In the following UI elements and their functionality are described.
Security Manager can be connected to different access control systems:
- Smart locks, such as SALTO Nebula
- Physical Access Control Systems (PACS), such as SIPORT or SiPass
For configuring access control of smart locks all functions are required. For connected PACS the following restrictions apply:
- For PACS, no doors or locks are configured. The door and lock management is not relevant.
- For PACS, schedules have no effect.
- Privileges are imported from the PACS and cannot be created or edited.
Doors and locks
If smart locks are connected, the definition of doors with assigned locks is a prerequisite for maintaining access. For definition of doors and locks you need the rights of the role Security Manager or Service Engineer. Refer to Engineering Guide, Configuration for Access chapter.
Schedules
Schedules are predefined combinations of days and time intervals. In Access > Schedules, at least one schedule needs to be created before privileges can be defined.
Privileges
An access privilege defines an extent to which a user can access the system. The access privilege is defined by one or more combinations of door and schedule. In Access > Privileges, you can create different types of privileges.
Roles
A role defines the permissions for users to perform an operation. Security Manager provides a set of predefined roles for each functionality of Security Manager. In Access > Identities, you can assign a role to an identity in the Roles tab.
The following roles allow the usage of certain Security Manager functionality:
Role | Functionality |
|---|---|
Self-Service User | An identity with assigned role Self-Service User gets the permission for self-service portal in Self services > Requests and to preregister visitors on the Visitor preregistration page. |
Visitor Operator | An identity with assigned role Visitor Operator gets the permission for managing visitor data, related visits and printing visitor passes. |
Visitor Manager | An identity with assigned role Visitor Manager gets the permission for managing visitor data, related visits, printing visitor passes and view Activities and Visitor Dashboards. |
Visitor Manager Administrator | An identity with assigned role Visitor Manager Administrator gets the permission for changing settings for visitor data under Configuration. |
Security Manager | An identity with assigned role Security Manager gets the permissions for every function of Security Manager. |
Service Engineer | An identity with assigned role Service Engineer gets the permission for door and lock management (Configuration > Doors and Locks), connection management (Configuration > Connections) and system settings. |
Customized Portals User | An identity with assigned role Customized Portals User gets the permission for Monitoring > Customized Portals. |
Rule Editor User | An identity with assigned role Rule Editor User gets the permission for Configuration > Rule editor. |
Credentials
A credential defines verification of an individual's identity and authorization to pass access control. The identities can get access through physical card (physical credential) or through mobile phone (virtual credential). In Access > Identities, you can assign physical credentials to an identity and enable virtual credentials in the Credentials tab.
User groups
Access privileges can also be defined by membership in a user group. A user group is defined by a combination of one or more privileges and one or more roles. In Access > Groups, you can define user groups. In Access > Identities, you can add a new member by assigning a user group to an identity in the User Groups tab.
Mobile devices
In order to use the smart phone to open doors, a user needs to download the Access Mobile App from the App Store. After the successful login the smart phone of this user gets registered. In Access > Identities, all the devices a particular user registers with the service are listed in the Mobile Devices tab. A user with role Security Manger can perform certain actions, for example remove a device or mark the device as lost or stolen.