· Web viewPanel options such as Anti-passback, Groups, Forgiveness, Continuous Card Reads,...

SECTION 28 10 00ACCESS CONTROL

Display hidden notes to specifier. (Don't know how? Click Here)

Copyright 2014 - 2017 ARCAT, Inc. - All rights reserved

PART 1 GENERAL

1.1 SECTION INCLUDES

A. Access and security management system. (Pro-Watch)

B. Integrated security management system. (Win-Pak)

C. Web based modular access control system. (NetAXS-4 Access System)

D. Web based access control system. (NetAXS-123 Access System)

E. Visitor management system. (Lobbyworks)

F. Access control readers.

G. Access control credentials.

H. Access control cables.

1.2 RELATED SECTIONS

A. Section 26 05 00 - Common Work Results for Electrical.

B. Section 27 11 23 - Communications Cable Management and Ladder Rack.

1.3 REFERENCES

A. Electronic Industries Alliance (EIA):1. RS232C - Interface between Data Terminal Equipment and Data Communications

Equipment Employing Serial Binary Data Interchange.2. RS485 - Electrical Characteristics of Generators and Receivers for use in Balanced

Digital Multi-Point Systems.

B. Federal Communications Commission (FCC):1. FCC Part 15 - Radio Frequency Device.2. FCC Part 68 - Connection of Terminal Equipment to the Telephone Network.

C. Federal Information Processing Standards (FIPS):1. Advanced Encryption Standard (AES) (FIPS 197).2. FIPS 201: Personal Identity Verification (PIV) of Federal Employees and Contractors.

D. National Fire Protection Association (NFPA):1. NFPA70 - National Electrical Code.

E. Homeland Security Presidential Directive 12 (HSPD-12).

28 10 00 -1

F. Underwriters Laboratories (UL):1. UL294 - Access Control System Units.2. UL1076 - Proprietary Burglar Alarm Units and Systems.

1.4 SECURITY MANAGEMENT SYSTEM DESCRIPTION

A. Pro-Watch: The Security Management System shall function as an electronic access control system and shall integrate alarm monitoring, CCTV, digital video, ID badging and database management into a single platform. A modular and network-enabled architecture shall allow maximum versatility for tailoring secure and dependable access and alarm monitoring solutions.

B. FIPS Certification: The system shall support FIPS 201 certification.

C. WIN-PAK: The Integrated Security Management System (ISMS) shall function as an electronic access control system and shall integrate the alarm monitoring, CCTV, digital video, ID badging and database management into a single platform. ISMS shall function as a one-stop gateway for all the access control needs. A modular and network-enabled architecture shall allow maximum versatility for tailoring secure and dependable access and alarm monitoring solutions. The following definitions are applicable for the WIN-PAK system:1. Access Card: A coded employee card, usually the size of a credit card, recognizable

to the access control system and read by a reader to allow access. It can be used for photo identification of the cardholder and for other data collection purposes. Card technologies include magnetic strips, wiegand-effect, proximity (active/passive), barium ferrite, and smart/intelligent cards and mobile credentials; smart phone with a credential/app.

2. Abstract Device: An Abstract Device (ADV) is a logical representation of a physical device. The ADVs can be associated with any hardware device, including communication interfaces, panels, alarm points, entrances, and CCTV equipment. The ADVs help in monitoring the device status and controlling the actions of a physical device through the Control Map, Floor Plan, or Alarm View.

3. Access Control System: An interconnected set of controllers, managing the entrance and exit of people through secure areas.

4. WIN-PAK Web: The WIN-PAK Web application is an extension of the WIN-PAK host application with limited operations. The day-to-day operations such as Card/User management, Reports, Door control, Schedules, viewing live card event activities that are common to both WIN-PAK host and WIN-PAK Web application are saved on a common database server. The WIN-PAK Web UI works using the WIN-PAK Web server.

5. Access Level: The door or combination of doors and/or barriers an individual is authorized to pass through.

6. Anti-Pass back (Anti-Tailgating): This feature protects against more than one person using the same card or number. It defines each system card reader and card ID number as IN, OUT or other. Once a card is granted access to an IN reader, it must be presented to an OUT reader before another IN reader access is granted. Cards will continue to have access to all authorized OTHER readers.

7. Alarm: A signal that indicates a problem.8. Alarm input: A device that is monitored by the access control panel. An alarm signal

will be generated if the device is activated.9. Badge: Badge is a template or a design for creating a card. WIN-PAK includes a full-

featured badge layout utility for designing, creating, and printing badges. Badge design includes magnetic stripe encoding, bar coding, signatures, and so on.

10. Bar Code: A method of encoding information using lines and blank spaces of varying size and thickness to represent alphanumeric characters.

28 10 00 -2

11. Biometrics: A general term for the verification of individuals using unique biological characteristics i.e. fingerprints, hand geometry, voice analysis, the retinal pattern in the eye.

12. Card and Card Holder: A card is an identity proof of a person and a card holder is a person who holds the card. Multiple cards can be assigned to a single card holder to provide different access.

13. Controller: A microprocessor based circuit board that manages access to a secure area. The controller receives information that it uses to determine through which doors and at what times cardholders are granted access to secure areas. Based on that information, the controller can lock/unlock doors, sound alarms, and communicate status to a host computer.

14. Communication Port: A hardware device that allows a computer to communicate with external devices.

15. Card Reader: A device that retrieves information stored on an access card and transmits that information to a controller.

16. Network or Digital Video Recorder (DVR): A security system device that records video from surveillance cameras (IP and/or Analog) on a hard disk.

17. Door: Generic term for a securable entry way. In access control applications a "door" may actually be a gate, turnstile, elevator door, or similar device.

18. Duress: Forcing a person to provide access to a secure area against that person's wishes.

19. Guard Tour: A defined route of a security guard.20. Host Computer: The central controlling computer from which access control software

applications are run.21. Input: An electronic sensor on a controller that detects a change of state in a device

outside the controller22. Keypad: An alphanumeric grid allowing users to enter an identification code. A flat

device which has buttons that may be pressed in a sequence to send data to a controller, and which differs from a typewriter-like computer board.

23. Online Help: A reference program within a software program that provides basic descriptions and instructions on how to use that software program.

24. Output Relay: A device that changes its state upon receiving a signal from a controller. Typically the state change prompts an action outside of the controller such as activating or inactivating a device. The auxiliary relays found in access control panels or NODES that control external devices.

25. Reader: A device that "receives" an identification code from a card, key tag, magnetic stripe card, bar code card, or related item. Refers to the "front end" that a user must interact with to allow access. Readers can be keypads, card readers, proximity readers, and so on.

26. RS232: A serial communication protocol used for connecting data terminal devices. RS-232 is the most commonly used communication protocol.

27. Server: The host computer, which has the ISMS functions.28. Shunt Time: Length of time a door open alarm is suppressed (shunted) after a valid

card access or free egress request. This time should be just enough to allow a card user to open a door or gate, pass through, and then close it.

29. Time zones: "Schedules" that allow cards to function or not function depending on the time of day. This is used to limit access to the facility. The schedule may include not only time but which days of the week a card is valid.

30. Wiegand Card: An access control card based on the Wiegand effect. Small bits of specially processed wire are embedded in the card in a pattern that uniquely identifies the card. This identification information can then be decoded by a Wiegand reader.

31. Wiegand Reader: Reader capable of reading information encoded on a Wiegand card.32. Video Management System (VMS): An enterprise-class video management and

storage solution.

1.5 SUBMITTALS

28 10 00 -3

A. Submit under provisions of Section 01 30 00 - Administrative Requirements.

B. Product Data: Manufacturer's data sheets on each product to be used, including:1. Preparation instructions and recommendations.2. Storage and handling requirements and recommendations.3. Installation methods.

C. Verification Samples: For each finish product specified, two samples, minimum size 6 inches (150 mm) square representing actual product, color, and patterns.

D. Manufacturer's Product Data: Submit manufacturer's data sheets indicating systems and components proposed for use.

E. Shop Drawings: Submit complete shop drawings indicating system components, wiring diagrams and load calculations.

F. Record Drawings: During construction maintain record drawings indicating location of equipment and wiring. Submit an electronic version of record drawings for the Security Management System not later than Substantial Completion of the project.

G. Operation and Maintenance Data: Submit manufacturer's operation and maintenance data, customized to the Security Management System installed. Include system and operator manuals.

H. Maintenance Service Agreement: Submit a sample copy of the manufacturer's maintenance service agreement, including cost and services for a two year period for Owner's review.

1.6 QUALITY ASSURANCE

A. Manufacturer: Minimum ten years experience in manufacturing and maintaining Security Management Systems. Manufacturer shall be Microsoft Silver Certified.

B. Installer must be certified by Honeywell Integrated Security Dealer Service Certification Program (DSCP).

1.7 DELIVERY, STORAGE, AND HANDLING

A. Deliver materials in manufacturer's labeled packages. Store and handle in accordance with the manufacturer's requirements.

1.8 PROJECT CONDITIONS

A. Maintain environmental conditions (temperature, humidity, and ventilation) within limits recommended by manufacturer for optimum results. Do not install products under environmental conditions outside manufacturer's recommended limits.

1.9 WARRANTY

A. Manufacturer's Warranty: Submit manufacturer's standard warranty for the security management system.

PART 2 PRODUCTS

2.1 MANUFACTURERS

A. Acceptable Manufacturer: Honeywell Commercial Security, which is located at: 715 Peachtree St. N.E.; Atanta, GA 30308; Toll Free Tel: 800-323-4576; Email:request info ([email protected]); Web:http://www.security.honeywell.com

28 10 00 -4

B. Substitutions: Not permitted.

C. Requests for substitutions will be considered in accordance with provisions of Section 01 60 00 - Product Requirements.

2.2 ACCESS AND SECURITY MANAGEMENT SYSTEM (PRO-WATCH)

A. Security Management System Manufacturer: Pro-Watch Security Management Suite as manufactured by the Honeywell Commercial Security.

B. The Security Management System shall function as an electronic access control system and shall integrate alarm monitoring, CCTV, digital and network video, ID badging and database management into a single platform. A modular and network-enabled architecture shall allow maximum versatility for tailoring secure and dependable access and alarm monitoring solutions.

C. Access Control Software Suite: The Security Management System shall offer a security management software suite available in four scalable versions: The Security Management System platform shall offer a complete access control solution: alarm monitoring, video imaging, ID badging and video surveillance control. Provide the following software system:1. Pro-Watch Lite Edition: The Security Management System shall utilize the Microsoft

SQL Express database for applications with one to four users and up to 32 controlled doors. The Security Management System shall operate in Windows 7 Ultimate/Professional as the host operating system.

2. Pro-Watch Professional Edition. Professional Edition: The Security Management System shall utilize Microsoft SQL Express (SQL 2008 or later) database for applications from one to five users and up to 64 controlled doors. The Security Management System shall provide a set of tools to easily backup, restore and maintain the Security Management System database. The Security Management System shall allow for expansion to Corporate and/or Enterprise Edition without changing the user interface or database structure. The Security Management System shall operate in Windows 7 Ultimate/Professional as the host operating system.

3. Pro-Watch Corporate Edition: The Security Management System shall operate in the Windows Server 2012 (64-bit) and Windows Server 2012 R2 (64-bit) environment and utilize SQL Server 2012 SP1 (32-bit and 64-bit) as the database engine.

4. Pro-Watch Enterprise Edition: The Security Management System shall incorporate regional server architecture. Regional sites shall operate autonomously with all information required to maintain security locally. The enterprise server shall maintain any critical system information via synchronization with each regional site. A single enterprise server shall provide global management of all regional servers and shall act as a central collecting point for all hardware configurations, cardholder and clearance code data and transaction history. The enterprise server and regional server(s) shall support Windows Server 2012 (64-bit) and Windows Server 2012 R2 (64-bit).

D. Software Requirements: The Security Management System shall be a modular and network-enabled access control system. The Security Management System shall be capable of controlling multiple remote sites, alarm monitoring, video imaging, ID badging, paging, digital video and CCTV switching and control that allows for easy expansion or modification of inputs and remote control stations. The Security Management System control at a central computer location shall be under the control of a single software program and shall provide full integration of all components. It shall be alterable at any time depending upon facility requirements. Security Management System reconfiguration shall be accomplished online through system programming. The Security Management System shall include the following:1. Multi-User/Network Capabilities: The Security Management System shall support

multiple operator workstations via local area network/wide area network (LAN/WAN). The communications between the workstations and the server computer shall utilize the TCP/IP standard over industry standard IEEE 802.3 (Ethernet). The

28 10 00 -5

communications between the server and workstations shall be supervised, and shall automatically generate alarm messages when the server is unable to communicate with a workstation. The operators on the network server shall have the capability to log on to workstations and remotely configure devices for the workstation. Standard operator permission levels shall be enforced, with full operator audit.

2. Concurrent Licensing: The Security Management System shall support concurrent client workstation licensing. The Security Management System application shall be installed on any number of client workstations, and shall provide the ability for any of the client workstations to connect to the database server as long as the maximum number of concurrent connections purchased has not been exceeded.

3. Security Key: The Security Management System shall only require a software security key to be present on the application server for the Security Management System to operate. Security keys shall not be required at the client workstations. The Security Management System shall allow a user to read the information that is programmed on the server security key. The Security Management System shall support the installation, update, and termination of the security key.

4. Terminal Services: The Security Management System shall support Windows Server 2008 Terminal Services. Terminal Services shall allow the Security Management System server application to reside on the Windows Terminal Server. Operating systems supporting a standard web browser shall be capable of utilizing the thin client architecture. The Security Management System shall support unlimited connections, based on concurrent licensing, to the Security Management System software. Full functionality shall be obtained through the intranet connection allowing full administration and monitoring without the need for a local installation.

5. Relational Database Management System: The Security Management System shall support industry standard relational database management systems. This shall include relational database management system Microsoft SQL Server 2012 SP1.

6. Database Partitioning: The Security Management System shall provide the option to restrict access to sensitive information by user ID.

7. Memory: Proprietary software programs and control logic information used to coordinate and drive system hardware shall be stored in read-only memory.

8. LDAP/ Microsoft Active Directory Services: The Security Management System shall provide support of Lightweight Directory Access Protocol (LDAP) for enabling the user to locate organizations, individuals, and other resources such as files and devices in a network, whether on the public internet or on a private intranet. The Security Management System shall provide a direct link to Microsoft Active Directory Services. The Security Management System shall allow the transfer of Active Directory users into the database via the Data Transfer Utility. Conversely, Security Management System users shall be capable of being exported to the Active Directory.

9. Unicode: The Security Management System shall utilize Unicode worldwide character set standard. The Security Management System shall support double-byte character sets to facilitate adaptation of the Security Management System user interface and documentation to new international markets. Language support shall include at a minimum English, Spanish, Portuguese, French, German and Simple Chinese.

10. Encryption: The Security Management System shall provide multiple levels of data encryptiona. True 128-bit AES data encryption between the host and intelligent controllers.

The encryption shall ensure data integrity that is compliant with the requirements of FIPS-197 and SCIF environments. Master keys shall be downloaded to the intelligent controller, which shall then be authenticated through the Security Management System based on a successful match.

b. Transparent database encryption, including log files and backupsc. SQL secure connections via SSL

11. Supervised Alarm Points: Both supervised and non-supervised alarm point monitoring shall be provided. Upon recognition of an alarm, the system shall be capable of switching CCTV cameras that are associated with the alarm point.

28 10 00 -6

12. Compliance and Validation: The Security Management System shall incorporate signature authentication where modifications to Security Management System resources will require either a single or dual signature authentication. Administrators will have the ability to select specified devices in the Security Management System where data manipulation will be audited and signatures will be required to account for the data modification. Upon resource modification, the user will be required to enter a reason for change or select a predefined reason from a list. All data will be securely stored and maintained in the database and can be viewed using the reporting tool. This functionality will meet the general requirements of Validation and Compliance through Digital Signatures with special attention to the case of Title 21 CFR Part 11 Part B compliance.

13. Clean Room Solution:a. Overview: The Security Management System shall provide a clean room

solution which enables users to manage their "Clean Environments" or other areas requiring special restricted access through a process-oriented graphical user interface (GUI).

b. Configuration: The user shall have the capability of adding, editing, or deleting clean rooms. Each "clean room" shall be capable of having a contamination level set. Entry to a higher level contamination area shall automatically restrict access to cleaner level areas. Individual cards shall be capable of being reset on an immediate one time, automatic, or per-hour basis.

E. Security Management System Operational Requirements:1. System Operations:

a. Windows Authentication Login: The Security Management System shall use an integrated login method which accepts the user ID of the person who has logged on to Windows.

b. Password: The Security Management System shall use an integrated authentication method which utilizes Windows user accounts and policies.

c. Information Access: The Security Management System shall be capable of limiting operator access to sensitive information. Operators shall have proper authorization to edit the information.

d. Shadow Login: The Security Management System shall allow users to login over a currently logged-on user without having the current user log off the Security Management System or out of the Windows operating system.

e. Graphical User Interface: The Security Management System shall be fully compliant with Microsoft graphical user interface standards, with the look and feel of the software being that of a standard Windows application, including hardware tree-based system configuration.

f. Guard Tour: The Security Management System shall include a guard tour module, which shall allow the users to program guard tours for their facility. The tours shall not require the need for independent or dedicated readers.

g. Secure Mode Verification (e.g., force guard to do a visual verify): The Security Management System shall provide ' secure mode' control from the verification viewer. This shall allow a user or guard to decide the access of an individual who presents his/her card at a designated secure mode reader.

h. Database Partitioning: The Security Management System shall support dynamic partitioning. A Security Management System in which partitions are set up at installation and cannot be easily changed shall not be acceptable.

i. Status Groups: The Security Management System shall support a real-time system status monitor that graphically depicts all logical devices.

j. Keyboard Accelerators: The Security Management System shall allow the user to use a shortcut key to enable designated system commands.

k. Automatically Disable Card upon Lack of Use: The Security Management System shall allow system operators to set a predefined time period in which cardholders shall swipe their card through a card reader in the Security

28 10 00 -7

Management System.l. User Functions and ADA Ability: The Security Management System shall

provide user functions and ADA (Americans with Disabilities Act) ability that provides the capability to trigger an event at the Security Management System intelligent controller when a defined card is presented.

m. Pathways: The Security Management System shall support the capability of programming pathways. A pathway shall be an object that combines input points to be masked (shunted) for a set duration, and an output point to be activated, when a particular card receives a local grant at a reader.

n. Database Audit Log: The Security Management System shall be capable of creating an audit log in the history file following any change made to the Security Management System database by an operator.

o. Operator Log: The Security Management System shall be capable of creating an action log in the history file following actions performed by an operator.

p. Alarm Routing: The Security Management System shall be capable of defining routing groups that determine what event information shall be routed to a user or class of users.

q. Global and Nested Anti-passback: The Security Management System shall support the use of an optional anti-passback mode, in which cardholders are required to follow a proper in/out sequence within the assigned area.

r. Two Person Rule: The Security Management System shall support a "two person rule" to restrict access to specific access areas unless two cardholders present two different valid cards to the reader one after the other within a period time defined by the door unlock time multiplied by a factor of 2.

s. Occupancy Restrictions: The Security Management System shall allow the user to define the minimum and maximum occupancy allowed in a designated area.

t. Multiple Sequential Card Swipes to Initiate Procedure: The Security Management System shall allow the user to define a logical device, quantity of consecutive identical events, a time period and a Security Management System procedure to trigger when the event occurs a maximum quantity of times in the allocated time period.

u. Hardware Templates: The Security Management System shall include the ability to define hardware templates (door templates) in order to simplify the process of creating an access control system. Hardware templates shall allow a user to define a "typical" door configuration and then use that template over and over in the process of defining doors.

v. MRDT. Pro-Watch can accommodate Mercury Intrusion hardware like the Mercury MRDT ("Mercury Digital Terminal") with keypad. MRDT works with PW-6000 panel to provide intrusion functionality. Mercury Intrusion requires a special Pro-Watch license.

2. Access Control Functional Requirements: Functions shall include validation based on time of day, day of week, holiday scheduling, site code verification, automatic or manual retrieval of cardholder photographs, and access validation based on positive verification of card/PIN, card, and video. The following features shall be programmable and shall be capable of being modified by a user with the proper authorization:a. Time Zones: Shall define the period during which a reader, card, alarm point,

door, or other system feature is active or inactive. In addition to Monday-Sunday, there shall be at least one day of the week called Holiday.

b. Holidays: The application shall allow holidays to be entered into the Security Management System. Holidays shall have a start date plus duration defining multiple days. Holidays shall have a holiday type of 1, 2, or 3, which may be defined by the user.

c. Response Codes: The Security Management System shall allow the user to enter a predefined code to represent a response to an alarm occurring in the facility.

28 10 00 -8

d. Clearance Codes: The Security Management System shall allow the user to establish groups of readers at a facility for the purpose of granting or denying access to badge holders. Clearance codes shall be assigned to companies and individuals employed by the company, and may be modified for individual users in the badge holder maintenance application.

e. Companies: Each badge holder entered into the Security Management System shall be assigned a company code identifying the individual's employer. The company information dialog box displays and maintains information related to companies having access to the facility.

f. Group Access: The Security Management System shall allow a user or group of users via company selection, a temporary denial of access to specific readers or areas based on a preconfigured event. The group access function shall limit access to a group of cardholders, overriding all other access criteria.

g. Event: Definitions shall be shipped with system software but shall be capable, upon installation, of being modified, added to, or deleted from the Security Management System.

h. Alarm Pages: Security Management System shall include the capability to create an unlimited number of customized alarm pages for the alarm monitor and each shall be assignable to users and user classes.

i. Event Types: Definitions shall be shipped with system software but shall be capable, upon installation, of being modified, added to, or deleted from the Security Management System.

j. Dynamic Graphical Maps: The Security Management System shall provide the user with the means to add maps and indicator icons to maps that shall represent input/output points, logical devices, or cameras located throughout the Security Management System. Security Management System maps shall display the state and condition of alarm points. The Security Management System shall also provide the ability to monitor the channels or panels.

k. Brass Keys: Shall maintain information related to assets that are issued in the facility, including brass keys, laptops, RSA keys, cell phones, company cards, etc.

l. ID Badging Client: The Security Management System Shall maintain information related to a badge holder's card access privileges. Upon entering this application, a window shall appear on the screen and all actions (add, modify, or delete) involving badges and cards shall be initiated from this window. Access privileges shall be linked to the cards used to gain access to doors in the facility. Modifications shall be made by adding or deleting clearance codes, or by door types assigned to the cards or to a badge holder.

m. ID Badging System: The Security Management System shall include seamlessly integrated ID badging system.

n. Users: Information related to the users of the Security Management System software shall be stored in the database. Users entered into the Security Management System shall be assigned the access privileges of the class to which they are assigned.

o. Elevator Control: The elevator control shall be of the Security Management System intelligent controller-based line of devices. The elevator control shall include the following functional features:1) Elevator call: Valid card read calls elevator to the floor. No reader in the

elevator car.2) Floor control: Valid card read in the elevator car enables selectable floor

buttons.3) Floor select: Valid card read in the elevator car enables selectable floor

buttons and logs which floor is selected after the card is presented.p. Data Transfer Unit (DTU): The DTU enables data to be imported from an

external system directly into the Security Management System database and also exported from Pro-Watch to an external system.

28 10 00 -9

1) Insert only: If a "data file key column number" shall be provided, the DTU will only insert a new badge record if the key column value is not found. An error shall be displayed in the log file if an existing badge record is found. If no "data file key column number" is provided, every record will be inserted into the Security Management System.

2) Updates only: The DTU shall use the "data file key column number" to look for the matching Security Management System record. An error shall be logged in the log file if the badge holder is not found in the Security Management System database.

3) Inserts, updates: The DTU shall use the "data file key column number" to look for the matching Security Management System record. If a matching record is not found, the DTU shall insert the data. If a matching record is found, the record shall be updated.

4) DTU shall support SOAP web services.q. Generic Channel Interface: The Security Management System shall provide the

ability to define generic communications channels over serial port or TCP/IP network socket including IP address and port/socket, to support custom integration of external foreign devices. The Security Management System shall generate events based on data received from the channel matching operator pre-defined instructions.

3. Application Localization: The Security Management System shall support at least seven languages including English. The languages available shall include German, French, Spanish, Italian, Chinese (simplified), Portuguese (Brazil), Norwegian, Chinese (Traditional), Danish, and Dutch, All database resources will be localized, and will include a standard U.S. English help file.

4. Event Manager: The Security Management System shall utilize an event manager as a component of system administration and offer the ability to have users control the amount of data stored as well as a quick snapshot of the logged data in the system. Using the various logs in event manager, the user will be able to gather information about events, auditing, and operator actions. The logs are defined as follows: Event log, audit log, unacknowledged alarms.

F. Intelligent Controllers - Hardware Requirements:1. Distributed architecture shall allow controllers to operate independently of the host.

The architecture shall place key access decisions, event/action processing and alarm monitoring functions within the controllers, eliminating degraded mode operation.

2. Flash memory management shall support firmware updates and revisions to be downloaded to the system. Upgrades to the hardware and software shall occur seamlessly without the loss of database, configurations, or historical report data.

3. Manufacturers: Subject to compliance with requirements, provide Field Controllers or comparable product by one of the following:a. Honeywell Security Star II (Legacy support only)b. Honeywell Security PW-2000c. Honeywell Security PW-3000 (Legacy support only)d. Honeywell Security PW-5000e. Honeywell Security PW-6000f. Honeywell Security PW-6101ICE

4. Cardkey Controllers: The Security Management System software suite shall provide functionality to Cardkey Controllers using Nodal Protocol B, the Cardkey Controllers D620 (Firmware revision PS-143D or PS143-E), and the Cardkey D600AP (Firmware Revisions PS-155A or PS-155B). Supported interface is currently, but not limited to, standard STI and STIE devices. Minimum functionality to be supported:a. Controller to host communications.b. Downloading of cards.c. Downloading of Security Management System parameters.d. Downloading of reader parameters.

28 10 00 -10

e. Downloading of input point parameters.f. Downloading of relay output point parameters.

G. Field Hardware:1. The security management system shall be equipped with access control field

hardware required to receive alarms and administer all access granted/denied decisions. All field hardware shall meet UL requirements.a. Intelligent Controller Board:

1) Honeywell Security PW3K1IC (Legacy support only).2) Honeywell Security PW6K1IC.3) Honeywell Security PW6K1ICE.

b. Single Reader Module (SRM):1) Honeywell Security PW6K1R1.2) Honeywell Security PW6K1R1E.

c. Dual Reader Module (DRM):1) Honeywell Security PW6K1R2.

d. Alarm Input Module (AIM):1) Honeywell Security PW6K1IN.

e. Relay Output Module (ROM):1) Honeywell Security PW6K1OUT.

f. Mercury Family Hardware:1) EP-1501.2) EP-1502 .3) EP-2500 with Wiegand Reader.4) MR-16IN (16 Input Board).5) MR-16OUT (16 Output Board).6) MR-50 (Single Reader Board).7) MR-51E (Single Reader Board ETHERNET).8) MR-52 (2-Reader Board).9) SCP/SCP2.10) Mercury M5 Bridge.11) M2K

g. Lenel Family Hardware:1) LNL-1000 with Wiegand Reader.2) LNL-1100 (16 Input Board).3) LNL-1200 (16 Input Board).4) LNL-1300 (Single Reader Board).5) LNL-1320 (2-Reader Board).6) LNL-2000 with Wiegand Reader.7) LNL-2210.8) LNL-3300.9) LNL-8000.

h. SALTO Locksets:1) Locksets compatible with SVN - Salto's Virtual Network.

i. Card Readers:1) Honeywell Security:

a) OmniProx.b) OmniAssurec) OmniClass.d) DigiReaders.

2) HID:a) ProxPro.b) MiniProx.c) MaxiProx.d) ThinLine II.e) ProxPro II.

28 10 00 -11

f) ProxPoint Plus.3) Indala:

a) FlexPass.b) FlexPass Linear.c) FlexPass Arch.d) FlexPass Curve.e) FlexPass Long Range.f) FlexPass Wave.

4) Biometric Readers:a) BioScrypt.b) Recognition Systems.

5) WSE Readers (SNET Protocol) - Star I, Star II, PW-6000:a) DR4201.b) DR4203.c) DR4205.d) DR4205K.e) DR4208.f) DR4208K.g) DR4220.h) MSR42-GW.

6) Wireless Readers:a) IR Wireless Reader.b) AD-400 Wireless Locks.c) SALTO SALLIS Wireless Reader.d) ASSA ABLOY APERIO Wireless Reader.e) SCHLAGE Wireless Reader.

H. Digital Video Recording Systems:1. The Security Management System shall provide fully integrated support for a powerful

network and digital video recording and transmission system. The Security Management System shall record, search and transmit video, and shall provide users with live, pre- and post- event assessment capabilities. The NVRs/DVRs shall be seamlessly integrated with existing video equipment and incorporated into any TCP/IP network. The NVRs/DVRs shall provide multiple levels of integration with the Security Management System software, providing control of the network or digital video system from the access control application.

2. Manufacturer and part numbers:a. Honeywell MAXPRO VMSb. Honeywell Fusion III series digital recordersc. Honeywell Rapid Eye Multi-Media series digital recordersd. Integral Technologies DVXi series digital recorderse. Integral Technologies DSXpress Series digital recorders

I. Video Management Systems (VMS):1. With integration to VMS, Security Management System shall control multiple sources

of video subsystems in a facility to collect, manage and present video in a clear and concise manner. VMS intelligently determines the capabilities of each subsystem across various sites, allowing video management of any analog or digital video device through a unified configuration and viewer. Disparate video systems are normalized and funneled through a common video experience. Drag and drop cameras from the Security Management System hardware tree into VMS views. Leverage Security Management System alarm integration and advanced features such as pursuit that help the operator track a target through a set of sequential cameras with a single click to select a new central camera and surrounding camera views.

2. Manufacturer and part numbers:a. Honeywell Security MAXPRO VMS.

28 10 00 -12

J. Intercom Interface:1. The interface shall provide control of both remote and master intercom stations from

within the Security Management System application. The Security Management System shall allow the user to define the site, channel, description, and address as well as provide a checkbox for primary station.

2. Administrators shall have the capability to program a list of intercom functions that report to the alarm-monitoring module as events. These functions shall coincide with the intercom functions provided with the intercom system. For each intercom function, Security Management System administrators shall be able to define an alphanumeric event description 1 to 40 characters in length and shall also be able to set the parameter value of that function.

3. The intercom interface shall allow for secondary annunciation of intercom calls, events, and alarms in the alarm-monitoring window. Intercom reporting to the alarm monitoring window shall report as any other access control alarm and shall have the same annunciation and display properties as access control alarms.

4. All intercom calls, events, and alarms that report into the Security Management System shall be stored in the system database for future audit trail and reporting capabilities. Intercom events shall include but not be limited to: Station busy, Station free, Intercom call to busy station, Intercom call to private station, Station disconnected, Function dialed outside connection, Intelligent station ID, Station reset, Station lamp test, Audio program changed, Group hunt occurred, Mail message, Digit dialed during connection, Direct access key pressed, Handset off hook, M-key pressed, C-key pressed

5. Manufacturer(s) and part numbers:a. Stentofon/Zenitel Alphacom series intercoms.b. Commend series intercoms.

K. Intrusion Detection Panels:1. Honeywell VISTA-128FBP, VISTA-128BPE, VISTA-128BPT, VISTA-250FBP, VISTA-

250BPE, and VISTA-250BPT Controllers:a. General Requirements: The Security Management System shall support

hardwired and TCP/IP communication for the VISTA 128FBP/VISTA-250 FBP panel. Each panel shall have 8 partitions and 15 zone lists. Zones, partitions, and the top-level panel shall have an events page, with all supported events present. Features:1) Disarm and unlock a door on card swipe.2) Arm and lock a door on card swipe.3) Common area arm/disarm.4) Access denied if intrusion system is in alarm or armed.5) Monitor and log intrusion system events and alarms in the Security

Management System.6) Associate intrusion system events and alarms to video surveillance

integrations.2. Honeywell Galaxy Dimension GD264 and GD520 Controllers:

a. Security Management System users are able to control and monitor group and zone status using the Security Management System client, and control the individual zones and groups using Security Management System Access control credentials. Depending on the combined user profiles and access permissions defined in Security Management System, a Security Management System cardholder is allowed or denied permission to arm/disarm zones and groups. The access control functionality of the intrusion panel is disabled when the integration is operational. Features:1) Disarm a zone on a card swipe.2) Arm a zone on consecutive card swipes. Security Management System

will support definition of quantity of swipes required and the timeout time in seconds to recognize consecutive swipes.

28 10 00 -13

3) Security Management System supports linking of intrusion panel users with Security Management System cardholders.

4) Security Management System operators may be given control permissions for intrusion input and output alarms.

5) Security Management System can associate alarm events with video commands to look at current or historic footage.

6) Security Management System stores and reports on intrusion events.

L. Software Development Kit (SDK)1. Security Management System shall permit custom integration with other third party

systems through an SDK. SDK shall support the OBIX communication protocol and interface directly with the Niagara Framework for support of additional communications protocols.

2. Manufacturer and part numbers:a. Honeywell Security HSDK.

M. Visitor Management System1. The Visitor Management System shall allow the user to track visitors, employees,

assets and deliveries as they enter and exit the facilities.2. The system shall also support printing of custom designed visitor passes with details

like expiration date, visit area, host being visited, and visit purpose.3. Manufacturer and part numbers:

a. Honeywell Security LobbyWorks.

N. Web Client:1. Web Alarms2. Web Events3. Web Badging4. Web Reports

O. Supported Web Browsers:1. (Windows) Internet Explorer 112. (Windows) Google Chrome Version 42

2.3 INTEGRATED SECURITY MANAGEMENT SYSTEM (ISMS)

A. Product: WIN-PAK Access Management System as manufactured by the Honeywell Commercial Security.

B. The ISMS will function as an electronic access control system and integrate the alarm monitoring, CCTV, digital and network video, ID badging and database management into a single platform. A one-stop gateway for all access control needs. A modular and network-enabled architecture allows maximum versatility for tailoring secure and dependable access and alarm monitoring solutions.

C. ISMS Components: Divided into six components: Database Server, Archive Server, Communication Server, User Interface, WIN-PAK API Server, and WIN-PAK Web.1. Components are to run on a single computer or on multiple computers, allowing

flexibility in configuring a networked system.a. Database Server: Used for storing the database tables. Data is accessible to

communication server and user interface for retrieving and generating reports. Installed on the client computer or any other computer connected to the network.

b. Archive Server: Used to obtain data from the archive database consisting of backup details of the WINPAK main database.

c. Communication Server: Routes user interface requests and access transactions to the panel. The panel in-turn processes transactions and sends

28 10 00 -14

information to the database server as well as responses to the user interface through the communication server. When sending information to the database server, it can also receive a request from the user interface. The communication server will consider the user request as a higher priority and stops the panel-database server communication until the user request is processed. Installed on the client computer or any computer connected to the network.

d. User Interface; ISMS Client: Helps ISMS operators communicate with the access control system. Installed on the computer where the database or communication server is installed or any other computer connected to the network. Client computers can simultaneously access the single database server simultaneously. The number of client computers varies based on licensing information of ISMS.

e. WIN-PAK API Server: Used to obtain and set the details in the WIN-PAK database using the Application Programming Interface (API).

f. WIN-PAK Web: Application is an extension of the WIN-PAK host application with limited operations. Operations such as Adding Cards, and Adding Card Holders that are common to both WIN-PAK host and WIN-PAK Web application are saved on a common database server.

2. ISMS Services: Includes the following components.a. Command File Server: Provides text files containing device instructions stored

in the command files database. Commands in the command files can be sent to devices automatically on receiving, acknowledging, or clearing an alarm. Command files can be manually executed.

b. Guard Tour server: A defined series of check points a guard must activate within a given amount of time. Check points are readers or input points where the guard presents the card or presses the button.

c. Tracking and Muster Server: Enabled in an emergency event allowing card holders to swipe the readers. Muster areas are logical areas that contain readers to be used by card holders, only if there is a call for muster; in the event of a disaster, for example.

d. Schedule Server: Schedules the list of events to be performed at a predetermined time and intervals such as hourly, daily, or monthly.

e. Video Management Server: Interface to connect to various DVR's/NVR's. Provides CCTV control with live monitor display, PTZ control of cameras and video playback operations.

D. ISMS Operational Requirements:1. A modular and network-enabled access control system capable of controlling multiple

remote sites, alarm monitoring, video imaging, ID badging, mobile credential provisioning, paging, digital video and CCTV switching and control that allows for easy expansion or modification of inputs and remote-control stations. The ISMS control at a central computer location shall be under the control of a single software program and shall provide full integration of all components. It shall be alterable at any time depending upon facility requirements. The ISMS reconfiguration shall be accomplished online through system programming.

2. The ISMS Includes the Following Features:a. Multi-User/Network Capabilities: Supports multiple operator workstations via

local area network/wide area network; LAN/WAN. Communications between workstations and server computer will utilize the TCP/IP standard over industry standard IEEE 802.3 (Ethernet). Communications between the server and workstations is supervised, and automatically generates alarm messages when the server is unable to communicate with a workstation. Operators on the network server to have the capability to log on to workstations and remotely configure devices for the workstation. Standard operator permission levels shall be enforced, with full operator audit.

28 10 00 -15

b. Operating Environment: True 32-bit or 64-bit, 3-tier client/server, ODBC compliant application based on Microsoft tools and standards. Operate in the following environments: Microsoft Windows Server 2016, Windows Server 2012 R2, Windows 10 Professional for workstations only.

c. WIN-PAK Web: Using the Web interface, any operator from any customer location can access the WIN-PAK database server from any computer on the network. The operators at the customer sites must be granted appropriate access rights for accessing the WIN-PAK database server through the Web interface. These access rights are granted by the WIN-PAK Administrator using the WIN-PAK host application.

d. Multiple Servers: Consist of multiple servers including, but not limited to, database server, communications server, and client workstation. Servers to be capable of being installed on one or more computers across a network providing a distribution of system activities and processes. Support multiple communication servers on a LAN/WAN, to provide distributed networking capabilities, significantly improving system performance.

e. Multi-level Password Protection: Multi-level password protection, with user-defined operator name/password combinations. Name/password log-on shall restrict operators to selected areas of the program. The application shall allow the assignment of operator levels to define the system components that each operator has access to view, operate, change, or delete.

f. Graphical User Interface: Compliant with Microsoft Graphical User Interface (GUI) standards, with look and feel of software being that of a standard Windows application, including hardware tree-based system configuration.

g. Online Help: User interface will include an Online Help requiring one click to activate. Special function key "F1" shall have capability to be programmed to provide access to the help system.

h. Guard Tour: The Security Management System shall include a guard tour module, which shall allow the users to program guard tours for their facility. Tours will not require independent or dedicated readers.

i. Concurrent Licensing: Support concurrent client workstation licensing. Install on any number of client workstations, and provide ability for any client workstation to connect to the database server if the maximum number of concurrent connections purchased has not been exceeded.

j. Concurrent Browser Connections: A minimum of 100 concurrent web connections to be included as standard to manage day-to-day access control tasks including but not limited to: Card and Cardholder (Names, Notes fields, Note Field creation and Note Field templates); Badge Printing; Door Schedules; Lock Control; Panic Door control; Schedules; Holidays; Access Level; Reports; Report Templates and Schedules; Messaging, viewing live card activities and Locate functions.

k. WIN-PAK supports multiple installation types.1) Single Server Deployment: Installs all the WIN-PAK components such as

client, server, web, API, VMS, and support programs.2) Dual Server Deployment: The dual server deployment is hosted on two

computers. The first computer, server 1, will have the complete host, API, and the VMS installed. The second computer, server 2, will have the host User Interface, Remote communication server, VMS, and Web installed.

l. Relational Database Management System: Support industry standard relational database management systems. This includes relational database management system Microsoft SQL Server 2016 Enterprise Edition. Provide edit, add, delete, search, sort, and print options for records in the selected databases.

m. Database Partitioning: The Security Management System will provide the option to restrict access to sensitive information by user ID.

28 10 00 -16

n. Unicode: The Security Management System shall utilize Unicode worldwide character set standard. The Security Management System shall support double-byte character sets to facilitate adaptation of the Security Management System user interface and documentation to new international markets. Language support shall include at a minimum English and French.

o. Encryption: The Security Management System shall provide multiple levels of data encryption.1) True 128-bit AES data encryption between the host and intelligent

controllers. The encryption shall ensure data integrity that is compliant with the requirements of FIPS-197 and SCIF environments. Master keys shall be downloaded to the intelligent controller, which shall then be authenticated through the Security Management System based on a successful match.

2) Transparent database encryption, including log files and backups.3) SQL secure connections via SSL.4) Asymmetric Column level encryption is used for personal data fields

(Card Holder's First name, Last name, Note fields) in the SQL data fields.p. Industry Standard Panel Communication: Communicates with access control

panels via LAN/WAN connections utilizing industry standard communication protocols.

q. Supervised Alarm Points: Both supervised and non-supervised alarm point monitoring. On recognition of alarm, system can switch and display video from camera connected to digital video recorder associated with alarm point.

r. Multiple Account Support: Support for multiple accounts allowing separate access to the card database, badge layout, operator access, and reporting. Physical hardware may be filtered by operator level into sites. Sites may reside in multiple accounts.

s. Logical Representation of Hardware Devices: The ISMS shall use Abstract Devices (ADV) for representing physical hardware devices in the system. The ADVs shall be used in Floor Plans to provide the user interface to control and monitor the system, and shall also be used in the data trees to organize, display, and control system information.

t. Access Control Functions: Validation based on time of day, day of week, holiday scheduling, site code and card number verification, automatic or manual retrieval of cardholder photographs, and access validation based on positive verification of card, card and PIN, card or pin, pin only and Site Code only.

u. Digital Video Recorders (DVRs) Support: ADPRO, MAXPRO NVR, and Embedded Performance Series DVRs.

v. Camera Functions: Pan/tilt, lens control, limits, and home.w. Live Video Display: An option to view live video from a camera connected to

the digital video recorder on the computer screen. The live video window allows user to change its size and location on the computer screen. Video controls (pan, tilt, zoom) shall be available to customize the display of live video to the user's requirements.

x. Global and Local Anti-Passback: Support the use of an optional anti-passback mode, in which cardholders are required to follow a proper in/out sequence within the assigned area.

y. Alarm Events: Alarm events with defined priorities pop-up automatically in Alarm event window for operator attention. The pop-up displays name of event (reader, alarm point, cardholder, or system alarm), time, date, site, account. In a card event, the card number, type of event and cardholder name is displayed. An event counter displays the number of times event was reported to the Alarm event monitor prior to Acknowledgement or Clearing the event. Event instructions to be made available by double clicking on event. The event will display an icon to indicate that video is available for events so programmed.

28 10 00 -17

Alarm event window allows operator to initiate a physical response to the event as well as a written response. Responses include but not limited to: acknowledge, clear, open a pre-programmed floor plan, energize, de-energize, pulse, time pulse, add comment, retrieve event video, and bring up live video, shunt, or un-shunt.

z. Manual Panel Control: Manual control of selected inputs, outputs, and groups of outputs. Include pulse, timed pulse, and energize/de-energize or return to time zone options for output points and shunt/unshunt or return to time zone options for input points. For entrances and readers manual control shall include but be limited to Lock, Un-Lock, Disable, Card only, Card-Pin only, Pin only, exit only and site code only. For partitions monitored by the intrusion panel the control shall include but not be limited to arm away, arm stay, disarm, refresh, and provide a virtual keypad for the partition. For zones monitored by the intrusion panel the control shall include but not be limited to bypass, unbypass, and refresh. Intrusion panel output control shall include activate, deactivate and refresh.

aa. Levels of System Operation: The ISMS shall include a feature to define the levels of system operation for each individual operator using passwords. System operation for individual operators shall include, but not be limited to, restricted time periods for login, available accounts and default language selection at login. Operator actions range from no view or control rights to basic monitoring including the ability to block the viewing of card and or personal identification numbers, to full control of the system including programming.

bb. Hardware Configuration Changes: After installation of ISMS application, the customer shall be able to perform hardware configuration changes. These hardware configuration changes shall include, but not be limited to, door open time, door contact shunt time, point and reader names, when and where a cardholder is valid, and the ability to add or modify card databases as desired; For the intrusion system, any function that can be programmed from a physical keypad shall also be available from the system's virtual keypad, without the services of the Contractor or Manufacturer.

cc. Distributed Processing: All the control components of the ISMS shall utilize "Distributed-Processing" concepts. The distributed processing shall include the ability to download operating parameters to any field panel, thus allowing the field panel to provide full operating functions independent of the access control system computer.

dd. Flexible Component replacement: The repair of hardware components associated to the ISMS shall be accomplished on site, by a new replacement, utilizing spare components.

3. The ISMS application will have functional capabilities, considered essential for the system, categorized as follows:a. General:

1) Databases have the ability to add, delete, report, view, and edit information.

2) Saves system transactions in a retrievable file.3) Logs events by date and time.4) System transactions or selected system transactions are saved in a disk

file.5) The end-user shall have the provision to make any system configuration

changes such as, but not limited to door open time, door contact shunt time, point and reader names, when and where a cardholder is valid, and the ability to add or modify card databases at any time.

6) Support "Global Anti-pass back", feature allowing cardholder to enter/exit any such defined card reader on the same intelligent control panel or RS-485 drop-line consisting of 2 and 4 door controllers.

7) Anti-pass back modes shall include: hard (no forgiveness), soft (allows

28 10 00 -18

access but generates an alarm event) and timed for all readers on the intelligent controller, on specified reader or card for a definable period of time up to 32,000 seconds.

8) Support the "Duress" feature, where a PIN is used in conjunction with a card read; the numbers of digits are selected using the keypad where the PIN number is a value different from the normal PIN.

9) Support the "Two card holder" rule, where two valid, non-identical "cards" must be used within a 20 second period to grant access.

10) Have the option to display the time when a card holder using a reader has accessed (opened) the door or the card was used, but the door was not opened.

11) Support the "Latch mode" operation where the first card read unlocks the door and the second card read locks it.

12) A mode of system operation that stores system commands not accepted by the hardware.

13) A mode of system operation that requires the operator to enter a response to an event when acknowledging it from the alarm view window.

14) A mode of system operation that allows acknowledged alarms to be automatically cleared.

15) A mode of system operation where when an acknowledged, but not cleared event will be reissued requiring acknowledgement when the event changes to an alarm or trouble state.

16) A mode of system operation that does not allow the operator to clear an alarm before prior to it being restored to normal.

17) The ability for manual operator control of system output relays. The manual functions shall include the ability to energize, de-energize, return to time zone, or pulse the output relay. The pulse time shall be a programmable setting.

18) Ability for manual operator control of system doors. The manual functions shall include the ability to Lock, Un-Lock, Disable, Card only, Card-Pin only, Pin only, exit only and site code only.

19) Ability to automatically display stored "video image" of cardholder, and switch real-time camera from CCTV or digital video server to card reader location for specific card usage.

20) The cardholder "video image" pop-up shall be activated based on a priority level set to the cardholder or reader. Information in the pop-up shall include, but not be limited to the card holder's primary image a live video pop-up showing the person who initiated the pop-up, entrance name, time, date, cardholder name, and status. User shall be able to display up to 40 note fields. The size of the pop-ups shall be adjustable by the operator.

21) Support multiple card reader technology including: Proximity, Wiegand effect, Biometrics, Magnetic stripe, Bar Code, Keypad, Card/keypad (PIN), High-speed long-range Vehicle ID, Smart Card and mobile credentials (smart phone with a credential/app).

22) An option for taking scheduled automatic backups of any or all database system files. A means to restore these files from a simple menu shall exist.

23) Ability to address up to 255 serial communication ports per communication server, where each port can be configured for either hardwired, or dial up. When configured for dial up, any one port can support multiple dial up locations.

24) Communication from the access control communication server to the remote intelligent control panels shall be selectable. Communication options shall be RS-232 directly to the intelligent control, via RS-485

28 10 00 -19

converter, dial-up, leased line from a defined communication port or by LAN/WAN using an IP address for direct connection to the intelligent controller via network interface card. When using IP addressing it shall be un-acceptable to use a communication port converter device on the communication server side of the transmission. A minimum of 255 such IP connections shall be allowed per communication server.

25) Commands and updates to the panels shall be verified and shall automatically retry if communications fail.

26) A system scheduler that shall automatically: Call remote locations to retrieve history transactions and update panel information, including time and date, Activate or deactivate cards locally or at remote dial-up sites, Initiate a pre-programmed command event/action, Synchronize system to intelligent controller time, Run a pre-defined (template) History report, Run a pre-defined (template) Card Holder report, Card frequency report defined by reader(s), over a defined period of time with disposition options to automatically report or report and de-activate card or change the access level of the card, Frequency shall be defined as Never, Now, Once, Hourly, Daily, and Weekly, Once per 2 weeks, and Monthly.

27) Drop boxes for all system-required information that the user has previously entered.

28) Ability to initiate an email (via SMTP using SSL and TLS services) or page to a paging system based on a transaction state. A transaction state shall be defined as but not limited to Normal, Alarm, Trouble, Ajar, Trace, Not Found, Anti-Passback Violation, PIN Violation, Time Zone Violation, Site Code Violation, Door Used, Duress, No Second Card Presented, Trace Card or Expired Card, and System Alarms including, Panel Com, Panel Power Failure, Modem Pool, Guard Tour, and Tamper. Intrusion partition events including but not limited to: Alarm, Alarm Cancel, Aram Away, Arm Stay, Auto Arm, Auto Disarm, Bypass, Disarm, Early Arm, Early Disarm, Fail to Arm, Fail to Disarm, Normal, Not Ready, Part Arm, Quick Arm, Recent Close, Remote Arm, Remote Disarm, Unbypass, User Code Added, User Code Deleted, user Code Edited. Intrusion zone events including but not limited to: Alarm, Alarm Restore, Bypass, Fault, Fault Restore, Normal, Trouble, Trouble Restore, and Unbypass. Intrusion output events including but not limited to: Alarm, Communication Loss, Normal, Tamper, and Tamper Restore. Intrusion panel events including but not limited to: Access Denied, Automatic Test, Comm Fail, Comm Restore, Faults, Faults Restore, Line Restore, Line Trouble, Manual Test, Pager Restore, Pager Trouble, AC Restore, AC Trouble, Alarm, Battery Low, Battery Low Restore, Disarm, Normal, Recent Close, Reset, Panic Alarm, Power Up, Program begin, Program Changed, Program End, System Shutdown, System Shutdown Restore, Tamper Alarm, Tamper Restore, Test End, Test Start, Time/Date changed.

29) Include a "host grant" mode of operation that requires the host computer to grant accesses to "valid" cards. An alternate host grant mode shall allow the card access information to be downloaded along with unlocking the door for "valid" cards.

b. SubAccounts1) An extension of the Accounts feature, Sub-Accounts allows management

of spaces, credentials and card holders relative as a separate group (subaccount) within the account. Typical application: an account being a multitenant building where each tenant (subaccount) manages their people and doors along with doors common to all in the building/account while only seeing and managing their people When an account is created, a sub-account is created by default. You can add multiple sub-

28 10 00 -20

accounts to an account. Administrators can create and manage sub-accounts within their parent account.

2) Administrators can add, select, edit and delete sub-accounts by using their respective menus under account.

c. Cards:1) A simple card and card holder database import utility. The utility shall be

password protected and accessible only to administrators of the access control system. Information that can be imported shall include but not be limited to: First Name, Last Name, Card Number, Activation Date, De-activation Date, Status, up to 40 note fields and Photo Images. A simple CSV (comma separated value) file shall be used for the importing of data and image file names.

2) Cardholder information shall include unique card number up to 20 digits and optional Personal Identification Number up to 10 digits.

3) Allow multiple cards, mobile access credentials or finger print enrollment per cardholder.

4) Allow 32 access levels to be assigned to a card, or a single "precision" access level. When using "precision" access levels it shall be possible to create a unique access level per card using an existing access level as a baseline template. This customized card access level shall have both beginning and ending dates.

5) Provide 40 user defined fields.6) Each card holder note field shall allow the option to be entered as free

form data or structured data. Structured data shall be by use of a template or drop list. The template and drop list shall be created by the operator. The capacity of the template shall allow for up to 65,000 characters.

7) Special card options that shall include, but are not limited to: Time zone reference, which defines valid time; visitor use, which provides a specified activation date and expiration date (spanning years); limited use up to 255 uses; allow arming of the intrusion system; Standard, Supervisor and VIP card type providing special door privileges based on scheduled or event based functions; Trigger control value, which can initiate a predefined procedure at the intelligent control independent from any control function from the system computer.

8) A card "Trace" function. The Trace function shall allow normal access control, but will provide a tracking alarm at the system monitor.

9) Ability to store digital images of cardholder or other digital images such as property or family members. Up to 99 such images shall be associated with the cardholder.

10) Ability to store a written signature of the cardholder or other signatures such as family members. Up to 99 such signatures shall be associated with the cardholder.

11) Ability to prioritize specific card event types from 1 to 99 with separate priority options that shall include but not be limited to Anti-pass back, Trace, PIN Violation, Normal, Not Found, Expired, Host Grant, Site Code and Time Zone card activities or violations.

12) Allow the user the ability to send an e-mail message, selectable per card event type.

13) Upon editing card and biometric information, the updated information shall be sent automatically to the appropriate access control panel, when hardwired, with no other user intervention. If the port is dial up, the entry will be stored on disk and shall be updated when connection is made to the remote loop. If the scheduler is used, then card updates shall be sent based on scheduling.

14) In a traditional (Wiegand) 5-digit card database, the numbers 0 and

28 10 00 -21

65,535 shall not be valid card numbers as some devices transmit these numbers on an improper read.

15) Duplicate Card numbers shall not be allowed within an Account. However if more than one account is used, each account can have a single occurrence of the same number and per account that card number can be used by a different card holder.

16) Integrated biometric enrollment functions shall be managed directly inside the PAC UI without the need to use a 3rd party software.

17) Integrated assignment/managing/enrollment of mobile access credentials shall be accomplished inside the PAC UI without the need to external or 3rd party portals or software.

d. Access Levels:1) Option to define specific access times.2) Option to define specific readers for access.3) Template of a defined access level detail, where changes can be made

to the template and saved as a new access level detail.4) An access control tree structure that allows groupings of entrances. User

shall have the ability to group program all entrances on the branch or make specific changes to individual entrances.

5) Option per reader so configured, to select a predefined group of relays to utilize instead of a single relay. Commonly used for elevator control applications. The relay "Group" can also provide uniquely programmed pulse time used to allow varying access time for special needs applications.

e. Video Management Server:1) Support the following Digital Video Recorders (DVRs): ADPRO,

MAXPRO NVR, and ENVR.2) Option to configure the DVRs to a video management server.3) Option to configure the cameras, inputs, and outputs to the DVRs.4) An interface to a network of digital video servers.5) An option to discover all the cameras connected the DVRs.6) Ability to manually access live video from any camera on any defined

digital video server.7) Viewer windows to allow 16 live videos to be displayed at a time.8) The viewable size of the viewer salvo window shall be adjustable by

using the common "click and drag" method. When adjusting height or width, the image shall retain the correct aspect ratio.

9) Ability to automatically pop-up any camera in the system based on any alarm point, system alarm or cardholder video image pop-up.

10) Ability to manually control the pan, tilt, and lens functions (zoom, iris, and focus) of cameras so equipped.

11) A "live view" from the Digital Video Server displayed on the system computer without use of any add-in video capture card.

12) Live views shall allow for the change in image resolution or aspect ratio to optimize the viewing quality to the native video.

13) The ability to change the size and location of the view shall exist.14) The digital video server window shall also supply the ability to select a

digital video server, camera, live, from stored video using user defined time and date.

15) A filter option shall allow the operator to define a date, time, transaction type, device(s), card holder, card number, note field, card event type and alarm status. Once filtered all events will be displayed in a listing. The listing shall include on the same event line if the event has an associated video clip. By clicking on the event, the time, date, camera, and digital server shall be preloaded in the manual selection boxes allowing the operator to simply click on the sorted event and then click on "show" to

28 10 00 -22

display the recorded event.16) Video Masking with Four-Eye override shall ensure privacy is managed

in accordance to GDPR requirements.f. Camera Control:

1) Option to configure the settings of cameras connected to the respective DVRs.

2) Option to manually control the pan, tilt, and lens functions (zoom, iris, and focus).

3) option to automatically switch any camera in the system to any monitor in the system based on any alarm point or system alarm.

4) Display the live and recorded video in salvo window.5) A set of options such as color correction, sync playback, flip, playing

speed, remove text overlay and soon to customize the display of live and recorded video.

6) An option to configure the Video Motion, Video Loss, and PTZ loss events to cameras associated to all the DVRs.

g. Alarm Monitoring - Alarms Only View:1) Report alarm point activity.2) Provide color for each specific alarm point action, "Alarm", "Normal", and

"Trouble", conditions.3) Ability to access the default floor plan graphic for any active alarm point

by a right click option.4) Live video pop-up from the digital video servers shall follow the alarm

event pop-up. The number of live camera views in the pop-up window shall be no less than 16. The live pop-up window shall allow the user to define the quantity of views from 1 - 64. The ability to adjust the size of the live pop-up window shall exist.

5) Ability to bypass alarms in the system.6) Execute alarm notification in all modes of operation.7) Ability to acknowledge any intrusion alarm, event alarm, system alarm,

card, or reader activity based on priority.8) Display of system activity with the higher priorities displayed at the top of

the list with identical points stacked with a frequency count of each point's change of state.

9) A video icon for events that have video associated with it. Right-clicking on such an event shall allow the option to retrieve recorded video or view "live". The stored video clip shall playback by default a minimum of 2 seconds before the actual event without any adjustment.

10) Viewable alarms include but not limited to access control related events such as Door Normal, Door Alarm, Door Trouble, Door Ajar; Card events such as Not Found, Anti-Passback Violation, PIN Violation, Time Zone Violation, Site Code Violation, Door Used, Escort access Granted, Site Code Violation, Invalid format, Supervisor card Authenticated, Supervisor card Found, Supervisor mode Disabled, Supervisor mode Enabled, Supervisor card Required, Temporary Card Expired by Date, Temporary Card Expired by Number of Uses, VIP card Found, Duress, No Second Card Presented, Trace Card or Expired Card, and System Alarms including, Panel Com, Panel Power Failure, Modem Pool, Guard Tour, and Tamper. Intrusion partition events including but not limited to: Alarm, Alarm Cancel, Aram Away, Arm Stay, Auto Arm, Auto Disarm, Bypass, Disarm, Early Arm, Early Disarm, Fail to Arm, Fail to Disarm, Normal, Not Ready, Part Arm, Quick Arm, Recent Close, Remote Arm, Remote Disarm, Unbypass, User Code Added, User Code Deleted, user Code Edited. Intrusion zone events including but not limited to: Alarm, Alarm Restore, Bypass, Fault, Fault Restore, Normal, Trouble, Trouble Restore, and Unbypass. Intrusion output events including but not limited to: Alarm,

28 10 00 -23

Communication Loss, Normal, Tamper, and Tamper Restore. Intrusion panel events including but not limited to: Access Denied, Automatic Test, Comm Fail, Comm Restore, Faults, Faults Restore, Line Restore, Line Trouble, Manual Test, Pager Restore, Pager Trouble, AC Restore, AC Trouble, Alarm, Battery Low, Battery Low Restore, Disarm, Normal, Recent Close, Reset, Panic Alarm, Power Up, Program begin, Program Changed, Program End, System Shutdown, System Shutdown Restore, Tamper Alarm, Tamper Restore, Test End, Test Start, Time/Date changed.

11) Ability for an operator to acknowledge and clear alarms from display. Prior to acknowledgment, the user shall be allowed to enter a response per alarm. The system shall offer a means to require acknowledgement of an alarm before it can be cleared.

12) A display of the most current transactions in real time.13) Ability for dynamic alarm monitoring of alarm points in real time on the

system computer's video display terminal.14) Alarm view filter that is structured as a tree allowing the operator to

select individual devices or groups of devices to be viewed.15) A "System" alarm upon a loop integrity violation.16) A "Panel Not Responding" alarm if communication to a panel is lost.17) Real time printing of alarms as they occur by line printing with a dot

matrix printer or provide printing of alarms, one page at a time, using typical Windows page printing.

h. Alarm Monitoring/System Control - Tree View:1) Ability for dynamic alarm monitoring of alarm points in real time on the

system computer's video display terminal.2) P color and icon shapes for each specific alarm point action of "Alarm",

"Normal", "Trouble", and "Shunted".3) Access control panels in the alarm tree, like alarm points, shall also

indicate if they are in the buffered mode of operation as well as any "system" related alarm such as "Tamper" or "Primary Power Loss" or Loss of communication.

4) Devices connected to the communication server shall provide additional popup information as to the communication port or IP connection the device is programmed for.

5) Option to launch a Virtual keypad from an intrusion panel partition to monitor the physical keypad remotely and to administer programming changes via the Virtual keypad.

6) The control tree shall be created by the user and allow for manual of control of all system devices. By right clicking on a device in the tree, the operator can initiate the appropriate action from a pick list. Actions shall include but not be limited to: Acknowledge All Alarms, Clear All Alarms, Send Time and Date, Send Camera Titles, Camera to Monitor Switch, Control Camera P/T/Z, Focus, Iris, Live Video, Retrieve Video from Clip, Run Command File, Lock, Unlock, Shunt, Unshunt, Pulse, Timed Pulse, Restore to Time Zone (Door Mode), Time Zone Schedule creation, change, Override Online Door Mode (Open, Lock, Card only, Card or PIN, Card and PIN, PIN only, Supervisor mode enable/disable, Supervisor mode, Escort Mode, Standard Mode), Initialize, Cancel Initialization, Buffer, Unbuffer, Connect Remote and Disconnect Remote from remote site. For partitions monitored by the intrusion panel the control shall include but not be limited to arm away, arm stay, disarm, refresh, and provide a virtual keypad for the partition. For zones monitored by the intrusion panel the control shall include but not be limited to bypass, unbypass and refresh. Intrusion panel output control shall include activate, deactivate and refresh.

28 10 00 -24

i. Operator Database:1) Allow the assignment of operator levels to define the system components

that each operator has access to view, operate, change, or delete.2) Ability to view, edit, or delete cardholder sensitive information such as

note fields, card number, and PIN shall be definable by field per operator.3) Ability to define the accounts that the operator has access to.4) Ability to log operator actions in the history files.5) Ability to select the default language during operator logon.6) Specified time periods for the operator to logon7) Ability to select if access to the Web browser is allowed.

j. Access Control Panels:1) Ability to program Action Messages and assign an alarm event priority. A

specific action message may be displayed for each alarm, system alarm (communication, ground fault, power, panel reset, low voltage, and panel tamper), card, or reader usage state. States shall include but not be limited to: Incorrect Password, Panel Configuration Error, Panel Remote Dial-up Failed, Panel Remote Dial-up Successful, Poll Response Alarm, Poll Response Normal, Primary Power Failure, Primary Power Normal, Tamper Switch Alarm, Tamper Switch Normal, Unsupported Panel Version, Anti-Pass back Violation, Anti-Pass back Violation Door Not Used, Anti-Pass back Violation Door Used, Card Not Found, Door Normal, Door Alarm, Door Trouble, Door Ajar, Door Locked, Door Unlocked, Duress Request Denied, Duress Request Door not Used, Duress Request Door Used, Forced Open, Free Egress Door Not Used, Free Egress Door not Verified, Free Egress Door Used, Host Grant Card Downloaded, Host Grant Door Unlocked, Invalid Format, Invalid Format Reverse Read, Invalid Pin, Invalid Site Code, Invalid Time zone, Issue Code, Never Allowed at this Door, No Second Card Presented, Site Code Verified Door Not Used, Site Code Verified Door Used Trace Card, Valid Card Door Not Used, Valid Card Door Used, Escort access Granted, Site Code Violation, Invalid format, Supervisor card Authenticated, Supervisor card Found, Supervisor mode Disabled, Supervisor mode Enabled, Supervisor card Required, Temporary Card Expired by Date, Temporary Card Expired by Number of Uses, VIP card Found. Intrusion partition events including but not limited to: Alarm, Alarm Cancel, Aram Away, Arm Stay, Auto Arm, Auto Disarm, Bypass, Disarm, Early Arm, Early Disarm, Fail to Arm, Fail to Disarm, Normal, Not Ready, Part Arm, Quick Arm, Recent Close, Remote Arm, Remote Disarm, Unbypass, User Code Added, User Code Deleted, user Code Edited. Intrusion zone events including but not limited to: Alarm, Alarm Restore, Bypass, Fault, Fault Restore, Normal, Trouble, Trouble Restore, and Unbypass. Intrusion output events including but not limited to: Alarm, Communication Loss, Normal, Tamper, and Tamper Restore. Intrusion panel events including but not limited to: Access Denied, Automatic Test, Comm Fail, Comm Restore, Faults, Faults Restore, Line Restore, Line Trouble, Manual Test, Pager Restore, Pager Trouble, AC Restore, AC Trouble, Alarm, Battery Low, Battery Low Restore, Disarm, Normal, Recent Close, Reset, Panic Alarm, Power Up, Program begin, Program Changed, Program End, System Shutdown, System Shutdown Restore, Tamper Alarm, Tamper Restore, Test End, Test Start, Time/Date changed, Identification Success: Fingerprint, Identification Success: Fingerprint and Card, Verification Success: Card, Verification Success: Card and Fingerprint, User download success, Identification Failed, Verification Failed, Not Granted, Identification Duress.

2) Ability to program descriptions, shunt times, and momentary shunt times for all system alarm points.

28 10 00 -25

3) Ability to program descriptions, pulse times, and energize times for all system output relays used for door control and other auxiliary functions.

4) Ability to program descriptions for all system card readers.5) Monitor both supervised and non-supervised alarm points with the ability

to select by point which point shall be supervised and define if the point is a normally closed or normally open point contact.

6) Ability to interlock any alarm point condition to an output relay.7) Ability to interlock any alarm point condition to another alarm point.8) Ability to interlock any alarm point to switch a camera to a system

monitor.9) Ability to program alarms and associate incoming alarms with related

outputs.10) A programmable "delay" setting of 255 seconds for all system alarm

points. The system shall not report the alarm condition until the delay setting has expired.

11) Allow 8 different site codes to be used in the system.12) Support 32 readers per Intelligent Control Module.

k. Reports:1) Card holder report capability with filter options to define door(s) that a

card holder has access to, reporting card holder name, Card(s), Access Level/schedules, Activation/Expiration. Available in the Browser and workstation.

2) Reporting capability for printing of selected system transactions from the disk files by specific time and date selection, range from time and date to time and date, or from start time to end time each day of the selected date range. Available in the Browser and workstation.

3) Reporting capability for selected card number displaying an audit trail of card changes detailing from-to when and by who. Changes shall include but is not limited to access level changes, activation/expiration dates, card number edits, and card holder name changes. Available in the Browser and workstation.

4) A feature to generate a history report for an alarm point(s) state. An alarm point state shall be defined as Normal, Alarm, Trouble, or Ajar.

5) A feature to generate a history report of system alarms. A system alarm state shall be defined by panel and include any of the following information: communication, ground fault, power, panel reset, low voltage, panel tamper, and loop communication.

6) A feature to generate an ADV actions report, which provides information on how the system ADVs are configured including detailed/advanced video configurations.

7) A feature to generate a history report for a card(s) state. A card state shall be defined as Normal, Trace, and Not Found, Anti-Passback Violation, PIN Violation, Time Zone Violation, Site Code Violation, or Expired card, Identification Failed, Verification Failed, Not Granted and filter the report with defined reader location(s). Available in the Browser and workstation. Additional search criteria shall be available at the workstation to include cardholders that meet up to at least 3-note field restrictions.

8) A feature to generate a history report for system operator(s) activities. The report shall include time, date, operator name the device associated with the action and the type of action performed by the operator. Activities shall include but not limited to: acknowledged and cleared transactions, camera control, door mode, door and relay control such as unlock, lock; door and input control such as shunt, Unshunt; login, logout, panel initialization, panel buffer and panel Unbuffer.

9) Complete database reporting of all data programmed into the system

28 10 00 -26

data files.10) An option to define how long a card holder has been in a defined area.

This report shall allow the time to be accumulated representing an attendance report. The definable filters shall include time/date range, reader(s) definition, card number, card holder and note field. The output of the report shall allow sort options to include First Name, Last Name, Event Time, and Card Number. The sorted data shall be selectable as Alpha or Numeric sorting and Ascending or Descending.

11) Feature to generate a report based on the frequency of usage of a card. The report shall allow the operator to define a time/date period, a minimum and maximum usage limit, a means to define which reader or readers should be used to filter the report and the ability to further define the type of card to be reported on based on note field selections. This report shall be available in the Browser and Workstation. Further a Workstation shall also provide a disposition function. The cards meeting the filtering criteria shall be acted upon based on the disposition setting. Disposition settings shall include but not be limited to: Report only, De-activate the card or Re-assign to a specified an access level. This report shall be available in the event scheduler. When defining when to run the report an option to select the number of previous days to run the report against shall be provided. As an example, a scheduled weekly report for the last 14 days could generate allowing for an overlap of time if desired.

12) An option to create report templates. Report templates available in the Browser and Workstation shall include, but not be limited to, Access Level, Card, Card History, Door, Holiday, Time Schedules and Card Holder information. The templates shall be able to be assigned to a scheduler to run automatically per the scheduler settings.

l. Tracking/Muster Report:1) A tracking feature shall allow the system operator to identify an area and

the person(s) in that area.2) Areas shall be defined by readers representing an IN or OUT read

status.3) Defined areas shall provide an automatic update of how many

cardholders are in the area.4) An area defined as an exit shall remove the person from the tracking

area.5) A view displaying all cardholders in a defined tracking or muster area

shall have the ability to be sorted in columns where by clicking on the column the data in the column shall be sorted. At a minimum, the columns can be sorted by: Card Number, Status, Card Holder, Reader, and Time/Date.

6) A Muster area shall be defined by a reader(s) used to "muster" individuals in the event of an emergency.

7) Reports can be generated for the defined muster or tracking area. Available in the Browser and Workstation.

8) Reports shall be generated for all muster or tracking areas in the system9) Tracking and Muster report template(s) shall be defined including

whether it should be emailed and/or printed base on Event(s), Schedule(s) or assigned to a "Hot key" on the tool bar to be manually run when needed.

10) Reports shall be sorted on time and date, card number, card holder name or matching note field. When sorted on note field, a page break between fields shall allow the report to be easily handled for departmental uses.

11) Tracking areas shall include "nested" areas. Nesting allows for various reports from a large area to smaller areas within the large area.

28 10 00 -27

12) A Tracking and Muster area screen shall be continually updated with the most recent cardholder activity, therefore minimizing the time required generating a report.

13) A history priming feature shall load history activities for the defined number of hours when the software is started. This priming feature shall be implemented if the system computer is offline when a muster call is initiated, thereby allowing the implementation of the tracking and muster features of the software. The history priming time shall be operator selectable in 1-hour increments up to 99 hours.

m. Time Zones:1) Time zone definitions shall include Starting time, Ending time, Days of

the week, and Holiday override.2) Time shall be defined in either AM/PM or 24-hour (military) time.3) The minimum time zone that shall be assigned to a panel is 128.4) The maximum time zones that shall be defined in a system is unlimited.5) Holidays shall be defined in two different time zones allowing different

time schedule to be programmed for each holiday type.6) Holidays shall be grouped in a Holiday Group.

n. Floor Plan Graphic:1) Shall provide the ability to import floor plan graphics stored in a WMF

format.2) Shall provide the ability to associate all ADV's (access, intrusion, and

video) to floor plan graphics allowing the user to control and monitor the system.

3) Shall provide the ability to link floor plan graphics together in a hierarchy fashion.

4) Shall allow multiple floor plan views to be displayed simultaneously.o. Remote Locations:

1) Ability to communicate to panels in real-time via encrypted Ethernet communication or support remote dial-up locations. Dial-up locations shall support the ability to place remote control panels in an offline mode. In the offline mode, the remote-control panels shall retain all panel history events. The number of historical events shall be limited to the panels' buffer capacity.

2) Ability to place remote control panels in an offline mode where the remote panel will automatically call to the communications computer to report system alarms or upload buffered events.

3) Ability to manage at up to 250 remote locations per communication server.

4) A user-defined schedule that will automatically add cards to any number of sites.

5) For remote panels not configured for real-time communications, the ability shall exist to provide system time schedules that the computer will use to automatically start uploading or downloading information to the remote sites. Information to be sent to the panel shall include, but not be limited to, card database changes, time, date, and buffer condition. Information received from the panel shall include all buffered events. While connected to the remote site, the system software shall poll, verify, and report any loss of panel communication. If a site's communication time is longer than expected, the system will automatically adjust the time schedule to allow all selected sites to be updated.

6) For remote panels not configured for real-time communications the remote site can also be supported via an auto dial schedule and shall allow the system to automatically dial the remote site at a predetermined time. The auto dial schedule is programmed with the ability to dial Once, Now, Hourly, Daily, Weekly, Two Weeks, Monthly, or Never to the

28 10 00 -28

remote site.7) Ability for an operator to program when the next scheduled update will

occur, based on time and date.8) Communication to remote dial up sites shall be accomplished using

password protection. The remote site provides the system with a site ID; the system responds with the appropriate password. No commands or transactions occur until the communication link is verified.

9) The System shall be able to receive or send information to remote access control panels on demand.

10) Ability to configure how many redial attempts from the remote location shall be defined from 1 to 5.

11) Ability to pause between redial attempts shall be programmable from 1 to 120 seconds.

12) Ability to pause before disconnecting shall be programmable from 1 to 30 seconds.

p. Guard Tour:1) Guard Tour shall allow the operator to program a series of guard check

points that must be activated to accomplish the task of a Guard Tour.2) The check point shall be either card reader points or alarm contact points

or a mixture.3) The Guard Tour shall be timed sequential allowing travel time between

points with +/- tolerance. This type of tour shall allow alarms to be generated for early, missed, or late events.

4) The Guard Tour shall be un-sequenced with no time parameters.5) The Guard Tour shall be started by two methods, Manual or Scheduled

by the access control system scheduler.q. ID Badging System/Video Image System:

1) Shall allow any card data fields to be assigned to a badge.2) Shall allow a stored cardholder image to be associated to any

background. Each cardholder shall have any one of the background layouts associated to it.

3) Ability to create temporary or permanent badges.4) Badges shall be printed via the workstation without the need to assign an

access level or access control card number. Numbers and access levels may be assigned after the print process.

5) Badges shall be printed via the browser after a card number has been assigned to the CardHolder.

6) Image export capability. Image shall be exported utilizing the cardholder's name as the file name in .jpg format.

7) Unlimited custom badge layouts (only limited by the hard disk capacity).8) Provide 24-bit (16.7 Million) color palette for background design or

foreground text.9) Ability to implement all fonts supported by Windows.10) Import capabilities of background information using video camera or

BMP, JPG, or TGA files.11) Import capabilities of video images from the compatible BMP, JPG, PCX,

or TGA file formats.12) Shall provide the ability to import multiple bitmap images to the badge

layout.13) Video capture capability from a compatible TWAIN device.14) Video capture capability from a DirectX device.15) Video capture capability from a compatible video capture device, such as

a high-resolution color camera.16) Badges in horizontal or vertical format.17) Capability for printout of cardholder badge by video or standard printers

supported by Windows.

28 10 00 -29

18) Ability for multiple card enrollment/badging stations on networked system.

19) Text fields limited to a maximum of 255 characters per field.20) Merging of data field from card database to text field.21) A field to be defined for bar code usage merging data from the card

database.22) Allow 99 different photos of the cardholder to appear on the same badge.23) Provide line, rectangle, rounded rectangle, and ellipses to be created on

the backdrop with provisions for line thickness and color.24) Signature capture or import capability for 99 signatures that can be

previewed in the cardholder's badge or printed on the cardholder's card.25) Capability to have a front and back layout selected for a cardholder and

the ability to print the card in one step (requires suitable printer) without the need to reinsert the card.

26) Ability to encode a magnetic stripe with information from any of the card data fields to include, but not be limited to: First Name, Last Name, Card Number, Activation date, Expiration Date, or any data from the card holders note field.

27) Information shall be encoded on track 1, 2, or 3 (requires suitable printer) without the need to reinsert the card. With suitable printer, each track shall be encoded with ABA, IATA, or TTS format.

r. Networking:1) Networking capabilities (LAN or WAN) as allowed by the computer's

operating system license.2) The access control software shall support two networking methods. By

default, Domain controlled networks shall be the standard configuration providing secure networking communications. The ability to work on less secure peer-to-peer (Workgroup) networks shall be allowed for lower security installations. The functionality shall be one or the other and not run in both modes at the same time.

3) Ability for a network system to support concurrent users up to the license limit (one station adding cards and making badges, another station monitoring alarms, yet other running data base reports, another controlling door openings and alarm shunting, and so on).

4) The workstation shall have the same user interface functionality as the Server, except the workstation shall not be able to perform database maintenance functions.

E. ISMS Hardware and Software Requirements:1. The ISMS shall be installed in a computer that supports 1 to 10 readers, 250 cards,

and 2 communication ports. Workstations added to a Server shall also use these specifications. The minimum hardware and software requirements to fulfill this installation are:a. Processor: Intel Core i3 - Desktop class machine.b. CPU: 3.3 GHz.c. RAM: 8 Gigabytes (GB) for standalone installation; 4 Gigabytes (GB) for

workstations.d. Hard Disk: 120 GB SATA with minimum 60 GB free space; Workstation(s) 80

GB with 5 GB free.e. Serial Communication Ports: As required by the application.f. Secondary Storage: Tape or DVD burner.g. Printer port: 1 (or network printer).h. Monitor Display: Size: 15 Inches SVGA, Resolution: 1024 x 768, Colors: 256.i. Pointing Device: Mouse (USB preferred).j. Power Supply: UPS .k. Operating System: Minimum 64-bit Microsoft Windows 10 Professional;

28 10 00 -30

Windows 8.1 Professional for workstations.l. Database: Microsoft SQL Server 2016 Express Edition.

2. The ISMS shall be installed in a computer that supports 1 to 100 readers, 5,000 cards, and 8 communication ports. The recommended hardware requirements to fulfill this installation are:a. Processor: Quad Core Intel Xeon® .b. CPU: 2.4 GHz.c. RAM: 16 Gigabytes (GB).d. Hard Disk: 250 GB SATA or SCSI or SSD (60GB free space).e. Serial Communication Ports: 2.f. Secondary Storage: Tape or DVD burner.g. Printer port: 1 (or network printer).h. Monitor Display: Size: 20 Inches, Resolution: 1600 x 900, Colors: True color.i. Pointing Device: Mouse (USB preferred).j. Power Supply: Hot-swap, redundant with UPSk. Operating System: Microsoft Windows 10 Professional (standalone system or

Workstations); Windows Server 2012 R2 Standard when additional workstations and or communication servers are added also use for additional communication servers (PE/CS only).

l. Database: Microsoft SQL Server 2016 Express Edition.3. The ISMS shall be installed in a computer that supports that supports more than 100

readers, 100,000 cards and 255 communication ports, the maximum/performance hardware requirements to fulfill this installation begin with:a. Processor: Intel Quad Core Xeon Intel Quad Core Xeon - Server class

computerb. CPU: 3.5 GHz or morec. RAM: 32 Gigabytes (GB)d. Hard Disk: 1 TB SATA 15000 RPM or SSDe. Serial Communication Ports: As per the requirementf. Secondary Storage: Tape or DVD burnerg. Printer port: 1 (or network printer)h. Monitor Display: Size: 24 Inches, Resolution: 1920 x 1200, Colors: True colori. Pointing Device: Mouse (USB preferred)j. Power Supply: Hot-swap, redundant with UPSk. Operating System: Microsoft Windows Server 2016l. Database: Microsoft SQL Server 2016 with processor/core license

F. Hardware Requirements:1. Intelligent Controllers:

a. Distributed architecture shall allow controllers to operate independently of the host. The architecture shall place key access decisions, event/action processing, and alarm monitoring functions within the controllers, eliminating degraded mode operation.

b. Flash memory management shall support firmware updates and revisions to be downloaded to the system. Upgrades to the hardware and software shall occur seamlessly without the loss of database, configurations, or historical report data.

c. Manufacturers: Subject to compliance with requirements, provide Field Controllers or comparable product by one of the following:1) Honeywell NetAXS Controller (NetAXS-123 and NetAXS-4 are the two

types of NetAXS controllers)2) Honeywell P-Series Controller (PRO-3200, and PW-6000 are the types

of P-Series controllers - Legacy support for PRO-2200, PW-5000) PRO-3000 (APAC regional panel)

3) Honeywell N-1000 or PW-2000 Controller (Legacy support)4) Honeywell Security NS2 or NS2+ (Legacy support)

28 10 00 -31

5) Honeywell FIN-4000 Panels (HON-FIN4000MIK-100K, HON-FIN4000AC-100, FIN4000K-10K, FIN4000-10K and FIN4000K-20K).

2. Field Hardware:a. The security management system shall be equipped with access control field

hardware required to receive alarms and administer all access granted/denied decisions. All field hardware shall meet UL requirements.

b. Intelligent Controller Board: Honeywell Security PRO32ICc. Single Reader Module (SRM): Honeywell Security PRO22R1d. Dual Reader Module (DRM): Honeywell Security PRO32R2e. Alarm Input Module (AIM): Honeywell Security PRO32IN. 16 Inputs 2 Outputs.f. Relay Output Module (ROM): Honeywell Security PRO32OUT. 16 Outputs 2

Inputs.g. Card Readers:

1) Proximity.2) Magnetic Stripe.3) Wiegand.4) Barcode.5) BLE

G. System Interfaces:1. Digital Video Recording Systems:

a. The Security Management System shall provide fully integrated support for a powerful digital video recording and transmission system. The Security Management System shall record, search and transmit video, and shall provide users with live, pre-and post-event assessment capabilities. The DVRs shall be seamlessly integrated with existing video equipment and incorporated into any TCP/IP network. The DVRs shall provide multiple levels of integration with the Security Management System software, providing control of the digital video system from the access control application.

b. WIN-PAK shall support the following Digital Video Recorders (DVRs).1) ADPRO2) MAXPRO NVR3) ENVR.

c. Manufacturers and part numbers:1) Honeywell MAXPRO NVR recorders2) Honeywell ADPRO3) Honeywell ENVR

2. Access Control Panels(Controllers):a. Honeywell N-1000 or PW-2000 Controller, Honeywell NS2, NS2+ Controller,

Honeywell P-Series Controller (PRO-2200, PRO-3000, PRO-3200, PW-5000, and PW-6000 are the types of P-Series controllers), Honeywell NetAXS Controller (NetAXS-123 and NetAXS-4 are the two types of NetAXS controllers), Honeywell FIN4000 Panels (HON-FIN4000MIK-100K, HON-FIN4000AC-100K, FIN4000K-10K, FIN4000-10K and FIN4000K-20K), Honeywell MPA2 Panel + Controller.

b. N-1000 Series Panels (Legacy) shall have the following capabilities:1) Stores 5,000 cards/key codes, expandable to 25,000 with memory

upgrade.2) Supports ABA and WIEGAND card formats.3) Stores eight format (software) commands, allowing use of cards with

various bit structures and encoding schemes.4) Supports an option to define 63 time zones. Each time zone shall include

a start time, end time, day of week specification and holiday specification. Time zones may be assigned to cards via access levels to define when the card is allowed access. Time zones may be assigned to input points, to define when the input points are shunted (de-activated).

28 10 00 -32

Time zones may be assigned to output points (relays), to define when the output points are energized, for timed control of doors or devices.

5) Supports setting of panel options such as anti-passback, groups, and keypads for providing access for the readers, input points, and output points attached to the panel.

6) Supports the use of card readers in conjunction with keypads, in which users are required to enter a PIN, followed by a card, to gain access.

7) Supports an option to assign shunt times to input points, from 1-63 seconds, minutes, or hours, and debounce times to input points, from 1-255 seconds.

8) Supports an option to assign pulse times to output points, from 1-63 seconds, minutes, or hours.

9) Supports the option to interlock selected input and output points, in any combination. An interlocked input or output point shall act based upon a change of state from another input or output point.

10) Stores 32 relay group definitions. Each group may be controlled with the same options available for individual relays.

11) Supports an option to define 32 holidays, for override of normal system operation.

12) Supports the followings mechanical and electrical specifications:a) Mechanical specifications: Height: 14.6 inches (370mm), Width:

12.6 inches (320mm), Depth: 3.5 inches (89mm), Weight: 5.51 lb. (2.5kg).

b) Electrical Specifications: 16.5 VAC 50 VA or +24 VDC at 1.25 Amps.

c. NS2+ Series Panels (Legacy) shall have the following capabilities:1) Stores 10, 000 cards/key codes. (NS2 = 2,000 cards/key codes)2) Supports WIEGAND card format.3) Stores eight format (software) commands, allowing use of cards with

various bit structures and encoding schemes.4) Supports an option to define 63 time zones. Each time zone shall include

a start time, end time, day of week specification and holiday specification. Time zones may be assigned to cards via access levels to define when the card is allowed access. Time zones may be assigned to input points, to define when the input points are shunted (de-activated).Time zones may be assigned to output points (relays), to define when the output points are energized, for timed control of doors or devices.

5) Supports setting of panel options such as anti-passback, groups, and key pads for providing access for the readers, input points, and output points attached to the panel.

6) Supports the use of card readers in conjunction with keypads, in which users are required to enter a PIN, followed by a card, to gain access.

7) Supports an option to assign shunt times to input points, from 1-63 seconds, minutes, or hours, and debounce times to input points, from 1-255 seconds.

8) Supports an option to assign pulse times to output points, from 1-63 seconds, minutes, or hours. Output points can also report the change in state status in the same way an alarm point would. This provides added awareness of door operation in critical installations.

9) Supports the option to interlock selected input and output points, in any combination. An interlocked input or output point shall act based upon a change of state from another input or output point.

10) Supports an option to define 32 holidays, for override of normal system operation. Holidays shall be definable in two different holiday types thus allowing for different operational time definitions for each holiday type.

28 10 00 -33

11) Supports the followings mechanical and electrical specifications:a) Mechanical specifications: Height: 14.6 inches (370mm), Width:

12.6 inches (320mm), Depth: 3.5 inches (89mm), Weight: 5.51 lb. (2.5kg).

b) Electrical Specifications: 16.5 VAC 50 VA or +24 VDC at 1.25 Amps.

d. P Series Panels shall have the following capabilities:1) Stores 50,000 cards/key codes for PRO-2200, stores 1 00,000 cards/key

codes for PRO-3200/PW-5000/PW-6000.2) Supports ABA and WIEGAND card formats.3) Types of P-Series panels are: PRO-3200, PW-6000, and legacy PW-

5000 and PRO-2200).4) Eight SIO Boards are included in the PRO-2200 panel. A maximum of 16

SIO boards are supported by the PRO-3200 panel. 32 SIO Boards are included in the PW-5000 and PW-6000 panel. SIO boards enable extended input and output capabilities to the panel.

5) Readers, inputs, and outputs that can be connected to the panel are based on the type of SIO Board that is added to the panel. The SIO Board types include 16-Zone Input/output (16 inputs, 2 outputs, and 0 readers), 16-Relay Output (0 inputs, 16 outputs, and o readers), 2-Reader I/O (2 inputs, 8 outputs, and 6 readers), and 1-Reader I/O (1 input, 2 outputs, and 2 readers).

e. NetAXS Panels shall have the following capabilities:1) Types of NetAXS panels available are: NetAXS-4 panel and NetAXS-123

panel.2) Panels (NetAXS-123 and NetAXS-4) are called as Gateway panels when

added directly to the communication server.3) NetAXS-4 Gateway panel supports the downstream devices feature. This

feature shall extend the input and output capabilities of the NetAXS-4 panels.

4) NX4IN and NX4OUT:a) NX4IN is a 32 input and 0 output downstream add on deviceb) NX4OUT is a 2 input and 16 output downstream add on device

5) Supports only the WIEGAND card format. The NetAXS panel allows multiple sets of card numbers and site codes embedded in a card format. These multiple embedded sets will be represented as A, B, C, and D sets of card numbers and site codes. The A set shall be used as the default / primary card and site code numbers. The resulting maximum length of the card number will be 64-bits in length (20-digit card number). This is the reason that the system defaults will incorporate the ability to select a 20-digit card number size in addition to the existing 5, 12 and 16 digits

6) Supports 128 time slots and 255 holidays (per holiday group). Holidays shall be definable in three different holiday types thus allowing for different operational time definitions for each holiday type. The NetAXS panels shall have a provision to add a new time zone while within the panel database. After creating the new time zone, it shall be added to the Time Zones database and applied to the panel's database.

7) Panel options such as Anti-passback, Groups, Forgiveness, Continuous Card Reads, Reverse Read LEDs, Host Grant, Site Codes, and Command File can be set for providing access to the readers, input points, and output points attached to the NetAXS panels.

8) NetAXS-4 panel shall allow configuring of 14 inputs with default values. NetAXS-123 panel shall allow configuring 17 inputs with default values.

9) NetAXS-4 panel shall allow configuring of 16 inputs with default values. NetAXS-123 panel shall allow configuring 14 inputs with default values.

10) NetAXS-4 panel shall support 4 readers. NetAXS-123 shall support 6

28 10 00 -34

readers controlling 3 doors where the "A" reader is the primary reader for the door and the "B" reader is the Out reader for the door when so used. The B Reader can be programmed separately regarding name, Advanced Options, Anti-Passback configuration, and Intrusion support. The B Reader cannot work alone as a Reader only. When used, the B reader will be tied to the A reader in terms of the interlock relationships pertaining to Door operation. The Advanced Options selection shall provide several advance features not normally used in the typical system and thus the reason they are accessed separately to reduce confusion for typical installations. For the NetAXS-123, Reader A and Reader B shall support their own settings.

11) The Groups option shall be supported only by the NetAXS-4 panels. A maximum of 64 groups shall be defined with a maximum of 76 relays.

f. HON-FIN4000 Panels shall have the following capabilities:1) Type of HON-FIN4000 panels available are: HON-FIN4000MIK-100K,

HON-FIN4000AC-100K, and legacy FIN4000K-10K, FIN4000-10K and FIN4000K-20K Panels

2) HON-FIN4000 work as standalone or as an access control panel/biometric reader directly supported by the PAC (WIN-PAK software) or as a biometric reader using the Wiegand interface to other supported access control panels.

3) HON-FIN4000AC-100K supports 125kHz EM, HID Prox and 13.56 Mhz MIFARE, MIFARE Plus, DESFire/EV1, FeliCa, iCLASS SE/SR/Seos card technologies; 500,000 users (1:1) or 100,000 users (1:N)

4) HON-FIN4000ACK-10K supports 125kHz EM, HID Prox and 13.56 Mhz MIFARE, MIFARE Plus, DESFire/EV1, FeliCa, iCLASS SE/SR/Seos card technologies; 10,000 users (1:1) or 10,000 users (1:N); 1.77 inch (45 mm) color TFT LCD; 160 x 128 pixels

5) Supports 128 time slots and 255 holidays (per holiday group). Holidays to be definable in two different holiday types thus allowing for different operational time definitions for each holiday type.

6) Panel options such as Anti-passback, Groups, Forgiveness, Host Grant, Site Codes, and Command File can be set for providing access to the readers, input points, and output points attached to the panel.

7) HON-FIN4000 shall allow configuring of 3 inputs with default values.8) HON-FIN4000 panel shall support an additional Wiegand reader for

in/out management.g. MPA2 Panels shall have the following capabilities:

1) MPA2 Panel is called as Gateway panels when added directly to the communication server.

2) MPA2 Panel supports the downstream devices feature. This feature shall extend the input and output capabilities of the MPA2 Panel.

3) Supports only the WIEGAND card format. The MPA2 panel allows multiple sets of card numbers and site codes embedded in a card format. These multiple embedded sets will be represented as A, B, C, and D sets of card numbers and site codes. The A set shall be used as the default / primary card and site code numbers. The resulting maximum length of the card number will be 64-bits in length (20-digit card number). This is the reason that the system defaults will incorporate the ability to select a 20-digit card number size in addition to the existing 5, 12 and 16 digits

4) Supports 128 time slots and 255 holidays (per holiday group). Holidays shall be definable in three different holiday types thus allowing for different operational time definitions for each holiday type. The MPA2 panels shall have a provision to add a new time zone while within the panel database. After creating the new time zone, it shall be added to the Time Zones database and applied to the panel's database.

28 10 00 -35

5) Panel options such as Anti-passback, Groups, Forgiveness, Continuous Card Reads, Reverse Read LEDs, Host Grant, Site Codes, and Command File can be set for providing access to the readers, input points, and output points attached to the MPA panels.

6) MPA2 panel shall allow configuring of 24 inputs with default values.7) MPA2 panel shall support 4 readers.

3. Intrusion Detection Panels:a. Honeywell VISTA-128FBPT, VISTA-250FBPT, VISTA -128BPT and VISTA-

250BPT1) General Requirements: The Security Management System shall support

hardwired and TCP/IP communication for the VISTA 128FBPT/VISTA-250 FBPT panel. Each panel shall have 8 partitions and 15 zone lists. Zones, partitions, and the top-level panel shall have an events page, with all supported events present. Features:a) Disarm and unlock a door on card swipe.b) Arm and lock a door on card swipe.c) Common area arm/disarm.d) Access denied if intrusion system is in alarm or armed.e) Monitor and log intrusion system events and alarms in the Security

Management System.f) Associate intrusion system events and alarms to video

surveillance integrations.b. Honeywell Galaxy Dimension Controllers: GALAXY__GD264,

GALAXY_GD_48, GALAXY_GD_96 GALAXY_GD_520, Firmware 6.80 and above, Ethernet module firmware 2.08 and above controllers. Honeywell Galaxy Grade 3 Controllers: GALAXY_144, GALAXY_20, Firmware 5.04/5.50 and above, Ethernet module firmware 2.01 and above. Honeywell Classic Panel Controllers: GALAXY_60, GALAXY_128, GALAXY_500, GALAXY_504, GALAXY_512, Firmware 4.50 and above, Ethernet module firmware 2.10 and above.1) Security Management System users can control and monitor Group and

Zone status using the Security Management System client, and control the individual zones and groups using Security Management System Access control credentials. Depending on the combined user profiles and access permissions defined in Security Management System, Security Management System cardholder is allowed or denied permission to arm/disarm zones and groups. The access control functionality of the intrusion panel is disabled when the integration is operational. Features:a) Disarm a zone on a card swipe.b) Arm a zone on consecutive card swipes. Security Management

System will support definition of quantity of swipes required and the timeout time in seconds to recognize consecutive swipes.

c) Security Management System supports linking of intrusion panel users with Security Management System cardholders.

d) Security Management System operators may be given control permissions for intrusion input and output alarms.

e) Security Management System can associate alarm events with video commands to look at current or historic footage.

f) Security Management System stores and reports on intrusion events.

2.4 WEB BASED MODULAR ACCESS CONTROL SYSTEM

A. System: NetAXS-4 Access System as manufactured by the Honeywell Commercial Security.1. NX4S1: 4 Door Control Panel (Standard Enclosure)2. NX4L1: Pre-wired 4 Door Control Panel (Deluxe Enclosure)

28 10 00 -36

B. The Honeywell NetAXS modular access control system shall function as a web-based open architecture facility management system that tracks individuals, defines and controls access levels, monitors alarms, and generates reports. The system shall include the capability to configure alarms and incorporate scheduled events that may be activated by either time or a specific programmed event. Access shall be controlled through a password-protected user interface. Operators can communicate with the system either through a host software system or by connecting to the web server through an Ethernet connection.1. The system control panels will be fully upgradeable using flash memory firmware.

C. System Architecture:1. The access control and alarm monitoring system shall be a flexible single-user, open-

architecture facility management system. The system shall be designed using reliable state-of-the-art technology allowing for easy and economical expansion. The scaleable design shall allow for operation from an embedded Web based server without a dedicated server or PC workstation. The panel shall also have the capability to operate in a hosted mode with WIN-PAK XE/SE/PE/CS access control software.

2. The system shall feature embedded Linux software that intelligently controls the reader network to provide automated data collection and configuration updates, facilitating seamless operation from controllers. All control panels shall utilize off-line distributed processing concepts including inter-controller communication if upgraded.

3. Connecting to the NetAXS web server shall be accomplished via USB, Ethernet through a web server hub connection or Ethernet through web server direct connection.

D. System Software:1. The software suite shall comprise various integrated software modules that allow for

the full integration and retrieval of transactions from the hardware, as well as alarm monitoring, reporting, and scheduling capabilities. The software modules shall allow editing of personnel, access levels, system configuration and reporting to be controlled by a password protected user interface. System operation for individual operators shall be possible using assigned passwords only.

2. The user shall have the ability to perform hardware configuration changes during or after the installation which shall include functions such as door open time, door contact time, location and reader names, and access rights configuration.

3. The system software shall support configuration of alarms triggering the system.4. The system shall incorporate scheduled events activated by either time or a specific

programmed event, therefore being time or event triggered.5. Access control functions shall include validation based on time of day, day of week,

holiday scheduling, and access validation based on positive verification of card or card + PIN (Personal Identification Number).

6. Zone-related Software Features:7. Supervisor card unlock.8. Card-related Software Management:

a. Time-limited access.b. PIN codes.c. Suspension of cards.d. Multiple card access.e. Card access groups.f. Time patterns (schedules).g. Anti-pass back (APB) control.h. Reporting.i. First Card Rule (Activates the door time zone).j. Two Card Rule-Supervisor card and regular card to allow access.k. Time zone card toggle for door locks.l. Latching mode for door locks.

28 10 00 -37

E. Hardware:1. The quantities of components shall be determined and installed by the Contractor

based on the requirement to provide a fully operational integrated access control system as per the intent of the design.

2. Communication between components i.e. gateway controller shall be RS485.3. All terminals and controllers shall allow for direct Firmware upgrade from the RS485

network connection. The units shall be upgradeable during normal system operation. Therefore should one unit be in upgrade mode all other units will continue to operate normally. The firmware shall be stored in FLASH memory on the individual units.

4. System Controller:a. The system controller shall be the Honeywell NetAXS-4 controller. Each

controller loop shall be capable of 31 panels or 124 readers.b. The standard controller configuration shall support 10,000 card capacity and

25,000 event capacity.5. Door Control: The terminals and remote readers supported by the controller shall be

any combination of the following: card only, card and pin, card or pin, pin only, lockdown, disabled, supervisor, escort, limited use card, expire on date, first card rule, snow day rule, time zone toggle and anti-passback with local/global capability and hard and soft implementation.

6. Honeywell OmniProx: The reader shall be fully sealed and potted electronics for use outdoors. It shall include 3 bezels color including black, charcoal and ivory. It shall have an integral optical tamper and security screw. The unit shall be able to communicate with the proximity cards at a read range of 2 to 3 inches (51 to 76 mm).

7. Inputs: Provides 14 fully configurable four-state supervised input points. System capacity shall have a total of 78 inputs

8. Outputs: Provides 8 SPDT Form C relay outputs rated at 10A at 28vdc, 8 open collector's outputs 16ma at 12vdc, 4 reader LED aux output and 4 reader buzzer output.

9. Cards and Database: The card and event buffer capacity shall be 10,000 card capacity and 25,000 event capacity. The firm ware revision shall have on-board flash memory for field firmware revisions and feature expansion. Offline database backup shall be available. Export capabilities for card database, alarms and events. The panel shall support 128 unique card formats and 8 site codes. Maximum card format size shall be 75bit suitable for handling the card format of PIV, TWIC, and FRAC cards. The time zones support will be a minimum of 127 with 128 access levels and 255 holidays.

10. Reports and Analysis: The system shall be capable of integrated reports, import/export of card database and alarms and events can be exported and saved in offline storage.

11. Embedded Web Server: Supported browsers shall include Internet Explorer. The web browser control will allow full control monitor, view live events and manually control doors and readers. Secure web browsing shall be SSL and SHA-1 secure socket layer encryption.

12. System Information: The system shall support Global Geographic Time Zone support and Daylight Saving Time support. The processor will be Freescale Coldfire 32-bit. The system shall be CE and FCC compliant with UL-294 listing.

13. System Testing: The Contractor shall demonstrate the functionality of the system upon completion of installation, and shall document the result of all tests and provide these results to the Customer.

14. Warranty: All equipment and systems shall be guaranteed by the Contractor for a period of one year commencing with the filing date of the Notice of Completion, provided the system has been inspected and signed off by the Owner. The guarantee shall cover all costs for Warranty Service, including parts, labor, prompt field service, pick-up, transportation, and delivery.

2.5 WEB BASED ACCESS CONTROL SYSTEM

28 10 00 -38

A. System: NetAXS-123 Access System as manufactured by the Honeywell Commercial Security.1. NX1P: One-door compact (plastic) enclosure with tamper switch.2. NX1MPS: One-door standard (metal) enclosure with tamper switch, power supply,

and battery.3. NXD1: One-door add-on board (to NX1P or NX1MPS) for two-door capacity.4. NXD2: Two-door add-on board (to NX1P or NX1MPS) for three-door capacity.

B. The Access Control System shall function as a Web-based open-architecture facility management system that tracks individuals, defines and controls access levels, monitors alarms, and generates reports. The system shall include the capability to configure alarms and incorporate scheduled events that may be activated by either time or a specific programmed event. Access shall be controlled through a password-protected user interface. Operators can communicate with the system either through a host software system or by connecting to the Web server through an Ethernet connection.

C. The NetAXS-123 Door Access System shall include, as a minimum, the following performance:1. The NetAXS-123 Door Access System shall be protected by the most extensive

support services in the industry, including Customer Service, Pre-Sales Applications Assistance, After-Sales Technical Assistance, access to Technical Online Support, and Online Training using web conferencing.

2. The NetAXS-123 Door Access System and its components shall be thoroughly tested before shipping from the manufacturer's facility.

3. The door access system shall support easy remote management anywhere with an Internet connection.

4. The door access system shall allow you to purchase the exact amount of access control doors immediately required, and to easily add more access controlled doors in the future.

5. The door access system shall be capable of being web based and controlled using a web browser, and seamless integration with Honeywell's MAXPRO Cloud and/or WIN-PAK XE, WIN-PAK SE, Win-PAK PE, and WIN-PAK CS access control software.

6. The door access system web user interface shall support Google ChromeTM.7. The door access system shall support SSL and SHA-1 secure socket layer

encryption.8. The door access system shall allow each TCP/IP network connected door controller to

support connection of up to 31 downstream door controllers by way of a standard RS485 data bus, for control of up to 123 downstream doors in a single web interface.

9. The door access system shall support up to 10,000 user cards and up to 128 unique card formats up to 75 bits, and eight site codes.

10. The door access system shall support up to 127 time zones, 128 access levels, and 255 holidays.

11. The door access system shall maintain up to 25,000 status event log.12. The door access system shall provide a number of door control modes including Card

only, card and PIN, PIN only, lockdown, disabled, supervisor, escort, limited use card, expire on date, first card rule, snow day rule, time zone toggle, local and global anti-passback, duress and others.

13. The door access system shall support interlocks for custom actions.14. The door access system shall include integrated basic reports, import/export of the

card database, and Alarms and event exporting to offline storage in a CSV database.15. The door access system shall be designed to be user friendly and shall be easily to

train the system user.16. The door access system shall feature dynamic screen updating over a web

connection, continually collecting and displaying door and system status for immediate display.

17. The door access system browser shall feature full control of the system to monitor and

28 10 00 -39

view live events and to manually control doors and readers.18. Door access system status shall include the door state, alarms, events, inputs,

outputs, power and other operational status.19. The door access system shall feature a Supervisor First capability that allows a

supervisor to present his ID card once to the reader and to give individual access. If a supervisor presents a card twice, this shall enable access for their team, allowing members of the team to gain access during a specified time zone.

20. The door access system shall feature an Escort mode for a Non-supervisor cardholder. The system allows the supervisor to first present his card, and then an escorted person to present his card to maintain accompanied access while in the escort mode.

21. The door access system shall offer options to be powered by PoE (Power over Ethernet), or to be powered by way of an external power supply.

22. The door access system enclosure shall offer connection to one, two or three doors by simply exchanging optional cards to accommodate the door control requirement.

23. The door access system processors shall features a System MTBF (Mean Time between Failure) of 250,000 hours.

24. The door access system shall provide a multi-lingual user interface, including English, Italian, French, Dutch, Spanish, German, Czech, Simplified Chinese and Arabic.

D. The NX1P Door access Controller shall have the following mechanical specifications:1. Unit Dimensions: 7.75 inches H x 7.75 inches W x 2.75 inches D (20 mm H x 20 mm

W x 7 mm D).2. Ethernet Connector: RJ45.3. Enclosure Type: High Impact Plastic.4. Wiring Access Holes: 7.

E. The NX1MPS Door Access Controller shall have the following mechanical specifications:1. Unit Dimensions: 13.9 inches H x 11.9 inches W x 4.7 inches D (35 mm H x 31 mm W

x 12 mm D).2. Enclosure Type: Metal.3. Wiring Access Holes: 19.

F. The NX1P access door controller shall have the following electrical specifications:1. Voltage: 450 mA at 12VDC.2. Power over Ethernet 802.3af.3. Power Consumption: < 6 Watts.

G. The NX1MPS access door controller shall have the following electrical specifications:1. Voltage: 93VAC to 264 VAC, 50/60 Hz, 12VDC at 3.5A.2. Power Consumption: < 45 Watts.

H. The NetAXS-123 Door Access System shall be designed to meet the following environmental conditions:1. Operating Temperature: 32 to 122 degrees F (0 degrees to 50 degrees C).2. Storage Temperature: -67 degrees to 185 degrees F (-55 degrees to 85 degrees C).3. Emissions: FCC: Part 15, Class B.4. CE: EN55013.

2.6 VISITOR MANAGEMENT SYSTEM

A. Product; Lobbyworks as manufactured by the Honeywell Commercial Security: The Visitor Management System shall allow the user to track visitors, employees, assets and deliveries as they enter and exit the facilities. The system shall also support printing of custom designed visitor passes with details like expiration date, visit area, host being visited, and visit purpose.

28 10 00 -40

B. The Visitor Management System shall allow the user to:1. Keep track of contractors and consultant timesheets.2. Track which employees have regular personal visitors.3. Secure visitor log.4. Clearly identify visitors by category, to restrict access to vulnerable goods and

information.5. Designate special areas for visitors with custom badges.6. Process most visitors in 20 seconds.7. Track and print temporary parking passes.8. Print vehicle window stickers.9. Use self-expiring badges to tighten security.10. Generate end-of-day reports to ensure regulatory compliance.11. Label information packets with personalized customer information.

C. Visitor Pre-Registration:1. Visitor pre-registration to include security level, length of stay, and maximum entries.2. Visitor pre-registration by using FrontDesk, Microsoft Office Outlook Calendar or

through Web-based application.3. Group/Event pre-registration, pre-loading of visitor picture, badge pre-printing, and

arrival instructions.4. Complete visitor registration processing within 20 seconds.

D. Visitor Information Capture:1. Quick and complete capture of visitor information as an essential component for

proper record keeping and security checks.2. Capture of visitor information using various hardware devices. The tasks that can be

performed include scanning business cards, scanning driver license, capturing visitor photo, capturing visitor signature, and 2D barcode scanning of driver licenses.

3. Quick processing of large groups of visitors through queuing of captured data.

E. Visitor Authentication:1. Recalling previous visit information (including pictures) when a visitor revisits.2. Detecting each attempted visit and deterring potential security breaches before they

affect the user facilities.3. Importing guests ranging from disgruntled ex-employees to known felons into the

watch list to alert personnel of a potential threat to the organization.4. Authenticating a person as having proper identification and determining that he or she

is who they claim to be.

F. Visitor Authorization:1. Enforcing visitor authorization prior to printing a badge, entering the premises,

authorizing visits at reception, security lobby, or remotely by the host employee.2. Delegating authorization responsibility to specific individuals.3. Providing a denied visitors list.

G. Visitor Badges Generation:1. Provide quick, cost-effective, and individualized badging as an essential component of

proper visitor identification.2. Allow printing of individualized visitor badges containing name, picture, expiration

date, and valid access areas.3. Customize badge templates for visitors, VIPs and contractors.4. Supports tight integration with Pro-Watch Security systems that allow the assignment

of access control privileges via barcode or card to visitors

H. Host Notification:1. Of a visitor's arrival by e-mail messages or real-time network messaging.2. When a visitor does not sign out.

28 10 00 -41

I. Visitor Tracking:1. Track events automatically by an accurate log as they relate to the visitor's activities

on site.2. Track the number of times the visitor signs in and signs out.3. Support quick sign in and out using a barcode scanner.4. Provide proactive checking for expired visits and network notification to hosts and

visitors of expired visits.5. Provide web access to the visitor manifest.

J. Security Policies:1. Provide accurate and consistent application of security policies.2. Provide a means to view picture and a person's attributes, reason for being on the

watch list, and the action to be performed upon visitor's arrival.3. Check each visitor against his/her previous visit information.4. Ensure that visitors sign out by tracking expired visits and informing their hosts.5. Allow host to extend a visit or assign host responsibilities to another employee.

K. Host Management:1. Assign the capabilities available to employees based on their requirement.2. Differentiate permanent and temporary employees; limit the number of daily and

concurrent visitors per host.3. The Front Desk operator shall:

a. Assign temporary day cards in Pro-Watch for Pro-Watch employees who have forgotten their card.

b. Have an option to assign either Pro-Watch access privileges to match their permanent card or a visitor privilege. The permanent card is automatically disabled while the temp card is active.

c. Be able to do a visual verify of the employee to their photo at the Front Desk.

L. Traffic Reporting:1. Traffic reports - per station, per building, per company, per employee, and per

department.2. Detailed visit reports.3. Time and attendance reports for contractors and other visitors.4. Reports on demand, or schedule reports for regular generation and e-mail delivery.

M. Assets and Deliveries:1. Track assets and deliveries as they arrive and depart premises.2. Generate asset and delivery tags and scan assets and deliveries in and out with a

barcode scanner.3. Provide e-mail notification of delivery recipient for unreturned assets.

N. Self-Registration Kiosk:1. Provide a fully featured visitor kiosk to handle visitor registration needs in a busy or

unattended lobby. The Kiosk shall be used to perform touchscreen visitor registration using a visitor's business card or driver license.

2. Allow to sign visitors in and out with voice agent scripted behavior, voice, and text message prompts. The Kiosk shall be used to take picture of visitors for true visitor identification, as well as display visitation rules/non-disclosure agreement.

3. Print a visitor badge at the self-registration station or at a remote FrontDesk and allow for remote authorization of the visit by the host or security desk. The Kiosk shall notify the hosting employee when their visitor arrives.

O. Security Audit Compliance:1. Secure database.2. Audit log.3. Tamper proof visitor records.

28 10 00 -42

4. Audit reports.5. Backup and restore capabilities.

2.7 ACCESS CONTROL READERS (Data security with Omni Class cards.)

A. Contactless Smart Card Readers:1. Contactless Smart Card readers shall be "single-package" type, combining electronics

and antenna in one package in the following configurations:2. Provide surface mounting style 13.56 MHz or 13.56 MHz and 125 kHz prox

contactless smart card readers suitable for minimal space mounting configurations as shown on the project plans.

3. Contactless smart card readers shall comply with ISO 15693, ISO 14443A (CSN), and ISO 14443B and shall read credentials that comply with these standards.

4. Contactless smart card readers shall output credential data in compliance with the SIA AC-01 Wiegand standard as follows:a. Reads standard proximity format data from OmniClass cards and outputs data

as encoded.b. Reads card serial number (CSN) of a MIFARE or DESFIRE card with

configurable outputs as 26-bit, 32-bit, 34-bit, 40-bit, or 56-bit.5. Data security with OmniClass cards shall use up to 128-bit authentication keys to

reduce the risk of compromised data or duplicate cards. The contactless smart card reader and OmniClass cards shall require matching keys in order to function together. All RF data transmission between the card and the reader shall be encrypted, using a secure algorithm. Card readers shall be provided with keys that are compatible with the OmniClass cards.

6. The reader shall be of potted, polycarbonate material, sealed to a NEMA rating of 4X (IP65).

7. The contactless smart card reader shall provide the ability to change operational features in the field through the use of a factory-programmed command card. Additionally, firmware may be updated by flashing the reader. Command card operational programming options shall include:a. Output configurations.b. LED and Audio configurations.c. Keypad configurations.

8. Contactless smart card readers shall provide the following programmable audio/visual indication:a. An audio transducer shall provide various tone sequences to signify: access

granted, access denied, power up, and diagnostics.b. A high-intensity light bar shall provide clear visual status (red/green/amber) that

is visible even in bright sunlight.9. Contactless smart card readers shall meet the following certifications:

a. UL 294.b. Canada/UL 294.c. FCC Certification.d. Canada Radio Certification.e. EU and CB Scheme Electrical Safety.f. EU - R and TTE Directive.g. CE Mark (Europe).h. IP55 Rated.i. C-Tick (New Zealand/Australia/Taiwan).

10. Contactless smart card readers shall meet the following environmental specifications:a. Operating temperature: -30 to 150 degrees F (-35 to 65 degrees C).b. Operating humidity: 5 to 95 percent relative humidity non-condensing.c. Weatherized design suitable to withstand harsh environments.

11. Contactless smart card reader cabling requirements shall be:a. Manufacturer: Honeywell Cable

28 10 00 -43

b. Cable distance: (Wiegand): 500 feet (150m).c. Cable type: 6-conductor No. 22 AWG minimum with overall foil shield and drain

wired. Standard reader termination: 18 inches (.5m) cable pigtail.

12. Warranty of contactless smart card readers shall be lifetime against defects in materials and workmanship.

B. Product: OM15 Mullion 13.56 MHz Contactless Smart Card Readers as manufactured by the Honeywell Commercial Security:1. Typical contactless smart card read range shall be:

a. 2 inches to 3 inches (5.0 to 7.6 cm) using OmniClass card.b. 1 inches (2.5 cm) using OmniClass Key Fob.c. 1 inches (2.5 cm) using OmniClass Sticker (Tag).d. 1 inches to 1.5 inches (2.5 to 3.8 cm) using OmniClass + HID 125KHz Prox

card.e. 1 inches to 2 inches (2.5 to 5.0 cm) using MIFARE Card (card serial number

only).2. Contactless smart card readers shall meet the following electrical specifications:

a. Operating voltage: 5 to 16 VDC, reverse voltage protected. Linear power supply recommended.

b. Current requirements: (average/peak) 60/90 mA at 12 VDC.3. Contactless smart card readers shall meet the following physical specifications:

a. Dimensions: 1.90 inches x 6 inches x .90 inches (4.8 cm x 15.3 cm x 2.3 cm).b. Weight: 3.2.oz (90.7 g).c. Material: UL94 Polycarbonate.d. Two-part design with separate mounting plate and reader body.e. Color: Black.

C. Product: OM16 Mullion 13.56 MHz Contactless Smart and 125 kHz Prox Card Readers as manufactured by the Honeywell Commercial Security:1. Typical contactless smart card read range shall be:

a. 2 to 3 inches (5.0 to 7.6 cm) using OmniClass card.b. 1 inches (2.5 cm) using OmniClass Key Fob.c. 1 inches (2.5 cm) using OmniClass Sticker (Tag).d. 1 to 1.5 inches (2.5 to 3.8 cm) using OmniClass + HID 125KHz Prox card.e. 1 to 2 inches (2.5 to 5.0 cm) using MIFARE Card; card serial number only.f. 1 to 3.5 inches (2.5 to 8.9 cm) using 125 kHz Prox card

2. Contactless smart card readers shall meet the following electrical specifications:a. Operating voltage: 5 to 16 VDC, reverse voltage protected. Linear power supply

recommended.b. Current requirements: (average/peak) 75/100 mA at 12 VDC.

3. Contactless smart card readers shall meet the following physical specifications:a. Dimensions: 1.90 inches x 6 inches x .90 inches (4.8 cm x 15.3 cm x 2.3 cm).b. Weight: 3.2.oz (90.7 g).c. Material: UL94 Polycarbonate.d. Two-part design with separate mounting plate and reader bodye. Color: Black.

D. Product: OM30 Mini-Mullion 13.56 MHz Contactless Smart Card Readers as manufactured by the Honeywell Commercial Security:1. Typical contactless smart card read range shall be:

a. 2 to 3 inches (5.0 to 7.6 cm) using OmniClass card.b. 1 inches (2.5 cm) using OmniClass Key Fob.c. 1 inches (2.5 cm) using OmniClass Sticker (Tag).d. 1 to 1.5 inches (2.5 to 3.8 cm) using OmniClass + HID 125KHz Prox card.e. 1 to 2 inches (2.5 to 5.0 cm) using MIFARE Card (card serial number only).

28 10 00 -44



3. Contactless smart card readers shall meet the following physical specifications:a. Dimensions: 1.90 inches x 4.04 inches x .80 inches (4.83cm x 10.26 cm x 2.03

cm).b. Weight: 3.2.oz (90.7 g).c. Material: UL94 Polycarbonate.d. Two-part design with separate mounting plate and reader body.e. Color: Black.

E. Product: OM31 Mini-Mullion 13.56 MHz Contactless Smart and 125 kHz Prox Card Readers as manufactured by the Honeywell Commercial Security:1. Typical contactless smart card read range shall be:

a. 2 to 3 inches (5.0 to 7.6 cm) using OmniClass card.b. 1 inches (2.5 cm) using OmniClass Key Fob.c. 1 inches (2.5 cm) using OmniClass Sticker (Tag).d. 1 to 1.5 inches (2.5 to 3.8 cm) using OmniClass + HID 125KHz Prox card.e. 1 to 2 inches (2.5 to 5.0 cm) using MIFARE Card (card serial number only).f. 1 to 3.5 inches (2.5 to 8.9 cm) using 125 kHz Prox Card



3. Contactless smart card readers shall meet the following physical specifications:a. Dimensions: 1.90 inches x 4.04 inches x .80 inches (4.83cm x 10.26 cm x 2.03

cm).b. Weight: 3.2.oz (90.7 g).c. Material: UL94 Polycarbonate.d. Two-part design with separate mounting plate and reader body.e. Color: Black.

F. Product: OM40 US Single-Gang 13.56 MHz Contactless Smart Card Readers as manufactured by the Honeywell Commercial Security:1. Typical contactless smart card read range shall be:

a. 2.5 to 4.5 inches (6.3 to 11.4 cm) using OmniClass card.b. 1 inches (2.5 cm) using OmniClass Key Fob.c. 1 inches (2.5 cm) using OmniClass Sticker (Tag).d. 1.5 to 2 inches (3.8 to 5.0 cm) using OmniClass + 125KHz HID Prox card.e. 1 to 2 inches (2.5 to 5.0 cm) using MIFARE Card (card serial number only).

2. Contactless smart card readers shall meet the following physical specifications:a. Dimensions: 3.30 x 4.80 x .85 inches (8.38 x 12.19 x 2.16 cm).b. Weight: 8.8.oz (249.5 g).c. Material: UL94 Polycarbonate.d. Two-part design with separate mounting plate and reader body.e. Color: Black.



G. Product: OM41 US Single-Gang 13.56 MHz Contactless Smart and 125 kHz Prox Card Readers as manufactured by the Honeywell Commercial Security:1. Typical contactless smart card read range shall be:

a. 2.5 to 4.5 inches (6.3 to 11.4 cm) using OmniClass card.

28 10 00 -45

b. 1 inches (2.5 cm) using OmniClass Key Fob.c. 1 inches (2.5 cm) using OmniClass Sticker (Tag).d. 1.5 to 2 inches (3.8 to 5.0 cm) using OmniClass + 125KHz HID Prox card.e. 1 to 2 inches (2.5 to 5.0 cm) using MIFARE Card (card serial number only).f. 1 to 3.5 inches (2.5 to 8.9 cm) using 125 kHz Prox Card

2. Contactless smart card readers shall meet the following physical specifications:a. Dimensions: 3.30 x 4.80 x .85 inches (8.38 x 12.19 x 2.16 cm).b. Weight: 8.8 oz (249.5 g).c. Material: UL94 Polycarbonate.d. Two-part design with separate mounting plate and reader body.e. Color: Black.



H. Product: OM55 13.56 MHz Contactless Smart Card with Keypad Readers as manufactured by the Honeywell Commercial Security:1. Typical contactless smart card read range shall be:

a. 3 to 4 inches (7.6 to 10.1 cm) using OmniClass card.b. 1 inches to 1.5 inches (2.5 to 3.8 cm) using OmniClass Key Fob.c. 1 inches to 1.5 inches (2.5 to 3.8 cm) using OmniClass Sticker (Tag).d. 1.5 to 2.0 inches (3.8 to 5.0 cm) using OmniClass + 125KHz HID Prox card.e. 1 to 2 inches (2.5 to 5.0 cm) using MIFARE Card (card serial number only).

2. Contactless smart card readers shall meet the following physical specifications:a. Dimensions: 3.30 x 4.80 x .90 inches (8.38 x 12.19 x 2.28 cm).b. Weight: 10oz (283.4 g).c. Material: UL94 Polycarbonate.d. Two-part design with separate mounting plate and reader body.e. Color: Black.



I. Product: OM56 13.56 MHz Contactless Smart and 125 kHz Prox Card W/ Keypad Readers as manufactured by the Honeywell Commercial Security:1. Typical contactless smart card read range shall be:

a. 3 to 4 inches (7.6 to 10.1 cm) using OmniClass card.b. 1 to 1.5 inches (2.5 to 3.8 cm) using OmniClass Key Fob.c. 1 to 1.5 inches (2.5 to 3.8 cm) using OmniClass Sticker (Tag).d. 1.5 to 2.0 inches (3.8 to 5.0 cm) using OmniClass + 125KHz HID Prox card.e. 1 to 2 inches (2.5 to 5.0 cm) using MIFARE Card (card serial number only).f. 1 to 3.5 inches (2.5 to 8.9 cm) using 125 kHz Prox Card

2. Contactless smart card readers shall meet the following physical specifications:a. Dimensions: 3.30 x 4.80 x .90 inches (8.38 x 12.19 x 2.28 cm).b. Weight: 10oz (283.4 g).c. Material: UL94 Polycarbonate.d. Two-part design with separate mounting plate and reader body.e. Color: Black.



J. Contactless Proximity Card Readers:

28 10 00 -46

1. Card readers shall be "single-package" type, combining electronics and antenna in one package in the following configurations:

2. Provide surface mounting style 125kHz contactless proximity card readers suitable for minimal space mounting configurations as shown on the project plans.

3. Contactless proximity card readers shall output credential data in compliance with the SIA AC-01 Wiegand standard as follows:a. Reads standard proximity format data from OmniProx cards and outputs data in

Wiegand format.b. Reads card number with formats up 84 bits.

4. The reader shall be of potted, polycarbonate material, sealed to a NEMA rating of 4X (IP65).

5. The contactless proximity card reader shall provide the ability to change operational features in the field through the use of a factory-programmed command card. Additionally, firmware may be updated by flashing the reader. Command card operational programming options shall include:a. Output configurations.b. LED and Audio configurations.c. Keypad configurations.

6. Contactless proximity card readers shall provide the following programmable audio/visual indication:a. An audio transducer shall provide various tone sequences to signify: access

granted, access denied, power up, and diagnostics.b. A high-intensity light bar shall provide clear visual status (red/green/amber) that

is visible even in bright sunlight.7. Contactless proximity card readers shall meet the following certifications:

a. UL 294.b. Canada/UL 294.c. FCC Certification.d. ROHS compliante. Canada Radio Certification.f. CE Mark (Europe).

8. Contactless proximity card readers shall meet the following environmental specifications:a. Operating temperature: Minus 25 to 145 degrees F (Minus 31 to 63 degrees C).b. Operating humidity: 0 to 95 percent relative humidity non-condensing.c. Weatherized design suitable to withstand harsh environments.

9. Contactless proximity card reader cabling requirements shall be:a. Manufacturer: Honeywell Cableb. Cable distance: (Wiegand): 500 feet (150m).c. Cable type: 6-conductor No. 22 AWG minimum with overall foil shield and drain

wire.d. Standard reader termination: 18 inches (.5m) cable pigtail.

10. Warranty of contactless proximity card readers shall be lifetime against defects in materials and workmanship.

K. Product: OP10 Mini-Mullion 125kHz Contactless Proximity Card Readers as manufactured by the Honeywell Commercial Security:1. Typical contactless proximity card read range shall be:

a. 1.5 to 4 inches (3.8 to 10.2 cm) using OmniProx card2. Contactless proximity card readers shall meet the following electrical specifications:

a. Operating voltage: 5.0 to 16 VDC, reverse voltage protected. Linear power supply recommended.

b. Current requirements: 60/120 mA at 12 VDC.3. Contactless proximity card readers shall meet the following physical specifications:

a. Dimensions: 3.15 x 1.57 x 0.50 inches (80 x 40 x 12.8 cm).b. Material: UL94 Polycarbonate.

28 10 00 -47

c. Two-part design with separate reader body and cover.d. Color: Black, charcoal gray and ivory interchangeable bezels.

4. Contactless card reader shall be Honeywell OP10 compatible with selected card media.

L. Product: OP30 Mullion 125kHz Contactless Proximity Card Readers as manufactured by the Honeywell Commercial Security:1. Typical contactless proximity card read range shall be:

a. 1.5 to 4 inches (3.8 to 10.2 cm) using OmniProx card2. Contactless proximity card readers shall meet the following electrical specifications:


b. Current requirements: 60/120 mA at 12 VDC.3. Contactless proximity card readers shall meet the following physical specifications:

a. Dimensions: 5.71 x 1.69 x 0.79 inches (145 x 43 x 20 cm).b. Material: UL94 Polycarbonate.c. Two-part design with separate reader body and cover.d. Color: Black, charcoal gray and ivory interchangeable bezels.

4. Contactless proximity card reader shall be Honeywell OP30 compatible with selected card media.

M. Product: OP40 Single-Gang (US) 125kHz Contactless Proximity Card Readers as manufactured by the Honeywell Commercial Security:1. Typical Contactless proximity Card read range shall be:

a. 1.5 to 4 inches (3.8 to 10.2 cm) using OmniProx card2. Contactless proximity Card readers shall meet the following electrical specifications:


b. Current requirements: 60/120 mA at 12 VDC.3. Contactless proximity Card readers shall meet the following physical specifications:

a. Dimensions: 4.33 x 2.95 x 0.59 inches (110 x 75 x 15 cm).b. Material: UL94 Polycarbonate.c. Two-part design with separate reader body and cover.d. Color: Black, charcoal gray and ivory interchangeable bezels.

4. Contactless proximity Card reader shall be Honeywell OP40 compatible with selected card media.

N. Product: OP45 Single-Gang (EU/APAC) 125kHz Contactless Proximity Card Readers as manufactured by the Honeywell Commercial Security:1. Typical Contactless proximity Card read range shall be:




a. Dimensions: 3.5 x 3.5 x 0.595 inches (88.9 x 88.9 x 15 cm).b. Material: UL94 Polycarbonate.c. Two-part design with separate reader body and cover.d. Color: Black, charcoal gray and ivory interchangeable bezels


O. Product: OP90 Single-Gang (US) 125kHz Contactless Proximity Card Vandal Resistant Readers as manufactured by the Honeywell Commercial Security:1. Typical Contactless proximity Card read range shall be:

28 10 00 -48




a. Dimensions: 4.5 x 3.15 x 0.59 inches (114 x 80 x 15 cm).b. Material: UL94 Polycarbonate.c. Two-part design with reader body and cover.d. Color: Silver.


P. Product: OP95 Single-Gang (US) 125kHz Contactless Proximity Card Vandal Resistant Readers + Keypad as manufactured by the Honeywell Commercial Security:1. Typical Contactless proximity Card read range shall be:




a. Dimensions: 4.5 x 3.15 x 0.59 inches (114 x 80 x 15 cm).b. Material: UL94 Polycarbonate.c. Two-part design with separate reader body and cover.d. Color: Silver


2.8 ACCESS CONTROL READERS (Data security with Mifare EV2 cards.)

A. Contactless Smart Card Readers:1. Contactless Smart Card Readers: "Single-package" type, combining electronics and

antenna in one package in the following configurations:a. Surface Mounting Style: 13.56 MHz or 13.56 MHz and 125 kHz PROX

contactless smart card readers suitable for minimal space mounting configurations as shown on project plans.

b. Surface Mounting Style: 2.4 GHz Bluetooth Low Energy (BLE) suitable for minimal space mounting configurations as shown on project plans.

2. Comply with ISO 15693, ISO 14443A (CSN) ISO 14443B: Read credentials complying with these standards.

3. Output credential data complying with SIA AC-01 Wiegand standard:a. Reads standard proximity format data from Mifare Classic cards and outputs

data as encoded.b. Reads card serial number (CSN) of a MIFARE or DESFIRE card with

configurable outputs as 26-bit, 32-bit, 37-bit, 56-bit.4. Data Security with Mifare EV2 Cards: Use up to 128-bit authentication keys to reduce

risk of compromised data or duplicate cards.a. The contactless smart card reader and Mifare EV2 cards require matching keys

in order to function together. All RF data transmission between the card and reader will be encrypted, using a secure algorithm. Card readers will be provided with keys that are compatible with the Mifare Classic cards.

5. Material: The reader to be potted, polyurethane.6. Provide ability to change operational features in the field using a factory-programmed

command card or by reader utility application i.e. mobile app. Additionally, firmware may be updated by flashing the reader. Command card operational programming

28 10 00 -49

options shall include:a. Output configurations.b. LED and Audio configurations.c. Keypad configurations.

7. Provide the Following Programmable Audio/Visual Indication:a. An audio transducer shall provide various tone sequences to signify: access

granted, access denied, power up, and diagnostics.b. Three LEDs on keypad; green, red, and amber, shall provide clear visual

status.c. A high-intensity RGB light ring shall provide clear free programmable visual

status that is visible even in bright sunlight.8. Meet the Following Certifications:

a. UL 294.b. Canada/UL 294.c. FCC Certification.d. Canada Radio Certification.e. EU and CB Scheme Electrical Safety.f. EU - RED Directive.g. CE Mark (Europe).h. IP65 Rated.

9. Meet the Following Environmental Specifications:a. Operating Temperature Range: Minus 31 to 151 degrees F (Minus 35 to 66

degrees C).b. Storage (Unpowered) Temperature Range: Minus 40 to 158 degrees F (Minus

40 to 70 degrees C).c. Operating Humidity: 5 to 95 percent relative humidity non-condensing.d. Weatherized design suitable to withstand harsh environments.

10. Cabling Requirements:a. UL94 V0 conform.b. Cable Distance: Wiegand, Clock/Data: 500 feet (150 m).c. Cable Type: 8-conductor No. 26 AWG minimum with overall foil shield and

drain wired. Standard Reader Termination: 6.5 feet (2 m) cable pigtail.

11. Warranty: Lifetime against defects in materials and workmanship.

B. Contactless Mobile Credential Readers: "Single-package" type, combining electronics and antenna in one package in the following configuration:1. Surface Mounting Style: 2.4GHz Bluetooth Low Energy (BLE) suitable for minimal

space mounting configurations as shown on the project plans.

C. Product: OT3300BHONG "OmniAssure Touch MultiTech MC Mul B" 13.56 MHz and 125kHz, Mullion, BLE, 0-key, Contactless Card Readers as manufactured by the Honeywell Commercial Security:1. Typical Contactless Smart Card Read Ranges:

a. Range: 0 to 1.57 inches (0 to 4 cm) using Mifare Classic card (026364).b. Range: 0 to 0.79 inches (0 to 2 cm) using Mifare Classic Key fob (026364.05).c. Range: 0 to 1.18 inches (0 to 3 cm) using DESFire card EV2 (026355).d. Range: 0 to 0.59 inches (0 to 1,5 cm) using DESFire Key fob EV2 (026350).e. Range: 0 to 0.79 inches (0 to 2 cm) using OmniAssure OES (ODPEV28N38).f. Range: 0 to 0.79 inches (0 to 2 cm) using Quadrakey card (22717).g. Range: 0 to 1.96 inches (0 to 5 cm) using HID card.h. Range: 0 to 1.18 inches (0 to 3 cm) using Prox1 card (026368.00).i. Range: 0 to 0.98 inches (0 to 2,5 cm) using Prox1 key fob (022190).

2. Typical BLE communication range shall be:a. Range: 0 to 16 feet (0 to 5 m).

3. Electrical Specifications:

28 10 00 -50


b. Current requirements:1) Average/Peak: 250 / 600 mA at 7 VDC.2) Average/Peak: 150 / 320 mA at 12 VDC.3) Average/Peak: 100 / 230 mA at 18 VDC.

4. Physical Specifications:a. Dimensions: 5.66 x 1.96 x 0.88 inches (144 x 50 x 22.3 mm).b. Weight: 9.56 oz (271 grams).c. Material: UL94 Polycarbonate.d. Two-part design with separate mounting plate and reader body.e. Color: Black.

D. Product: OT3312BHONG "OmniAssure Touch MultiTech MC Mul 12KeyB" 13.56 MHz and 125 kHz, Mullion, BLE, 12-keys, Contactless Card Readers as manufactured by the Honeywell Commercial Security:1. Typical Contactless Smart Card Read Ranges:

a. Range: 0 to 1.57 inches (Range: 0 to 4 cm) using Mifare Classic card (026364).

b. Range: 0 to 0.79 inches (Range: 0 to 2 cm) using Mifare Classic Key fob (026364.05).

c. Range: 0 to 1.18 inches (Range: 0 to 3 cm) using DESFire card EV2 (026355).

d. Range: 0 to 0.59 inches (Range: 0 to 1,5 cm) using DESFire Key fob EV2 (026350).

e. Range: 0 to 0.79 inches (Range: 0 to 2 cm) using OmniAssure OES (ODPEV28N38).

f. Range: 0 to 0.79 inches (Range: 0 to 2 cm) using Quadrakey card (22717).g. Range: 0 to 1.96 inches (Range: 0 to 5 cm) using HID card.h. Range: 0 to 1.18 inches (Range: 0 to 3 cm) using Prox1 card (026368.00).i. Range: 0 to 0.98 inches (Range: 0 to 2,5 cm) using Prox1 key fob (022190).

2. Typical BLE communication range shall be:a. Range: 0 to 16 feet (Range: 0 to 5 m).

3. Electrical Specifications:a. Operating voltage: 7 to 18 VDC, reverse voltage protected. Linear power

supply recommended.b. Current requirements:

1) Average/Peak: 250 / 600 mA at 7 VDC.2) Average/Peak: 150 / 320 mA at 12 VDC.3) Average/Peak:: 100 / 230 mA at 18 VDC.

4. Physical Specifications:a. Dimensions: 5.66 x 1.96 x 0.88 inch (144 x 50 x 22.3 mm).b. Weight: 9.56 oz (271 grams).c. Material: UL94 Polycarbonate.d. Two-part design with separate mounting plate and reader body.e. Color: Black.

E. Product: OT4800BHONG "OmniAssure Touch MultiTech MC Sqa B" 13.56 MHz and 125 kHz, Square, BLE, 0-key, Contactless Card Readers as manufactured by the Honeywell Commercial Security:1. Typical Contactless Smart Card Read Ranges:

a. Range: 0 to 2,00 inches (Range: 0 to 5 cm) using Mifare Classic card (026364).

b. Range: 0 to 1,18 inches (Range: 0 to 4 cm) using Mifare Classic Key fob (026364.05).

c. Range: 0 to 2,00 inches (Range: 0 to 5 cm) using DESFire card EV2

28 10 00 -51

(026355).d. Range: 0 to 1,18 inches (Range: 0 to 3 cm) using DESFire Key fob (026350).e. Range: 0 to 1,57 inches (Range: 0 to 4 cm) using OmniAssure OES

(ODPEV28N38).f. Range: 0 to 1,37 inches (Range: 0 to 3,5 cm) using Quadrakey card (22717).g. Range: 0 to 3,54 inches (Range: 0 to 6 cm) using HID card.h. Range: 0 to 2,00 inches (Range: 0 to 5 cm) using Prox1 card (026368.00).i. Range: 0 to 0,20 inches (Range: 0 to 0,5 cm) using Prox1 key fob (022190).j. Range: 0 to 1,18 inches (Range: 0 to 3 cm) using Prox1 key fob (023100).


3. Electrical Specifications:a. Operating Voltage: 7 to 18 VDC, reverse voltage protected. Linear power


1) Average/Peak: 250 / 530 mA at 7 VDC.2) Average/Peak: 150 / 320 mA at 12 VDC.3) Average/Peak: 100 / 220 mA at 18 VDC.

4. Physical Specifications:a. Dimensions: 3.15 x 3.15 x 0.87 inches (80 x 80 x 22 mm).b. Weight: 8.64oz (245 gram).c. Material: UL94 Polycarbonate.d. Two-part design with separate mounting plate and reader body.e. Color: Black.

F. Product: OT4816BHONG "OmniAssure Touch MultiTech MC Sqa 16KeyB" 13.56 MHz and 125 kHz, Square, BLE, 16keys, Contactless Card Readers as manufactured by the Honeywell Commercial Security:1. Typical Contactless Smart Card Read Ranges:



c. Range: 0 to 2,00 inches (Range: 0 to 5 cm) using DESFire EV2card (026355).d. Range: 0 to 1,18 inches (Range: 0 to 3 cm) using DESFire EV2 Key fob

(026350).e. Range: 0 to 1,57 inches (Range: 0 to 4 cm) using OmniAssure OES

(ODPEV28N38).f. Range: 0 to 1,37 inches (Range: 0 to 3,5 cm) using Quadrakey card (22717).g. Range: 0 to 2,36 inches (Range: 0 to 6 cm) using HID card.h. Range: 0 to 2,00 inches (Range: 0 to 5 cm) using Prox1 card (026368.00).i. Range: 0 to 0,20 inches (Range: 0 to 0,5 cm) using Prox1 key fob (022190).j. Range: 0 to 1,18 inches (Range: 0 to 3 cm) using Prox1 key fob (023100).




1) Average/Peak: 250 / 530 mA at 7 VDC2) Average/Peak: 150 / 320 mA at 12 VDC3) Average/Peak:: 100 / 220 mA at 18 VDC

4. Physical Specifications:a. Dimensions: 3.15 x 3.15 x 0.87 inches (80 x 80 x 22 mm).b. Weight: 8.64 oz (245 gram).c. Material: UL94 Polycarbonate.

28 10 00 -52

d. Two-part design with separate mounting plate and reader body.e. Color: Black.

G. Product: OT3200BHONG "OmniAssure Touch Smart MC Mul B" 13.56 MHz, Mullion, BLE, 0- key, Contactless Card Readers as manufactured by the Honeywell Commercial Security:1. Typical Contactless Smart Card Read Ranges:

a. Range: 0 to 1.57 inches (Range: 0 to 4 cm) using Mifare Classic card (026364)








1) Average/Peak: 250 / 600 mA at 7 VDC.2) Average/Peak: 150 / 320 mA at 12 VDC.3) Average/Peak: 100 / 230 mA at 18 VDC.

4. Physical Specifications:a. Dimensions: 5.66 x 1.96 x 0.88 inches (144 x 50 x 22.3 mm).b. Weight: 9.56 oz (271 gram).c. Material: UL94 Polycarbonate.d. Two-part design with separate mounting plate and reader body.e. Color: Black.

H. Product: OT3212BHONG "OmniAssure Touch SmartTech MC Mul 12Key B" 13.56 MHz, Mullion, BLE, 12-keys, Contactless Card Readers as manufactured by the Honeywell Commercial Security:1. Typical Contactless Smart Card Read Ranges:

a. Range: 0 to 1.57 inches (Range: 0 to 4 cm) using Mifare Classic card (026364).








1) Average/Peak: 250 / 600 mA at 7 VDC.2) Average/Peak: 150 / 320 mA at 12 VDC.3) Average/Peak:: 100 / 230 mA at 18 VDC.

4. Physical Specifications:

28 10 00 -53

a. Dimensions: 5.66 x 1.96 x 0.88 inches (144 x 50 x 22.3 mm).b. Weight: 9.56 oz (271 g).c. Material: UL94 Polycarbonate.d. Two-part design with separate mounting plate and reader body.e. Color: Black.

I. Product: OT4700BHONG "OmniAssure Touch SmartTech MC Sqa B" 13.56 MHz, Square, BLE, 0-key, Contactless Card Readers as manufactured by the Honeywell Commercial Security:1. Typical Contactless Smart Card Read Ranges:





(ODPEV28N38).2. Typical BLE communication range shall be:

a. Range: 0 to 16 feet (Range: 0 to 5 m).3. Electrical Specifications:


b. Current requirements1) Average/Peak: 250 / 530 mA at 7 VDC2) Average/Peak: 150 / 320 mA at 12 VDC3) Average/Peak:: 100 / 220 mA at 18 VDC

4. Physical Specifications:a. Dimensions: 3.15 x 3.15 x 0.87 inches (80 x 80 x 22 mm).b. Weight: 8.64 oz (245 grams).c. Material: UL94 Polycarbonate.d. Two-part design with separate mounting plate and reader body.e. Color: Black.

J. Product: OT4716BHONG "OmniAssure Touch SmartTech MC Sqa 16KeyB" 13.56MHz, Square, BLE, 16-keys, Contactless Card Readers as manufactured by the Honeywell Commercial Security:1. Typical Contactless Smart Card Read Ranges:





(ODPEV28N38).2. Typical BLE communication range shall be:

a. Range: 0 to 16 feet (Range: 0 to 5 m)3. Electrical Specifications:


b. Current requirements:1) Average/Peak: 250 / 530 mA at 7 VDC2) Average/Peak: 150 / 320 mA at 12 VDC

28 10 00 -54

3) Average/Peak: 100 / 220 mA at 18 VDC4. Physical Specifications:

a. Dimensions: 3.15 x 3.15 x 0.87 inches (80 x 80 x 22 mm).b. Weight: 8.64 oz (245 grams).c. Material: UL94 Polycarbonate.d. Two-part design with separate mounting plate and reader body.e. Color: Black.

2.9 ACCESS CONTROL CREDENTIALS

A. Access cards shall be used with access readers to gain entry to access controlled portals (e.g.; doors, gates, turnstiles) and to hold information specific to the user and shall be Contactless Smart Card or Contactless Proximity Card technology credentials.

B. Contactless Smart Cards1. Single Technology Access Card:

a. The card shall meet the following standards for contactless smart cards: ISO 15693 and ISO 14443B2.

b. The card shall meet ISO 7810 specifications for length, width, thickness, flatness, card construction and durability, and shall be in a form suitable for direct two-sided dye-sublimation or thermal transfer printing on the specified badge printer.

c. Presentation to the access control reader at any angle within a minimum of one inch (25 mm) shall result in an accurate reading of the card.

d. Unique 64-bit, fixed card serial number, used for anti-collision and key diversification.

e. The card shall support capability, with a minimum of 2 Kbits (256 bytes) of EEPROM memory or 16 Kbits (2048 bytes) of EEPROM memory. The 2 Kbit card shall have a minimum of 2 Application Areas, and the 16Kbit shall have either 2 or 16 Application Areas to support future applications. Data retention shall be 10 years, nominal. Wiegand card data up to 84 bits in length shall be factory programmed in Application Area 1 for use with access control systems.

f. Each Application Area on the card shall be secured with up to a 128-bit unique, diversified security key, such that data stored in that area cannot be accessed or modified until the card and reader have completed a mutual authentication process.

g. The card shall be capable of completing any write operation, even if the card is removed from the RF field during that operation.

h. The card shall be warranted against defects in materials and workmanship for two years, or if multiple technologies are used: with a magnetic stripe the card shall have a fifteen month warranty; or with a contact chip, the card shall have a one year warranty.

i. Provide "smart" access cards, compatible with the specified card readers. Cards shall be encoded with Wiegand card data, at the factory.

j. The card shall not carry any identification showing the location of the property unless otherwise specified herein.

k. The card shall be capable of accepting a slot punch on one end, allowing it to be hung from a strap/clip in a vertical orientation.

2. Multiple Technology Access Card:a. The card shall support 13.56 MHz OmniClass contactless smart chip and

antenna plus any or all of the following technologies, simultaneously:1) 125 kHz HID Proximity chip and antenna.2) Magnetic Stripe.3) Embedded Contact Smart Chip Module.

b. The card shall be available with a 13.56 MHz OmniClass contactless smart chip and antenna plus a Wiegand Strip with an optional magnetic stripe, meeting all

28 10 00 -55

ISO 7810 standards except for card thickness, which shall be 0.037 inch (0.939 mm). The card will not be available with 125 kHz proximity technology and/or an embedded contact smart chip module.

3. Access Key Fob:a. The Key Fob shall meet the following standards for contactless smart cards:

ISO 15693 and ISO 14443B2.b. The Key Fob shall be constructed of durable injection molded polycarbonate

plastic, with a slot molded into one end, and shall be suitable for placement on a key ring.

c. Presentation to the access control reader at any angle within one inch (25 mm) shall result in an accurate reading of the key fob.

d. Provide key fobs compatible with the specified card readers.e. The key fob shall not carry any identification showing the location of the

property unless otherwise specified herein.f. The key fob shall be warranted against defects in materials and workmanship

for two years.4. Access Sticker:

a. The Sticker shall meet the following standards for contactless smart cards: ISO 15693 and ISO 14443B2.

b. The Sticker shall be a flat disc-shaped unit with a polycarbonate cover and a self-stick adhesive back.

c. The Sticker shall be capable of affixation to non-metallic personal items such as PDAs, cell phones, business assets, or to existing access control or identification cards for the purpose of transitioning from earlier technologies to contactless smart cards.

d. The Sticker shall not be used with tractor-feed (full insertion) readers.e. Presentation to the access control reader at any angle within one inch (25 mm)

shall result in an accurate reading of the Sticker.f. The Sticker shall be warranted against defects in materials and workmanship

for two years.g. Provide Access Stickers compatible with the specified card readers.h. The Sticker shall not carry any identification showing the location of the

property unless otherwise specified herein.

C. Contactless Proximity Cards:1. The card shall meet the following standards for contactless proximity cards:

a. 125 kHz HID Proximity chip and antennab. The card shall meet ISO 7810 specifications for length, width, thickness,

flatness, card construction and durability, and shall be in a form suitable for direct two-sided dye-sublimation or thermal transfer printing on the specified badge printer.

c. Presentation to the access control reader at any angle within a minimum of one inch (25 mm) shall result in an accurate reading of the card.

d. The card shall be capable of completing any write operation, even if the card is removed from the RF field during that operation.

e. The card shall be warranted against defects in materials and workmanship for two years, or if multiple technologies are used: with a magnetic stripe the card shall have a fifteen month warranty.

f. Provide "smart" access cards, compatible with the specified card readers. Cards shall be encoded with Wiegand card data, at the factory in 26 or 34 bit formats.

g. The card shall not carry any identification showing the location of the property unless otherwise specified herein.

h. The card shall be capable of accepting a slot punch on one end, allowing it to be hung from a strap/clip in a vertical orientation

28 10 00 -56

2.10 ACCESS CONTROL CABLES

A. Access Control System components shall be connected using the following Honeywell Genesis Series Cables:1. Shielded 6-Conductor Reader Cables: foil shielded with drain wire, stranded copper

conductors:a. 22AWG:

1) General Purpose Rated: CM, CL2, Sunlight Resistant Listed: Part Number: 1206.

2) Riser Rated: CMR, CL2R, FT4, Sunlight Resistant Listed: Part Number: 2206.

3) Plenum Rated: CMP, CL2P, FT6 Listed: Part Number: 3206.b. 18AWG:

1) General Purpose Rated: CM, CL2, Sunlight Resistant Listed: Part Number: 1216.

2) Riser Rated: CMR, CL2R, FT4, Sunlight Resistant Listed: Part Number: 2216.

3) Plenum Rated: CMP, CL2P, FT6 Listed: Part Number: 3216.2. Unshielded 18AWG 2-Conductor Power/Door Cables: Stranded copper conductors:

a. General Purpose Rated: CM, CL2, Sunlight Resistant Listed: Part Number: 1118.1) Riser Rated: CMR, CL2R, FT4, Sunlight Resistant Listed: Part Number:

2114.2) Plenum Rated: CMP, CL2P, FT6 Listed: Part Number: 3114.

3. Shielded 22AWG 2-Conductor Alarm Cables: foil shielded with drain wire, stranded copper conductors:a. General Purpose Rated: CM, CL2, Sunlight Resistant Listed: Part Number:

1202.1) Riser Rated: CMR, CL2R, FT4, Sunlight Resistant Listed: Part Number:

2202.2) Plenum Rated: CMP, CL2P, FT6 Listed: Part Number: 3202.

4. Bundled Access Control Cables: 4 components, Profusion unjacketed bundle.a. Part Number: 2195, Riser Rated, CMR, CL2R, FT4, Sunlight Resistant Listed.

1) Component 1: 22 AWG, 6 stranded conductors, shielded.2) Component 2: 18 AWG, 4 stranded conductors.3) Component 3: 22 AWG, 2 stranded conductors.4) Component 4: 22 AWG, 4 stranded conductors.

b. Part Number: 2295, Riser Rated, CMR, CL2R, FT4, Sunlight Resistant Listed.1) Component 1: 22 AWG, 6 stranded conductors, shielded.2) Component 2: 18 AWG, 4 stranded conductors, shielded.3) Component 3: 22 AWG, 2 stranded conductors, shielded.4) Component 4: 22 AWG, 4 stranded conductors, shielded.

c. Part Number: 3195, Plenum Rated, CMP, CL2P, FT6 Listed.1) Component 1: 22 AWG, 6 stranded conductors, shielded.2) Component 2: 18 AWG, 4 stranded conductors.3) Component 3: 22 AWG, 2 stranded conductors.4) Component 4: 22 AWG, 4 stranded conductors.

d. Part Number: 3295, Plenum Rated, CMP, CL2P, FT6 Listed.1) Component 1: 22 AWG, 6 stranded conductors, shielded.2) Component 2: 18 AWG, 4 stranded conductors, shielded.3) Component 3: 22 AWG, 2 stranded conductors, shielded.4) Component 4: 22 AWG, 4 stranded conductors, shielded.

5. Bundled Access Control Cables: 4 components, Overall jacketed bundle.a. Part Number: 2196, Riser Rated, CMR, CL2R, FT4, Sunlight Resistant Listed.

1) Component 1: 22 AWG, 6 stranded conductors, shielded.2) Component 2: 18 AWG, 4 stranded conductors.

28 10 00 -57

3) Component 3: 22 AWG, 2 stranded conductors.4) Component 4: 22 AWG, 4 stranded conductors.

b. Part Number: 2296, Riser Rated, CMR, CL2R, FT4, Sunlight Resistant Listed.1) Component 1: 22 AWG, 6 stranded conductors, shielded.2) Component 2: 18 AWG, 4 stranded conductors, shielded.3) Component 3: 22 AWG, 2 stranded conductors, shielded.4) Component 4: 22 AWG, 4 stranded conductors, shielded.

c. Part Number: 3196, Plenum Rated, CMP, CL2P, FT6 Listed.1) Component 1: 22 AWG, 6 stranded conductors, shielded.2) Component 2: 18 AWG, 4 stranded conductors.3) Component 3: 22 AWG, 2 stranded conductors.4) Component 4: 22 AWG, 4 stranded conductors.

d. Part Number: 3296, Plenum Rated, CMP, CL2P, FT6 Listed.1) Component 1: 22 AWG, 6 stranded conductors, shielded.2) Component 2: 18 AWG, 4 stranded conductors, shielded.3) Component 3: 22 AWG, 2 stranded conductors, shielded.4) Component 4: 22 AWG, 4 stranded conductors, shielded.

PART 3 EXECUTION

3.1 EXAMINATION

A. Examine site conditions to determine site conditions are acceptable without qualifications. Notify Owner in writing if deficiencies are found. Starting work is evidence that site conditions are acceptable.

3.2 PREPARATION

A. Clean surfaces thoroughly prior to installation.

B. Prepare surfaces using the methods recommended by the manufacturer for achieving the best result for the substrate under the project conditions.

3.3 INSTALLATION

A. System, including but not limited to access control, alarm monitoring and reporting, time management, and user identification cards shall be installed in accordance with the manufacturer's installation instructions.

B. Supervise installation to appraise ongoing progress of other trades and contracts, make allowances for all ongoing work, and coordinate the requirements of the installation of the System.

3.4 FIELD TESTING AND CERTIFICATION

A. Testing: The control, alarm monitoring and reporting, time management, and user identification cards shall be tested in accordance with the following:1. Conduct a complete inspection and test of all installed access control and security

monitoring equipment. This includes testing and verifying connection to equipment of other divisions such as life safety and elevators.

2. Provide staff to test all devices and all operational features of the System for witness by the Owner's representative and authorities having jurisdiction as applicable.

3. Correct deficiencies until satisfactory results are obtained.4. Submit written copies of test results.

3.5 PROTECTION

A. Protect installed products until completion of project.

28 10 00 -58

B. Touch-up, repair or replace damaged products before Substantial Completion.

END OF SECTION

28 10 00 -59

· Web viewPanel options such as Anti-passback, Groups, Forgiveness, Continuous Card Reads,...

Documents

Transcript of · Web viewPanel options such as Anti-passback, Groups, Forgiveness, Continuous Card Reads,...