Presented By: Ch.

Zafar Habib
1

 Access control is the collection of mechanisms that permits managers of a system to exercise a directing or restraining influence over the behavior, use, and content of a system. It permits management to specify what users can do, which resources they can access, and what operations they can perform on a system.

Access Controls: The security features that control how users and systems communicate and interact with one another. Access: The flow of information between subject and object Subject: An active entity that requests access to an object or the data in an object Object: A passive entity that contains information

Identity Management: A broad term to include the use of different products to identify, authenticate, and authorize users through automated means.

Residential Access Control Commercial Access Control

Security Access & Control

Residential Access Control

Un-manned access control at all entry points Restrict access by user and by entry point Audit trail of entry point and time Audit trail of exit point and time Manage vehicle and people entry points Gated community solutions

Commercial Access Control

Un-manned access control at all entry points Control access by company, employee and visitor Restrict access by user and by entry point Audit trail of entry point and time Audit trail of exit point and time Manage vehicle and people entry points

Security Access and Control

Restricted access by user, location and time of day Exception report for access to sensitive areas Monitor dwell time in Hazmat areas

Access controls can be implemented at various layers of an organization, network, and individual systems Three broad categories: Administrative Physical Technical (Logical)

Administrative Controls
Policy and Procedure Personnel Controls
Separation of Duties Rotation of Duties Mandatory Vacation

Supervisory Structure Security Awareness Training Testing

10

Physical Controls
Network Segregation Perimeter Security Computer Controls Work Area Separation Data Backups Cabling Control Zone

11

Technical (Logical) Controls System Access Network Architecture Network Access Encryption and protocols Auditing

12

Product Summary(Multimax)
. Access Control . Video Management . Identity Management . Alarm Management . Visitor Management . Graphic Maps . Command & Control . Badge Designer . Advanced Tools . Management Reports

13

MULTIMAXPROFESSIONAL
Key Features . Competitively priced powerful Access Control and Security Management Solution for most business applications . Easy card issuing administration using bulk amendment . The power you need to control all your security needs . Up to 32 card readers and nine client computers . Unrestricted card holder capacity . Video Badging and Visitor Management software as standard . Employs the very latest thinking in user interface design . Supplied with Microsoft SQL Express Database . Comprehensive alarm-handling features . Optional modules available to control video cameras, intercom systems and intrusion alarm panels . Open architecture with various integration options . Single sign-on option for authentication to Microsoft Active Directory
14

S840-KP KEYPAD PROXIMITY READER

KEY FEATURES Reads HID 125KHz proximity cards Typical read range of 5 (120mm) with HID ProxCard II Secure, bi-directional, pseudo-random supervised Communications Audible feedback provides positive con rmation of card read & key press Visual indication for card accepted, card rejected and PIN Prompt Card commands in conjunction with LED status indicators Integral door held warning buzzer Supports S660 RIM for local door input and output Terminations A distance from the multiNODE controller to the Symmetry S840-KP of up to 3000ft (1000m) can also be achieved

15

Alarm and EVENT Management

16

KEY FEATURES Provides a highly-visual interface to monitor and control the system Arm and Disarm alarm panel areas Enables devices and alarms to be located quickly Improves site security and efficiency Easy to use minimal training required Colored icons provide an instant visual indication of device status Custom icon support Automatic display of map on alarm for easy alarm acknowledgement Allows links between maps Commands can be sent to devices (e.g. to grant access through a door) Map Browser provides a tree view of the maps for easy navigation Suitable for use with tablet or touch-screen PCs for roaming supervision of site

GRAPHICAL MAP INTERFACE

17

Key Features . Modular mix and match configuration . Connects to Symmetry management software via LAN, WAN, RS232 or Modem . Each M2150 can control up to 16 doors and readers . Manages 20,000 card holders and 65,000 offline transactions (expandable to 250,000 cardholders) . Connect smart card, proximity or legacy magstripe readers using multiNODE current loop protocol (MCLP) . Wiegand and Biometric reader support using optional WIM . Elevator model controls up to 64 floors . Wireless and secure AES Encrypted communication options . Available with or without enclosure and power supply

Multinode M2150 Controller

18

A few threats to access control

Insiders

Dictionary Attacks

Countermeasures include good policies and procedures, separation of duties, job rotation Countermeasures include strong password policies, strong authentication, intrusion detection and prevention Countermeasures include penetration testing, minimum necessary information provided, monitoring, intrusion detection, clipping levels Countermeasures include a guaranteed trusted path, security awareness to be aware of phishing scams, SSL connection

Brute Force Attacks Spoofing at Logon

19

20