Genetec ACS Integration Configuration Guide

NOTE:  Software-based ACS Integrations are a licensed feature from Alcatraz and are not required for a functioning Alcatraz system.  Contact AAI Sales for more information. 

Requirements

Alcatraz Platform Software

v3.4.0 (On-prem or Cloud*)

Genetec Synergis

Genetec WebSDK

v5.10, 5.11, 5.12, and 5.13

Genetec License GSC-1SDK-ALCATRAZ-ROCK
Network Ports

TCP 4590 - Outbound from Alcatraz Admin Portal (or Proxy Service) to Genetec WebSDK server.

TCP 3033 - Outbound from Alcatraz Proxy Service to Alcatraz AI Cloud (cloud-hosted only)

* Cloud-hosted Platforms require an ACS Integration Proxy application to be installed on the same network as the access control system server. Contact AAI Support to obtain this software.

Genetec User Creation

The following procedure describes how to create a User in Security Center that the Alcatraz Platform will use for syncing with the Genetec system via the WebSDK.

Role Creation

  1. In the Genetec Config Tool, navigate to "System" and then "Roles"
  2. Click Add an entity and select "Web-based SDK."
  3. Give it a name, select a partition, and click Next.
  4. Review the Role and click Create to continue.
  5. Finally, you will see the default port and URI settings.

User Creation

  1. In the Genetec Config Tool, under "User Management," create a User and assign them the role created above.

Installing Alcatraz Proxy Service

Alcatraz Proxy Service allows you to open a connection between Alcatraz Admin Portal and Genetec when the two are running in separate networks. It is designed to run in a network with direct visibility to Genetec, typically on-premises or even on the same machine.
Installing Alcatraz Proxy Service it is required in the following cases:
  • You are an Alcatraz Enterprise Cloud user.
  • You are running Alcatraz Admin Portal on-premises but its network and the network where Genetec is running do not have direct visibility to each other.
Follow the steps in Installing Alcatraz Proxy Service to install Alcatraz Proxy Service.

Genetec Integration Configuration

WARNING: When initially enabled, the ACS Integration will delete profiles that do not have at least one badge that is also present in the ACS.

It is recommended that a VM Snapshot is generated and the system is backed up before attempting to configure an ACS Integration.

Facility Code Mapping

IMPORTANT - The facility codes for cards to be synced should be configured BEFORE enabling the ACS Integration. Failure to do so could result in the deletion of profiles.

Assign facility codes to card formats for the badges that the Alcatraz Platform should sync with Genetec.

Main Settings

Click Enable ACS Integration and followed by Edit ACS Configuration:

Enter the following details:

  • ACS Integration—Select Genetec.
  • Host URL—Genetec URL including port number and protocol prefix.
    Example: https://192.0.2.32:8080:4590/WebSdk
  • Username—The username of the Security Center User created previously.
  • Password—The password for the Security Center User created previously.
  • Custom Field—Unused when integrating with Genetec.
  • Schedule Full Sync—At what time of the day to start full synchronization with the ACS.
  • Auto delete disabled profiles after—Grace period after which Alcatraz biometric profiles related to disabled ACS personnel records are automatically deleted.
  • Send Security Events—Enables sending security events from Alcatraz Admin Portal to the ACS.
  • Use Proxy—Provides you with the Certificate in PEM format option for downloading a security certificate for use with Alcatraz Proxy Service.
  • Certificate in PEM format—Only visible if Use Proxy is checked. Click Download to download a security certificate file in PEM format onto your computer. Use this file when installing Alcatraz Proxy Service.
  • Advanced Logging—Enables more detailed ACS Integration logs, listing exactly which credentials were skipped and why in addition to the aggregated number.

Notes:

  • Click Test Connection to verify communications with Genetec. If the integration comes online, click Save.
    Note that the test will always be unsuccessful when using Alcatraz Proxy Service.
  • ACS Integration status can be seen at the top of the “Account” page and in the “ACS Integration” section under “Account.”
  • *Cloud-hosted systems will need to download a PEM certificate. This certificate is required during the installation of the Proxy Service to secure the communications between the Proxy and the Cloud Platform. Refer to earlier in this article for more details on installing the Proxy service.

ACS Integration Logs

The ACS Integration section contains ACS Integration logs and a button to initiate a full sync.

Map Genetec Card Readers to Rocks

Select "Readers" under "Device Management." Click Add Reader and map each Rock to a reader in Genetec. Once readers are added to the Admin Portal, you can also assign them in the device configuration page for the Rocks.