- Table of Contents
- Preface
- Overview
- Preparing to Rack Mount the Cisco PAM Appliance
- Rack Mounting the Cisco PAM Appliance
- Configuring and Monitoring the Cisco PAM Server
- Getting Started With the Cisco PAM Desktop Software
- Configuring Cisco PAM User Access
- Understanding Door Configuration
- Configuring Gateways, Doors, and Expansion Modules
- Configuring Door and Device Templates
- Configuring Personnel and Badges
- Configuring Cisco Access Policies
- Events & Alarms
- Configuring Automated Tasks
- System Integration
- Configuring Video Monitoring
- System Configuration Settings
- Backing Up and Restoring Data
- Upgrading Software and Firmware
- Specifications for the Cisco Physical Access Manager Appliance
- Troubleshooting
- Security
- Glossary
Cisco Physical Access Manager Appliance User Guide, Release 1.1.0
Bias-Free Language
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Chapter: Overview
Overview
This user guide describes how to install and configure the Cisco Physical Access Manager appliance using the Cisco PAM desktop software.
This chapter provides an overview of the main hardware and software components of the Cisco PAM appliance, and a summary of the chapters and topics included in this guide.
Contents
•
Installation and Configuration Summary
•Cisco PAM Appliance Hardware Description
Overview
The Cisco Physical Access Manager appliance (Cisco PAM) is a hardware and software solution that provides advanced configuration and management of the Cisco Physical Access Control system, as shown in Figure 1-1.
Figure 1-1 Cisco Physical Access Control System
The Cisco PAM desktop client is used to define access control rules, enroll users, manage badges, and configure the Cisco Physical Access Gateways modules, among other tasks.
•See User Guide Contents for descriptions of the topics covered in each chapter of this guide.
•See Installation and Configuration Summary for a description of the primary access control configuration tasks.
•See the Cisco Physical Access Gateway User Guide for instructions to install and configure Gateways and door-related hardware.
Installation and Configuration Summary
Complete the following tasks to install and configure your Cisco Access Control system.
•Install the Hardware and Software Components
•Configure Doors and Users in Cisco PAM
Install the Hardware and Software Components
Step 1 Install the Server Hardware. See Chapter 2, "Preparing to Rack Mount the Cisco PAM Appliance" and Chapter 3, "Rack Mounting the Cisco PAM Appliance".
Step 2 Install the server software. See Chapter 4, "Configuring and Monitoring the Cisco PAM Server"
Step 3 Install the desktop client. See Installing or Updating the Cisco PAM Desktop Software, page 5-2
Step 4 Install the door devices, including locks, readers and other input and output devices.
Step 5 Install the Gateway modules and optional expansion modules, as described in Cisco Physical Access Gateway User Guide and the Cisco Physical Access Gateway Quick Start Guide.
Note To ensure proper operation, test all door devices and modules on a lab bench before actual installation.
Step 6 Enter the Gateway module's network settings by connecting an Ethernet cable from a PC to the ETH1 interface on the Gateway module. See "Configuring and Managing the Gateway Using a Direct Connection" in the Cisco Physical Access Gateway User Guide. Also see the Cisco Physical Access Gateway Quick Start Guide.
Step 7 Connect an Ethernet cable from the Gateway ETH0 interface to the network.
Tip You can also add the Gateways to the network after configuring doors and users in Cisco PAM, as described in Configure Doors and Users in Cisco PAM. For more information, see Provisioned (Pre-Populated) vs. Discovered Gateway Configurations, page 7-2.
Step 8 Wait for the Gateway to connect to the Cisco PAM appliance. Verify that the Gateway status is Up in the Hardware view (select Hardware from the Doors menu in Cisco PAM).
Configure Doors and Users in Cisco PAM
Configure users, doors, badges and access policies, as described in the following summary:
.
|
|
|
|
|---|---|---|
Step 1 |
Assign the appropriate credential templates to the reader templates. Menu: Doors:Templates:Device Templates Instructions: • • • • |
|
Step 2 |
Configure Gateways and doors: a. b. c. Note Menu: Doors:Locations & Doors Doors:Hardware Overview Information: • Instructions: • • • To create additional Gateway and door templates, see
Chapter 9, "Configuring Door and Device Templates".
|
|
Step 3 |
Create access policies to define the days and times users can access doors. Menu: Doors:Access Policies Configuration Instructions: |
|
Step 4 |
Add personnel records and assign badges to grant user access to the doors. Assign the appropriate access policies (created in the previous step) to the badge. Menu: • Configuration Instructions: |
|
Step 5 |
Add the Gateway modules to the network: a. b. c. • The Gateways were added to the Cisco PAM configuration in
Step 2. You can also add the Gateways to the network before configuring doors and users in Cisco PAM. See
Provisioned (Pre-Populated) vs. Discovered Gateway Configurations, page 7-2 for more information.
Instructions: • |
|
Step 6 |
Apply configuration changes to the Gateway modules. Changes are not active until applied. Menu: • • Configuration Instructions: |
|
Step 7 |
(Optional) Clone the new Gateway and door configuration and apply it to another Gateway. This quickly adds an additional door to the Cisco PAM configuration. Just enter the serial number and door name for the new Gateway module. Repeat this process as many times as necessary. You can also create a Gateway template from the configuration.
Menu: Doors:Hardware Configuration Instructions: • • |
|
User Guide Contents
This User Guide describes how to install and configure the Cisco PAM appliance, and how to use the Cisco PAM desktop client to configure, manage, and monitor the Cisco Physical Access Control system.
Table 1-1 describes the chapters and subjects included in this guide.
|
|
|
|---|---|
Introduces the main Cisco PAM hardware and software components. |
|
Chapter 2, "Preparing to Rack Mount the Cisco PAM Appliance" |
Describes the safety instructions and site requirements for installing the Cisco PAM appliance, and guides you through installation preparation. |
Describes how to rack mount the Cisco PAM appliance. |
|
Chapter 4, "Configuring and Monitoring the Cisco PAM Server" |
Describes how to configure the Cisco PAM server software, including optional feature licenses and high availability. This chapter also describes the additional server monitoring and configuration features of the Cisco PAM Server Administration utility. |
Chapter 5, "Getting Started With the Cisco PAM Desktop Software" |
Describes how to install the Cisco PAM desktop client software, log on to Cisco PAM, and begin configuring access control features and doors. This chapter also includes an overview of the Cisco PAM user interface. |
Chapter 6, "Configuring User Access for the Cisco PAM Desktop Client" |
Describes how to configure Cisco PAM operators. |
Describes the terms and concepts used to configure doors and templates. |
|
Describes how to configure doors, including how to clone Gateway configurations to quickly create another door. |
|
Describes how to create and modify Cisco PAM door and device templates. |
|
Describes how to create the personnel records and badges used to access doors in the Cisco Physical Access Control system. |
|
Describes how to create the Access Policies assigned to badge holders that define which doors they can access, and the dates and times of that access. Once created, access policies are assigned to personnel badges. |
|
Describes how to view the event and alarm records in Cisco PAM, and how to use the Event Policy Manager to configure the log codes and other properties that define how events are captured and managed. |
|
Describes how to used to create and manage automated tasks to perform actions such as Trigger a relay when an alarm is generated, play alarm video, or generate a report and e-mail it to a user. |
|
Describes how to use EDI to automatically synchronize Cisco PAM records with the databases from other sources, such as an organization's HR personnel records. Also describes how to use URL ACtions to automatically synchronize data with other sources. |
|
Describes how to view live and recorded video streams from the Cisco Video Surveillance Manager (Cisco VSM), including how to view video clips associated with events and alarms. |
|
Describes the system-wide site settings available in the System Configuration module. |
|
Describes how to backup and restore the Cisco PAM database. |
|
Describes how to upgrade or reinstall the Cisco PAM server software, desktop client software, and Gateway module firmware. |
|
Appendix C, "Hardware Specifications for the Cisco PAM Appliance" |
Provides hardware specifications for the Cisco PAM appliance. |
Describes troubleshooting techniques for the Cisco PAM appliance hardware and software. |
|
Provides security information related to the configuration and operation of the Cisco PAM software. |
|
Provides definitions to terms used in the Cisco PAM system. |
Cisco PAM Software Overview
Although the Cisco PAM desktop client is the main tool used to configure and manage the Cisco Physical Access Control system, a number of additional utilities perform specific tasks, such as configuring the appliance or designing data integration projects.
•Cisco PAM Desktop Client Software
•Cisco PAM Server Administration Utility
•Cisco Physical Access Gateway Administration Utility
•The Enterprise Data Integration (EDI) Desktop Studio
•Cisco Video Surveillance Viewer
Cisco PAM Desktop Client Software
The Cisco Physical Access Manager (Figure 1-2) is a Java-based desktop client used to configure the Cisco PAM appliance and access control features.
See Chapter 5, "Getting Started With the Cisco PAM Desktop Software" for instructions to install the application and log in to the system. This chapter also includes a an introduction to the Cisco PAM appliance user interface, and a summary of access control configuration tasks, and an overview of the user interface.
Figure 1-2 Cisco PAM Context Diagram
Cisco PAM Server Administration Utility
The Cisco PAM Server Administration utility (Figure 1-3) is a web-based tool used to configure and monitor the Cisco PAM appliance server software. Use this utility to set up a new server, install the desktop client software, back up data, install licenses, and perform a variety of other server maintenance and monitoring tasks.
See Chapter 4, "Configuring and Monitoring the Cisco PAM Server" for more information.
Figure 1-3 Cisco PAM Server Administration Utility
Cisco Physical Access Gateway Administration Utility
The Cisco Physical Access Gateway Administration utility (Figure 1-4) uses a direct PC connection to enter the initial network settings on a Gateway module. You can also use the utility to upgrade firmware, and other monitoring and maintenance tasks.
See the Cisco Physical Access Gateway User Guide for instructions to use this tool.
Figure 1-4 Cisco Physical Access Gateway Administration Utility
The Enterprise Data Integration (EDI) Desktop Studio
The EDI Studio (Figure 1-5) is a desktop application used to create data integration projects for automatically synchronizing Cisco PAM with other databases, such as an HR personnel database. The EDI Studio defines the database connection, schema, and synchronization schedule used by the EDI module in Cisco PAM.
See Chapter 14, "System Integration" for more information.
Figure 1-5 EDI Studio Desktop Software
Note This feature requires an optional Cisco license. The EDI menu appears only after the license is installed on the Cisco PAM server. See Obtaining and Installing Optional Feature Licenses, page 4-17 for more information.
Cisco Video Surveillance Viewer
The Cisco VSM Video Player is a desktop application used to archived video from the Cisco Video Surveillance Manager. See Chapter 15, "Video Monitoring" for more information.
Badge Designer
The Badge Format Editor (Figure 1-6) is included with the optional Badge Designer module to create and modify badge designs. See Chapter 10, "Configuring Personnel and Badges" for more information.
Figure 1-6 Badge Format Editor
Note This feature requires an optional Cisco license. The Badge Designer menu appears only after the license is installed on the Cisco PAM server. See Obtaining and Installing Optional Feature Licenses, page 4-17 for more information.
Cisco PAM Appliance Hardware Description
This section provides a basic functional overview of the Cisco Physical Access Manager (Cisco PAM) appliance and describes the hardware, major components, and front and back panel indicators and controls.
This chapter contains the following sections:
•Identifying Chassis Components
Note For instructions to setup the Cisco PAM server software included with the appliance, see Chapter 4, "Configuring and Monitoring the Cisco PAM Server".
Introduction
This chapter briefly describes the main features of the appliance. This chapter also provides a list of the hardware features, illustrations of the product, and diagrams showing the location of important components and connections on the appliance.
Figure 1-7 Cisco PAM Appliance
Table 1-2 summarizes the features of the Cisco PAM appliance hardware.
Identifying Chassis Components
This section helps you identify the components of your system. If you are near the system, you can also use the Quick Reference Label on the inside of the chassis cover to assist in identifying components.
System Front Panel
Figure 1-8 LEDs and Buttons on the Cisco PAM Front Panel
The following table describes the LEDs and buttons called out in Figure 1-8:
|
|
USB Port |
|
Hard Disk Drive Activity LED |
|
|
Power Button |
|
ETH0 LED |
|
|
System Power LED |
|
ETH1 LED |
Appliance Rear Area
Figure 1-9 Connectors on the Cisco PAM Rear Panel
The following table describes the rear panel connectors called out in Figure 1-9:
|
|
AC Power Connector |
|
ETH 0 (10/100/1000 Mb) |
|
|
Mouse |
|
ETH 1 (10/100/1000 Mb) |
|
|
Keyboard |
|
USB 0-1 |
|
|
Serial Port |
|
PCI Add-in Card Slot |
|
|
Video |
||
ETH LED Indicators
The rear of the Cisco PAM appliance system includes LEDs that indicate the activity and speed of connection for the ETH ports (see Figure 1-10).
Figure 1-10 ETH port LEDs
Table 1-3 describes the activity and connection speed associated with each LED state.
Feedback