Embedded IP Access Control
In our last post, we discussed that all IP access control systems on the market today can be broken down into three categories: embedded, network appliance, and Web hosted. This week, we’ll examine embedded in greater detail.
The embedded architecture features a stand-alone control panel (or edge device) that uses IP -- most likely in conjunction with higher-layer Web protocols such as HTTPS -- to communicate directly to the end user by way of a browser. As a standalone product, its database and all application code needs are within the device itself, not on some external computer system. These key characteristics dictate both the advantages and limitations of this architecture.
Let’s start with the advantages.
The first and most obvious is simplicity. With only a control panel to install -- and no server or PC-based software to worry about -- there is much less to go wrong with these systems, and much less labor is required to install. The firmware for the database and applications is already installed at the factory into non-volatile memory (e.g., FLASH), and it boots up as soon as power is applied.
Key advantage No. 2 is low up-front cost. Typically it is much lower with embedded architectures than with PC- or server-based systems because there is no additional computer hardware -- and perhaps more important -- no additional software licenses. Installation labor costs are also lower because technicians do not need to set up any computer systems or configure any applications.
Advantage No. 3 is lower operating costs over the life of the product, primarily in the in the form of lower IT maintenance expenses. Again, because there is no need to keep up with operating system patches that are a part of life with commercial operating systems on PCs. Savings on rack space and electrical power consumption may also selling points for some customers.
Now, for the disadvantages.
Simplicity has its price, and buyers first see this is in a reduced feature set for many embedded products on the market. The computing power and storage available on a small embedded system will never match the resources of a larger PC or server-based system. For some applications this will not matter, and that’s what the end user needs to understand.
A second disadvantage is limited multi-site capability. In most cases, setting up a wide-area network of control panels for multiple geographic locations will require a “master database” or some similar “master controller” that can manage multiple control panels -- that’s simply not readily implemented in these small systems.
Similarly, buyers should closely examine data replication and back-up capabilities in making a decision about these systems. For example, they may be able to back up data to a server, but not hot-swap to a standby system in the event of electronic component failure.
It’s also important to understand how these embedded products will operate on the user’s IP network. Of particular interest is the ability to access the system from outside the corporate network. This implies taking a close look at the security model for the product (Are all communications encrypted?) and what firewall configuration changes are needed for external access.
Finally, consider the upgrade path that’s available after installing this type of control panel. For example, can it be upgraded to become part of a server-based or hosted network? Or will it always be a “point solution” that must be ripped and replaced if needs grow?
Let’s summarize our discussion on embedded IP-access control.
Standalone IP control panels with embedded databases and built-in Web servers are a welcome addition to the access control marketplace. The technology provides a low-cost entry point for simple applications, and enables dealers and integrators to provide value to customers at price points that can open new markets. It is important, however, to understand where these products fit into the larger landscape, and to always make sure it fits the customer’s current needs as well as future expectations.
Posted by Steve Van Till on Feb 11, 2009