Cisco Physical Access Manager Appliance User Guide, Release 1.1.0
Overview
Downloads: This chapterpdf (PDF - 2.01MB) The complete bookPDF (PDF - 36.19MB) | Feedback

Overview

Table Of Contents

Overview

Contents

Overview

Installation and Configuration Summary

Install the Hardware and Software Components

Configure Doors and Users in Cisco PAM

User Guide Contents

Cisco PAM Software Overview

Cisco PAM Desktop Client Software

Cisco PAM Server Administration Utility

Cisco Physical Access Gateway Administration Utility

The Enterprise Data Integration (EDI) Desktop Studio

Cisco Video Surveillance Viewer

Badge Designer

Cisco PAM Appliance Hardware Description

Introduction

Identifying Chassis Components

System Front Panel

Appliance Rear Area


Overview


This user guide describes how to install and configure the Cisco Physical Access Manager appliance using the Cisco PAM desktop software.

This chapter provides an overview of the main hardware and software components of the Cisco PAM appliance, and a summary of the chapters and topics included in this guide.

Contents

Overview

Installation and Configuration Summary

User Guide Contents

Cisco PAM Software Overview

Cisco PAM Appliance Hardware Description

Overview

The Cisco Physical Access Manager appliance (Cisco PAM) is a hardware and software solution that provides advanced configuration and management of the Cisco Physical Access Control system, as shown in Figure 1-1.

Figure 1-1 Cisco Physical Access Control System

The Cisco PAM desktop client is used to define access control rules, enroll users, manage badges, and configure the Cisco Physical Access Gateways modules, among other tasks.

See User Guide Contents for descriptions of the topics covered in each chapter of this guide.

See Installation and Configuration Summary for a description of the primary access control configuration tasks.

See the Cisco Physical Access Gateway User Guide for instructions to install and configure Gateways and door-related hardware.

Installation and Configuration Summary

Complete the following tasks to install and configure your Cisco Access Control system.

Install the Hardware and Software Components

Configure Doors and Users in Cisco PAM

Install the Hardware and Software Components


Step 1 Install the Server Hardware. See Chapter 2, "Preparing to Rack Mount the Cisco PAM Appliance" and Chapter 3, "Rack Mounting the Cisco PAM Appliance".

Step 2 Install the server software. See Chapter 4, "Configuring and Monitoring the Cisco PAM Server"

Step 3 Install the desktop client. See Installing or Updating the Cisco PAM Desktop Software, page 5-2

Step 4 Install the door devices, including locks, readers and other input and output devices.

Step 5 Install the Gateway modules and optional expansion modules, as described in Cisco Physical Access Gateway User Guide and the Cisco Physical Access Gateway Quick Start Guide.


Note To ensure proper operation, test all door devices and modules on a lab bench before actual installation.


Step 6 Enter the Gateway module's network settings by connecting an Ethernet cable from a PC to the ETH1 interface on the Gateway module. See "Configuring and Managing the Gateway Using a Direct Connection" in the Cisco Physical Access Gateway User Guide. Also see the Cisco Physical Access Gateway Quick Start Guide.

Step 7 Connect an Ethernet cable from the Gateway ETH0 interface to the network.


Tip You can also add the Gateways to the network after configuring doors and users in Cisco PAM, as described in Configure Doors and Users in Cisco PAM. For more information, see Provisioned (Pre-Populated) vs. Discovered Gateway Configurations, page 7-2.


Step 8 Wait for the Gateway to connect to the Cisco PAM appliance. Verify that the Gateway status is Up in the Hardware view (select Hardware from the Doors menu in Cisco PAM).


Configure Doors and Users in Cisco PAM

Configure users, doors, badges and access policies, as described in the following summary:

.

 
To do this
Use this display

Step 1 

Assign the appropriate credential templates to the reader templates.

Menu:

Doors:Templates:Device Templates

Instructions:

Understanding Device Templates, page 7-12

Understanding Credential Templates, page 7-12

Configuring Device Templates, page 9-13

To create additional credential templates, see Configuring Credential Templates, page 9-16.

Step 2 

Configure Gateways and doors:

a. Use Gateway templates to add new Gateways on the Hardware menu.

b. Create the hierarchical location map (select Locations & Doors in the Doors menu).

c. Use door templates to add doors to the locations.

Note In this example, Gateways are configured before connecting them to the network. You can also connect the modules to the network first, and then complete the Cisco PAM configuration. See Provisioned (Pre-Populated) vs. Discovered Gateway Configurations, page 7-2 for more information.

Menu:

Doors:Locations & Doors

Doors:Hardware

Overview Information:

Viewing Doors and Devices by Location, page 7-5

Gateway Templates, page 7-11

Instructions:

Creating the Location Map, page 7-6

Adding Gateways and Doors Using Templates, page 8-2

Adding Doors Using Door Templates, page 8-6

Tip To create additional Gateway and door templates, see Chapter 9, "Configuring Door and Device Templates".

Step 3 

Create access policies to define the days and times users can access doors.

Menu:

Doors:Access Policies

Configuration Instructions:

Chapter 11, "Configuring Cisco Access Policies"

Step 4 

Add personnel records and assign badges to grant user access to the doors. Assign the appropriate access policies (created in the previous step) to the badge.

Menu:

Users:Personnel

Configuration Instructions:

Chapter 10, "Configuring Personnel and Badges"

Step 5 

Add the Gateway modules to the network:

a. Connect an Ethernet cable from a PC to the ETH1 interface on the Gateway module.

b. Enter the Gateway module's network settings.

c. Connect an Ethernet cable from the ETH0 interface on the Gateway module to the network.

Wait for the Gateway to connect to the Cisco PAM appliance. Verify that the Gateway status is Up in the Hardware view (select Hardware from the Doors menu in Cisco PAM).

Tip The Gateways were added to the Cisco PAM configuration in Step 2. You can also add the Gateways to the network before configuring doors and users in Cisco PAM. See Provisioned (Pre-Populated) vs. Discovered Gateway Configurations, page 7-2 for more information.

Instructions:

"Configuring and Managing the Gateway Using a Direct Connection" in the Cisco Physical Access Gateway User Guide.

Step 6 

Apply configuration changes to the Gateway modules. Changes are not active until applied.

Menu:

Doors:Locations & Doors

Doors:Hardware

Configuration Instructions:

Applying Configuration Changes, page 8-16

Step 7 

(Optional) Clone the new Gateway and door configuration and apply it to another Gateway. This quickly adds an additional door to the Cisco PAM configuration. Just enter the serial number and door name for the new Gateway module. Repeat this process as many times as necessary.

Tip You can also create a Gateway template from the configuration.

Menu:

Doors:Hardware

Configuration Instructions:

Cloning a Gateway Configuration, page 8-26

Creating Custom Gateway Configurations and Templates, page 9-2

User Guide Contents

This User Guide describes how to install and configure the Cisco PAM appliance, and how to use the Cisco PAM desktop client to configure, manage, and monitor the Cisco Physical Access Control system.

Table 1-1 describes the chapters and subjects included in this guide.

Table 1-1 Chapters and Features in the Cisco Physical Access Manager User Guide

Chapter
Description

Chapter 1 "Overview"

Introduces the main Cisco PAM hardware and software components.

Chapter 2, "Preparing to Rack Mount the Cisco PAM Appliance"

Describes the safety instructions and site requirements for installing the Cisco PAM appliance, and guides you through installation preparation.

Chapter 3, "Rack Mounting the Cisco PAM Appliance"

Describes how to rack mount the Cisco PAM appliance.

Chapter 4, "Configuring and Monitoring the Cisco PAM Server"

Describes how to configure the Cisco PAM server software, including optional feature licenses and high availability. This chapter also describes the additional server monitoring and configuration features of the Cisco PAM Server Administration utility.

Chapter 5, "Getting Started With the Cisco PAM Desktop Software"

Describes how to install the Cisco PAM desktop client software, log on to Cisco PAM, and begin configuring access control features and doors. This chapter also includes an overview of the Cisco PAM user interface.

Chapter 6, "Configuring User Access for the Cisco PAM Desktop Client"

Describes how to configure Cisco PAM operators.

Chapter 7, "Understanding Door Configuration"

Describes the terms and concepts used to configure doors and templates.

Chapter 8, "Configuring Doors"

Describes how to configure doors, including how to clone Gateway configurations to quickly create another door.

Chapter 9, "Configuring Door and Device Templates"

Describes how to create and modify Cisco PAM door and device templates.

Chapter 10, "Configuring Personnel and Badges"

Describes how to create the personnel records and badges used to access doors in the Cisco Physical Access Control system.

Chapter 11, "Configuring Cisco Access Policies"

Describes how to create the Access Policies assigned to badge holders that define which doors they can access, and the dates and times of that access. Once created, access policies are assigned to personnel badges.

Chapter 12, "Events & Alarms"

Describes how to view the event and alarm records in Cisco PAM, and how to use the Event Policy Manager to configure the log codes and other properties that define how events are captured and managed.

Chapter 13, "Configuring Automated Tasks"

Describes how to used to create and manage automated tasks to perform actions such as Trigger a relay when an alarm is generated, play alarm video, or generate a report and e-mail it to a user.

Chapter 14, "System Integration"

Describes how to use EDI to automatically synchronize Cisco PAM records with the databases from other sources, such as an organization's HR personnel records. Also describes how to use URL ACtions to automatically synchronize data with other sources.

Chapter 15, "Video Monitoring"

Describes how to view live and recorded video streams from the Cisco Video Surveillance Manager (Cisco VSM), including how to view video clips associated with events and alarms.

Chapter 16, "System Configuration Settings"

Describes the system-wide site settings available in the System Configuration module.

Appendix A, "Backing Up and Restoring Data"

Describes how to backup and restore the Cisco PAM database.

Appendix B, "Upgrading Software and Firmware"

Describes how to upgrade or reinstall the Cisco PAM server software, desktop client software, and Gateway module firmware.

Appendix C, "Hardware Specifications for the Cisco PAM Appliance"

Provides hardware specifications for the Cisco PAM appliance.

Appendix D, "Troubleshooting"

Describes troubleshooting techniques for the Cisco PAM appliance hardware and software.

Appendix E, "Security"

Provides security information related to the configuration and operation of the Cisco PAM software.

Glossary

Provides definitions to terms used in the Cisco PAM system.


Cisco PAM Software Overview

Although the Cisco PAM desktop client is the main tool used to configure and manage the Cisco Physical Access Control system, a number of additional utilities perform specific tasks, such as configuring the appliance or designing data integration projects.

Cisco PAM Desktop Client Software

Cisco PAM Server Administration Utility

Cisco Physical Access Gateway Administration Utility

The Enterprise Data Integration (EDI) Desktop Studio

Cisco Video Surveillance Viewer

Badge Designer

Cisco PAM Desktop Client Software

The Cisco Physical Access Manager (Figure 1-2) is a Java-based desktop client used to configure the Cisco PAM appliance and access control features.

See Chapter 5, "Getting Started With the Cisco PAM Desktop Software" for instructions to install the application and log in to the system. This chapter also includes a an introduction to the Cisco PAM appliance user interface, and a summary of access control configuration tasks, and an overview of the user interface.

Figure 1-2 Cisco PAM Context Diagram

Cisco PAM Server Administration Utility

The Cisco PAM Server Administration utility (Figure 1-3) is a web-based tool used to configure and monitor the Cisco PAM appliance server software. Use this utility to set up a new server, install the desktop client software, back up data, install licenses, and perform a variety of other server maintenance and monitoring tasks.

See Chapter 4, "Configuring and Monitoring the Cisco PAM Server" for more information.

Figure 1-3 Cisco PAM Server Administration Utility

Cisco Physical Access Gateway Administration Utility

The Cisco Physical Access Gateway Administration utility (Figure 1-4) uses a direct PC connection to enter the initial network settings on a Gateway module. You can also use the utility to upgrade firmware, and other monitoring and maintenance tasks.

See the Cisco Physical Access Gateway User Guide for instructions to use this tool.

Figure 1-4 Cisco Physical Access Gateway Administration Utility

The Enterprise Data Integration (EDI) Desktop Studio

The EDI Studio (Figure 1-5) is a desktop application used to create data integration projects for automatically synchronizing Cisco PAM with other databases, such as an HR personnel database. The EDI Studio defines the database connection, schema, and synchronization schedule used by the EDI module in Cisco PAM.

See Chapter 14, "System Integration" for more information.

Figure 1-5 EDI Studio Desktop Software


Note This feature requires an optional Cisco license. The EDI menu appears only after the license is installed on the Cisco PAM server. See Obtaining and Installing Optional Feature Licenses, page 4-17 for more information.


Cisco Video Surveillance Viewer

The Cisco VSM Video Player is a desktop application used to archived video from the Cisco Video Surveillance Manager. See Chapter 15, "Video Monitoring" for more information.

Badge Designer

The Badge Format Editor (Figure 1-6) is included with the optional Badge Designer module to create and modify badge designs. See Chapter 10, "Configuring Personnel and Badges" for more information.

Figure 1-6 Badge Format Editor


Note This feature requires an optional Cisco license. The Badge Designer menu appears only after the license is installed on the Cisco PAM server. See Obtaining and Installing Optional Feature Licenses, page 4-17 for more information.


Cisco PAM Appliance Hardware Description

This section provides a basic functional overview of the Cisco Physical Access Manager (Cisco PAM) appliance and describes the hardware, major components, and front and back panel indicators and controls.

This chapter contains the following sections:

Introduction

Identifying Chassis Components


Note For instructions to setup the Cisco PAM server software included with the appliance, see Chapter 4, "Configuring and Monitoring the Cisco PAM Server".


Introduction

This chapter briefly describes the main features of the appliance. This chapter also provides a list of the hardware features, illustrations of the product, and diagrams showing the location of important components and connections on the appliance.

Figure 1-7 Cisco PAM Appliance

Table 1-2 summarizes the features of the Cisco PAM appliance hardware.

Table 1-2 Cisco PAM Appliance Feature Summary 

Feature
Description

Processor

Processor and Front Side Bus (FSB) support

Supports the following Intel® processors:

Core 2 Duo E6400 (2.13 GHz)

Memory

Four DIMM sockets

Support for up to 8 GB of total system memory

ECC installed

Video

On-board video controller with DB-15 port

LAN

Two 10/100/1000 Gigabit Ethernet RJ45 ports

Hard Drives

Capable of supporting up to two drives, 1.0 in (2.5 cm) in height

Peripherals

One slimline DVD-ROM drive

Power Supply

One 350-watt power supply module

Serial Ports

Three USB 2.0 ports (1 front, 2 rear)

DB9 Serial port

Keyboard and Mouse

Stacked PS/2 ports for keyboard and mouse


Identifying Chassis Components

This section helps you identify the components of your system. If you are near the system, you can also use the Quick Reference Label on the inside of the chassis cover to assist in identifying components.

System Front Panel

Figure 1-8 LEDs and Buttons on the Cisco PAM Front Panel

The following table describes the LEDs and buttons called out in Figure 1-8:

1

USB Port

4

Hard Disk Drive Activity LED

2

Power Button

5

ETH0 LED

3

System Power LED

6

ETH1 LED


Appliance Rear Area

Figure 1-9 Connectors on the Cisco PAM Rear Panel

The following table describes the rear panel connectors called out in Figure 1-9:

1

AC Power Connector

6

ETH 0 (10/100/1000 Mb)

2

Mouse

7

ETH 1 (10/100/1000 Mb)

3

Keyboard

8

USB 0-1

4

Serial Port

9

PCI Add-in Card Slot

5

Video

 

ETH LED Indicators

The rear of the Cisco PAM appliance system includes LEDs that indicate the activity and speed of connection for the ETH ports (see Figure 1-10).

Figure 1-10 ETH port LEDs

Table 1-3 describes the activity and connection speed associated with each LED state.

Table 1-3 ETH LED Descriptions 

LED
LED State
Description

Left

Off

No network connection

Solid Amber

Network connection in place

Blinking Amber

Transmit/receive activity

Right

Off

10 Mbps connection (if left LED is on or blinking)

Solid Amber

100 Mbps connection

Solid Green

1000 Mbps connection