Skip to content

Services#

Services in Access are required to select options for connecting to external systems.

All fields are required unless otherwise stated in the description.

Apacs#

This service is designed to interact with the APACS 3000 ACS.

Software integrations of the APACS ACS with the FRS are implemented to ensure the passage of recognized persons through a turnstile/door with a magnetic lock.

  • The supported version of the APACS ACS is 8.3.1.0.

Apacs service functionality#

Main functions:

  • adding devices with which LP will work;
  • receiving regular updates from the ACS software database;
  • sending requests for adding/changing data to the LP;
  • receiving identification events;
  • sending a request to the ACS software about identiloginfication events;
  • logging of events about an attempt by an unidentified employee to pass through the turnstile.

Configuring parameters for connecting to the APACS ACS#

Service settings and possible values:

Parameter Description Possible values Default value
name User-defined service name Any textual names. Only Latin characters are supported. It is not recommended to enter more than 30 characters. -
bio_system_id The identifier of the biometric system - -
host IP address of the server with installed APACS software IP address in the form X.X.X.X -
port Port on which APACS is deployed - 7010
enable_ssl Data encryption method for network transmission. It depends on the type of network you are using. On - https Off
Off - http
login Login of ACS software user. Input of Latin characters, numbers and symbols is supported. User created in APACS ACS software -
password The user's password created in the APACS ACS software. The input of Latin letters, numbers and symbols is supported. -
feature_profile The profile key belonging to the master key of the system. The key data is located in the APACS ACS software: HelpAbout the program - -
rabbitmq_login Username from RabbitMQ from Apacs The input of Latin letters and numbers is supported -
rabbitmq_password The password of the user from RabbitMQ from Apacs The input of Latin letters and numbers is supported -
card_format_source The type of map format for uploading organization codes and their offsets. For more information, see below - -
max_workers Number of parallel threads for face replication >0 10

The type of card format (card_format_source) can be found in any Apacs client application in the Console tab → System Root section → Hardware Server section → select a network driver → select a controller → Group: Card Format section → select any card format → General tab → field ""The type of the object"".

Creating a user in RabbitMQ#

To create a user in RabbitMQ with read- and write-only rights to a specific queue, follow these steps:

Available on the server where Apacs is deployed.

1․ Open the Windows command prompt.

2․ Navigate to the directory of executable files for RabbitMQ:

cd "c:\Program Files\RabbitMQ Server\rabbitmq_server-*.*.*\sbin"

Substitute the value of the RabbitMQ Server version instead of the * character.

3․ Add the user to RabbitMQ:

rabbitmqctl add_user <login> <password>

Substitute your own values instead of <login> and <password>. For more information, see the official website.

4․ Add rights to the user:

rabbitmqctl set_permissions -p / <login> "^apc.webapi.vl-access-2$" "^apc.webapi.vl-access-2$" "^apc.webapi.vl-access-2$"

Substitute your own value instead of <login>. For more information, see the official website.

These rights make it possible to create an exchange for the Apacs ACS in order to queue events about user changes. These rights also allow you to read events from this queue for further synchronization of users for Access.

Bastion#

Software integration of the Bastion ACS software with the face recognition system (LP5) is implemented to ensure the passage of recognized persons through the turnstile/door with a magnetic lock.

  • Supports Bastion ACS version 2.1.11.2337.

This service is designed to interact with the Bastion ACS.

The ACS synchronizes employees with the list in Luna and listens to events based on which it decides to open or not open the turnstile. These events are generated in Access by the CreateBastionEvent pipeline.

Bastion functionality#

Main features:

  • adding devices that LP5 will work with;
  • receiving regular updates from the ACS software database;
  • sending requests to add/change data to LP5;
  • receiving identification events;
  • sending requests to the ACS software about identification events;
  • logging events about an attempt by an unidentified employee to pass through the turnstile.

Bastion settings#

The following settings are used when creating a new service:

Parameter Description Values Default value
name Service name specified by the user Any text names. Only Latin characters are supported. It is not recommended to enter more than 30 characters -
luna_id Drop-down list with Luna service IDs in Access - -
host IP address of the server with installed Bastion software IP address in the form of X.X.X.X -
port ONVIF port of Bastion service - 10112
enable_ssl SSL encryption support for messages. It must be activated if necessary to maintain confidentiality. When activated, the load on the device and the message transmission time increases On - https Off
Off - http
username Bastion ONVIF user login. Input of Latin characters, numbers and symbols is supported. The user created in Bastion -
password Bastion ONVIF user password. Input of Latin characters, numbers and symbols is supported. User password -
vl_access_host IP address of the server where Access is installed IP address in the form of X.X.X.X -
vl_access_port Port of the server where Access is deployed - 9091

Setting up Bastion ACS software#

1․ Go to the server where the Bastion ACS is deployed and open the ACS software.

2․ Go to the Operator Window tab → Drivers → Driver Face → Configuration.

3․ In the Main settings section, set the port, ONVIF login and password.

4․ In the KBI Server section, add a new server by clicking "+".

5․ In the new server setup, enter the addresses of the person profile management service and the event service, the Access address in the "host:port" format, set the login and password for both services.

6․ In the Waypoint setting, add a new waypoint by pressing "+".

7․ Select the entry point Door N RM.

8․ In the Description field, enter the name of the camera that works with this access point.

9․ Select the operating mode "Access in identification mode"

The description of the access point must match the name of the device in Access.

10․ Save your changes by clicking on the floppy disk icon.

11․ Set up pass management on the Tools tab → Passes → Bureau of Passes.

12․ Creating an application for a pass. Go to Application → Main → Pass Management → New application.

13․ Fill in the required fields and click OK.

14․ Issuance of passes. Go to Application → Basic → Pass Management → Issue → Generate the card number → Ok.

Issued passes are displayed on the Issued tab.

15․ Edit the pass. Go to the Issued → Required Pass → Edit → Ok section..

Bolid#

Hardware and software integration required for communication between the FRS/CBS and the Bolide ACS software to ensure control of the connected device (C-2000 series devices or other devices compatible with the Bolide software).

Supports Bolid version 1.20.3, Orion Pro integration module version 1.4.

Information interaction is provided through the Orion Pro automated workplace software.

The Orion PRO licensed integration module must be installed and launched.

The integration module is a SOAP web service accessed via the HTTP/HTTPS protocols. The description of the web service complies with the WSDL version 2.0 specification.

The service runs under Windows 7/8/8.1/10 (32 bit or 64 bit).

Bolid functionality#

Main features:

  • sending a pair of “user ID” — “managed device” via the Orion Pro API;
  • data replication from the ACS software database.

Bolid settings#

The following settings are used when creating a new service:

Parameter Description Values Default value
name Service name specified by the user Any text names. Only Latin characters are supported. It is not recommended to enter more than 30 characters -
bio_system_id Drop-down list for selecting the ID of the Luna service in Access. - -
login Username of the Bolid user. It is set in the Bolide software: DB → Passwords → The password type is ""Remote control"" The user created in the bolid. The input of Latin letters, numbers and symbols is supported. -
password Bolid user password. Input of Latin characters, numbers and symbols is supported. User password -
host IP address of the server with installed Bolid software IP address in the form X.X.X.X -
port Bolid service port - 8090
enable_ssl SSL encryption support for messages. It must be activated if necessary to maintain confidentiality. When activated, the load on the device and the message transmission time increases On - https Off
Off - http
max_workers Number of data replication handlers from the Luna list to Bolid. If there is a large amount of data, it is recommended to set from 2 to 5. >0 10
token_ttl_sec Time to refresh the access token (in seconds). Find the value of the TokenLifeTime field in the file ProgramData\BolidIntegrServ\settings.ini It is not recommended to change this Parameter 300

Preparatory actions with Orion Pro software#

To launch and configure Bolid, you need to perform preparatory steps with the Orion Pro software:

1․ On the OrionShell panel, run the BDA (Bolid Database Administrator) module (Figure 111):

Launching BDA on the OrionShell panel
Figure 111. Launching BDA on the OrionShell panel

2․ Add a new employee. Fill in the required fields according to the rules for creating employees at the facility (Figure 112).

3․ Go to the Employees section

4․ Click the "add" button

5․ Fill in the required employee fields

Select the status of “Administrator” or another department with employees who have full access to the system.

Adding a new employee
Figure 112. Adding a new employee

6․ Add “Maximum” access level to the new user and set a password (Figure 113).

7․ Go to the Access section

8․ Click Add

9․ Select the desired employee, enter the password

10․ Select access level Maximum

Setting an access level for an employee
Figure 113. Setting an access level for an employee

11․ Add new section (Figure 114):

12․ Select the “System structure” tab;

13․ Select “Sections”;

14․ Select all “Sections”;

15․ Add a new section with default settings and name it.

Adding a new section
Figure 114. Adding a new section

16․ Bind devices to the newly created section (Figure 115).

17․ Select a section

18․ Click the “Add” button at the bottom left.

Binding devices to a section
Figure 115. Binding devices to a section

19․ select the required device in the list of devices (Figure 116);

20․ select it with the “>>” button and move it to the right field;

21․ confirm the changes with the “OK” button;

22․ click the “Save” button at the bottom left.

Binding devices to a section
Figure 115. Binding devices to a section

23․ Edit the orion.ini file in the folder with the installed Orion Pro application (for example, C:\BOLID\ARM_ORION_PRO1_20_3), adding Parameters to it (if there are none):

[Checkerdb]
Remarks=1
timechecker=5
Logon=1
RemoteCmd=1
CmdOn=1
[ChangeDB]
on=1

24․ Restart all Orion Pro applications.

Configuring the “ORION PRO INTEGRATION MODULE” application#

To configure the “ORION PRO INTEGRATION MODULE” application, follow these steps:

1․ Download the official distribution kit of the “ORION PRO INTEGRATION MODULE” application (link).

2․ Run the installation. After the installation is complete, launch the module, check the database connection settings. If everything works correctly, close the module.

3․ Install the module to run as a service. To do this, run the command in the terminal as administrator in the folder with the installed module (for example: C:\BOLID\IntegrServ):

IntegrServ.exe /INSTALL

4․ In the system control panel, find the installed service and run it by clicking the right mouse button and selecting “Start” (Figure 117).

System control panel
Figure 117. System control panel

CbsAlpha#

It is used to get the identifier of the descriptor in CBS Alpha from a photo.

Only LUNA PLATFORM 5.10 and later is supported.

A service for synchronizing two lists from CbsAlpha. The service tracks changes in the cbs list and compares them with persons from the luna list. If there are duplicates of persons, then the duplicate is deleted from the luna list.

Setting up parameters for connecting to CbsAlpha#

Service settings and possible values:

Parameter Description Possible values Default value
name The name of the service specified by the user Any text names. Latin and Cyrillic characters are supported. It is not recommended to enter more than 30 characters. -
host FRS IP address in KB IP address in the form of X.X.X.X. -
port Port for connecting to the FRS in CBS - 5000
enable_ssl SSL encryption support for messages. It must be activated if necessary to maintain confidentiality. When activated, the load on the device and the message transmission time increases On – active Off
Off – inactive
username Username of the FRS user - -
password Password of the FRS user - -
account_id UUID of the FRS user - -
handler_id UUID of the handler for handling pass events, created in the FRS. UUID of the handler -
default_list_id UUID of the ID of the FRS list that employees will be synchronized with The ID of the list created in the FRS. -
face_detection_threshold The minimum threshold for face recognition is 0...1 0.5
event_receiving_mode Mode for receiving events from FRS websocket/Webhook websocket
vl_access_host IP address of the server on which Access is installed IP address in the form X.X.X.X -
vl_access_port The port of the server where Access is deployed - 9091
vl_access_basic_username Login for interacting with Access - -
vl_access_basic_password Password for interacting with Access - -
cbs_list_id ID of the EBS list of persons - -
synchronisation_interval_hours The frequency of synchronization start. Hours 0...100 -

CbsMts#

Used to retrieve the descriptor identifier in the MTS CBS from a photo.

Configuring CbsMts settings#

Service settings and possible values:

Parameter Description Possible values Default value
name User-defined service name Any textual names. Only Latin characters are supported. It is not recommended to enter more than 30 characters. -
host FRS IP address in CBS IP address in the form of X.X.X.X. -
port Port for connecting to the FRS in CBS - 5558-
enable_ssl SSL encryption support for messages. It must be activated if necessary to maintain confidentiality. When activated, the load on the device and the message transmission time increases On – active Off
Off – inactive
urn Path to the directory of persons in CBS - /cbs/persons
token VisionLabs token for access to MTS CBS - -
timeout Timeout time in seconds when connecting to the service fails. It is necessary to take time if there is a large delay between servers. The time is selected taking into account the network delay to maintain performance. 10
cert_name The name of the certificate to connect to the CBS. Certificate storage directory `/tls/ - -

FaceStream#

Service for working with FaceStream. The service is designed to:

  • receive a list of stream names from FaceStream for subsequent transmission to the ACS;
  • generating a detection event based on a frame from FaceStream for subsequent sending for matching to Luna, CbsMts or CbsAlpha.

Supported version is FaceStream 4.0 and later.

Configuring FaceStream settings#

Service settings and possible values:

Parameter Description Possible values Default value
name User-defined service name Any textual names. Only Latin characters are supported. It is not recommended to enter more than 30 characters. -
host IP address of the server with installed FaceStream IP address in the form X.X.X.X -
port Port of the server where FaceStream is deployed - 34569
enable_ssl Method of encrypting data during transmission over the network. Depends on the network type in the solution. On - https Off
Off - http
handle_event_interval The delay interval between receiving detections from one source. 1...15 3

Gate#

The service is designed to interact with Gate PACS.

The integration module (sync.exe), launched in the Gate Server directory, detects changes in the database and sends changes to the ip:port specified in the .env settings file. VL Access accepts and processes these requests, and makes appropriate changes to the Luna list.

Supported versions: Gate Terminal 1.22.95, Gate Server 1.22.95

Configuring Gate settings#

Service settings and possible values:

Parameter Description Possible values Default value
name User-defined service name Any textual names. Only Latin characters are supported. It is not recommended to enter more than 30 characters. -
luna_id Drop-down list for selecting the Luna service identifier - -

Luna#

The service is designed to redirect data from/to LP to external systems and devices.

Supported versions: 5.10 and higher.

Luna settings#

The following settings are used when creating a new service:

Parameter Description Values Default value
name Service name specified by the user Any text names. Only Latin characters are supported. It is not recommended to enter more than 30 characters -
host IP address of the server where Luna is installed IP address in the form of X.X.X.X -
port Port of the server where Luna is deployed - 5000
enable_ssl Method of encrypting data during transmission over the network. Depends on the network type in the solution. On - https Off
Off - http
username Admin login in LP5. Input of Latin characters, numbers and symbols is supported. - -
password Admin password in LP5. Input of Latin characters, numbers and symbols is supported. - -
account_id UUID of user lP5. - -
handler_id UUID of the handler for working with passage events, created in Luna - -
default_list_id UUID of identifier the LP5 list with which the employees will be synchronized The identifier of the list created in LP5. -
face_detection_threshold The minimum threshold for face recognition is 0...1 0.5
event_receiving_mode Mode for receiving events from FRS websocket/Webhook websocket
vl_access_host IP address of the server on which Access is installed IP address in the form X.X.X.X -
vl_access_port The port of the server where Access is deployed - 9091
vl_access_basic_username Login for interacting with Access - -
vl_access_basic_password Password for interacting with Access - -
max_greatest_side_size During replication, resize the larger side of the photo to the specified size, maintaining the proportions (Blank value - do not resize the photo) -,0...1920 -

LunaAceConverter#

Service for sending data received from LUNA ACE devices to LP5. The received request from the device is redirected to the RRL, then a response is generated for the device based on the received response from the LP5.

Supported version LUNA ACE 1.2.23

LuaAceConverter settings#

The following settings are used when creating a new service:

Parameter Description Values Default value
name Service name specified by the user Any text names. Only Latin characters are supported. It is not recommended to enter more than 30 characters -
luna_id Drop-down list with Luna service IDs in Access - -

Setting up LUNA ACE#

1․ Connect to the device via SSh.

2․ Open the file: vi /opt/luna_ace/ace_device.conf .

3․ Specify the URL of the LunaAceConverter service in the luna_platform_address parameter.

To get the URL of the service, you need to go to the created LunaAceConverter service in Access and copy the full path from the browser search bar:

http://<ip_address>:9092/service/<UUID>

4․ Change to the directory: cd /opt/luna_ace/services/ace_device

5․ Restart the device: restart

LunaCars#

Software and hardware integration required for communication between LUNA CARS and barriers (boom barriers, sliding gates, bollards, and others) for vehicle access control.

Supported LUNA CARS modules:

  • LUNA CARS API: v.1.0.3;
  • LUNA CARS Stream: v.2.0.4;
  • LUNA CARS Analytics: v.3.0.3.

Access links to LUNA CARS Analytics backend.

Events in the queue are of type CarDetectionEvent.

LunaCars settings#

The following settings are used when creating a new service:

Parameter Description Values Default value
name Service name specified by the user Any text names. Only Latin characters are supported. It is not recommended to enter more than 30 characters -
host IP address of the server where LUNA CARS is installed IP address in the form of X.X.X.X -
port Port of the server where LUNA CARS is deployed - 8080
enable_ssl Method of encrypting data during transmission over the network. Depends on the network type in the solution. On - https Off
Off - http
api_port Port of the server where LUNA CARS API is deployed - 8100
login LUNA CARS Analytics administrator login. Input of Latin characters, numbers and symbols is supported. - admin@test.ru
password LUNA CARS Analytics administrator password. Input of Latin characters, numbers and symbols is supported. - admin
event_expiry_time After how many seconds events can be skipped as obsolete. It is necessary to reduce the time to ~15 seconds if the vehicle flow is constant >10 60
min_license_plate_accuracy Minimum accuracy of vehicle registration plate recognition The value is formed at the design stage and corrected at the testing stage (0,00...1,00) 0,6
event_memory_time Time during which the service does not create a repeat event for the same vehicle (in seconds). It is necessary to increase the value if the vehicle stands in the recognition zone for a long time in the queue for entry, etc. 60…180 90
timeout Timeout for an unsuccessful attempt to connect to the service. It is necessary to increase the time if there is a large delay between servers The time is selected based on the delay in the network to maintain performance -

Parsec#

This service is designed to interact with the Parsec ACS to ensure the passage of recognized persons through a turnstile/door with a magnetic lock.

The service allows you to process requests from access control systems, such as:

  • transfer of the list of employees to the Luna list,
  • adding/editing/deleting employees in the Luna list,
  • receiving detection events from devices.

The service executes the following requests to the ACS:

  • sending url address of ONVIF services;
  • receiving card swipe events;
  • getting access point IDs.

When starting the service, access point identifiers are first requested and their names are generated.

Regardless of the selected authorization mode (one-factor or two-factor), the ACS polls Access for detections and generates a response that contains the employee identifier, as well as the access point identifier.

As soon as a valid face detection occurs, the service simply returns a response to the access control system.

Configuring devices for integration with Parsec requires using access point names generated by the service itself. They are generated in the format 'access point name - identifier'. For example: 'turnstile_exit - 907efa78-cb2f-4f46-b374-785c7f9901a5'

The resulting access point names must be inserted into the appropriate fields:

  • When using internal Access devices (HikvisionTerminal, Panda ...), indicate in the "name" field.
  • When using FaceStream, indicate in the "source" field.

Parsec functionality#

Main features:

  • transferring a list of employees to a Luna list;
  • adding/editing/deleting employees in the Luna list;
  • receiving detection events from devices.

Parsec settings#

The following settings are used when creating a new service:

Parameter Description Values Default value
name Service name specified by the user Any text names. Only Latin characters are supported. It is not recommended to enter more than 30 characters -
luna_id Drop-down list with Luna service IDs in Access - -
host IP address of the server where Parsec is installed IP address in the form of X.X.X.X -
port Port of the server where Parsec is deployed - -
enable_ssl Method of encrypting data during transmission over the network. Depends on the network type in the solution. On - https Off
Off - http
username Parsec user login. Input of Latin characters, numbers and symbols is supported. - -
integration_key Parsec integration key.Used as a password to connect to the device - -
vl_access_host IP address of the server where Access is installed IP address in the form of X.X.X.X -
vl_access_port Port of the server where Access is deployed - 9091

Configuring Access and Parsec ACS integration#

To launch and configure the Parsec ACS software, install Parsec.NET and run the Administration program and check the settings (Figure 118):

1․ Make sure that the ""Advanced Mode"" is running (File→Advanced Mode).

2․ Go to the “Equipment editor” section and make sure that the controllers are connected .

“Equipment editor” section
Figure 118. “Equipment editor” section

3․ For each required controller, set the following settings in the “Access Modes” tab (Figure 119).

“Access Modes” tab
Figure 119. “Access Modes” tab

4․ Go to the “System settings editor” section, then open the “Face Recognition (ONVIF)” tab (Figure 120).

“Face Recognition (ONVIF)” tab
Figure 120. “Face Recognition (ONVIF)” tab

5․ In the “Face recognition (ONVIF)” window, click the “Change” button and make sure that the “Use FRS” item is enabled, and the “FRS type” is set to “ONVIF face recognition”.

6․ In the “IP Address” and “Port” fields, enter the Access server data.

7․ Click the “Check connection” button only after configuring Access, this will require the “Integration key”.

8․ After clicking on the “Check connection” button, the fields in the “Face recognition system services” block will be filled in automatically.

9․ Click the “Save” button.

10․ Replicate employees to the Luna list by clicking the “Transfer employees and visitors” button. Before, make sure that all staff members are correctly added in the "Staff Editor" section, see «Adding staff to Parsec ACS»

Example of displaying staff member unloaded from Parsec ACS to LUNA PLATFORM list (Figure 121).

Displaying staff member in LUNA PLATFORM
Figure 121. Displaying staff member in LUNA PLATFORM

Configuring access groups in Parsec ACS#

1․ Click the «Access group editor» section.

2․ Add a new access group.

3․ Add an access territory where the access points are included (Figure 122).

Configuring Access Groups
Figure 122. Configuring Access Groups

4․ Click the Save button.

Adding staff to Parsec ACS#

Adding staff members to Parsec ACS is necessary for their subsequent upload to LUNA PLATFORM (Figure 123).

Edit Staff section. Adding a new staff member
Figure 123. Edit Staff section. Adding a new staff member

1․ Click the «Staff Editor» section.

2․ Click the button of adding a new staff member.

3․ Fill in the «Last Name» and «First Name» fields.

4․ Add a photo of the staff member.

5․ Fill in the «Card code» field. The «PIN» field will be filled in automatically.

If card access is not provided at the facility or the staff member does not have a card, enter any value in the «Card code» field.

6․ Select the staff member's access group.

7․ Click the Save button.

If you add staff members correctly, all new or changed data will be added to the LUNA PLATFORM database automatically.

PercoWEB#

Software integration of the PERCo-Web ACS software with LP5 is implemented to ensure the passage of recognized persons through a turnstile/door with a magnetic lock.

Supports PERCo-Web system version 2.0, build number 4.30.

Performs user data replication from the PERCo ACS to the specified Luna list and generates PercoController controllers from the received list of devices for execution of entry or exit requests.

PercoWEB functionality#

Main features:

  • adding devices that LP5 will work with;
  • receiving regular updates from the ACS software database;
  • sending requests to add/change data to LP5;
  • receiving identification events;
  • sending requests to the ACS software about identification events;
  • logging events about an attempt by an unidentified employee to pass through the turnstile.

PercoWEB settings#

The following settings are used when creating a new service:

Parameter Description Values Default value
name Service name specified by the user Any text names. Only Latin characters are supported. It is not recommended to enter more than 30 characters -
host IP address of the server where PERCo-Web is installed IP address in the form of X.X.X.X. -
port Port of the server where PERCo-Web is deployed - -
enable_ssl Method of encrypting data during transmission over the network. Depends on the network type in the solution. On - https Off
Off - http
login PERCo-Web user login. Input of Latin characters, numbers and symbols is supported. The user created in PERCo-Web -
password PERCo-Web user password. Input of Latin characters, numbers and symbols is supported. User password -
token_ttl_min The validity period of the security token. The value must match the PERCo-Web software, location of the PERCo-Web Manager → Settings → Advanced Settings → The lifetime of the session. Minutes 0...10000 1440 (1 day)
luna_id Drop-down list with Luna service IDs in Access - -
max_workers The maximum number of threads that can be used for face replication 1-10 10

Rusguard#

Software integration of Rusgurad ACS software with SRL is implemented to ensure the passage of recognized faces through the turnstile.

  • Поддерживает версию СКУД Rusguard: 3.3.1

Rusguard functionality#

Main functions:

  • adding devices with which SRL will work;
  • receiving regular updates from the database on ACS;
  • sending requests for adding/changing data to the SRL;
  • receiving identification events;
  • sending a request to the ACS software about identification events;
  • logging of events about an attempt by an unidentified employee to pass through the turnstile.

Configuring parameters for connecting to Rusguard#

Service settings and possible values:

Parameter Description Possible values Default value
name The name of the service specified by the user Any text names. Latin and Cyrillic characters are supported. It is not recommended to enter more than 30 characters. -
luna_id Dropdown list to select Luna Service ID in Access. - -
host IP address of the server with installed Rusguard IP address in the form X.X.X.X. -
port Port of the server where Rusguard is deployed - 8089
enable_ssl Method of encrypting data during transmission over the network. Depends on the network type in the solution. On - https Off
Off - http
target_photo_number The number of the photo in the database that is used for replication. 0...100 -
target_card_type_id Replicated card type. If the field is empty, any employee card is replicated. - -
replicate_session_interval_sec The frequency of synchronization of the ACS database and Access storage. It is necessary to specify the minimum allowed synchronization time, since Access does not receive notifications from external systems about the addition/removal of an employee. Set in seconds 0...100 5

RusguardCBS#

The service is designed for interaction the Rusguard PACS and CBS.

The service replicates employees from the PACS to its own database, requesting the descriptor identifier in CBS based on the employee's photo. The replication session restarts after 5 seconds for data synchronization after completion.

  • Supported versions: System - 3.3.1, Database - 3.3.1

Configuring parameters for connecting to RusguardCBS#

Service settings and possible values:

Parameter Description Possible values Default value
name User-defined service name Any textual names. Only Latin characters are supported. It is not recommended to enter more than 30 characters. -
cbs_id CBS service identifier - -
host IP address of the server with installed Rusguard IP address in the form X.X.X.X. -
port Port of the server where Rusguard is deployed - 8089
enable_ssl Method of encrypting data during transmission over the network. Depends on the network type in the solution. On - https Off
Off - http
min_face_similarity The minimum percentage of compliance for searching for a candidate in the CBS during replication. 0...1 0,7
target_photo_number The number of the photo in the database that is used for replication. 0...100 -
target_card_type_id ID of the map type being replicated. If the field is empty, any employee card is replicated. Available card type identifiers are displayed in the Info block. - -
replicate_session_interval_sec The frequency of synchronization of the ACS database and Access storage. It is necessary to specify the minimum allowed synchronization time, since Access does not receive notifications from external systems about the addition/removal of an employee. Set in seconds 0...100 5

Salto#

This service is designed to interact with the Salto ACS.

  • Supported system version: 6.6.3.0.

Replicates user data from the Salto PACS to the specified Luna list and generates "SaltoController" controllers from the received list of devices for subsequent execution of pass.

To configure the Salto ACS software, please refer to the official documentation.

Salto settings#

The ACS synchronizes employees with the list in Luna and listens to the events, based on which it decides to open or not open the turnstile. These events are generated in Access by the SendToSalto pipeline.

The following settings are used when creating a new service:

Parameter Description Values Default value
name The service name specified by the user Any text names. Only Latin characters are supported. It is not recommended to enter more than 30 characters -
luna_id The Drop-down list with Luna service IDs in Access - -
host IP address Salto - -
port Port of the server where Salto is deployed - 8100
enable_ssl Method of encrypting data during transmission over the network. Depends on the network type in the solution. On - https Off
Off - http
login Salto user login. Input of Latin characters, numbers and symbols is supported. The user created in Salto -
password Salto user password User password. Input of Latin characters, numbers and symbols is supported. -
max_workers The maximum number of threads that can be used for face replication 1-10 10

Sigur#

Supports Sigur ACS version 1.1.1.9s.

This service is designed to interact with the Sigur ACS.

Software integrations with Sigur ACS software are implemented to provide:

  • with LP5 for the passage of recognized persons through the turnstile / door with a magnetic lock.
  • with LUNA CARS to provide access control of vehicles when passing through barrier devices.

Configuring Access and Sigur PACS integration#

To launch and configure the Sigur PACS software, follow these steps:

1․ Make sure you are using Sigur PACS software version 1.1.1.9.s or newer.

2․ In the menu of the Sigur control program, select “Help” → “About the program”.

3․ Check the software version against the one listed on www.sigur.com (https://sigur.com/last_releases/).

4․ Update the software to the latest version if necessary.

5․ Set up interaction between the integration module and the Sigur PACS software server.

6․ In the menu of the Sigur control program, select “File” → “Settings”.

7․ In the “Edit Settings” dialog, go to the “Video Surveillance” item.

8․ Add video surveillance server (Figure 124).

Adding a video surveillance server
Figure 124. Adding a video surveillance server

9․ “Server name” — enter the server name;

10․ “Server type” — “User system”;

11․ click “OK”;

12․ enter the server (Figure 125)

Editing video surveillance server Parameters
Figure 125. Editing video surveillance server Parameters

13․ “Server address” and “Server port (HTTP)” are used when accessing the server from the PACS via HTTP protocol;

14․ “Server address” corresponds to the IP address of the machine on which Access is running;

15․ “Server port (HTTP)” is the port for the integration module (the default value is 9091; if the port is already in use, change it);

16․ "Path to service" sets the common path prefix on the server for all requests from the ACS. This value should be taken from the information block of the Sigur component in Access, the value of the webhook-url field (Figure 126).

17․ Enable the flag Upload photos to the server when using the Sigur service, disable when using the SigurThroughDatabase service.

18․ Activate the flag Receive events from the server.

Webhook link
Figure 126. Webhook link

19․ Enable face recognition.

20․ In the “Edit Settings” dialog, go to the “Face Recognition” item.

21․ Check the box next to “Enable face recognition” (Figure 127).

Enabling face recognition in system settings
Figure 127. Enabling face recognition in system settings

Configuring access points in Sigur#

You may need to restart the Sigur PACS server in order for it to be able to connect to the integration module.

To configure access points in Sigur, follow these steps:

1․ In the side menu of the Sigur control program, select the “Equipment” item (Figure 128).

Sigur control software side menu
Figure 128. Sigur control software side menu

2․ Select the required access point and configure video surveillance settings for it (Figure 129):

3․ “System” — select the name of the created user system;

4․ “Camera” — select a camera. When you click on the drop-down list, it should show the names of all devices created in Access. This indicates that the integration is working properly and Sigur was able to connect to Access. Select the device that is used to identify the required access point;

5․ check the box next to “Enable face recognition”;

6․ click the “Apply” button.

Configuring the Parameters of video surveillance equipment
Figure 129. Configuring the Parameters of video surveillance equipment

Direct connection#

Sigur functionality

Main features:

  • adding devices that LP5 and LUNA CARS will work with;
  • receiving regular updates from the ACS software database;
  • sending requests to add/change data to LP5;
  • receiving identification events;
  • sending requests to the ACS software about identification events;
  • logging events about an attempt by an unidentified employee to pass through the turnstile.

Sigur settings

The ACS synchronizes employees with the list in Luna and listens to the events, based on which it decides to open or not open the turnstile. These events are generated in Access by the SendToSigur pipeline.

The following settings are used when creating a new service:

Parameter Description Values Default value
name The service name specified by the user Any text names. Only Latin characters are supported. It is not recommended to enter more than 30 characters -
luna_id The Drop-down list with Luna service IDs in Access - -
host IP address Sigur. - -
luna_cars_id LUNA CARS service ID in Access - -
mark_for_ignore When synchronizing with Sigur, if this combination occurs in the body of an employee's request, then the request is ignored.This is required to distribute different copies of Sigur in one system On — ignore requests; Off
Off — execute requests

Connecting through the database — SigurThroughDatabase#

The service is designed to interact with the Sigur ACS directly through its database. It synchronizes employees from the database with the list in Luna. The ACS opens a connection in which the service returns events to it as they occur. These events are generated in VL Access by the SendToSigur pipeline.

SigurThroughDatabase functionality

Main features:

  • adding devices that LP5 will work with;
  • receiving regular updates from the ACS software database;
  • sending requests to add/change data to LP5;
  • receiving identification events;
  • sending requests to the ACS software about identification events;
  • logging events about an attempt by an unidentified employee to pass through the turnstile.

SigurThroughDatabase settings

The following settings are used when creating a new service:

Parameter Description Values Default value
name Service name specified by the user Any text names. Only Latin characters are supported. It is not recommended to enter more than 30 characters -
host IP address of the Sigur database IP address in the form of X.X.X.X.
db_username Username used to connect to the Sigur database - -
db_password Sigur database user password - -
luna_id Drop-down list with Luna service IDs in Access - -

Strazh#

Strazh functionality#

Supported software version of Strazh: 1.2.211201.648.

Performs replication of user data from the Strazh ACS to the specified Luna list and generates StrazhController controllers from the received list of devices for execution of entry or exit requests.

Strazh settings#

The following settings are used when creating a new service:

Parameter Description Values Default value
name Service name specified by the user Any text names. Only Latin characters are supported. It is not recommended to enter more than 30 characters -
luna_id Drop-down list with Luna service IDs in Access - -
login Strazh user login. Input of Latin characters, numbers and symbols is supported. The user created in Strazh -
password Strazh user password. Input of Latin characters, numbers and symbols is supported. User password -
host IP address of the server where Strazh is installed IP address in the form of X.X.X.X. -
port Port of the server where Strazh is deployed - 443
enable_ssl Method of encrypting data during transmission over the network. Depends on the network type in the solution. On - https Off
Off - http
max_workers The maximum number of threads that can be used for face replication. 1-10 10

Configuration of Strazh ACS software#

Follow these steps to set up the software:

1․ Add the parameter "Travel confirmation by an external system" at the passage point.

2․ Add the parameter "Maximum waiting time for confirmation of passage by an external system, sec.

3․ Adjust the timeout for waiting for an external system response and the default solution if the system does not have time to process the request.

After that, when trying to pass through this point with a card whose privilege level is less than the privilege level of the point, an event with type access_confirmation and data will be sent through the SSE mechanism in the form of a JSON object with the request and response fields. The request contains a request for a hike, the response contains a preliminary decision of the ACS on the possibility of a hike (i.e. a decision after standard checks of the profile, schedule, etc.). Next, the ACS expects that it will be sent a decision on the campaign by HTTP POST to /access_confirmation indicating the UUID of the request and the decision to let it in or not. Regardless of the ACS solution, the external system may or may not let it in in response.