Load-Balancing Security

Distributed network architecture provides scalability in industry environment

Global enterprises and large, multi-site hospitals, universities and government agencies are increasingly facing a common challenge: how to bring all of their disparate buildings into an easy-to-manage enterprise security system. Most multi-site organizations have a variety of sites that range in size from small branch offices to large, multi-building campuses.

When it comes to designing an enterprise access control and security solution, security directors and IT managers need to balance several competing priorities:

  • Maintaining an up-to-date synchronized database of all personnel across all sites;
  • Monitoring events, alarms and activity reports from a central location;
  • Ensuring management at each site can autonomously manage day-to-day activities, such as adding/deleting personnel or changing access control privileges; and
  • Protecting the system and facilities against network failures.

Using different standalone access control solutions at each site can achieve priorities [three and four], but this strategy makes central monitoring and staff management impossible. Designing a true enterprise security system that is easy to use and delivers all four priorities requires an access control solution that can effectively manage the volumes of data produced by large enterprises via distributed network architecture.

Why should security directors and IT managers consider a distributed approach?

For end users, it is the only solution that delivers on all four priorities. For systems integrators, it avoids the labor and headaches of manually constructing interfaces between standalone systems.

Defining Enterprise and Distributed Network Architecture>
An enterprise is a company or organization consisting of two or more facilities that are either locally situated or widely dispersed. An enterprise could be multiple facilities grouped together in the same area -- such as a hospital campus, with its main building surrounded by clinics or doctor’s offices. Or it could be a large global company that comprises many buildings that can be hundreds, even thousands, of miles apart from one another.

The key framework of a distributed network architecture includes the distribution of decision-making and control to each site while simultaneously networking and synchronizing the sites via a central hub.

What End Users and Integrators Want
Distribution of decision-making and control to each site are essential for two reasons. First, local site managers need the flexibility to manage the security needs specific to their site. From adding personnel to modifying access rights, they need the ability to manage their system day-to-day without fear of losing network connectivity or bandwidth to a central, off-site server. Second, from a scalability perspective, well-designed security architecture avoids unnecessary data transmission and bandwidth consumption. For example, adding a new contractor and assigning him/her access privileges at a single local site should not require communication back to a central server.

While local site control is essential, enterprises also need easy-to-configure synchronization of security data between sites. Key factors essential to a “networked” architecture include:

  • Instant and scheduled synchronization: Security directors need real-time notification about critical events and alarms, as well as the ability to schedule synchronization of non-critical activity to better manage peak network use.
  • Tolerance of network outages: Multi-site synchronization must survive brief or extended network outages. When a site or the central server comes back online, synchronization must restart automatically.
  • Scalability from large to small: Most enterprises have a mixture of small sites -- such as four to five reader sales offices -- and large office buildings. Enterprise architecture must incorporate all sites, big and small, into the network.

A well-designed distributed network architecture also gives enterprise security and IT directors powerful central management capabilities. Central personnel management -- defining and changing global access control privileges and editing personnel details -- is the essential starting point. However, true central management goes beyond staff. Security directors also need the ability to create an integrated, multi-site event viewer and to centrally manage, monitor and configure their panels and readers.

To satisfy IT, the multiple autonomous servers at each site in distributed network architecture must be able to communicate with the central hub via either a LAN or WAN.

Return on Investment
The key benefits of a distributed network architecture include: scalability, efficiency, cost and reliability.

Scalability. Enterprise solutions that rely on a single server inevitably suffer from performance issues as the company grows and the server is overwhelmed. Moreover, single-server solutions are highly susceptible to network failures. Distributed architecture balances the load across multiple servers at each site.

Efficiency. Security managers control the flow of data and decision-making, minimizing network bandwidth and allowing them to focus on their business. At the same time, centrally located security staff can easily run reports, make changes, and view the status of local sites without needing to login to multiple separate systems.

Cost. Servers and software at each local site can be sized appropriately to meet each site’s specific needs, without requiring installation of an expensive server at even the smallest sites.

Reliability. Distributed network architecture is much more resistant to network and hardware failures than a single, central server approach.

These benefits can be made clear with a simple use case in which a large organization wants to integrate its access control system with its enterprise resource planning (ERP) system to eliminate replication and redundancy of employee data. With a distributed, but not networked, architecture using separate standalone access control solutions, the organization needs to pay for and maintain multiple, separate ERP integrations to the access control software at each local site.

With a networked, but not distributed, architecture -- the classic, singleserver approach -- only one integration is required, but system performance is poor at local sites and network bandwidth consumption is high. Distributed network architecture offers a single, cohesive solution that allows for a single ERP integration and optimized system performance and network bandwidth.

The early generations of enterprise security solutions focused on access control functions and harmonizing those with an organization’s personnel database. Today, it has evolved into complete control at every site and the ability to manage access points, card readers and alarm monitoring from a central location.

The range of an access control system’s capabilities is expanding, thanks to the distributed network architecture, because it solves the performance, scalability and load-balancing issues inherent in single-server architecture. Finally, security directors can ask for an access control solution that delivers on all of their security priorities.

This article originally appeared in the June 2011 issue of Security Today.


  • Planning for Your Perimeter

    Planning for Your Perimeter

    The perimeter is an organization’s first line of defense and a critical element of any security and surveillance program. Even if a building’s interior or exterior security is strong, without a solid perimeter surveillance approach any company or business is vulnerable. Read Now

  • The Key Issue

    The Key Issue

    It is February 2014. A woman is getting ready in her room on a cruise ship when she hears a knock on the door; it is a crewmember delivering breakfast. She is not presentable so she tells him to leave it by the door. Read Now

  • Achieving Clear Communications

    Achieving Clear Communications

    Technology within the security industry has adapted to numerous changes through the years, from the early days of analog devices to today’s IP-based solutions, networked cameras, and access control solutions, in addition to analytics, cloud-based products, virtual security guards, and more. Read Now

  • Taking Flight

    Taking Flight

    Airport security is a complex system that incorporates multiple technologies to ensure the safety and security of travelers, employees and the facility itself. Sound-based technologies are integral pieces of this system, providing means of communication, notification and monitoring. Read Now

Featured Cybersecurity

New Products

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation. 3

  • Camden Door Controls ‘SER” Surface Boxes and Extension Rings

    Camden Door Controls ‘SER” Surface Boxes and Extension Rings

    Camden Door Controls has introduced new ‘SER” surface boxes and extension rings that provide a complete solution for new construction. In addition, they provide a simple and robust solution when replacing round wired and manual push plate switches with either Camden’s wired or wireless SureWave™ no-touch switches or Kinetic™ no-battery wireless switches. 3

  • Schlage RC reader controller

    Schlage RC Reader Controller

    This new innovative device combines the power of the Pure IP™ access control technology pioneered by ISONAS with Schlage’s intelligent hardware and credentials, delivering a comprehensive and cost-effective perimeter solution to customers. 3