Genetec ACS Integration Configuration Guide

NOTE:  Software-based ACS Integrations are a licensed feature from Alcatraz and are not required for a functioning Alcatraz system.  Contact AAI Sales for more information. 

Requirements

Alcatraz Platform Software

v3.4.0 (On-prem or Cloud*)

Genetec Synergis

Genetec WebSDK

v5.10, 5.11, 5.12, and 5.13

Genetec License GSC-1SDK-ALCATRAZ-ROCK
Network Ports

TCP 4590 - Outbound from Alcatraz Admin Portal (or Proxy Service) to Genetec WebSDK server.

TCP 3033 - Outbound from Alcatraz Proxy Service to Alcatraz AI Cloud (cloud-hosted only)

* Cloud-hosted Platforms require an ACS Integration Proxy application to be installed on the same network as the access control system server. Contact AAI Support to obtain this software.

Genetec User Creation

The following procedure describes how to create a User in Security Center that the Alcatraz Platform will use for syncing with the Genetec system via the WebSDK.

Role Creation

  1. In the Genetec Config Tool, navigate to "System" and then "Roles"
  2. Click Add an entity and select "Web-based SDK."
  3. Give it a name, select a partition, and click Next.
  4. Review the Role and click Create to continue.
  5. Finally, you will see the default port and URI settings.

User Creation

  1. In the Genetec Config Tool, under "User Management," create a User and assign them the role created above.

Installing Alcatraz Proxy Service

Alcatraz Proxy Service allows you to open a connection between Alcatraz Admin Portal and Genetec when the two are running in separate networks. It is designed to run in a network with direct visibility to Genetec, typically on-premises or even on the same machine.
Installing Alcatraz Proxy Service it is required in the following cases:
  • You are an Alcatraz Enterprise Cloud user.
  • You are running Alcatraz Admin Portal on-premises but its network and the network where Genetec is running do not have direct visibility to each other.
Follow the steps in Installing Alcatraz Proxy Service to install Alcatraz Proxy Service.

Genetec Integration Configuration

WARNING: When initially enabled, the ACS Integration will delete profiles that do not have at least one badge that is also present in the ACS.

It is recommended that a VM Snapshot is generated and the system is backed up before attempting to configure an ACS Integration.

Facility Code Mapping

IMPORTANT - The facility codes for cards to be synced should be configured BEFORE enabling the ACS Integration. Failure to do so could result in the deletion of profiles.

Assign facility codes to card formats for the badges that the Alcatraz Platform should sync with Genetec.

Main Settings

Click Enable ACS Integration and followed by Edit ACS Configuration:

Enter the following details:

    • ACS Integration: Genetec
    • Host URL:  https://<DNS_or_IP_of_Genetec>:4590/WebSdk
    • Username: {the Security Center User created previously}
    • Password: {the Security Center User created previously}
    • Custom Field: {unused}
    • Schedule Full Sync: {daily time for full sync}
    • Send Security Events: {Optionally send Alcatraz Security Events to Security Center}
    • Use Proxy: {Enable for Cloud-hosted*, Disable for On-Prem}

    Notes:

    • Click Test Connection to verify communications with Genetec. If the integration comes online, click Save.
    • ACS Integration status can be seen at the top of the “Account” page and in the “ACS Integration” section under “Account.”
    • *Cloud-hosted systems will need to download a PEM certificate. This certificate is required during the installation of the Proxy Service to secure the communications between the Proxy and the Cloud Platform. Refer to earlier in this article for more details on installing the Proxy service.

    ACS Integration Logs

    The ACS Integration section contains ACS Integration logs and a button to initiate a full sync.

    Map Genetec Card Readers to Rocks

    Select "Readers" under "Device Management." Click Add Reader and map each Rock to a reader in Genetec. Once readers are added to the Admin Portal, you can also assign them in the device configuration page for the Rocks.