CLIQ Remote - System description and requirements

Similar documents
CLIQ Remote. Access at a distance

CLIQ Web Manager. User Manual. The global leader in door opening solutions V 6.1

SafeConsole On-Prem Install Guide

SafeConsole On-Prem Install Guide. version DataLocker Inc. July, SafeConsole. Reference for SafeConsole OnPrem

KEYS ALWAYS IN THE RIGHT HANDS

Respond quickly to security threats, lost or stolen keys, or personnel changes without the added cost of changing your locks and keys.

emarketeer Information Security Policy

AXIS Camera Station S20 Appliance Series AXIS Camera Station S2008 Appliance AXIS Camera Station S2016 Appliance AXIS Camera Station S2024 Appliance

Code Alert Customer Information Technology Requirements Series 30 Software

7.16 INFORMATION TECHNOLOGY SECURITY

Cisco s AnyConnect VPN Client (version 2.4)

SAS SOLUTIONS ONDEMAND

Safe Place and Code Alert Customer Information Technology Requirements Series 10.x Software

CODE ALERT Enterprise Software Customer Information Technology Requirements

Network Projector Operation Guide

PMS 138 C Moto Black spine width spine width 100% 100%

Firmware Update Details (v p)

Deploy the ExtraHop Discover 3100, 6100, 8100, or 9100 Appliances

Forcepoint Sidewinder Control Center, Virtual Appliance. Installation Guide 5.3.x. Revision A

The Medeco Solution for Controlled Access and Accountability

IPS265T / IPS275T. TimeIPS Server. Installation Guide

SMARTair Proximity access control

Network Bullet Camera. Quick Operation Guide

Splashtop Enterprise for IoT Devices - Quick Start Guide v1.0

IPCorder KNR-2008/12/16

VMware AirWatch Content Gateway for Windows. VMware Workspace ONE UEM 1811 Unified Access Gateway

SafeConsole On-Prem Install Guide

VMware AirWatch Content Gateway Guide for Windows

CHECKLIST FOR IT AND SECURITY PERSONNEL

CPM Quick Start Guide V2.2.0

ANNEX. Organizational and technical measures

enalyzer enalyzer security

Hosted Testing and Grading

VMware AirWatch Content Gateway for Linux. VMware Workspace ONE UEM 1811 Unified Access Gateway

Sangfor adesk v5.1 Feature List

ECONOMIC DISCLOSURE STATEMENT AND AFFIDAVIT (EDS) The web link for the Online EDS is

Choosing a sophisticated locking system: Where security is an issue, compromise is simply not an option

Sage 300 People & Web Self Service Technical Information & System Requirements

VMware AirWatch Content Gateway Guide For Linux

Respond quickly to security threats, lost or stolen keys, or personnel changes without the added cost of changing your locks and keys.

Real-time access control by your side!

CPM. Quick Start Guide V2.4.0

Certification Authority

VMware AirWatch Content Gateway Guide for Windows

Deploy the ExtraHop Discover Appliance 1100

Xerox Audio Documents App

VMware AirWatch Content Gateway Guide for Windows

VMware AirWatch Content Gateway Guide for Linux For Linux

Dooblo SurveyToGo: Security Overview

Revised September 2011 Broadband Access Agreement for BIT Communications

1 Data Center Requirements

User s Guide: Applied Functions

Remote Access System for STAM-2 Monitoring Station STAM-VIEW

VMware AirWatch Content Gateway Guide for Windows

Easy UI Solution 2.1 Installation Guide

SonicOS Release Notes

CERN Certification Authority

Page 1 of 15. Applicability. Compatibility EACMS PACS. Version 5. Version 3 PCA EAP. ERC NO ERC Low Impact BES. ERC Medium Impact BES

M2M / IoT Security. Eurotech`s Everyware IoT Security Elements Overview. Robert Andres

ticrypt DEPLOYMENT OVERVIEW AND TIMELINE Information about hardware, deployment, and on-boarding

Why choose Medeco? Medeco Security Locks A History of High Security and Innovation

HP Instant Support Enterprise Edition (ISEE) Security overview

University of Pittsburgh Security Assessment Questionnaire (v1.7)

AppSense DataNow. Release Notes (Version 4.0) Components in this Release. These release notes include:

FACTS WHAT DOES FARMERS STATE BANK DO WITH YOUR PERSONAL INFORMATION? WHY? WHAT? HOW? L QUESTIONS?

NRG Oncology and VisionTree Optimal Care (VTOC) Frequently Asked Questions

PCI DSS Compliance. White Paper Parallels Remote Application Server

Avalanche Remote Control User Guide. Version 4.1

GB-Ware. Quick Guide. Powered by: Tel: Fax Web:

Data Security at Smart Assessor

Server Installation ZENworks Mobile Management 2.6.x January 2013

Control Center Over the NET Management Software

SECURITY DOCUMENT. 550archi

Juniper Vendor Security Requirements

Using the Terminal Services Gateway Lesson 10

Belarc Product Description

The simplified guide to. HIPAA compliance

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

AppPulse Point of Presence (POP)

Inventory and Reporting Security Q&A

epad 5.0 Mobile Keypad

Quick Installation Guide

Echidna Concepts Guide

Guide to Deploying VMware Workspace ONE. VMware Identity Manager VMware AirWatch 9.1

Veeam Cloud Connect. Version 8.0. Administrator Guide

QuoVadis Trustlink Schweiz AG Teufenerstrasse 11, 9000 St. Gallen

CLIQ Go. Access control at your fingertips

Deploying VMware Identity Manager in the DMZ. JULY 2018 VMware Identity Manager 3.2

Introduction and Data Center Topology For Your System

ARCHITECTURE GUIDE. Campaign Manager 6.0

Partner Pre-Install Checklist: Common Service Platform Collector (CSP-C) for Smart Portal 0.5

EMC Secure Remote Support Device Client for Symmetrix Release 2.00

PA-DSS Implementation Guide For

Single Secure Credential to Access Facilities and IT Resources

Installing VMware vsphere 5.1 Components

CONFIGURING SQL SERVER 2008 REPORTING SERVICES FOR REDHORSE CRM

CA Agile Central Administrator Guide. CA Agile Central On-Premises

new world ERP Server Migration Checklist New World ERP TMS

Point ipos Implementation Guide. Hypercom P2100 using the Point ipos Payment Core Hypercom H2210/K1200 using the Point ipos Payment Core

AppController :21:56 UTC Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement

Transcription:

CLIQ Remote - System description and requirements

1. Introduction CLIQ Remote - Access at a distance CLIQ Remote is an electromechanical lock system with an additional level of security and flexibility, a natural choice for those looking for a modern security solution. CLIQ Remote combines a modern mechanical basic platform with an advanced electronic function. A major advantage of CLIQ Remote is the distance function. This locking system can change access and permission at a distance. For example, you can sit in Stockholm and, through the CLIQ Web Manager software give access to your keys via the programming terminal. A contractor in the North of Sweden may get access to a facility, maybe an antenna or a mast, by programming his/her key in wall readers at the facility. CLIQ Remote features: 1. A key with CLIQ has built-in clock and memory. 2. Validation of keys increases security in case of loss. 3. Audit trails and logs provides security for all users and managers. 4. Update permissions remotely minimizes work and saves time. 5. The combination of electronic and mechanical locking gives a unique level of security 2

2. Main features of CLIQ Remote List of functions in the CLIQ Remote locking system: Easy to install - CLIQ is a cost efficient offline systems that do not require electrical wiring or batteries in the lock cylinders. Event Logs - CLIQ provides easy access to accurate verified log data from each cylinder lock and key in the lock system. Individual keys - Protected by strong digital encryption, each key can be designated for use by a single individual. The key can then be given access to all the areas that the individual should move in. If the key is lost and blocked, a new key can be generated in its place. Time-based access - CLIQ enables the definition of a time-based schedule in which the days and times of access is permitted. Digital Key Management - CLIQ Web Manager keeps track of which keys that belong to different key holders. The keys can be issued completely digitally without the interference of paper. It s smart administration and good for the environment. Electronic keying - keys can be updated without the presence of physical key of the administrator. Validation of keys - Adds safety to the locking system by forcing key holders to validate the key with updates in an adjacent programming station. It also ensures that the event logs are transmitted to the server and is available for system administrators. Grouping Features - Simplifies administration. CLIQ Web Manager makes it possible to provide access to groups of cylinders and groups of people based on e.g. geographical location or role in the organization. Domains - Just like grouping permissions and users the administrator's role can also be controlled to see only their part of the locking system with the domain function. 3

3. Documentation about CLIQ Remote List of information that is available on the CLIQ Remote system: Brochure - CLIQ Remote Access at a distance Product sheet - CLIQ Remote Cylinder Product sheet - CLIQ Remote Key Product sheet - Wall PD Product sheet - Vandal-resistant Wall PD Product sheet - Mobile PD Product sheet - CLIQ Web Manager / System requirements CLIQ Remote IT-Compliance CLIQ Certifications and classifications CLIQ Remote FAQ SSL-certificates An introduction Manual CLIQ Web Manager The above information is available through your ASSA Retailer and on: http://export.assa.se/en/site/assaexport/ Design of a CLIQ Remote locking system should be made in cooperation between the property / security manager and installer, to gain insight in how the business can benefit from the features and thus build a system that meets the customer's needs. At the planning stage it should be taken into account how the expansion of the system can be done in an efficient manner. It is also important to the company's IT department is involved at an early stage so that the necessary rights to PCs and networks is approved. ASSA manages servers, backup and IT operation when the agreement of the SaaS service contract has been signed. Check the following: Fire Regulations for the door environment Fire Standards Evacuation routes Emergency exits Safety regulations Mechanical requirements for perimeter protection Safety requirements for special areas such as server rooms / technical rooms Local requirements from the insurance company IT security with firewalls, administrator rights, etc. 4

4. Important Information The following information is required before you begin the installation of a CLIQ Remote system. This information is also needed to if you contact the ASSA technical support. 4.1 Agreement The agreement for SaaS services and certificate is signed between ASSA and the client company at the time of approval of the license agreement made via the e-mail address specified in advance. The customer undertakes to register a new email address in the e-mail system. This is to ensure that the communication regarding licenses and certificates is not specified to a certain employee. This address is then connected to the system operator for the system. The locking system should be treated as a business function. The name of this account should be: "cliqremote" Selected address: Ex: cliqremote@customer.com System manager A person shall be appointed to the transmission system and be responsible for software and contact the dealer or installer. The system operator has been appointed:. The E-mail address registered will receive the Certificate Files from ASSA. 5

4.2 Checklist for system setup The following manuals should be at the IT department of the client company before beginning the installation and the infrastructure to be prepared for the new locking system. Make sure that these requirements are met: (mark with an X)) Manual CLIQ Web Manager [ ] CLIQ Remote - FAQ [ ] E-mail Address is created [ ] Drivers for Terminal PD are installed [ ] on the client computers The recommended version of Java installed [ ] on the client computers Places of wall-mounted PD s are assigned [ ] and network connectivity is available Communication on port 443 is allowed [ ] Outgoing traffic Communication on port 8443 is allowed [ ] Outgoing traffic This document is signed by both parties [ ] 4.3 Support Support of the software is handled by a retailer selected by the customer. If the customer and the dealer opts support directly between the customer and ASSA this is concluded in a separate agreement. What type of Support Agreement has been selected: The retailer provides support [ ] Support agreement CLIQ Remote [ ] (For direct support between the customer and ASSA) 6

5. System Overview The diagram describes the functions of the CLIQ Web Manager environment. 5.1 SSL Client-certificate Encryption protects data during transmission The CLIQ Remote Web server and the browser uses Certificates of Secure Sockets Layer (SSL) protocol to assist users to protect data during transmission. A unique, encrypted channel for private communications are created on the otherwise public Internet. Each SSL Certificate consists of a pair of keys, as well as verified identification data. When a CLIQ Remote (or client) points to a secure website, the server shares the public key with the client in order to create an encryption method and a unique session key. CLIQ Web Manager confirms that it recognizes and trusts the issuer of the SSL certificate. This process is called the "SSL handshake" and it initiates a secure session that protects message privacy and message integrity. 7

6. The CLIQ Remote server All CLIQ Remote servers are managed by ASSA AB and made available to the client company through a Service Agreement (SaaS). System functionality: The ability to manage the locking system. Adding up the staff. Hand out keys. Change the permissions on the keys. Being able to tag (label) all the objects to facilitate the search. - An average key update is about 20-30kB. To update daily CLIQ keys by Wall PD units. Being able to block the lost keys. Primarily from being updated in Wall PD, but also to block the key in the cylinders. Being able to read the logs out of the cylinders and keys. 6.1 Schematic overview Figure 1: 8

7. Administrator PC Requirements to run the CLIQ Web Manager software 7.1 Client computer hardware Hardware CPU RAM Hard Disk Minimum requirement Capable of running Windows Vista/7/8/10 Capable of running Windows Vista/7/8/10 20 Mb available 7.2 Client tablets Hardware Microsoft Surface Pro* Minimum requirement Windows 7 Pro/Ent/Ult (32 or 64bit) Windows 8 (32 or 64bit) *All tablets capable of running Microsoft based operating systems 7.3 Software Software Operating System ASSA CLIQ Connect Web browser PDF-reader Required product Windows Vista/7/8/10 Linux capable of running Mozilla Firefox OSX capable of running Mozilla Firefox ASSA ABLOY CLIQ Connect (latest version by ASSA) Internet Explorer 8/9/10/11 (32 or 64-bit) Firefox 16.0.2 or later (32 or 64-bit) All standard readers *The browser security setting Do not save encrypted pages to disk must be disabled. 9

8. Login to the web software ASSA provides the end customer with the information and files required to sign in and manage the CLIQ Remote locking system. Via our Admin Page for CLIQ Web Manager at assa.se the following is offered: Download center - Driver files Knowledge - ASSA Smart Guides for user Operating information - the latest news about new versions and features of the software Ability to create new SSL certificates - When administrators need to renew their credentials 10

9. Updating devices (PD) To change permissions for keys the system uses programming units called PD s. The Local PD is used by the administrator to log into the CLIQ Web Manager software. The Remote PDs (Wall PDs and Mobile PD s) access the CLIQ Remote server by mutual authentication to create an https session. Also the CLIQ Web Manager server uses an https session to communicate with the CLIQ Remote server. The mutual authentication requires a client certificate for CLIQ Web Manager and a server certificate for the CLIQ Remote web application. Each Remote PD is also prepared with a client certificate and a CA certificate to establish an https session with the CLIQ Remote application. Web services require their own client certificate. - An average key update is about 20-30kB. For sending e-mail notifications to the users an SMTP server is used. This server is covered by a service contract and is provided by ASSA. Figure 2: Local PD Figure 3: Mobile PD with smart phone Figure 4: Wall PD Figure 5: Vandal-resistant wall PD 11

10. Wall PD setup information This information must be available before the installation of a CLIQ Remote systems can begin. Also remember to draw the network cables to the places where Wall PD units are to be installed before the installation starts. A Wall PD is used in a CLIQ Remote system to allow the user to update their key authorizations without having to seek out the administrator. 1. How many key updating devices should be installed?: (write number) Wall mounted [ ] Mobile [ ] 2. What type of IP address will the Wall PD units use: (mark with an X) Static IP [ ] Dynamic DHCP [ ] 3. If static IP address is used which addresses can be used: Which Subnet Mask should be used: Which default gateway should be used: Eventual DNS server adress: Name for the Wall PD in the network:..... 4. What power source will the Wall PD units use: Power over Ethernet PoE [ ] 12v 24v separate supply [ ] 5. To deploy a Wall PD a USB memory less than 2Gb is needed. A certificate is generated in the web software CLIQ Web Manager and then transferred to the Wall PD device with a mini USB cable. For more information see CLIQ Web Manager Manual USB memory is available Yes [ ] No [ ] 12

11. Maintenance An overview of the planed maintenance and its impact on the system. Downtime matrix Info Dynamic keys Normal keys Remote PDs Administration SOE Environment Service windows Patch OS Reserved for Every 3 rd weekend in month. 17-21 saturday SOE DB changes upgrades Reserved for Every 3 rd weekend in month. 17-21 saturday Can do offline revalidate Cannot be reprogrammed PD can do an offline revalidation Not functional VM restoration Exchange server changes mail SOE Network /infrastructure/ storage changes Can do offline revalidate Cannot be reprogrammed PD can do an offline revalidation Upgrades of CWM (with DB changes) Can do offline revalidate PD can do an offline revalidation Not functional Cannot be reprogrammed Upgrades of CWM (no DB changes) 2 times a year Office hours 2hours Migration of CWM environment Can do offline revalidate Cannot be reprogrammed PD can do an offline revalidation Not functional Extensions Customer locks the system, update DB, customer unlocks system Not functional Renew Server cert The acronym CWM is used for CLIQ Web Manager. *CWM - CLIQ Web Manager. * Offline PD is a backup feature that allows key validation if the network is not be available, please contact your sales representative for more information on configuration. 13

By signing this agreement the customer assures that the IT Compliance requirements set by ASSA are met. This Agreement is signed in two (2) copies, of which each party has received one. Place and date Place and date Signature Signature Name Customer name 14

Feedback on this document can be sent to: erik.johnsson@assaabloy.com 15

16

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback