Lenel brand is owned by UTC Fire & Security Products offering innovative electronic security solutions for technical protection of buildings, industrial installation, military and other construction facilities. UTC Fire & Security has in it’s offer solutions to: Fire alarm system, intruder and burglary alarm system, access control and video surveillance.
Strength of Lenel’s brand is global web of authorized partners, known as VARs (Value Added Resellers). Employees of these companies take part in multi-stage trainings and constantly develop their qualifications. Now the VAR web counts more than a 800 companies, of which around 200 is located in Europe and only 5 of them in Poland.
KARO Karlicki Sp. z o.o. company is certified installer of Lenel OnGuard and distributor of Lenel’s devices, type VAR.
Thanks to so extensive web of VAR’s, the Lenel system is under the warranty service and technical emergency support. It creates favorable operating conditions for final user.
The hart of all Lenel’s system is server with OnGuard software.
The software contains modules performing various functions. It is an economical solution, as user choose only those modules, that are necessary. The server uses a database (Microsoft SQL or Oracle) in which information on user permission and working of particular system modules are stored.
To create the Lenel system expansion possibilities, OnGuard software contains a set of standard program interfaces (APIs) along with documentation, allowing to create software connections with third-party devices and applications. An example of such devices can be fire, alarm and building automation control panels, while the example of the application can be work time and attendance systems.
In general Lenel is an access control system, however thanks to the alarm and video modules, it can perform as intruder alarm system and video surveillance system. In a hardware part it uses intelligent, network system controllers (ISC – Intelligent System Controller), door modules (DRI– Dual Reader Interface or SRI – Single Reader Interface) and alarm modules (ICM – Input Control Module, or OCM – Output Control Module).
Server data regarding user privileges are transferred by IP network to intelligent system controllers and stored there. This allows to keep continuity of system operation even in case of IP network breakdown. The decisions on opening or closing doors are made in local intelligent system controllers. All occurring events are saved in controller’s memories and transferred to the server via IP network.
Readers used in Lenel system enable implementation so-called mobile options allowing to use smartphones in place of identification cards. Beyond the obvious advantage of using only one device access to many different buildings, mobile option helps with authorization, administration and management of the system security level.
Traditional readers, compatible with the Wiegand standard are not provide data encryption, both transmitted between identification cards and readers and also between readers and system controller. Data capture allows cloning identification cards and passage by an unauthorised persons. Transmission between readers and controller is made only during approaching the identification card and it only goes in one direction. In fact the condition of the reader is not monitored, it cut off from the system is not noticed at all.
In Lenel systems all data transmitted between identification cards and readers, and also between readers and drivers are encrypted. Open Supervised Device Protocol (OSDP) is used, which provides continuous readers status monitoring. Readers errors, damage and acts of sabotage are immediately signalled. The readings errors, damages or acts of sabotage are immediately signalled. Transmission between readers and controllers goes in two directions and it lasts all the time, regardless of whether any identification cards are read. To encryption is used strong AES-128 algorithm, which use is required in special government buildings and in critical meaning installations.
Data encryption significantly improves the level of security of system, because data capture does not lead to anything. Even if data will be captured it does not allow to clone identification card or passage by an unauthorised persons.
What distinguishes the Lenel system from other access control systems is the ability to encrypt data transmitted in the entire installation, starting from proximity cards and readers, through system controllers and door modules, ending with client and peripheral devices, such as ID printers.
In the Lenel system, the OSDP protocol is available, ensuring encryption of data sent between the cards and the readers, and between the readers and the door interfaces (and in the opposite direction, the transmission is bi-directional). In addition, the activation of this protocol causes a continuous exchange of information between the door interfaces and the readers, even when no identification data is read in the system. This allows for immediate detection of attempts of sabotage or other interference in the wiring between the reader and the door interface. These advantages were not found in older solutions, in which data was transmitted only in short moments of reading cards, in the remaining time transmission lines were inactive.
In addition, apart from the increase in the level of security resulting from the activation of the OSDP protocol, a significant increase is possible after the introduction of additional encryption keys, both for proximity cards and readers. This is done in the process of programming readers and preparing cards for system users. The same keys must be entered into both, the readers and the cards.
Further improvement of the level of security is possible after placing the appropriately programmed SAM (Secure Access Module) modules in readers, in appearance looking like ordinary SIM cards. SAM modules contain a set of strong encryption keys in quantity up to 128, which are used in a random manner. The same keys must be entered into the Lenel OnGuard software, as well as proximity cards. The keys are automatically propagated by the OnGuard software to all system components, including those that identify users. This last action takes place automatically when the cards are prepared for system users from the OnGuard software level.
The strength of security using SAM modules is based on two components. First of all, the introduced keys are long, they can be up to 256 bits, so the encryption efficiency is high. Secondly, the keys are chosen randomly and it’s not known which one is currently in use.
As the result, a system uses three levels of encryption:
• system encryption, in accordance with the OSDP protocol,
• encryption on the card-reader route with the use of additional keys,
• symmetrical encryption throughout the installation, in end-to-end mode, with 256-bit keys randomly selected.
Overcoming this type of protection requires the involvement of very complex and expensive technical means and, most importantly, long-term illegal access to the system, which is not easy to meet.
If the cable system is made in the right way, taking into account the requirements of the standards that classify security systems, copying the ID cards or breaking into such secure system in some other way should be considered impossible.
The abbreviation comes from the words Open Supervised Device Protocol. It is an open protocol used for two-way communication between devices in Lenel’s access control systems. Compared to the previous Wiegand protocol, OSDP has the following advantages:
• Encrypts the connection between the reader and the proximity card, making the attempt to eavesdrop on radio transmission unusable;
• Encrypts the connection between the reader and the controller, thanks to this an attempt to intercept data transmitted via cable is useless;
• Maintains a permanent connection between the reader and the controller, so that any attempt to disconnect or damage the reader is immediately detected;
• One pair of wires is enough to connect the reader to the controller. However, taking into account the need to supply power and implement auxiliary functions, three pairs of wires are usually used;
• The reader reads data from the latest Vincinity cards as well as old Mifare and Prox cards. This allows all of the mentioned types of cards to be used in the same system;
• The range of the reader is larger than in older solutions, which is preferred for the user’s comfort;
• The transmission is much faster than in older solutions, which makes the Lenel system react faster to the card’s proximity to the reader.
What is needed for the OSDP protocol to be used? Both, card readers and controllers must be adapted to this. The latest Lenel products are meeting this requirement.
In Lenel systems distributed architecture is preferred, it means that it is recommended that both intelligent system controllers and interfaces that are controlling the doors should be installed in a short distance from the controlled passage. This simplifies wiring of door accessories and improves the reliability of the system. Each of the intelligent system controllers has a connection to the server (so-called upstream) via the IP network. In turn, door and alarm modules are connected to intelligent system controllers via serial buses (so-called downstream), although here network connection can be also used.
Thanks to such architecture, the system gains reliability because possible failures cause that only a small part of the system does not work, the other elements are functioning normally.
Client software of Lenel system OnGuard may be installed on “thin client” working stations. Control over the system is also possible with use of standard web browsers.
System administrators and operators can configure the system via client stations, they can also respond to alarm situations, and view images from the integrated video surveillance system, e.g. TruVision.
The popularity of the Lenel system results from its high functionality and reliability of operation. OnGuard’s modular software and distributed hardware architecture allows to create systems that are strictly adapted to local usage requirements. The extensive VAR network creates a comfortable operating environment for customers, as reactions to possible failures are very fast.
The Lenel system is particularly valued by corporations and institutions using many buildings or facilities, located at a considerable distance from each other. The network structure of the system allows to create of a central user database, which allows to administrate of ID cards within the entire company.
KARO Karlicki Sp. z o.o. company offers its assistance at every stage of the implementation of the Lenel Access Control System, starting from the initial analysis of the situation, through the creation of concepts, the design stage, the equipment completion, installation and commissioning, as well as maintenance service. We make cost estimates for the needs of budget calculations.
We also undertake the maintenance of existing systems.
Our employees are well trained, they have proper knowledge, experience and required permissions.
We invite you to cooperation.