition statement will also be deleted. If the entity is recreated, a new condition statement can be created for the entity. • An event is logged whenever a trigger condition statement changes state between true and false. • Duplicate condition statements can be included in the same condition group.
Configuring the System The following example shows when a Holiday in Effect trigger is active if a holiday negatively impacts a schedule for a Weekdays 7AM - 7PM schedule: Wed. 2/13 7AM 7PM Thu. 2/14 7AM 7PM Fri. 2/15 7AM 7PM Active Active Active Sat. 2/16 7AM 7PM Sun. 2/17 7AM 7PM Mon. 2/18 7AM 7PM Tues.
Configuring Action Triggers The following table lists available actions: Actions Notes Entity: System Controller Reset APB Resets anti-passback of all credentials to a neutral state (i.e free pass). Entity: Doors / Readers Lock Locks door. Note: Does not affect reader access mode. Unlock Unlocks door. Note: Does not affect reader access mode. Open Unlocks door strike for normal grant access time. Note: Does not affect reader access mode.
Configuring the System Actions Notes PIN Only - Out Reader Sets reader to “PIN Only” access mode. Note: Does not affect door strike. PIN Only - In/Out Readers Sets reader to “PIN Only” access mode. Note: Does not affect door strike. PIN or Card - In Reader Sets reader to “PIN or Credential” access mode. Note: Does not affect door strike. PIN or Card - Out Reader Sets reader to “PIN or Credential” access mode. Note: Does not affect door strike.
Configuring Action Triggers Actions Notes Buzzer Off - Doors See corresponding door command. Affects all doors with in or out readers associated with the area. Note: IPSDCs do not support this action. First Card In - Doors See corresponding door command. Affects all doors with in or out readers associated with the area. Lockout - Doors See corresponding door command. Affects all doors with in or out readers associated with the area. Reinstate - Doors See corresponding door command.
Configuring the System • Up to 10 actions can be included per action trigger record. These actions can be any combination of activation and/or deactivation actions. • Actions can be configured to occur when a trigger is deactivated. • Use the Status field on the top of the System Administration > Action Triggers page to enable or disable action trigger records. • Action triggers can be executed manually on the Monitoring > Action Triggers page. See Controlling Action Triggers on page 84.
Configuring Action Triggers Add an Action Trigger Record 1. Select System Administration > Action Triggers. 2. Click [Add]. 3. Type a descriptive name for the record, up to 64 characters long, in the Action Trigger Name field. 4. Select values in the four drop-down list boxes to create the first condition statement that will trigger an action. 5. To create additional condition statements in the same group: a. Click the [+] button on the same line as the last condition statement. b.
Configuring the System Copy an Action Trigger Record 1. Select System Administration > Action Triggers. 2. Click the action trigger record to select it. 3. Click [Copy]. 4. Edit the record, as necessary. 5. Click [Accept Changes]. Remove an Action Trigger Record 1. Select System Administration > Action Triggers. 2. Click the action trigger record to select it. 3. Click [Remove]. The Remove Item dialog box appears. 4. Click [Remove].
Creating a Backup and Restore Point Copy a Network Share 1. Select System Administration > Network Share. 2. Click the network share to select it. 3. Click [Copy]. 4. Edit the network share, as necessary. 5. Click [Accept Changes]. Remove a Network Share 1. Select System Administration > Network Share. 2. Click the network share to select it. 3. Click [Remove]. The Remove Item dialog box appears. 4. Click [Remove].
Configuring the System 64 TruPortal Software User Guide
CHAPTER 5 Managing Access Access to a facility and the User Interface can be managed by: • Adding and removing persons, • Adding, deactivating, reactivating, and removing credentials, and • Adding and removing user accounts. Managing Persons Each individual in an organization can have access to the building and access to the System. Access to the physical facility is controlled by means of a credential (commonly called an ID badge).
Managing Access • Add any necessary user-defined fields that can be used to enter personal data about personnel, such as vehicle license plate number or home telephone number. See Configuring User-Defined Fields on page 47. There are several ways to add person records: • By using the Access Management > Persons page, as described next. • By using the adding Add Person Wizard available on the Home page.
Managing Persons • Total photo storage is limited to 40 MB. • If larger photos are uploaded, the 40 MB maximum may be exhausted before the capacity of 10,000 is reached. To upload a photo: 1. Click Access Management > Persons. 2. Select the Person from the list of persons. 3. Click the ID Photo icon next to the person’s name. The Upload Photo dialog box appears. 4. Click Select File. The Select File dialog box appears. 5. Select a photo to upload and click Open. 6. Click Upload. 7.
Managing Access Managing Credentials Every person who needs to enter a facility will need a credential (i.e., an ID badge with an encoded number that is recognized by the System). Before assigning a credential, add the person to the database. See Add a Person on page 65. Note: Whenever credentials are changed or deleted, the local cache on IPSDCs is cleared to prevent unauthorized access in case IPSDCU Fallback Mode is being used. See IPSDCU Fallback Mode on page 19.
Managing Lost or Stolen Credentials 10. (Optional) Select an Active From and Active To date if the credential has a limited duration for its validity. 11. Click the Access Levels tab. 12. Select the Access Levels that apply to this credential. 13. Click [Accept Changes]. A credential may also be added using the link in an event generated when an invalid credential is used to attempt access. Remove a Credential A credential does not need to be removed to prevent its use.
Managing Access 6. Select a date in the past. 7. Click [Accept Changes]. Restore a Found Credential 1. Select Access Management > Persons. 2. Select the Person with the credential to be deactivated. 3. Click [Credentials]. 4. Click the credential to be reactivated. 5. Clear the Active To field. 6. Click [Accept Changes]. Managing User Accounts User accounts allow people to log into the System. A user account is associated with a person database record, just as a credential is.
Creating Reports 8. Click [OK]. 9. Click [Accept Changes]. Deactivate a User Account 1. Login as an Administrator or Dealer. (The other operator roles do not have permission to modify user accounts.) 2. Select Access Management > Persons. 3. Select the person to modify. 4. Click the User Account tab. 5. Clear the Can log on check box. 6. Click [Accept Changes].
Managing Access Create a Report 1. Select Reports. 2. Select the type of report to create. 3. Fill out the report-specific fields, as desired. 4. Click [View] to display the report in a new browser window. 5. To export a report: a. Click [Export]. b. When prompted, click [Save]. c. In the dialog box that appears, navigate to the location where the report will be saved in CSV format. d. Click [Save].
CHAPTER 6 Monitoring Access During day to day operations, facility access can be monitored and controlled by: • Viewing events. • Watching security camera video, if cameras were installed. • Overriding scheduled door behavior to open, unlock, lock out, reinstate, or secure doors. • Responding to alarms.
Monitoring Access Monitoring Events and Alarms The Events page provides a record of: • • • Access issues • Unauthorized access • Anti-passback violations • Doors held open too long • Users logging into the System System and device status messages • Changes in system state, such as updates to the date and time • Mode changes for devices • Changes in the state of action triggers • Database and event backups Alarms • Door tampering • Doors forced open • System failures or problems Not
Monitoring Events and Alarms Load More Events The Events page displays the most recent events. To view older events than those displayed, load them to the browser from the System first. The Load More Events command will load the next 500 events (or fewer, if there are less than 500). 1. Select Events. 2. Click the circular [Events] action button. 3. Select Load More Events. 4. (Optional) To stop the operation, click Cancel when it appears.
Monitoring Access Monitoring Video of Events The System can display the live or recorded video from specific cameras, and associate recorded video with events at specific devices, such as readers and doors. (See Configuring Video Devices on page 33.) Links to event-specific video are found on the Events page. Use the Monitoring > Video page to monitor the video feed from one or more cameras. Video clips of live or recorded video can be downloaded to a local client workstation.
Monitoring Video of Events 1. Select Events. 2. Scroll to or search for the event. 3. Click the Camera icon that appears next to the Event Description. The Event Detail pane appears at the bottom of the page, along with a video frame. 4. Click [Play Event Video]. 5. Hover over the bottom of the video frame to display controls that can be used to play and record video. See Video Controls Reference on page 78.
Monitoring Access c. Wait for 30 seconds. d. Click the Record Live/Playback Video button. A timebar appears on the video frame. e. Move the slider to the 1 minute mark and click OK. f. Browse for a folder in the dialog box that appears, and then click OK. The video clip is downloaded to the selected folder. Note: If video cannot be downloaded from a camera connected to a TVR31, try adjusting the bandwidth throttle settings on the TVR31.
Controlling Doors Icon Feature Function Single Step Reverse control Moves the recorded video back one frame. Reverse control Moves the video backward. Play control Plays the video feed (live or recorded). Pause control Pauses the video feed (live or recorded). Forward control Moves the recorded video ahead in fast forward. Single Step Forward control Moves the recorded video ahead one frame. Live control Switches from playback of recorded video to viewing live video.
Monitoring Access Unlock a Door Use the Unlock Door command to override security for the door, allowing anyone to exit or enter without presenting a valid credential. 1. Select Monitoring > Doors. 2. Click the Event View tab. 3. Click the Individual Door Commands action button for the door to be unlocked. 4. Select Unlock Door. Reinstate a Door Use the Reinstate Door command to return the door to its normal mode of operation after unlocking it or locking it out. 1. Select Monitoring > Doors. 2.
Controlling Doors 3. Select Reinstate All Doors. A Reader Reinstated event will be generated for each reader that was previously in the Locked Out state, along with a single All Doors Reinstated event for the System Controller. A Reader in Card Only Mode event or a Reader in Card + PIN Mode event is also generated for every door, depending on how the reader is configured on the System Administration > Devices page.
Monitoring Access Unlock All Doors Releases the locks on all doors, allowing free access and egress. This will be recorded as Event 14644. After issuing this command, reinstate all doors so that individual doors can be controlled directly. Lockout All Doors Locks all doors and ignores credentials, so that no one can enter or exit. This will be recorded as Event 14646. After issuing this command, reinstate all doors so that individual doors can be controlled directly.
Controlling Doors Schedule Mode (Door) Select an option from this list to set behavior for the specific door during the schedule. Unlocked The door will be unlocked and accessible without presenting a credential during the selected schedule. First Card In The door will go to locked at the beginning of the schedule and remain in this state until the first valid credential is swiped. At that point, the door will switch to an unlocked state.
Monitoring Access Controlling Inputs and Outputs Inputs and outputs can be monitored from the Monitoring > Inputs/Outputs page, and outputs can be activated or deactivated manually from that page. Outputs can also be controlled by action triggers. To learn more about inputs and outputs, see Configure Inputs and Outputs on page 24 Activate or Deactivate an Output 1. Select Monitoring > Inputs/Outputs. 2. Click the Activate/Deactivate button for the Output. The state of the output changes.
Resetting Anti-Passback that the person has left the specific area. As a result, if the System is configured for hard antipassback enforcement, it will prevent that credential from being used to enter another area, including the one just left, until the credential's location is reset to a default or neutral area. 1. Select Monitoring > Anti-Passback Reset. 2. To reset all persons: 3. a. Click [Reset All]. b. Select an area from the list. To reset selected persons: a.
Monitoring Access 86 TruPortal Software User Guide
CHAPTER 7 Maintenance A few simple maintenance activities will help make sure the System runs efficiently with minimal trouble or disruption to service. These include backing up the database and checking for firmware updates. Backing Up Data Periodic backups of the System database are highly recommended to ensure quick recovery of security needs following a disaster. The System saves backups to the local client workstation, so a copy exists that is not on the System Controller.
Maintenance Create a Backup File This section describes how to create a backup file and download it to a local client workstation. System data can be backed up to a file on the client workstation (as described here) or automated backups can be scheduled, as described in Schedule Automated Backups on page 88. (To back up events, refer to Back Up Events on page 89.) 1. Log into the System as a user with Execute permissions for the Backup Database feature. 2. Select System Administration > Backup/Restore.
Saving and Restoring Custom Settings Back Up Events Note the following details about events: • Events cannot be restored from a backup file. The file is intended for recordkeeping purposes only. • Events can be exported using the Import/Export Wizard provided on the Utilities disc, as described in the Import/Export Wizard User Guide. To back up events: 1. Log into the System as a user with Execute permissions for the Backup Database feature. 2. Select System Administration > Backup/Restore. 3.
Maintenance 5. Type the security phrase, exactly as shown (case sensitive). 6. Click Save Custom Settings. Restore Custom Settings IMPORTANT: Using this feature will erase all settings and data, and reset the System to use the settings and data stored in the custom settings file. Be sure to create a current backup before restoring custom settings. IMPORTANT: After restoring custom settings, the System Controller will reboot. During this time, it will be offline for a few minutes.
Updating the Firmware Updating the Firmware Feature improvements are occasionally made available on the product web site in the form of firmware updates that can be downloaded and applied to the System Controller and any IPSDCs that may be installed. Note: Updating the System Controller firmware is a different than upgrading the System, which impacts the core code of the System Controller in addition to the firmware. To switch from one version of TruPortal to a later version (for example, from version 1.
Maintenance 8. Click [Next]. 9. Click [Update]. After a System Controller firmware update, the System Controller will restart. Log back in and switch to the Monitoring > Diagnostics page (see Diagnostics on page 96) to check for any problems with doors, controllers, and other newly installed hardware.
Managing Language Packs Add a Language Pack 1. Launch a supported Internet browser. 2. Download the desired language pack from the product website to a local client workstation or a shared file system. 3. Log into the System as a user with Modification permissions. 4. Select System Administration > Language Packs. 5. Click [Add]. Note: The [Add] button is only enabled if less than four language packs are currently installed.
Maintenance 94 TruPortal Software User Guide
CHAPTER 8 Troubleshooting Resolving Browser Issues Clearing the cache and restarting the browser can solve many apparent problems, such as sudden strange behavior in the User Interface. Specific steps vary by browser make and version. 1. Log out of the System, log back in, and return to the Home page. 2. Clear the browser history and cache. 3. Close the browser and reopen. 4. Log into the System.
Troubleshooting configuring a service port that is unblocked by the firewall. See Configure Network Settings on page 17. Rebooting the System Controller 1. Select System Administration > Devices. 2. Select the System Controller from the hierarchical device tree. 3. Click [Reboot Controller]. When the System Controller is powered only by a battery and voltage drops below 10.2 V, the board switches off until the main AC/DC power is restored.
Diagnostics • An ellipsis (...) appears if additional information about a category is available in a tool tip that can be displayed by hovering over the ellipsis. • The System does not include actions for running specific diagnostic tests. • Click [Download Diagnostic File] to create a single, encrypted file that includes a variety of system information, including configuration data and logs.
Troubleshooting Diagnostic Display Value Status Memory Usage Used, Total INF < 95% WRN >= 95% ERR = 100% Main Storage Percent INF < 90% WRN >= 90% ERR = 100% Pictures & Backup Storage Used, Total INF < 50% WRN >= 50% ERR >= 95% ADP Boards Used, Total INF = Always Doors Used, Total INF = Always Readers Used, Total INF = Always EIO Boards Used, Total INF = Always Inputs Used, Total INF = Always Outputs Used, Total INF = Always DVRs Used, Total INF = Always Cameras Used, Tota
Diagnostics Fuse +V 0V Aux 2 CN3.3 CN3.4 Door Controller CN10.2 CN17.2 CN11.4 CN18.4 Aux Input CN21.1 CN21.3 CN22.
Troubleshooting Troubleshooting Schedules If a schedule is not behaving as expected, review the following sections: • Creating Holiday Groups on page 38 • Creating Schedules on page 40 • Considerations for Schedule-Based Action Trigger Records on page 55 Error, Warning and Event Messages Tamper States The System Controller does not distinguish which of the four door input are in tamper state when it logs tamper events.
Error, Warning and Event Messages Fuse Events Event Code Event Description Event 14651 Fuse Tripped Event 14652 Fuse Restored Device Events Event Code Event Description Device Event 4105 Device Communications Failed Door Controller, I/O Expander Event 4106 Device Communications Restored Door Controller, I/O Expander Event 4107 Tamper Alarm* Controller, Door Controller, I/O Expander Event 14622 System Trouble Controller Event 14623 System Restored Controller Event 14628 Device Faile
Troubleshooting Door Tamper Events Event Code Event Description Event 14633 Door Tamper Restored Event 14632 Door Tamper Alarm Door Tamper Alarm/Restored Used to indicate tamper condition on any of the four door inputs - DR, RTE, TR, AUX. The tamper alarm event is generated when a tamper condition is detected on any of the inputs, or when TR is active.
Video Player Errors Video Player Errors If problems displaying video are encountered, review Before You Begin on page 76 in addition to the following information. No Active Video Connections This message appears on the Monitoring > Video page and the Event Detail pane of the Events page. The message means either: • A camera device is not configured, • The System lost communication with a connected DVR/NVR, or • The video player is not installed, or is out of date. See Before You Begin on page 76.
Troubleshooting 104 TruPortal Software User Guide
CHAPTER 9 Reference System Capacities Attribute Capacity Number of persons 10,000 Number of unique credentials 10,000 Credentials per person 5 Access levels 64 Access levels per credential 8 Schedules 64 Time intervals per schedule 6 Holiday groups per schedule 8 Holiday groups 8 Holidays per holiday group 32 Holidays (total) 255 Areas 64 Reader groups 64 Operator roles 32 User-defined fields 10 Video layouts 64 Card formats 8 Email lists 10 Action Triggers 32 TruPo
Reference Attribute Capacity Number of retained events in event log 65,000 Device Capacities Number of doors (base board and dual door controllers) with readers in / Number of doors with readers in and out 64 / 32 Total number of Dual Door Interface Modules (including built in) 32 Total number of IP-based Single Door Controllers (IPSDCs) 62 Readers (total) 64 Inputs/Outputs Total number of system inputs (including the System Controller) 132 Total number of system outputs (including the System
Configuring IP-Based Single Door Controllers • Feature improvements for IPSDCs are occasionally made available on the product web site in the form of firmware updates. See Updating the Firmware on page 91. • IPSDCs can be configured to use a fallback mode if connectivity with the System Controller is lost. A local cache that stores the last 50 successful credentials can grant access. See Configuring Security on page 18.
Reference 5. Click Properties. • If Obtain an IPvx /Address Automatically is already checked, select Use the Following IPvx Address, where x is the Internet Protocol Version being used (4 or 6). • If the connection is static, write down the IP address and Subnet mask number. Reset the computer to these values after the controller configuration is complete. 6. Enter the IP address, 192.168.6.1, or a similar valid IP address (e.g., 192.168.6.x where x is any number between 1 and 254 except 6). 7.
Configuring IP-Based Single Door Controllers • If an installation requires that an IPSDC and its corresponding host communicate through a firewall, use the ICT to configure the IPSDC firewall to allow connections through port 3001. • Disable or bypass any network proxies while using the ICT. • After configuration is complete, the ICT can be disabled to prevent unauthorized access. See Enabling and Disabling the ICT on page 110.
Reference The Controller Information page displays the Parameters form. 5. (Recommended) Change the default password to enhance security: a. Click [Change User/Password] to open the Change User/Password form. b. Type the User ID. c. Type the New Password. d. Retype the password in the Confirm Password field. e. Click [Change Credentials]. 6. Click the Controller Parameters menu to open the Primary Network form. 7. To use a dynamic connection for the IPSDC, select Use DHCP.
Pre-Defined Operator Role Permissions To enable the ICT temporarily: 1. Press and hold SW4 until D19 (i.e., the Watchdog LED) turns ON. Allow up to five (5) seconds for D19 to turn ON. (See the IP-Based Single Door Controller Quick Reference for switch locations.) 2. After D19 is ON, release SW4. 3. D19 turns OFF when the ICT is manually enabled. The ICT is now enabled until the controller reboots. To enable the ICT permanently: 1. Complete the steps to enable the ICT temporarily, as listed above.
Reference Feature 112 Permission Levels Administrator Operator Guard View Only Dealer Action Triggers: Monitor None, View, Execute Execute Execute Execute View Execute AntiPassback Reset None, View, Execute Execute Execute Execute View Execute Areas None, View, Modification Modification View View View Modification Backup Database None, Execute Execute Execute None None Execute Camera PTZ Control None, Execute Execute Execute Execute None None Card Formats None, V
Port Usage Feature Permission Levels Administrator Operator Guard View Only Dealer Operator Roles None, View, Modification Modification View View View View Persons None, View, Modification Modification Modification View View Modification Protected User Fields None, View, Modification Modification None None None None Reader Groups None, View, Modification Modification Modification View View Modification Reports None, Execute Execute Execute Execute Execute Execute R
Reference 114 Device Port Usage System Controller TCP/80 TruPortal User Interface and utilities System Controller TCP/443 TruPortal User Interface and utilities System Controller TCP/3001 Low-level firmware updates System Controller UDP/5353 Scan for Hardware Changes discovery TruVision TVN 10 TCP/8000 Default port for video stream TruVision TVN 20 TCP/8000 Default port for video stream TruVision TVN 21 TCP/8000 Default port for video stream TruVision TVN 50 TCP/8000 Default port
Pulse Duration Accuracy Pulse Duration Accuracy When configuring action triggers that turn a pulse on or off, note that the accuracy of the pulse duration varies depending on the pulse length, as detailed in the following table: Duration Accuracy Range 1 second 1 2 seconds 2 3 seconds 3 5 seconds 5 10 seconds 10 15 seconds 15 20 seconds 00:19 – 00:20 30 seconds 00:29 – 00:30 45 seconds 00:45 – 00:46 60 seconds 00:59 – 01:00 90 seconds 01:23 – 01:32 2 minutes 01:53 – 02:02 3 minut
Reference 116 1 day 0d:23:40:43 – 1d:00:00:42 7 days 7d:00:20:43 – 7d:16:20:42 TruPortal Software User Guide
Glossary Access Level One or more reader/schedule combinations, used to control hardware access by one or more cardholders. Access levels can be assigned to active badges to define which readers a badge has access to and at which times. ANSI Acronym for the American National Standards Institute, a voluntary organization that creates standards for the computer industry. Area APB Areas are defined by the Readers that enter and leave them. The current Area in which a Badge is located is recorded.
Glossary mounted in a similar position on the door frame. Door Holder A device that holds a door in the open position until it is instructed by the System to change status. Door Strike An electrical and/or magnetic device that is used to hold a door in a locked position. Opening a door strike requires some form of electrical charge initiated from a device such as a card reader. Ethernet A network standard of LAN communication using either coaxial or twisted pair cable. IEEE 802.3 is the Ethernet standard.
Glossary PAL A video standard used in Europe, Australia, and New Zealand. PAL video broadcasts 625 lines every 1/25 second. PIN Acronym for personal identification number, a number typically associated with an individual and used for access control PTZ Acronym for Pan-Tilt-Zoom. A feature on cameras that can pan, tilt, and zoom via computer control. PTZ allows for a larger viewing area for a camera by allowing it to rotate in different directions.
Glossary 120 TruPortal Software User Guide
Index A Access History report ..................................... 71 Access Level ........................................... 50, 117 Access Levels page ................... 40, 42, 43, 50 Action triggers .................................................... 51 Action triggers condition statements ............................. 51 configuring ............................................. 61 controlling manually ............................. 84 executing manually ...............................
Index Backup/Restore page ..................................... Backups, restoring data .................................. Badge ID .......................................................... Browser issues ................................................. definition .............................................. 117 importing ................................................ 50 limited duration ..................................... 69 lost or stolen ........................................... 69 managing .
Index E Email page ....................................................... 45 Email Server tab ............................................. 45 Email, disabling .............................................. 47 Employee number ........................................... 47 Enable HTTPS Connection .................... 10, 17 Enable SSH Connection ................................ 17 Encrypt IPSDC Communications ................ 19 Enrollment readers .................................... 6, 68 Ethernet .......
Index Languages adding ...................................................... 93 managing language packs .................... 92 removing ................................................. 93 setting the System Language ............... 20 switching languages during login 15, 93 LDAP ..................................................... 118, 119 Linked Camera ............. 24, 27, 28, 32, 33, 35 Live video ........................................................ 77 Local Area Network ........................
Index credentials ............................................... 69 email lists ................................................ 47 holiday groups ....................................... 40 language packs ...................................... 93 network share ......................................... 63 operator roles ......................................... 45 persons .................................................... 66 photos ...................................................... 67 reader groups .
Index Video Layouts page ........................................ 35 Video page ................................ 76, 77, 78, 103 Video Stream Bandwidth ............................... 34 View Help button .............................................. 2 Voltage ............................................................ 100 W Warnings Objects Have Changed ....................... 102 The Device is rebooting ....................... 90 Web Browser Configuration and Control ... 34 Wiegand ....................