iProtect - Deister Key Cabinet

This manual represents the knowledge at the above-mentioned time. TKH security works non-stop to improve her products. For the most recent technical information please contact your consultant or dealer.

1. Introduction

This document is the installation and operation manual of linking iProtect with a Deister management system for Key Cabinets.

2. Key Cabinets

A key cabinet is a lockable cabinet that can hold a large number of KeyTags. These KeyTags are locked in specific positions that are monitored and controlled by the management software.

iProtect reads all linked Deister cabinets, including panels and key positions. It is therefore important that the key cabinet(s) are correctly created and configured within the Deister software.

By presenting an identification means (i.e. access card) to the reader that is connected to the key cabinet, the cabinet is unlocked. In iProtect you can define which person can take out one or more KeyTags. Every handling will processed and registered in iProtect.

The number of cabinets that are linked to Deister is not important to iProtect.

2.1 Functionalities

2.1.1 iProtect version 10.3

The Deister hardware must already be configured before the connection to iProtect is established.

The following functionalities are available in combination with iProtect:

  • Share user credentials and provide access to the cabinet

  • Determine for each user the type of user:

    • Administration

    • Normal

  • Control access rights for KeyTags based on single- and group level.

  • Set time zone in which the user is allowed to take the KeyTags

  • Control display option: KeyTag groups or single Tag

  • Control number of persons required to take out a KeyTag (4-eyes principle)

  • Register KeyTags that are taken out and returned

  • Prevent persons from leaving a certain area if (s)he still possesses KeyTags

  • Log events from Deister

  • Generate reports on possession of KeyTags

  • Monitoring of connection between Deister Key cabinets and Deister server

  • Secure communication between iProtect ann Deister server

  • After setting up the server connection the configured cabinets are read-in

  • Create a overview in Keymap of the cabinet (KeyTag level)

  • Determine the layout of the cabinet for each cabinet in iProtect

  • Current supported card types:

    • Mifare DESFire (TKH Security standard)

    • Rijkspas

    • UID 4byte and 7byte

2.1.2 iProtect version 10.4

  • Determine the maximum number of KeyTags is owned

  • Generate alarm if key fob is not returned in time

  • Only allowed to take a keytag from Keycabinet when person is present for iProtect

From iProtect 10.04 the card must be present in an area before an item can be taken from the key cabinet

3. Support and license

Below is an overview of support for both the hardware and the software, including the necessary license.

Version

License

Version

License

iProtect

License number 15 – Key cabinets

Number of KeyTags

Deister

Commander 4.10.10

 

4. Implementation

4.1 Service

Open menu: Installation | Settings | Service | Database link

If the details of Deister are known, the service can be created. At card data interpretation group, select the group that contains the card data interpretation(s) that will be used on the Deister key cabinet.

When the Deister connection status is Connected, enroll the system.

 

Label

Description

 

Label

Description

 

Name

Logical name

 

Card data interpretation group

Customer specific

 

Remote server

Login name

Login of Deister SQL server

 

IP-address or Host Deister server

Address of Deister SQL server

 

Use secure socket layer (SSL)

Security (True/False)

True

Port

Communication port

8443

Time-out (sec)

Communication check

30

Log

Log minutes

Debug purpose

 

Database name

Database name of Deister SQL server

 

Server instance name

Instance name of the SQL service

refer to a default or named instance of the SQL Server

Service name

Name of the service

refer to the name of the computer hosting the SQL Server

4.2 Key cabinet

After the key cabinet(s) has been synchronized, it can be defined in the menu:

Installation | Hardware | Key cabinet

4.2.1 Key cabinet panel

Here the panel size is determined:

Key cabinet panel number

Key cabinet items per row

Height(%)

Key cabinet panel number

Key cabinet items per row

Height(%)

1

e.g. 8

e.g. 15

2

e.g. 16

e.g. 30

4.2.2 KeyTag item details

A number of fields can be determined for each item.

Label

Description

 

Label

Description

 

Name

Unique name of the Key tag

At the first enrollment the name is retrieved from the deister software, when changing the name in iProtect the name is also changed in the deister software

KeyTag held for too long alarm after (minutes)

 

Enter the maximum time in minutes that a Keytag may be removed.

Persons required

Deister setting : Key tag release mode

  1. Single user access

  2. Dual user access

  3. Triple user access

 

4.3 key cabinet item group

Open menu: Access | Settings | key cabinet item group

Here you can create a group in which different items can be included, The key cabinet group can be linked to the person.

Label

Description

 

Label

Description

 

Name

Unique name of the Key cabinet group

 

Display option

Deister setting : Display of group in terminal

  1. Group

  2. Single item

  3. Single item + group

When the group is created, there is a list of key cabinet items under the group, here you can determine which item belongs to that group.

5. User management

5.1 Person settings

Open menu: General | Person

There is an Key cabinet section at the person detail page. The following settings can be made:

Label

Description

 

Label

Description

 

Time zone:

The selected time zone is set at the Deister user time profile

Ignore area blocking:

When active: the Key cabinet area blocking setting will be ignored.

Area blocking can be set at Access | Settings | Area.

This setting ensures that people have handed in all the keys before they are allowed to leave the area.

Administrator:

Terminal user level in Deister.

Active: Administration

Inactive: User

Maximum number of items in possession:

Max. number of simultaneously borrowed key Tags setting in Deister

5.1.1 Key cabinet item access

Open menu: General | Person

The ‘Key cabinet items access list’ can be found under the person in the treeview. Here you can select which individual key cabinet item(s) can be taken by this person.

5.1.2 Key cabinet item group list

Open menu: General | Person

The ‘Key cabinet items group list’ can be found under the person in the treeview. Here you can select which group of keys can be taken by this person, these groups can be configured in iProtect (see chapter 4.3)

5.2 Card settings

Open menu: Access | Card

To give a person access rights to one or multiple KeyTags, the person must be in possession of a valid card with the setting “Deister Key Cabinet” active”. The setting can be found at Database link.

5.3 Status overview

Open menu: Installation | Overviews | Status | Key cabinet item status

This is an overview page for the status of the key cabinet items in iProtect, here you can see the live statuses of all key cabinet items, it is also possible to filter and search by specific keywords

Search category

Description

Search category

Description

KeyTag all

This is an overview of all the keytags

Key cabinet

Overview per key cabinet

KeyTag name

Option to search on KeyTag name

KeyTag status

Option to filter per keyTag status

Person name

Option to search by person who possessions the KeyTag(s)

6. Area blocking

The area blocking functionality can be set in the existing areas within iProtect, the area settings can by find at Access > Settings > Area.

If the area blocking setting for the area is active, all items must be returned before the person can leave the area.

7. Events

Event ID

Event name

Description

Is generated by

Event ID

Event name

Description

Is generated by

53

Key cabinet status change

The status of the cabinet is changed

  • Connected

  • Disconnected

66

Key cabinet item status change

The status of an item is changed

  • Present

  • Taken out

  • Alarm

67

Key cabinet event

There has been a change at a cabinet

  • KeyTag taken

  • KeyTag returned

  • Cabinet opend

  • Cabinet closed

  • Credential expired

 

105

Item overdue alarm

A specific KeyTag has gone to alarm state

  • KeyTag held for too long

106

Item overdue alarm resolved

The KeyTag alarm is resolved

  • KeyTag is present again, alarm solved

118

Item removed

A KeyTag is taken by a person

  • KeyTag taken

119

Item returned

A Keytag is returned by a person

  • Keytag returned

8. Card data interpretation examples

Open menu: Access | Settings | Card coding | Card data interpretation

8.1 Desfire TKH default for Deister

Tab: Format

Label:

Setting:

Reader communication protocol:

Wiegand hexadecimal

Card type:

BCD + whole string to hexadecimal

Data length:

48

Bit oder:

Bit 7 in byte is first bit

Tab: System code

Label:

Setting:

Start:

1

Length:

24

Code:

Customer specific

Tab: Card number

Label:

Setting:

Start:

25

Length:

24

Tab: Parity

Left:

None

Right:

None

8.2 Rijkspas for Deister

Tab: Format

Label:

Setting:

Reader communication protocol:

Wiegand hexadecimal

Card type:

None

Data length:

36

Bit oder:

Bit 7 in byte is first bit

Tab: System code

Label:

Setting:

Start:

1

Length:

0

Tab: Card number

Label:

Setting:

Start:

1

Length:

36

Tab: Parity

Left:

None

Right:

None

8.3 SNR 10 Digits (4 byte UID) for Deister

Tab: Format

Label:

Setting:

Reader communication protocol:

Wiegand hexadecimal

Card type:

None

Data length:

32

Bit oder:

Bit 7 in byte is first bit

Tab: System code

Label:

Setting:

Start:

1

Length:

0

Tab: Card number

Label:

Setting:

Start:

1

Length:

32

Tab: Parity

Left:

None

Right:

None

8.4 SNR 17 Digits (7 byte UID) for Deister

Tab: Format

Label:

Setting:

Reader communication protocol:

Wiegand hexadecimal

Card type:

None

Data length:

56

Bit oder:

Bit 7 in byte is first bit

Tab: System code

Label:

Setting:

Start:

1

Length:

0

Tab: Card number

Label:

Setting:

Start:

1

Length:

56

Tab: Parity

Left:

None

Right:

None

9. Notes