Load-Balancing Security

Distributed network architecture provides scalability in industry environment

Global enterprises and large, multi-site hospitals, universities and government agencies are increasingly facing a common challenge: how to bring all of their disparate buildings into an easy-to-manage enterprise security system. Most multi-site organizations have a variety of sites that range in size from small branch offices to large, multi-building campuses.

When it comes to designing an enterprise access control and security solution, security directors and IT managers need to balance several competing priorities:

  • Maintaining an up-to-date synchronized database of all personnel across all sites;
  • Monitoring events, alarms and activity reports from a central location;
  • Ensuring management at each site can autonomously manage day-to-day activities, such as adding/deleting personnel or changing access control privileges; and
  • Protecting the system and facilities against network failures.

Using different standalone access control solutions at each site can achieve priorities [three and four], but this strategy makes central monitoring and staff management impossible. Designing a true enterprise security system that is easy to use and delivers all four priorities requires an access control solution that can effectively manage the volumes of data produced by large enterprises via distributed network architecture.

Why should security directors and IT managers consider a distributed approach?

For end users, it is the only solution that delivers on all four priorities. For systems integrators, it avoids the labor and headaches of manually constructing interfaces between standalone systems.

Defining Enterprise and Distributed Network Architecture>
An enterprise is a company or organization consisting of two or more facilities that are either locally situated or widely dispersed. An enterprise could be multiple facilities grouped together in the same area -- such as a hospital campus, with its main building surrounded by clinics or doctor’s offices. Or it could be a large global company that comprises many buildings that can be hundreds, even thousands, of miles apart from one another.

The key framework of a distributed network architecture includes the distribution of decision-making and control to each site while simultaneously networking and synchronizing the sites via a central hub.

What End Users and Integrators Want
Distribution of decision-making and control to each site are essential for two reasons. First, local site managers need the flexibility to manage the security needs specific to their site. From adding personnel to modifying access rights, they need the ability to manage their system day-to-day without fear of losing network connectivity or bandwidth to a central, off-site server. Second, from a scalability perspective, well-designed security architecture avoids unnecessary data transmission and bandwidth consumption. For example, adding a new contractor and assigning him/her access privileges at a single local site should not require communication back to a central server.

While local site control is essential, enterprises also need easy-to-configure synchronization of security data between sites. Key factors essential to a “networked” architecture include:

  • Instant and scheduled synchronization: Security directors need real-time notification about critical events and alarms, as well as the ability to schedule synchronization of non-critical activity to better manage peak network use.
  • Tolerance of network outages: Multi-site synchronization must survive brief or extended network outages. When a site or the central server comes back online, synchronization must restart automatically.
  • Scalability from large to small: Most enterprises have a mixture of small sites -- such as four to five reader sales offices -- and large office buildings. Enterprise architecture must incorporate all sites, big and small, into the network.

A well-designed distributed network architecture also gives enterprise security and IT directors powerful central management capabilities. Central personnel management -- defining and changing global access control privileges and editing personnel details -- is the essential starting point. However, true central management goes beyond staff. Security directors also need the ability to create an integrated, multi-site event viewer and to centrally manage, monitor and configure their panels and readers.

To satisfy IT, the multiple autonomous servers at each site in distributed network architecture must be able to communicate with the central hub via either a LAN or WAN.

Return on Investment
The key benefits of a distributed network architecture include: scalability, efficiency, cost and reliability.

Scalability. Enterprise solutions that rely on a single server inevitably suffer from performance issues as the company grows and the server is overwhelmed. Moreover, single-server solutions are highly susceptible to network failures. Distributed architecture balances the load across multiple servers at each site.

Efficiency. Security managers control the flow of data and decision-making, minimizing network bandwidth and allowing them to focus on their business. At the same time, centrally located security staff can easily run reports, make changes, and view the status of local sites without needing to login to multiple separate systems.

Cost. Servers and software at each local site can be sized appropriately to meet each site’s specific needs, without requiring installation of an expensive server at even the smallest sites.

Reliability. Distributed network architecture is much more resistant to network and hardware failures than a single, central server approach.

These benefits can be made clear with a simple use case in which a large organization wants to integrate its access control system with its enterprise resource planning (ERP) system to eliminate replication and redundancy of employee data. With a distributed, but not networked, architecture using separate standalone access control solutions, the organization needs to pay for and maintain multiple, separate ERP integrations to the access control software at each local site.

With a networked, but not distributed, architecture -- the classic, singleserver approach -- only one integration is required, but system performance is poor at local sites and network bandwidth consumption is high. Distributed network architecture offers a single, cohesive solution that allows for a single ERP integration and optimized system performance and network bandwidth.

The early generations of enterprise security solutions focused on access control functions and harmonizing those with an organization’s personnel database. Today, it has evolved into complete control at every site and the ability to manage access points, card readers and alarm monitoring from a central location.

The range of an access control system’s capabilities is expanding, thanks to the distributed network architecture, because it solves the performance, scalability and load-balancing issues inherent in single-server architecture. Finally, security directors can ask for an access control solution that delivers on all of their security priorities.

This article originally appeared in the June 2011 issue of Security Today.


  • 12 Commercial Crime Sites to Do Your Research

    12 Commercial Crime Sites to Do Your Research

    Understanding crime statistics in your industry and area is crucial for making important decisions about your security budget. With so much information out there, how can you know which statistics to trust? Read Now

  • Boosting Safety and Efficiency

    Boosting Safety and Efficiency

    In alignment with the state of Mississippi’s mission of “Empowering Mississippi citizens to stay connected and engaged with their government,” Salient's CompleteView VMS is being installed throughout more than 150 state boards, commissions and agencies in order to ensure safety for thousands of constituents who access state services daily. Read Now

  • Live From GSX: Post-Show Review

    Live From GSX: Post-Show Review

    This year’s Live From GSX program was a rousing success! Again, we’d like to thank our partners, and IPVideo, for working with us and letting us broadcast their solutions to the industry. You can follow our Live From GSX 2023 page to keep up with post-show developments and announcements. And if you’re interested in working with us in 2024, please don’t hesitate to ask about our Live From programs for ISC West in March or next year’s GSX. Read Now

    • Industry Events
    • GSX
  • People Say the Funniest Things

    People Say the Funniest Things

    By all accounts, GSX version 2023 was completely successful. Apparently, there were plenty of mix-ups with the airlines and getting aircraft from the East Coast into Big D. I am all ears when I am in a gathering of people. You never know when a nugget of information might flip out. Read Now

    • Industry Events
    • GSX

Featured Cybersecurity


New Products

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening. 3

  • ResponderLink


    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge. 3