Old School, New System
WHEN I JOINED RUTGERS STATE UNIVERSITY in New Jersey 30 years ago as the campus locksmith supervisor, the school was roughly 60 buildings smaller than it is today, with a significantly less populous student body. Nowadays, Rutgers is one of the nation’s premier state universities. Its branches extend from Sussex County in the north to Cape May in the south.
The student body is 50,000 strong between graduates and undergraduates. Most classes are held at the five campuses in and around New Brunswick, the school’s birthplace, but there are also campuses in Newark and Camden.
The enormous expansion of Rutgers has prompted inevitable alterations in its security over the years. The latest challenge has been to upgrade the access control system, a multiyear project that began a few years ago and is still ongoing. The goal of the project is to enhance building security through automation.
In looking at how we wanted to proceed, one factor was that we had not been pleased with the performance of installers, who had undersized power supplies, used wiring that was out of sync with specifications, and otherwise left us with systems that presented ongoing maintenance headaches. With that in mind, Rutgers’ security team decided that we would install and maintain the system ourselves. That approach would save the company money and time. But for it to succeed, we needed the right provider of the hardware and software.
The first step for the Rutgers team was to set up a study group committee, which, as the manager of security systems, I chaired. I also wore the hat of the tech support liaison. The group agreed that testing potential vendors would be the best way to expose the strengths and weaknesses of various systems. The degree of cooperation offered by sundry vendors could also be established—an important point in light of the desire to complete the system without the aid of integrators.
Five suppliers were asked to join the test group and were given similar areas to protect on a trial basis. Each vendor supplied references as well, and those contacts were interviewed by the committee cochair and me.
The real proof came to light when a system from each of the five vendors was installed in a building. The chosen buildings had similar characteristics and purposes, so the test provided a level playing field. The access control systems were brought online simultaneously and monitored for six weeks.
The security team assessed each system’s performance and usability, including ease of operation. We also scrutinized screen functions as they were viewed on the central station PCs. The results were compared, and as the probation period progressed, the field narrowed.
After careful deliberation, the study group selected Compass Technologies’ Compass 5E, a multiuser, multiplatform-based access system. The company had stood out from the start, as it was highly touted by other users, including officials at the state government buildings where Compass had been involved in a Y2K project. The company was ultimately chosen not only for its advanced technology and system performance but also for its willingness to work flexibly with the Rutgers security team.
With Compass, Rutgers was able to go factory-direct, cutting out integrators and employing a lot of customized materials. Such a tailor-made system would give us the control we desired.
In that vein, since the 5E system was first proposed, Rutgers Security Systems Group has acted as integrator for the project, working with Compass to design and implement the specially tweaked system. For its part, Compass provided a three-day factory and online training program for 12 Rutgers staff members to certify them to install and administer the 5E access system.
A Series of Steps
With 853 buildings on the various campuses, the university couldn’t afford to upgrade the entire system at once. The first phase of the project took place in 2002 and concerned the dorms. The phase of the project that I oversaw began in the fall of 2003 and addressed access control for seven major academic buildings in New Brunswick, which included research labs and classrooms.
The system was bought in components, including an intelligent reader module, power supplies, card readers, and software. Serving as our own installers, we laid in the new Compass network by mounting and wiring its panels, connecting the readers, establishing connectivity with the network, and downloading information to the panels.
Among the key elements of the 5E that were customized to fit Rutgers’ security scheme was the partitioning of the user database. Within the database are full-time students, who since 1999 have been equipped with a Rutgers University Connection campus ID card, which serves as an access card, a debit card, and a library pass. It includes a magnetic stripe plus PIN for interconnection with the databank, a bar code for use in the library, and a photo for visual identification. Through the information in the magnetic stripe and the accompanying issue number, the system knows whether cards have been lost, automatically annulled, or reissued.
The uncustomized 5E did not feature partitioning—the ability to run a system as one large entity composed of many small systems. A partitioned network is a miniature system under a big system umbrella.
Partitioned access allows a master administrator to run the show while permitting client administrators on the system to control their own buildings without affecting or altering the hierarchical structure. The system grants the individual administrators user rights and the ability to assign access rights.
Rutgers’ security team considers it critical to control the hierarchy, while allowing layered users to arrange their own areas without affecting the higher-level structure and without creating system problems.
The new implementation grants central control, such as opening and locking buildings automatically. The new system also provides audit trails as it records entries into buildings. It also makes it easy to eliminate unwanted persons from the system quickly.
Entry doors are tied into the alarm system already. And we are currently in the process of integrating the access control into the CCTV system.
Learning the Hard Way
This project was not the first time that we had installed a security network, but there are new lessons to learn from every project. As we worked with the Compass system, we picked up some significant dos and don’ts.
In general, I would recommend that anyone installing the Compass system—or any large system, for that matter—stay away from a very aggressive rollout. Take it gradually and cautiously. Part of this calculated, pensive process should be dedicated towards being doubly sure that the data being used particularly if it is “second-source” data—is in fact clean and in the proper format. Such second-source data might be cardholder information.
On the hardware end, be sure that the wiring is up to snuff for what will be needed in the retrofit. And pay particular attention to the integrity of the local area network. It’s crucial to be 100 percent certain that the network in question can support what you want to do.
The New Generation
The buck did not stop with the 5E. The Compass 6E next-generation access system is currently being phased in after the 5E paved the way. As of the time of this writing, existing 5E clients were on schedule to be converted to the 6E by this month.
With the 6E, Rutgers’ security administration hopes to reach the culmination of ideas first discussed with Compass three years ago when the 5E was installed, including polishing the partitioning facet. We wanted more user features within the partitions to allow individual operators to do more on their own, such as door scheduling, monitoring, and reporting.
Customers such as dormitory guardians will have the ability to assign their own door access schedules and emergency building lockups, and to limit user enrollment. Students and visitors, meanwhile, are unlikely to notice the change in the use of their cards.
The 6E has the ability to expand from a standalone or a peer-to-peer (machine-to-machine) network to a server or enterprise solution. It’s one very large access control system broken into many little pieces. The end-user only has to be concerned with his or her own little corner of the world.
Secondly, it offers two-tiered distributed processing, allowing the access control system to function in standalone mode if it loses communication with the server. Thirdly, the 6E has dynamic memory allocation, enabling better uses of the processor resource by keeping processing speeds even. Thus we avoid overworking the servers by keeping a low balance on them.
The system also features programmable communication speeds, which are field-selectable and, therefore, able to be tuned according to the network’s needs. We can adjust the network speed. We only deal with that when we set up the system, or when we run across a communication problem. In that case, we can conveniently go in and adjust speeds to compensate for the problems.
Also available are multistate program inputs, so alarms can be programmed into the system, or triggers for other devices such as lights or cameras.
There are multiple communication protocols, where the system can support Transmission Control /Internet Protocol (TC/IP) and has the ability for dial-up (which Rutgers does not exploit). In addition, the 6E offers a graphical user interface that is more screen-friendly from an end user’s standpoint. There is also a completely new report generator based on Crystal reports—a well-known software program that allows clients to build customized reports on issues such as user activity, cardholder lists, time zone activity, or alarm activities.
Rutgers’ five campuses at the New Brunswick hub—Busch, Livingston, College Avenue, Cook, and Douglas—and the Newark campus are all running on 5E and being converted to 6E. Some 6E access control may also be brought to the Camden campus. So far, the transition from the 5E to the 6E has gone smoothly, and there is no reason to believe the rest of the process will not follow suit.
As the upgraded 6E system gets running, security administration will monitor it for a month or so to become completely comfortable with it. Then administrators will move gradually to upgrade existing arrangements and add new clients.
Some five or six clients and 180 doors are on the system now, and requests come in on a daily basis as more and more people understand the benefits of access control. Points and buildings are continually being added.
One loose end we have tied up concerned the flood of annual visitors, temporary guests and part-time students who attend summer sessions and conferences on the scattered campuses. This was handled with the addition of temporary, hotel-style access cards for thousands of visitors and part-time students—cards which are tied into the database.
The overall aim of the project is to make the system as close as possible to fully automated, taking guesswork and manual entry out of the loop. The resulting system is one that the security staff can easily run autonomously, and that gives us the ability to offer control to individual clients or buildings.
At the same time, security staff can block specific aspects of the system from user control, such as the generation of time codes, or access to master levels, or the ability to change nonuser-definable groups such as emergency services.
The university will continue to improve the overall system through additional upgrades as well. For example, in the future, CCTV/DVR will be integrated within the Compass access system. Student ID cards will probably move to the ServeCard ID format, which is in keeping with federal law stipulating that Social Security numbers cannot be used as identifiers. Those additions will help polish a groundbreaking security project that has been years in the making.
Charles Mury, CPP, PSP, is manager of security systems at Rutgers University, New Brunswick, New Jersey. He is a member of ASIS International.