Software-based ACS Integrations
      Back to home
      1. Help Center
      2. 3rd Party Integrations
      3. Software-based ACS Integrations

      Genetec ACS Integration Configuration Guide

      NOTE:  Software-based ACS Integrations are a licensed feature from Alcatraz and are not required for a functioning Alcatraz system.  Contact AAI Sales for more information. 

      Requirements

      Alcatraz Platform Software

      v3.4.0 (On-prem or Cloud*)

      Genetec Synergis

      Genetec WebSDK

      v5.10, 5.11, 5.12, and 5.13
      Genetec License GSC-1SDK-ALCATRAZ-ROCK
      Network Ports

      TCP 4590 - Outbound from Alcatraz Admin Portal (or Proxy Service) to Genetec WebSDK server.

      TCP 3033 - Outbound from Alcatraz Proxy Service to Alcatraz AI Cloud (cloud-hosted only)

      * Cloud-hosted Platforms require an ACS Integration Proxy application to be installed on the same network as the access control system server. Contact AAI Support to obtain this software.

      Genetec User Creation

      The following procedure describes how to create a User in Security Center that the Alcatraz Platform will use for syncing with the Genetec system via the WebSDK.

      Role Creation

      1. In the Genetec Config Tool, navigate to "System" and then "Roles"
      2. Click Add an entity and select "Web-based SDK."
      3. Give it a name, select a partition, and click Next.
      4. Review the Role and click Create to continue.
      5. Finally, you will see the default port and URI settings.

      User Creation

      1. In the Genetec Config Tool, under "User Management," create a User and assign them the role created above.

      Alcatraz Proxy Service Installation (Cloud-Hosted Only)

      Cloud-hosted Platforms require an ACS Integration Proxy application to be installed on the same network as the access control system server. Contact AAI Support to obtain this software.

      The ACS Integration Proxy Service can be installed on any Windows Server (2019/2022), preferably version 2022. To minimize communication delays between the Genetec server and the proxy, we recommend installing the proxy on the Genetec server with which it will be communicating, as it is lightweight.

      1. In the Alcatraz Admin Portal, download the certificate in PEM format, as shown in the "Genetec Integration Configuration" section below.
      2. Copy the certificate to the server where the Proxy Service will be installed. In the screenshot below, the certificate was placed in the "C:\Program Files\Certificate" directory.
      3. Run the Alcatraz Proxy installation file as an administrator.
      4. Configure the following directory items and click Next:
        1. Installation Directory:  C:\Program Files\Alcatraz AI\Proxy (default)
        2. Data Directory:  C:\ProgramData\Alcatraz AI\Proxy (default)
        3. Certificate Directory:  C:\Program Files\Certificate (default)
        4. Certificate Name:  "acs_public_certs.pem" (default)
      5. Click Next on the "Certificate Settings" screen.
      6. Enter the hostname or IP address and the port number (3033) that the ACS Integration service will use to connect to the Alcatraz Platform. For example, "acs.us.alcatraz.ai:3033".
      7. Click Next to complete the installation.

      Genetec Integration Configuration

      WARNING: When initially enabled, the ACS Integration will delete profiles that do not have at least one badge that is also present in the ACS.

      It is recommended that a VM Snapshot is generated and the system is backed up before attempting to configure an ACS Integration.

      Facility Code Mapping

      IMPORTANT - The facility codes for cards to be synced should be configured BEFORE enabling the ACS Integration. Failure to do so could result in the deletion of profiles.

      Assign facility codes to card formats for the badges that the Alcatraz Platform should sync with Genetec.

      Main Settings

      Click Enable ACS Integration and followed by Edit ACS Configuration:

      Enter the following details:

        • ACS Integration: Genetec
        • Host URL:  https://<DNS_or_IP_of_Genetec>:4590/WebSdk
        • Username: {the Security Center User created previously}
        • Password: {the Security Center User created previously}
        • Custom Field: {unused}
        • Schedule Full Sync: {daily time for full sync}
        • Send Security Events: {Optionally send Alcatraz Security Events to Security Center}
        • Use Proxy: {Enable for Cloud-hosted*, Disable for On-Prem}

        Notes:

        • Click Test Connection to verify communications with Genetec. If the integration comes online, click Save.
        • ACS Integration status can be seen at the top of the “Account” page and in the “ACS Integration” section under “Account.”
        • *Cloud-hosted systems will need to download a PEM certificate. This certificate is required during the installation of the Proxy Service to secure the communications between the Proxy and the Cloud Platform. Refer to earlier in this article for more details on installing the Proxy service.

        ACS Integration Logs

        The ACS Integration section contains ACS Integration logs and a button to initiate a full sync.

        Map Genetec Card Readers to Rocks

        Select "Readers" under "Device Management." Click Add Reader and map each Rock to a reader in Genetec. Once readers are added to the Admin Portal, you can also assign them in the device configuration page for the Rocks.