Beruflich Dokumente
Kultur Dokumente
User Manual
© Copyright 2007, Nedap N.V. The information in this manual is intended as a guideline only and its correctness
or completeness is not guaranteed. No rights can be derived from this document. The publisher denies all
liability for damages ensuing from its use. The specifications and availability of the goods described are subject
to change without prior notice. No part of this publication may be reproduced or published in any way without
written permission from the publisher.
Contents
Table of Contents
1 Introduction .........................................................................................................................9
1.1 Main system components .....................................................................................................9
1.2 User categories .....................................................................................................................9
1.3 How to use this manual .........................................................................................................9
1.3.1 Daily users................................................................................................................9
1.3.2 Advanced users .....................................................................................................10
1.3.3 Additional information .............................................................................................10
1.3.4 Conventions used in this document .......................................................................10
1.4 AEOS Basics.......................................................................................................................10
1.4.1 Doors and Access Points .......................................................................................10
1.4.2 Entrances and Entrance Groups ............................................................................11
1.4.3 Carriers and Identifiers ...........................................................................................11
1.4.4 Authorization ..........................................................................................................11
2 Using AEOS .......................................................................................................................13
2.1 Logging on to AEOS ...........................................................................................................14
2.1.1 Language ...............................................................................................................15
2.2 Logging off from AEOS .......................................................................................................15
2.3 Searching for data ...............................................................................................................15
2.3.1 Searching tips.........................................................................................................15
2.3.2 Sorting search results ............................................................................................16
2.3.3 Customizing search results ....................................................................................16
2.3.4 Selecting search results .........................................................................................17
2.3.5 Printing and exporting search results .....................................................................17
2.3.6 Searching by fingerprint .........................................................................................17
2.4 Licenses ..............................................................................................................................18
2.5 Bookmarks ..........................................................................................................................18
2.5.1 My tasks .................................................................................................................18
2.5.2 My queries ..............................................................................................................18
2.5.3 Saving Favourites ..................................................................................................19
3 System Management: Basic Configuration ....................................................................19
3.1 Logging in for the first time / Changing password ...............................................................20
3.2 User roles ............................................................................................................................20
3.3 Users ...................................................................................................................................21
3.3.1 Assigning a new password .....................................................................................22
3.3.2 Activate disabled account ......................................................................................22
3.3.3 LDAP users ............................................................................................................22
3.3.4 Connected users ....................................................................................................22
3.4 Access points ......................................................................................................................23
3.4.1 Confirming Access points .......................................................................................23
3.4.2 Viewing access point status ...................................................................................23
3.5 Entrances ............................................................................................................................23
3.5.1 Defining a new entrance ........................................................................................24
3.6 Day/time schedules .............................................................................................................24
3.6.1 Defining day/time schedules ..................................................................................25
3.6.2 Day/time schedule filters ........................................................................................26
3.7 Templates ...........................................................................................................................26
3.7.1 Defining templates .................................................................................................27
3.7.2 Template filters .......................................................................................................29
3.8 Free fields ...........................................................................................................................29
3.8.1 Creating free field categories .................................................................................29
7 Entrances ...........................................................................................................................47
7.1 Adding a new entrance .......................................................................................................47
7.2 Automatic schedules ...........................................................................................................47
7.3 Entrance priority list ............................................................................................................47
7.3.1 Locations labels .....................................................................................................47
7.3.2 Functional entrance labels .....................................................................................48
7.4 Manual unlock .....................................................................................................................48
7.4.1 Manually unlocking an entrance.............................................................................48
7.4.2 Emergency entrance groups ..................................................................................49
7.4.3 Reloading an entrance ...........................................................................................49
7.4.4 Creating an entrance passage ...............................................................................49
7.5 Entrance groups ..................................................................................................................50
7.5.1 Entrance group labels ............................................................................................50
7.6 Entrance filters ....................................................................................................................50
7.6.1 SOAA entrance filters .............................................................................................51
7.6.2 Offline entrance filters ............................................................................................51
8 Events and alarms ............................................................................................................51
8.1 Viewing events and alarms .................................................................................................51
8.1.1 Event filters.............................................................................................................52
8.1.2 Customizing text event appearance .......................................................................52
8.1.3 Configuring photo events .......................................................................................52
8.2 Viewing logged events ........................................................................................................52
8.3 View audit trail .....................................................................................................................53
8.3.1 Audit trail filter.........................................................................................................53
8.4 Viewing carrier presence ....................................................................................................54
8.5 Archiving .............................................................................................................................54
8.5.1 Restoring from archive ...........................................................................................55
9 Reports ...............................................................................................................................56
9.1 Enabling and setting the report generator ..........................................................................56
9.2 Importing designs ................................................................................................................56
9.3 Generating reports ..............................................................................................................57
9.3.1 Generate a report now ...........................................................................................57
9.4 Viewing a report ..................................................................................................................58
10 Faces ..................................................................................................................................58
10.1 Creating a face ....................................................................................................................60
10.2 Defining items .....................................................................................................................60
10.3 Defining frames ...................................................................................................................61
10.4 Creating a face ....................................................................................................................61
10.4.1 Access point status face ........................................................................................61
10.4.2 Access point view face ...........................................................................................62
10.4.3 Button camera face ................................................................................................62
10.4.4 Fall back photo event face .....................................................................................63
10.4.5 Gate monitor face ...................................................................................................63
10.4.6 Input status face .....................................................................................................63
10.4.7 Map alarm handler face .........................................................................................64
10.4.8 Multi-tab face ..........................................................................................................64
10.4.9 Switch view face .....................................................................................................64
10.4.10 Text alarm handler face .........................................................................................64
10.5 Selecting a face...................................................................................................................65
10.6 Using Favourites for quick access ......................................................................................65
10.7 Opening several faces simultaneously ...............................................................................65
1 Introduction
AEOS is a powerful, user-friendly security management system based on smart network
technology. This high-security access control system allows you to control who enters your
grounds or premises, which areas they have access to, and when they have access.
Please note that the AEOS version described in this manual may differ from the one used by
your company. Two important factors are:
that the availability of functions depends on your user role and on which optional modules
have been installed (license options, see Sections 2.3.6 and 2.4);
that the interface may look different because the AEOS style sheet (CSS) can be
customized;
The terms and concepts used in AEOS are described and explained in Section 1.4.
AEOS is configured so that daily users only see the menu options needed to carry out their daily
tasks.
Using AEOS ,
Chapter 5 Identifiers,
Chapter 7 Entrances.
Apart from these standard access control functions, AEOS also has various optional functions.
These are described in separate chapters at the end of this manual (e.g. Anti Pass Back,
Verification, Counting, Vendor Management, Security Level Management, Locker Management,
Guard Tour, Alarm Handler). Availability of these options depends on your license file, see also
Section 2.4.
At the end of this manual you will find the AEOS menu structure, listing all menu items and
references to the corresponding chapters or sections of this document. The numbers are
internal hyperlinks that can be followed by using <Ctrl + click>.
Access Point
2
door entrance
1 3
Access Point
entrance group
4
Figure 1. Relationship between doors, access points, entrances and entrance groups.
Entrances with the same authorization can be grouped into Entrance Groups (4), e.g. all
emergency exits, all of the doors in a single office unit, etc. Entrance groups can be labelled
using the non-hierarchical labels Organization, Area and Region at Authorization –
Maintenance – Entrance group labels. These labels are meant to facilitate the searching
for and retrieving of entrance groups when defining templates or (rule engine) rules.
See Chapter 7 for more information on entrances.
1.4.4 Authorization
In AEOS, authorizations are defined by laying down a combination of data related to:
A carrier (person / vehicle).
An identifier (e.g. a badge).
An entrance (group) combined with a day/time schedule.
Authorizations are defined in a template that is easy to maintain and assign to carrier groups or
categories. Carriers may be assigned more than one template. A template is a combination of a
day/time schedule with entrances or entrance groups.
If none of the templates available matches the authorizations you wish to assign to a specific
carrier, you can create a profile. A profile is a combination of an entrance (group) with a
day/time schedule assigned to a single carrier.
When defining a template, it is possible to use both entrances and entrance groups. However,
certain settings have higher priority; entrance settings override entrance group settings and
entrance group settings override templates.
Example: Door 1 is part of a template with a time slot of 5 a.m. to 6 p.m. Carrier A is assigned a
profile authorizing him to use Door 1 between 5 a.m. and noon. If this carrier presents his badge
at Door 1 at 2 p.m. (or another time after 12 noon), he will not be granted access. This is
because the entrance settings (including the time slot) override the template settings.
Note: Authorization settings should be kept as simple as possible. Configurations with many
(overlapping) templates are difficult to maintain.
2 Using AEOS
AEOS is a web-based application, which means it can be opened in a normal web browser (e.g.
Firefox or Internet Explorer). Hence, mouse and keyboard functions are similar to normal web-
browsing.
One important exception to this is the Back button in the top left corner. This will seldom bring
you back to the previous screen. Back works only on pages where no data can be entered. If
you use the Back button from a screen where you have entered information, you will see the
following message: Warning: Page has Expired. Instead of the Back button, use the Cancel
button (bottom right) or the menu to re-open the function without saving the information you
entered.
1. - icon: shows which version of AEOS is running, which user is logged on and which
Security Scenario is active (if applicable, see Chapter 22)
2. Main menu.
3. Submenu: Each submenu contains one or more AEOS screens.
4. Click on this button to open Help.
5. Click to log off the current user and return to the login screen.
6. Bookmark your favourites and your most frequently used tasks and queries. See Section 2.5
for more information.
7. Menu to switch languages.
8. User name and the user’s full name.
9. Dropdown menus: Use the [↓] and [↑] icons to expand or collapse fields. Click Expand all to
show all menus, or on Collapse all to hide all. Save expand state saves the current
settings.
Figure 2 shows a typical AEOS screen. Your own screen may look different due to your user
rights or your company’s license options. The screen layout can be customized further by
changing the Cascading Style Sheets (CSS). For more information on changing Style Sheets,
see the AEOS Advanced Installation Manual or ask your supplier.
Many AEOS screens are divided into two: a search frame (upper half) and a result frame (lower
half). The search frame has fields that you can fill in partly or completely. These are the search
criteria AEOS will use to retrieve data. This frame also contains several buttons related to the
search criteria. Required fields are marked with an asterisk (*).
The results frame lists the search results (arranged in rows and columns) or displays the text
‘No results found’. The buttons at the bottom of this frame allow you to process the results. The
icons in the bar separating the search frame from the results frame allow you to customize the
way in which the results are presented by changing the column settings (see also Section
2.3.3).
When you log on to AEOS for the first time, you must use the password you have been given by
the system administrator. You will be asked to change your password after you log on. See
Section 3.1 for more information.
2.1.1 Language
The AEOS login screen starts up in whatever language the browser is set to. After a user logs
on, AEOS switches to the language set for that user. To set the default language for a particular
user, go to Management – System users – Maintain user. See Section 3.3 for more
information.
Users can also switch languages after logging on by selecting another language from the
dropdown box (bottom left of the screen).
After you have logged off, the event monitor remains active. Turn off the event monitor by
clicking on the small cross at the top right in the ‘View Event Monitor’ screen. Clicking on events
is now no longer possible, as you are no longer logged in.
If you click Search without entering anything, the system will search for all data associated with
this screen. If you click the button next to a field, the system will search for all data
associated with this field. To narrow your search, enter search criteria in one or more fields.
Search results appear in the results frame (the bottom half of the screen).
Frequently used search criteria can be saved in My queries. See Section 2.5.2 for more
information.
If you want to find a very specific piece of information, such as a badge number, type the
number followed by <space>, e.g. 12<space>. Without the <space> the system would
display all numbers starting with 12, i.e. 12, 121, 122 etc.
If you want to retrieve data containing certain specific characters, type %<characters>.
For example, to find all numbers containing 50, type %50. (The result will include 50, 150,
1050, 12509, etc.).
By setting Max. rows you can indicate how many rows of results you wish to see.
Note: Retrieving a long list may take a while. Narrowing your search will make retrieval
faster.
Dates are entered as dd/mm/yyyy, e.g. 15/03/2008. The following formats are also valid:
dd.mm.yyyy and dd-mm-yyyy. Use the calendar button to the right of a date field to display
a calendar and select a date. Or enter $now to fill in the current date or time (see also (see
also chapter 2.5.2.2)
Search operations may be case-sensitive, depending on how AEOS has been installed and
how your database is configured. For details, ask your system administrator.
Use the Reset button to clear all search fields.
If you have conducted a search in one of the carrier search screens and nothing was found
(‘No results found’), clicking the New button will automatically transfer any information you
entered on the search screen to the ‘announce’ screen.
Note: The New button is visible only when no results are found.
If the system administrator has enabled the option ‘Can specify carrier search options’ at
Management – System users – Maintain user – tab Defaults, you can choose whether you
want to search using AND or OR between the different fields you have filled in. If you are
not authorized to change the carrier search options, either AND or OR will be preset.
o AND: the search results must match the search criteria perfectly.
o OR: the search results must match at least one of the search criteria.
Depending of the used database (contact your system administrator) more search options
are possible: e.g. for SQL databases
o Underscorse can be used to replace just one character (John_on will result in
Johnson but also Johnzon)
o [a-e] can be used in a string field to search on all characters between the a and e.
For example, <arrow up> () next to a character field such as Name means: Sort A-Z. Clicking
the field name again reverses the order: Sort Z-A (<arrow down> ()).
Click > to transfer a selected field from the Selectable to the Selected category.
Click >> to select everything (use all available fields).
Click < to deselect a field by moving it from the Selected to the Selectable category.
Click << to move everything to the left (use none of the fields).
Select several items at the same time by pressing <Ctrl> or <Shift> while clicking on them.
You can use the Up, Down and Sort buttons to customize the order of the search result fields.
Click Sort to sort by alphabet. Click Up or Down to move items up or down in the list one step
at a time. Save this order by clicking on OK, or press Cancel to restore the default setting.
Customizing the search results with Select columns ) allows you to view and present the
search results in the desired order, both on screen and on hard copy.
You can customize the width of the columns by dragging the vertical lines separating the field
names.
Use the Reset columns icon ( ) to restore the original setting. Clicking on the Save column
settings icon ( ) allows you to save these settings. AEOS will use these settings every time
you log on. In this way, every user can save personal preferences.
Note: The Select all checkbox selects only those items that are visible on the screen. If the
search results exceed the number of rows set at Max. rows, the items that are not displayed
are not selected.
With an AEOS Blue license, the Sagem Identification option can be enabled at Administration
– Maintenance – Settings – System properties. With an AEOS Classic license, users must
have a license to use the Sagem Identification option.
For more information on configuring a Sagem fingerprint reader, see the Sagem Installation
Manual.
2.4 Licenses
Your license determines which AEOS features and options are active in your configuration. The
license determines the number of authorized badges and active users, for instance. It also
determines whether you can use optional features such as Security Levels. To view your
license information, go to Configuration – License – Info. The Software options and
Embedded options tabs show your current license and configuration.
As a system administrator, you can determine for each user whether she/he can exceed the
license (Management – System users – Maintain user). If your configuration exceeds your
license for certain features, these will be marked in red. You have 30 days to renew your license
before AEOS functionality becomes restricted. If your license has expired, you need to contact
your dealer in order to upload a new license file or activate a license request. Prior to this
expiration date, a message will pop up when a user logs on, showing the date from which these
features will no longer be available if you do not renew your license.
Note: This pop-up is visible only if you are set to receive license notifications by the system
administrator.
To update your license, fill in the Additional required column and click Renewal file to save
the file and send it to your AEOS dealer. Import the new license file via Configuration –
License – Import. Once you have imported the new license, it will immediately become active.
2.5 Bookmarks
Most AEOS users regularly or frequently use the same functions. For quick access these can
be bookmarked using My Tasks, My Queries and Favourites in the bottom left corner of your
screen.
2.5.1 My tasks
Every system user may opt to store frequently performed tasks in My tasks. This task pane
appears automatically when you log on. It provides quick access to the menu items you use
most frequently. Its content can be managed at Management – System users – Maintain
tasks.
2.5.2 My queries
If you often use the same search criteria, you can store these as queries on the My Queries
pane. To save a query:
1. Go to any search screen and fill in your search criteria.
2. Click the Save query as … button.
3. Give the query a name and enter a description, if desired.
4. If you enable Auto refresh and enter an Auto refresh interval (in seconds), this query will
be rerun at that interval. This can be useful for monitoring access to a specific zone, for
example.
5. Click OK to save the query.
You can access your queries by clicking on My Queries in the bottom left corner of the screen.
2.5.2.1 Assigning My Queries to all users in a user role / other user roles
Frequently used queries can also be applied to every user in the same role (e.g. all
receptionists, all security guards). On the Save query as… screen, tick the box at ‘Apply to
users with same role (name of role)’
At Management – System users – Maintain my queries queries can be copied to be used for
all users in one of the other user roles.
If you view the log, for instance, at (Monitor – Events – View), you can enter $date in the
From field (and leave the times set at 00:00 and 23:59). If you save this query and then
access it via My Queries, the log will display all the events of that day.
It is also possible to define a dynamic range, for example to display all events in the last three
days. To do so, enter $date in the Until field and $date-3 in the From field. When you access
this query, AEOS will automatically replace the $date-3 value by the current date minus three
days.
Possible entries are e.g : $now, $datem $time, $now $time-M30 (current date and
time minus 30 minutes)
Give a description and enter the name of the Favourite site in the URL field (e.g.
http://www.nedap.com).
At Management – System users – Change user favourites a user can select items to make
his own selection out of the pre-defined Favorites.
1. Log in for the first time and change your own password. (see Section 3.1)
2. Define user roles for all user types. (see Section 3.2)
3. Register users and assign them a user role. (see Section 3.3)
5. Define the entrances of your company and assign access points. (see Section 3.5)
7. Define templates (when and where badges are valid). (see Section 3.7)
All system users can change their password (of at least 6 characters) at Management –
System users – Change password. System administrators can determine whether users must
change their password after logging on for the first time and how long this password remains
valid (see Management – System users – Maintain user role – tab Password restrictions).
Note: Only a system administrator (or other authorized user) can create or change someone
else’s password (see Section 3.3.1 Assign new password)
To create or change a user role, go to Management – System users – Maintain User role.
Here you can:
determine which tasks users in this role should be able to perform (tab Function);
determine what information users in this role may see on their screens and change (either
once or regularly) (tab Configuration);
set password restrictions (tab Password restriction).
Manually creating a new user role (see below) is time-consuming. Because roles often overlap
with only minor differences in settings, you can use the Copy button to copy the existing user
role to a new screen. This copy will automatically receive the name ‘Copyof<rolename>’, e.g.
Copyof Receptionist. Then, make the necessary changes and save the role under a new
name.
In the Search value column you can define whether this field is Visible, Hidden or
Mandatory in queries.
In the Input case column you can determine whether the input in this field must be
entered in Upper case, Lower case or Default (either case).
The Input direction column allows you to indicate whether input is entered Left to
right, Right to left (Hebrew, Arabic) or Default (either direction).
5. Set the parameters for the use of passwords (tab Password restrictions).
Expiration days (in days): number of days a password is valid. Upon expiry, users
must enter a new password.
Passwords to remember prevents users from recycling old passwords.
Enabling Use strong passwords forces users to include at least one lower case
character, one upper case character, one number and one special character in their
password, e.g. ‘MyPassword%1’.
License warning disabled disables the pop-up message that warns users that their
license is about to expire (this pop-up is usually disabled for everyone but the system
administrator).
Enabling Allow reset password authorizes the system administrator to change the
passwords of other users in this role.
3.3 Users
After defining the user roles, you can register the people who work as AEOS system users. To
add new users or edit existing users’ rights:
1. Go to Management – System users – Maintain user.
2. Click New (bottom right) to add a user.
3. Edit the details under the following tabs:
User
General user information e.g. name, password, role, session information. For easy use,
user templates can be defined at: Management – System users – Maintain User
Template Configurations.
Defaults
Sets the default templates, identifiers and enrolment stations.
Free field defaults
You can enter default values for free fields, if applicable. See Section 3.8 for more
information on free fields.
Units
You can specify for every user which units they are able to see on their screen. This can
be used when two companies share a building as well as AEOS. For more information
on units, see Section 4.2.
Entrances
Here you can select filters for this user and determine for which entrances this user will
be authorized to announce and give access to carriers or see events in the event
monitor. For more information on entrance filters, see Section 7.6.
Event types
Allows you to set the appropriate event filters for this user (to control which events this
user can see). See Section 8.1.1 for more information on event filters.
AEpus
Select the AEpu filters for this user to define which AEpus this user may see. See
Section 4.11 for more information on AEpu filters.
Workstations
Select the workstations this user may log in from. If no workstations are selected, no
restrictions apply and this user may log in anywhere. See Section 4.2.1 for more
information.
Schedules
Select the appropriate day/time schedule filters for this user to restrict the schedules this
user can see. For more information on day/time schedule filters, see Section 3.6.2.
Counting
Determine which counting zone managers are visible to this user. For more information
on counting zone managers, see Chapter 13; for counting zone manager filters, see
Section 13.4.2 .
APB
Here you can select the appropriate APB zone manager filters for this user. For more
information, see Section 12.6.
Alarm handler
Here you can select the appropriate Alarm instruction group filters for this user.
Cameras
Here you can select the appropriate camera filters for this user.
When a user logs on to the AEOS system, he/she is validated by the LDAP server. Access to
AEOS is granted when the LDAP server has authenticated the user and when he/she is
recognized by AEOS. If the user is not recognized by AEOS, a default LDAP template is used to
create a user with this user name and password in AEOS. If the LDAP server does not
authenticate the user, he/she will be denied access to AEOS. During set-up the system
administrator can determine what the protocol is when no connection with the LDAP server is
available.
The default settings for LDAP users can be configured at Management – System users –
Maintenance LDAP user template.
Note: If AEOS warns you at any point in this process about problems that have been detected,
please contact your Nedap dealer.
3.5 Entrances
Entrances give access to rooms, buildings, etc. Usually, entrances consist of doors or turnstiles.
An entrance can consist of one or more doors, gateways, barriers, etc., which provide access to
the same area.
A single entrance can have multiple access points (for example, one access point for the ‘In’
direction and one for the ‘Out’ direction). If several entrances give access to the same room or
building (e.g. two front doors), they can be grouped into entrance groups.
At Configuration – Maintenance – View configuration you can select Only check Jini
status. If enabled, the AEpus are checked from the lookup server to ascertain that they are
identical to those on the lookup server. The lookup server refreshes every AEpu every 60
seconds by default. If the ‘check Jini status’ option is not enabled, AEOS checks the network for
available AEpus, which, in large networks, can take a long time.
Example
Your company is housed in two buildings: Building 1 has a main entrance consisting of two
turnstiles and a door. Someone entering the building can use any of these three entry points.
The two turnstiles and the door are grouped and respond in the same way when a badge is
presented. The three entry points (4 access points, AP1 t/m AP4) together form a single
entrance group in AEOS. (T1).
T2
AP5 AP6 AP11
T6
Area 1 Area 4
T7
AP14
AP4
Area 3
AP3
T4 T5 Area 5
AP12
T1 AP7 AP8 T8
AP2 AP15
T9
Area 6 AP13
AP1 T3 T10
AP9 AP16
Area 2 AP10
Building 1 Building 2
While defining an entrance you can add functional labels. These are freely definable
characteristics that will facilitate grouping and finding entrances. To define these characteristics,
go to Administration – Maintenance – Labels – Functional entrance labels (see Section
7.3.2).
Note: You can also use the physical entrance labels (Locations) Country, Site and Sub-site as
search criteria (see Section 7.3.1.)
Note: The Inner zone and Outer zone fields are used for Anti Pass Back, see Chapter 12.
Inner count zone and Outer count zone are used in Counting, see Chapter 13.
If your configuration runs in various locations in different time zones, AEOS uses local time for
applying schedules.
Note: It is essential to plan your day/time schedules to fit with your company’s business hours.
If you define the time slots too narrowly, people and cars may regularly be locked out or in.
Caution: Without day/time schedules, you cannot issue badges or set automatic unlock
schedules.
The filters allow you to determine which day/time schedules each user can see.
3.7 Templates
Templates simplify the authorization procedure by combining day/time schedules and entrance
(group)s in certain fixed combinations so that these do not have to be linked manually every
time you issue a badge. You could create a template granting access to a certain part of the
building during office hours, for instance. This template could be assigned to all employees in
the department housed in that part of the building.
More complex authorizations can be given by assigning multiple templates and/or profiles to a
carrier.
entrance 1
08:00 - 17:00
(office hours)
13:00 - 22:00
(late shift) entrance 2
04:00 - 12:30
(early shift) entrance group A
entrance 3 entrance 4
Template B
(production)
Template A Template C
(production) (maintenance)
templates
To define a template:
1. Go to Authorization – Maintenance – Templates.
2. Search and select an existing template or click New to create a new template.
3. Click on one of the Add buttons to add entrances or entrance groups.
4. Use the search function to find the entrances or entrance groups that you wish to combine
with a day/time schedule.
5. Select the entrances for this template and click OK.
6. Select a day/time schedule from the list.
7. Click OK to save the changes.
8. If you wish to add another entrance/schedule combination, click Add again and repeat
steps 4 through 7.
9. On the final (overview) screen, click OK to save the template.
You can copy a template by selecting it and then clicking on the Copy button. You can then
modify the copy of this template and save it under a different name.
Example
Employees have access to doors T1, T2 and T3 from Monday to Friday, between 7 a.m. and 7
p.m. On Saturdays, they have access to door T6 from 9 a.m. to 12 noon.
The following table shows how this should be put into a template:
General employee
T1 Week
T2 Week
3.7.2 T3 Week
T6 Saturday morning
Template filters can then be assigned to individual users by going to Management – System
users – Maintain user. Select a user and on the User tab select a filter in the Visitor template
filter field to determine which templates this user is allowed to see.
You can add free fields to all employee, visitor, contractor or vehicle screens by:
1. Creating categories at Administration – Maintenance – Free fields – Free field
categories (3.8.1).
2. Creating free fields and putting these in a particular category at Administration –
Maintenance – Free fields – Free fields (3.8.2).
3. Activating the user rights for these fields at Management – System users – Maintain user
role (3.8.3).
Column: order (left to right) in which the field appears on the screen (1 = first column, 2 =
second column, etc.)
Sequence: order (top to bottom) in which the field appears in a column (1 = first in a
particular column)
Language and Name for language: these fields allow you to set – for every language –
under what other name this field appears if an AEOS user switches to that particular
language.
Free field category: select the category in which this field will be displayed on the screen.
Length: enter the number of characters to set the field’s length.
Default value: If this free field is mandatory, the value you enter here will automatically be
assigned to any carrier created before this field existed.
Auth. usage: if you have selected the field’s data type as Date or Date and time , then
you can indicate here whether an authorization is valid From or Until the date entered.
Dates entered here override existing Start and End date fields. These fields can be used
for certificates or permits that serve as an extra authorization option.
Note: If more than one period is defined in AEOS (e.g. for contractors, visitors and free
fields), AEOS will use the shortest of these periods as the period of validity.
Validator: choose whether you want AEOS to check input for validity using one of the
following; Eleven test for checking bank account numbers, Israeli ID and BSN
(Dutch social security number). If you leave this field empty, the validity is not checked.
Parent field: for navigational ease, you can choose to create hierarchical relationships
between free fields within a category. In order to make a field ‘dependent’ on a parent field,
select the appropriate field from the dropdown menu. The number of fields that can be
strung together in this way is infinite.
Note: This field is selectable only if the Lookup field box in the next column has been
checked.
Mandatory: check this box if filling in the free field should be mandatory.
Caution: Be careful when making fields mandatory or adding mandatory fields in a system
already containing data. If you make a free field mandatory, it is no longer possible to change
the settings for this field at Management – System users – Maintain user role – tab
Configuration.
2. On the Configuration tab you will find a complete list of fields. You can set the read/write
values for each of these.
3. Activate any changes by clicking on OK.
3. Click Pull to have the system search the database for existing entries for this field. Any
values found will be listed. This is a useful feature if you have been using this free field
without lookup and are now turning it into a dropdown list.
4. Click New to manually add items to the list.
5. When defining new items, you may enter a value in the External value field, which a third
party system can use to communicate with AEOS. This is relevant only if your company has
a third party system that needs to extract free field information from AEOS.
Go to Management – System user – Maintain user tab Free field defaults to assign the Free
field lookup filter to users.
It is also possible to add free fields to the ‘standard field’ part of the screen (the top part of an
‘announce’ screen.
Free fields in the ‘Base’ category will appear in the upper frame on the ‘announce’ screen in the
order you specified. The ‘standard’ fields are moved further down this part of the screen.
For the time being only one CAP - the Pager number - has been implemented:
1. Go to Administration – Maintenance– Free fields – Free fields CAP assignments.
2. At the Field name select a free field to be linked to the Pager number (only the free fields
defined as is CAP field are shown).
3. Activate any changes by clicking on OK.
This field and the authorizations have now been sent to the AEpus, where the can be linked
using AEbcs (for this additional software components need to be configured on the AEpu).
You can also use the system properties to define certain fields or indicate which options are
available and which default values are to be used in AEOS. System properties are listed in
Administration – Maintenance– Settings – System properties (for an overview of all
properties, and a brief description of their function, see Appendix A).
4.1 Printers
AEOS can use various types of printers to print events, labels or cards:
Event printer: AEOS records all activities at the access points: which badges have been
presented at which entrances, which doors have been opened manually, etc. In AEOS,
these are referred to as text events. The recorded text events (including alarms) can be
printed out on event printers. This is done online. Once a printer has been defined (on a PC
or an AEpu), it prints text events as determined by the event filter set for that printer.
Event printers can be selected while defining event filters at Administration – Filters –
Event filters (see Section 8.1.1).
Label printer: If an identifier is printable (e.g. a barcode), it is printed on a label printer
when it is issued. (For more information on label printers, see the AEOS Advanced
Installation Manual).
Label printers can be selected while maintaining users at Management – System users –
Maintain user (see Section 3.3).
Card printer: Set your default card printer, if applicable. If you use this and the option
Badge printing user interface, a Print badge button is automatically added to the visitor
‘announce’ screen. Use this button to print a badge immediately after registering a visitor.
The layout of the badge can be customized. Refer to the Advanced Installation Manual for
further details. See also section 11.3).
With an AEOS Blue license, the Badge printing user interface option is free. With an AEOS
Classic license, users must have a license to use the Badge printing user interface option.
Note: The restrictions related to units do not apply to someone in the role of AEOS
‘administrator’. He/she can maintain all information in the system.
A unit can comprise several departments. See Section 4.2.1 for defining departments and
assigning them to units.
To allocate a unit to a user or to define which units a user can view or edit, go to Management
– System users – Maintain user. On the Units tab you can specify the user’s rights to view or
modify data for the available units. If a unit is hidden, the user will not be shown any data
relating to this unit.
4.2.1 Departments
Specify which departments your company or organization is divided into. Departments simplify
the process of searching for (groups of) employees. You can select to which department a
carrier belongs on the Person – Employee – Announce and Vehicle – Car – Announce
screens. Departments are always linked to units (if the Units option is enabled).
4.3 Workstations
You can restrict each user’s access to AEOS by limiting the workstations where they can log in.
For example, AEOS can be set to deny receptionists access to all workstations except those at
the reception desk. To use this feature you must first define workstations and then assign them
to specific users.
Note: If no workstations are defined, AEOS is accessible from any workstation in the network,
provided you have a user name and a password to log in.
Note: Only change the system properties if you are authorized to do so by Nedap or a Nedap
dealer.
To show either or both messages to users, check the Event enabled box. Messages can be
composed in any of the available languages.
4.6 Holidays
To grant authorized persons and vehicles access to the premises on public holidays, check the
Access during holidays box on the ‘announce’ screen. Holidays can be defined as entire days
or as half-day events taking place between certain hours. It is also possible to make local or
regional distinctions and set different holidays for premises in a certain region only.
To set a public holiday, you must always specify the entrance(s) to which access is granted
during holidays. Holidays can be specified per location. For each location you can define the
country, site, area and the entrances. Within the same AEOS system you can define different
holidays for various geographical locations.
Select one or more access points and select one of the following:
Access control activated: access control is operational (default setting). Only authorized
carriers can enter.
Locked (access control deactivated): the access point remains closed (locked), even to
carriers with valid badges.
Note: Only the emergency unlock function, directly connected to the hardware, can now
unlock the door.
Unlocked (access control deactivated): the access point is inactive (the door is
unlocked). Anyone can enter. No badges are needed.
The ‘last time discovered’ and ‘last time discarded’ fields show when AEOS last had contact
with the AEpu and when AEOS first lost contact with the AEpu.
To assign a filter to a user, go to Management – System users – Maintain user, select a user
and go to the AEpus tab.
By composing a Maintenance mode message you can inform users that it is not possible to
login. When users try to log in, they will be notified that this is not permitted (Users are not
automatically logged out when this mode is activated)
Clock on the Add users button to select users who are to retain access while AEOS is in
maintenance mode.
5 Identifiers
AEOS uses identifiers (usually badges) to recognize carriers (persons or vehicles) at access
points.
When an identifier is presented at an access point, AEOS looks up the carrier linked to the
badge. AEOS then checks whether this carrier should be granted access (based on day/time
schedules, templates, etc.). Authorizations are linked to carriers, not to identifiers. Therefore,
carriers can be issued more than one identifier.
Note: You can only issue a badge after defining day/time schedules and templates
(combinations of day/time schedules and entrance (group)s). See Section 3.6 for details.
Apart from regular badges, you can also issue a replacement badge. This may be necessary if
an employee has left his/her badge at home, for instance. Badges can also be withdrawn. This
is typically done when an employee no longer works for the company or when a visitor leaves a
building. Defective and stolen badges are withdrawn and blocked (to prevent misuse).
You can also search for carriers through Person – Visitor/Employee/Contractor – Search or
through Vehicle – Car – Search.
The template, entrance group or entrance can be re-enabled following the same steps and by
clearing the Disabled checkbox at step 3.
Issuing a badge is possible only if the carrier, i.e. a person (employee, visitor or contractor) or a
vehicle (car), has been registered (announced) in AEOS. To announce a carrier:
1. Go to:
Person – Employee – Announce.
Person – Visitor – Announce.
Person – Contractor – Announce (if your company uses Contractors)
Vehicle – Car – Announce.
2. Enter carrier data.
3. To issue a badge, go to the ‘Authorization’ dropdown menu and enter the necessary
authorization data:
a. Select a template that applies to this carrier or click >> to assign more than one
template or specific profiles to this carrier.
b. Select the Identifier type and enter a badge number or click >> to issue more than
one badge to this carrier.
c. If Use Identifier label (02.04) has been enabled in the system properties (see
Appendix A), you can select one of the predefined options in the Identifier label field.
For further details on how to define these identifier labels, see Section 5.7.
1. If your configuration uses verification (e.g. fingerprints, PINs), enter the verification type and
other relevant data. See Chapter 14 for more information on verification.
2. Click OK to save the information.
It is also possible to announce or pre-announce a carrier without immediately issuing a badge.
When you wish to issue a badge, go to the ‘announce’ screen or to Person –
Visitor/Employee/Contractor – Issue identifier. On this screen you can enter the
authorization data (template and/or profile) and issue a badge.
Note: If a passport scanner has been connected, you can use the Read document button to
read and automatically enter all personal information and the passport photo in AEOS. For more
information, see the AEOS Advanced Installation Manual.
To delete several badges at the same time, select multiple items and click on Delete selection.
Note: If a carrier has more than one identifier, but you only want to withdraw one, click >> first
and then the red X to the left of the identifier in question. Click OK to confirm.
The badge is now blocked. It will not provide access and cannot be reissued until it has been
unblocked. Obviously, badges that have been lost or stolen cannot be reissued again.
A replacement badge can be used in the same way as the original badge (authorizations are
identical). As soon as you issue a replacement, the original badge is blocked until the temporary
badge is returned and withdrawn.
Now the carrier’s original badge is operational again. The temporary block has been lifted. The
replacement badge that was withdrawn can be reissued to someone else.
This function may serve as a tracking device for badges, if, for example, the defined options
indicate the badges’ physical location but no actions are linked to the labels.
This feature can also act as a simplified badge management system, if blocking and unblocking
actions are triggered when a particular label is selected.
Caution: These parameters must never be changed in a system in operation, i.e. in which
badges have already been issued.
In order to prevent problems, you may choose to merge the various types of identifier. Users
can then simply select this new, merged, identifier type, or you can set it as the default value.
Identifier type mapping is possible only if you use Badge Management, since the maps you are
creating will contain series of badges that must be defined at Administration -- Badges –
Administration.
With an AEOS Blue license, Badge Management is free. With an AEOS Classic license, you
must have a license to use the Badge Management option.
Note: Only carry out identifier type mapping if you have been authorized to do so by Nedap or a
Nedap business partner.
After you have created maps, go to Administration – Badges – Administration to indicate the
range of badge numbers to be included in each map. See Chapter 20 for more information.
When issuing a badge, entering the badge number is sufficient for the system to automatically
select the right identifier type map. Identifier type maps can only be deleted if they are empty,
i.e. if there are no longer any identifier types assigned to them.
6 Carriers
Carriers are persons or vehicles who can be authorized to enter (certain zones in) your building
or site by means of an identifier (badge). AEOS distinguishes between four types of carriers:
Employees: people employed directly by your company.
Visitors: people visiting your company.
Contractors: people employed either by ‘vendors’ (i.e. companies/organizations that are
hired by your organization to carry out certain tasks) or by ‘subcontractors’
(companies/organizations hired by the contractor).
Vehicles: usually cars.
All authorizations in AEOS are linked to carriers rather than identifiers.
Assigned lockers: If your company is licensed to use Locker Management, you can see
here which lockers have been assigned to people.
Activate auto-block: If enabled, this function automatically blocks carriers whose badges
have not been used for an extended period.
Deactivate auto-block: Deactivates the automatic blocking function.
Block identifier:
Unblock identifier:
Set special: Allows you to mark someone as special if you want to monitor their
movements more closely for some reason. To use this feature, you must also indicate for
which event filter(s) the events caused by this carrier must be displayed (checkbox at
Administration – Filter – Event filters).
Reset special: Deactivates the ‘special’ status described above.
Set invisible: Allows you to make someone invisible to the system, i.e. events caused by
this carrier’s badges will not show up on the event monitor.
Reset invisible: Reverses invisibility.
Export photo: Export photos in their original format to a local file (CompressedPhotos.zip).
Select file name format from: Full name, Lastname_Firstname, objectid,
Person(nel).
For more information on how to configure this function, see the AEOS Advanced Installation
Manual.
Select the file you want to Import from. Check the Delete file box to remove the file after import
is complete. Click Start to import the file. Click Refresh to view the current import status.
At Administration – Import carriers – Overview you can see what happened during import
and whether the process was completed.
Caution: Be extremely careful when importing data; importing incorrect data may corrupt
access control and compromise security.
6.3 Visitors
If you use Visit Management option, please refer not only to the basic registration procedure
below, but also to multiple visits (Visit Management) in Chapter 16.
With an AEOS Blue license, the Visit Management option can be enabled at Administration –
Maintenance – System properties. With an AEOS Classic license, you must have a license to
use the Visit Management option.
The Read document button can be used to scan personal data and photos from a passport
and automatically enter them in the corresponding fields in AEOS. For further details on this
function, see Section 11.5 and the Advanced Installation Manual.
If the visitor has been registered before and his/her name shows up in the search results, you
can click on the visitor’s name. This will open the Person – Visitor – Announce screen.
This screen displays basic visitor data as well as information on the visitor’s first registration,
when his/her authorizations expire, and his/her last visit (date, time and last entrance used).
The ‘announce’ screen also shows additional headings (Event history; Logbook, History)
followed by an icon. If you click on the icon, a pop-up will provide information on the carrier’s
previous visits. The system may be set to display only the last visit, or any number of previous
visits (system property 2.50).
If the visitor is not recognized by AEOS, use the New button at the bottom right of your screen
to open the ‘announce’ screen. Any information entered in the search fields will automatically be
copied to this screen.
To select all the carriers in this list, check the top box.
Caution: Checking the top box means that ALL the carriers that match the search criteria have
now been selected, including those that are not visible because the list is longer than the
screen! Scroll down to see which carriers have been selected and double check whether you
want to remove all these as well.
Deleted carriers are no longer shown on screen, but information on these carriers remains in
the AEOS database as historical data.
The badges of carriers that have been deleted are automatically disconnected from those
carriers and are no longer valid. They can be reissued to other carriers.
If you do not know someone’s carrier type (visitor, employee, contractor), you can search for
them at Person – Shared functions – Maintain carrier.
select the carrier(s) whose type you want to change. In the Change to field, select the new
carrier type. Press <Enter> or OK to save the changes.
If you select only one carrier, AEOS copies the carrier’s data to a new screen of the selected
carrier type. AEOS removes the original carrier data.
If you select several carriers at the same time, AEOS copies their data to the new carrier type.
This process is not visible to the user. However, the search results reveal that the carrier type
has been changed. AEOS also automatically deletes the carriers’ data from the original carrier
type.
Note: When a carrier is blocked, this is displayed on the carrier’s ‘announce’ screen along with
the reason why he/she has been blocked.
The carriers or carriers’ badges will work again and the original authorization(s) will be restored.
7 Entrances
To prioritize entrances:
1. Go to Administration – Filters – Entrance priority list.
2. Click New to create a new list.
3. Give the priority list a name.
4. Click on Add entrances.
5. Search and select the entrances.
6. You can further prioritize the selected entrances using the Change order button.
7. Click OK to save the entrance priority list.
your search, particularly if you work in a large, multi-site organization. Suppose you need to find
a particular entrance but have forgotten its name, you may be able to find it by searching for it
by city and building.
Note: These are hierarchical labels, so all sites added here will be located in the one selected
country.
6. To define areas within one of the sites, select a site and click New in the ‘Sub site’ frame.
These areas will rank under the Site (under the Country) you have currently selected.
Once these labels have been defined, they can be attached to one or more entrances at
Configuration – Maintenance – Entrances.
An entrance that has been manually unlocked will remain unlocked for the specified unlock
time. This unlock time has been set on the AEpu.
System users can only unlock the entrances that are included in the ‘provide access’ filter they
have been assigned at Management – System users – Maintain user, tab Entrances, column
Provide access filter.
To close or open the desired set of entrances in a single move, select Lock NOW or Unlock
NOW. The unlocked entrances can now be used without a badge. Locked entrances will remain
closed even if a valid badge is presented.
The Authorizations section of the screen will display only those templates for which all
entrances are valid according to the entrance filter assigned to the system user.
Entrance filters are assigned to individual users, not to user roles. To assign an entrance filter,
go to Management – System users – Maintain user, tab Entrances.
SOAA entrance filters are assigned to individual users, not to user roles. To assign a SOAA
entrance filter, go to Management – System users – Maintain user, tab User. You can only
assign one SOAA entrance filter to a user.
Offline entrance filters are assigned to individual users, not to user roles. To assign an offline
entrance filter, go to Management – System users – Maintain user, tab User. You can only
assign one offline entrance filter to a user.
AEOS also maintains an audit trail, a record of all the operations performed by system users in
AEOS (see Section 8.2).
Viewing all events is often impractical because there are too many, so it makes sense to define
event filters which narrow down the events presented. You could opt to view only irregularities
that result from the presentation of an invalid badge, for example.
To select a filter or change default Photo event settings, go to Administration – Filters – Event
filters. The system will now show in real time all events and alarms that match the filter criteria
and send these to the event printer (if an event printer has been defined). To read how to define
event filters, see Section 8.1.1)
Note: If you double-click on the Details column in the events and alarms list, the carrier data
linked to this badge will be displayed.
Alarm: If enabled, the event name will be displayed in the alarm window (bottom half of the
event monitor) every time the event occurs.
Sound: If enabled, an audible warning signal (beep) goes off when this event occurs.
Background colour: Select a background colour for the row displaying this event.
Font colour: Select a font colour for the text describing this event.
2. Click OK to save the changes.
You can enter various criteria for retrieving these events, e.g. event type, entrance, identifier
type, carrier type, etc.
In the Log type field, select which events you want to see: Current, Current + Archive,
Archive, or Restored.
The Details field allows you to enter specific data, such as a badge number. By using this field,
you can retrieve all operations carried out using a specific test badge or check all operations
logged by a particular AEpu, for example.
To create a filter, go to Monitor – Logbook – Audit trail filter. The frame on the right shows all
items included in the audit trail, while the list box on the left displays selectable items currently
not included.
To see the presence list, go to Monitor – Presence – View presence Persons / Vehicles .
Enter a name or another search criterion, or click Search to see a complete overview of all
carriers present on site.
Carriers present for more than 72 hours consecutively are marked for your attention.
8.5 Archiving
Archiving allows you to move data from the active log file to an overflow table (both of which are
in the database) and from the database to a file. Archived data can be restored to the database
at a later time. Archiving can be used when there are problems with available disk space or
system performance. Archiving options are set at Administration – Archive – Archiving.
Archiving
DATABASE
OVERFLOW
File:
Archive
ARCHIVE
Restore table:
Restore
EVENTLOG
RESTORED
The overflow storage process removes entries from the log file and moves them to an
overflow table that is also stored in the database. This option limits the size of the log file,
providing better system performance and faster searching within log files.
4. Click OK to save the changes.
If you have checked the Archive overflow storage to file box, an Archive now button
appears after you have clicked on OK. Use this button to start archiving at any time.
Properties
Log size: Specifies the time constraints for the log file in the database. If the log file
exceeds these, entries are moved to the overflow file. The time constraints are set in days
or months.
Overflow size: Specifies the time constraints of the overflow file in the database. If the
overflow file exceeds these, entries are deleted from the database or written to a file if the
Archive overflow storage to file option has been selected.
Transfer interval: Specifies how often the log file is compared with the constraints. This
interval should be shorter than the time constraints set for the log and overflow sizes.
Next run on: Specifies when archiving must take place. Enter a date in the first field and a
time in the second.
Archive overflow storage to file: Check this box if you wish to save the overflow storage
to a file. You must also set an interval and a time for the next scheduled run. If this option is
not enabled, entries are removed from the storage overflow when this exceeds the specified
size.
Note: Because archiving runs as a background application is should not affect how AEOS
functions. Still, it is advisable to run archiving at times when AEOS is not likely to be heavily
loaded.
Archiving affects the log files that can be viewed at Monitor – Events – View (Event log) and at
Monitor – Audit trail – View. You can select the Log type, i.e. which part of the log file you
wish to see. Choose between Current + Archive, Current, Archive or Restored.
Log file entries that have been removed from the database (either deleted or moved to a local
file) can no longer be viewed.
9 Reports
The AEOS report generator allows users to generate reports based on information in the
database. The report generator is a license-free option in AEOS. Users may generate an
unlimited number of reports. To create a report, begin by importing a design from iReport, an
external (open source) program. For more information on iReport, see www.jasperforge.org.
In iReport, the user can specify the desired layout of the report and the database query (which
data the user wishes to retrieve from the AEOS database). This design must be saved under a
name with the extension .jasper. The design is then imported into AEOS, where it can be used
to generate reports with the variables included in the design.
Report filters (Administration – Filters – Report filters) can be added to a user to define
which reports this user is allowed to use.
4. Set the delay (in seconds) between selection of the Generate now (20.04) option and the
actual start of the report generation. If this value is set to 0 seconds, no immediate report
generation will be possible and the option Generate now will not be visible in the reports
function.
If you change any of these settings, you must restart the AEOS report server.
To determine which user roles can view and enable the report generator, go to Management –
System users – Maintain user role, tab Configuration.
6. E-mail address: a copy of the report will be sent automatically to the e-mail address
entered in this field
7. E-mail subject: the text entered here will show up as the subject of the e-mail message
8. As soon as you have selected a design, the query parameters you have defined for this
design will become visible. Select the parameters you want to use for this report.
9. Click OK to save the report.
Some parameters are automatically presented in a dropdown menu if you have given them a
particular name while generating the design in iReport. For more information on this feature,
see the AEOS_ReportServer_E manual.
As long as the report has not actually been generated, you can click on the name of the report
to change the settings or parameters.
If you click on Generate now in the Status column, the report will not be generated during the
pre-set time slot, but immediately (after the number of seconds’ delay specified in the system
properties).
After clicking on Generate now the Status column will read ‘Generating’ and the Priority
column will read ‘Immediate’.
Caution: Depending on the query, the Generate now command can affect overall AEOS
performance, because the report accesses the same database as the AEOS application server.
10 Faces
AEOS Faces are special graphic user interfaces designed to make AEOS more user-friendly,
more efficient and to prevent human error. A separate interface can be created for each user
role, geared specifically towards the tasks that end users need to perform in this role. These
interfaces offer maximum support and ease-of-use to individual end users.
Tabs, Doors is
selected
face
frame
Figure 7. Multi-tab interface in which each tab represents a different type of face. The selected
tab (All Doors) displays 6 items that each show the status of the Access Point and a button to
unlock it.
Note: The same item or frame can be used in several faces. An item can be used either in a
frame or directly in a face.
Face filters (Administration – Filters – Face filters) can be helpful to limit user rights.
Note: The user interface will be headed by the item Description you enter here rather than the
item Name.
Caution: AEOS must have access to those AEpus in the system that Faces interacts with,
otherwise the AEbcs will not be displayed in the list of available AEbcs.
If the door monitor contact is connected, the following statuses can be displayed:
Door open / closed
Door open too long
Direct door alarm
Door opened by schedule
If the door monitor contact has not been connected, only the icons representing the door open /
closed status are displayed.
The Face is designed to run independently of the AEOS server (all person names are stored on
the AEpu that runs the access point for this reader).
In Fallback the photo is not shown, the status bar reading Normal Mode (at green) now reads
Fallback mode (at yellow). If no connection is possible, the bar reads No Connection (at red).
The Gate monitor face can be used to manually open a gate, after the picture of the carrier
presented has been manually verified. This face is only active if the appropriate input is active. If
this input is not active, neither camera view or picture are shown
Status view
Button/Output
Status: reflects the status of the input. On the left, the input is active (light on), on the
right the input is inactive (light off).
Button: the button toggles the output depending on the status of the input. If the input
is active, the button will deactivate; if the input is not active, the button will activate.
From AEOS 3.1.7, all AEOS faces start as a Java application. The Java Network Launch
Protocol enables the applications to be launched ('Web Start'). When you activate a face, a .jnlp
file is downloaded from the AEOS Server. You need to open this file to start the face. If
necessary, configure the operating systems to associate .jnlp file types with the Java Web Start
launcher (javaws.exe).
11 Workstation Devices
Your supplier or system administrator can connect various devices to your workstation which
AEOS can communicate with. For example, a digital camera linked to your workstation would
allow you to take pictures using commands displayed on the AEOS screen. Similarly, you could
use AEOS to store signatures if a signature pad were connected to your workstation. Other
possibilities include printing a badge, printing a receipt for a badge, scanning all personal data
from a passport (including the passport photo) and automatically entering it into the appropriate
AEOS fields, or entering a badge number by scanning it with a device reader.
If the maximum number of photos is exceeded, the oldest picture is deleted (FIFO). The
maximum number of photos can be set for each carrier type at Administration – Maintenance
– Settings – System properties 22.02 through 22.05.
If you are authorized to extend the validity of photos (Management – System users – Maintain
user – tab Defaults – ‘May extend creation-date of photo’ checked), you can click on the
picture to extend its validity by the same number of days set in the system properties (22.02-
22.05) or you can take a new picture.
The links between the AEOS carrier fields and the parameters obtained from the passport
reader or other document scanner are defined at: Administration – Maintenance – Devices –
Document mapping.
Zone managers
Zone managers are software components that check and update APB zones. A zone manager
can be defined on a dedicated AEpu or can be loaded onto an existing AEpu (one per AEpu).
You can create more than one APB area within the AEOS system (for example, for different
buildings or sites), and accordingly, you can use more than one zone manager.
If the APB system was configured using Soft APB, all carriers with valid badges are granted
access, even if they are not authorized for a zone. APB violations (errors) are only recorded in
the event monitor.
If Hard APB was selected during configuration, then carriers that commit an APB violation are
denied access.
Note: If one or more entrances have not functioned properly for a while (because of a defect or
because a door was left open, for instance), then the APB must be reset manually (see Section
12.9.1 ). It is also possible to automatically reset APB per zone manager or per zone every day
(see Section 12.9.2 ).
If you are about to start using APB, it is advisable to set the system to Soft APB initially. This will
allow you to check whether everything has been configured correctly and whether there are
carriers who enter a zone without presenting their badge. Once Soft APB has functioned
satisfactorily and in accordance with your security requirements for a while, you can switch to
Hard APB. You need not switch the whole system at once, you can introduce Hard APB per
APB zone.
To see whether Soft APB works properly, check the event monitor and the audit trail. Any
carrier who caused an APB violation will show up there.
For APB to work well in practice, you must ensure that badges are not only presented at
entrances, but actually pass the entrances (by using turnstiles, for example). Carriers should not
be able to present a badge and then walk away without entering. Measures must also be taken
to ensure that two people cannot enter together using one badge. Furthermore, the APB zones
cannot have any loopholes through which carriers can enter another area without presenting
their badge.
Select the zone manager you wish to define and change its settings:
Description: Describes the zone manager.
Auto reset enabled: If enabled, zones are automatically reset to Neutral once a day, or to
another APB zone if you have specified this on the bottom half of the screen. This ensures
nobody is denied access because they failed to properly log off of AEOS the previous day.
Reset time: Specify the time for auto reset, usually a time when virtually no incoming or
outgoing moves are registered (e.g. at night).
Caution: Zone manager names may NOT be changed. Zone manager names are derived from
the AEbc name on the AEpu (<AEpuname>Zone managerImpl).
Caution: If communication with the zone manager has been interrupted, you must manually
reset APB or assign the carriers to the right APB zone (see Section 12.9). If you restart the zone
managers, the APB status for all carriers is reset to Neutral.
T6
Zone 4
T7
Zone 5
T8
T9
Zone 6 ‘Out’ direction
Outside ‘In’ direction
Use APB
You want to use APB for Zones 5 and 6 (two zones). Your next step is to specify for each zone
how and where it can be entered. You must also specify the entry points to the areas adjacent
to the APB zones (the neutral zone where APB does not apply). In this example, the neutral
zone (consisting of Zone 4 and Outside) is named Outer zone 4. This results in the following
table:
Zone In via
Zone 5 T7-In, T8-Out
Zone 6 T8-In, T9-In
Outer zone 4 T7-Out, T9-Out
applies, which entrances are covered by these zones, and whether these entrances are ‘zone
enter’ or ‘zone exit’
APB zone enter = the entrance through which carriers enter the zone,
APB zone exit = the entrance through which carriers leave the zone.
12.5.1 Example 1
Example 1 consists of one door per entry point, fitted with two badge readers: one on either
side.
Zone 4
T7
Zone 5
T8
T9 Zone 6
‘Out’ direction
Outside ‘In' direction
At Configuration – APB – APB zones, the APB zones for these entrances must be defined as
follows:
Zone Entrance Direction
Zone 5 T7 In
T8 Out
Zone 6 T8 In
T9 In
Outer zone 4 T7 Out
T9 Out
12.5.2 Example 2
Example 2 details the definition of APB zones with a standard access point There are two
direction-specific doors per entry point: one In, one Out. In AEmon, these doors have been
configured as Standard Access Points, with a fixed In or Out direction.
Each of the entrances from example 1 has now been divided into two entrances: one In, and
one Out. So T7 has become T7-1 In and T7-2 Out.
Zone 4
T7-1 T7-2
Zone 5
Outside T8-2
AP25
T9-1 T8-1
Zone 6
‘Out’ direction'
T9-2 ‘In’ direction
Two access points have been defined for T8: T8-1 In and T8-2 Out.
At Configuration – APB – APB zones the zones for these entrances can be defined as
follows:
Zone Access Direction
Zone 5 T7-1 In
T8-2 Out
T7-2 In
T8-1 Out
Zone 6 T8-1 In
T9-1 In
T8-2 In
T9-2 In
Outer zone 4 T7-2 Out
T9-2 Out
T7-1 Out
T9-1 Out
Note: In this situation, you must specify the direction for APB purposes – even for those
entrances that are physically impossible to use (e.g. T7-1 Out). In the table above, such
‘impossible entrances’ have been italicized.
APB has now been activated for all badges in the system. By default, APB applies to all
carriers.
Note: If an error message appears when you click on Configure, then there is no
communication with the zone manager. APB cannot function without a zone manager.
You can reactivate APB for this carrier at Person/Vehicle – APB – Activate. Select the carrier
from the list of carriers for whom APB has been temporarily disabled.
After (de)activating carriers’ APB, the APB zone is automatically reset to neutral.
13 Counting (optional)
Counting can be used to keep track of the number of times carriers enter and leave a certain
area, for instance a car park. When a specified limit is reached, the entrance is automatically
blocked. It is also possible to provide access to a count zone manually (see Section 13.5), or to
reset a count group manually (see Section 13.3 ).
If various groups of people or cars share a zone, such as a lobby or a car park, AEOS can keep
separate counts for each of these groups. Suppose two companies (two count groups) share a
100-car parking garage (one count zone). Each company is allocated 50 parking spots.
Counting can be used to monitor the number of cars for each company to ensure that neither
occupies more than their allotted number of spaces.
Count zone managers are AEbcs (Count manager AEbc) in an AEpu that record the number of
carriers entering or leaving a particular zone. In AEOS, one count zone manager can be
deployed on an AEpu, but it can monitor several count zones.
Carriers can be automatically reset every day, at a specified time when very few carriers are
likely to enter or leave the count zone (at night, for instance). This guarantees that counting
starts afresh the next day; so, there are no errors due to miscounts or incorrect registrations.
Note: Count zone managers monitor count groups, not individual carriers. Therefore, each
carrier must be assigned to a count group (see Section 13.4).
When a carrier leaves the zone, the number of carriers in the count group is updated.
If one or more entrances have not functioned correctly for a while (due to a defect or because
someone failed to close a door, for instance) the count zone can be reset manually (see Section
13.3).
To configure Counting:
Define count groups (see Section 13.2).
Assign carriers to count groups (see Section 13.2.1).
Specify the count zones, i.e. the areas to which Counting applies (see Section 13.2.2).
Link count groups to count zones (see Section 13.2.2).
Enable counting at Configuration – Counting – Configure counting (see Section 13.2.3).
The count groups you define here are presented in a dropdown menu on the ‘announce’
screens. When announcing a person or vehicle, select one of these count groups. System users
only see the count groups linked to the units for which they have been authorized.
Once you have a list of count zones and the entrances involved, you can enter these in AEOS
as follows:
1. Go to Configuration – Counting – Zones.
2. Click New.
3. Give the area (zone) a name.
4. You can enter an additional Description of the zone.
5. At Error policy, select how AEOS should respond when no communication with the zone
manager is possible. Choose between Grant access on error(s) and Refuse
access on error(s).
6. Select the zone manager.
Note: When communication with the count zone manager has been restored, you must
manually reset the count zones (see Section 13.3).
7. In the Alert at field, enter the number at which an ‘almost full’ alert must pop up on the
event monitor. This value must be lower than the maximum.
8. At Maximum number , enter the number at which the entrance must be blocked (when the
area is full).
Carriers will only be able to leave the zone if adjoining count zones (which exiting carriers
have to enter) have room for them. Ensure therefore that adjoining zones are set to a
sufficiently high limit.
9. Use the Add "in" entrance and Add "Out" entrance buttons to include entrances in a
count zone.
10. Use Auto reset enabled and Reset time to automatically reset the count zone at the
specified time.
11. Check the Neutral zone box to create a count zone where AEOS does not need to count
carrier movements, e.g. outside.
12. Click OK to confirm.
Note: An entrance can only be used unidirectionally within one count zone. However, it can be
included in several count zones.
After configuring Counting, you must send the modifications to all access points at
Configuration – Counting – Configure counting. Click the box at Enable counting and then
click Configure. Click OK to exit.
If you select Auto reset enabled, you must also enter an auto reset time. This specifies when
this zone manager’s count zones are reset to zero every day.
If an entrance comprises several access points, opening it manually will open all these access
points. At that moment, another carrier could pass another access point unnoticed (i.e.
uncounted). This will affect the count. This problem can be avoided by using one access point
per entrance.
14 Verification (optional)
Verification is used to check whether the person presenting an identifier is the same as the
person who has been assigned this identifier in AEOS. If you company uses this Verification
option, the ‘announce’ screens contain a ‘Verification’ section, where you can choose one of the
predefined verification options, usually a PIN or fingerprint.
PINs are valid for all badges assigned to one carrier. The configuration at the entrance
determines whether verification is needed at this entrance. If a carrier enters an invalid PIN too
many times, they will be denied access at all entrances if this has been defined as an event
action (see Section 31.1). The denial of access can be lifted at Person – Shared functions –
Unblock carrier (see Section 6.9).
It is possible to register more than one verifier type per person. For instance, a PIN can be
registered which, at some entrances, must be entered in combination with a fingerprint.
Note: In AEOS, an iris scan can only be used as an identifier, not as verification.
14.1.1 PIN
If verification is valid for a limited period, fill in the Date from and Date until fields. Before and
after these dates, access will be denied.
Note: It is not possible to look up a PIN. If a carrier has forgotten his/her PIN, a new PIN has to
be entered on the ‘announce’ screen.
AEOS can also generate PIN codes automatically. This option can be enabled at
Administration – Maintenance – Settings – System properties. If this option is enabled,
Click Generate PIN and then Save.
14.1.2 Fingerprints
If your company uses fingerprints as verification, press the [>>] button to start the fingerprint
reading software. You will see an image of two hands. Click on the fingers to indicate which
fingers are to be enrolled. This information is stored in AEOS with the other carrier data on the
‘announce’ screen. The fingers are represented by numbers, from the left-hand little finger (= 1)
to the right-hand little finger (= 10).
To configure the system to ignore unreadable fingerprints, you must enable Ignore verification
result on the enrolment screen. This means that the carrier must still present his/her finger for
verification and is not aware that AEOS ignores verification. AEOS logs this exception in the
Audit trail where it can be viewed using Monitor – Logbook – View.
15 Contractors (optional)
The Contractors option makes it possible to issue badges to contractors. In AEOS, contractors
are employees who work for companies or organizations that your company has hired to
perform certain tasks. Employees of a company that are hired by one of your contractors are
called subcontractors in AEOS.
With an AEOS Blue license, the Contractor Management option can be enabled at
Administration – Maintenance – Settings – System properties. With an AEOS Classic
license, users must have a license to use the Contractor Management option.
If your company makes use of many external companies, you could opt to manage this data
with the Vendor Management & Permits option. This allows you to link contractors to the
company that employs them (vendors) and to permits (see Chapter 17).
System users can enter and view scheduled visits independently from visitors. Visits are
managed as separate entries.
1. Go to Person – Visitor – Announce to enrol the visitor.
2. In the Visit menu, click on the New button.
3. Enter the contact person, the starting and end dates and times of the visit, select an
authorization template, and, if desired, assign the visitor a parking space.
To change a scheduled visit, click Edit in the Visit menu.
The next screen shows a list of all scheduled visits for this visitor.
This list of visits is also accessible via Person – Visitor – Search visits.
The next screen shows a list of all visits scheduled for this contact person.
Click on the red cross next a vendor’s name to remove. You can only remove vendors that have
not yet been linked to a permit.
Explanatory notes
Name: Unique vendor name.
Code: Unique vendor code.
Vendor type: Choose between All, Main vendors, or Sub vendors (this is
necessary for creating permits, see Section 17.7).
Blocked: Indicates whether the vendor is blocked. Carriers that are linked to a blocked
vendor will be denied access.
Certification: Vendor’s certification. Certification is usually required for performing
specific tasks on site.
Place of business: Where the vendor’s office is located. This is used to distinguish
between different offices of the same firm.
Validity: Shows the beginning and end dates of a period when a contractor (vendor’s
employee) is allowed to work on the basis of a particular permit. Before and after these
dates, access is denied.
Company information
Security Manager Information
With an AEOS Blue license, the Extended Vendor Management option can be enabled at
Administration – Maintenance – System properties. With an AEOS Classic license, users must
have a license to use the Extended Vendor Management option.
8. Click OK to save.
If you are using Vendor Management and Permits and you want to issue a badge to a
contractor, you must enter the vendor who employs this contractor (see Section 5.2).
Violations that have been removed from the list can either be permanently deleted or remain
stored in the database (along with their removal dates). Violations only remain stored in the
database if the ‘Archive violations’ option in the system properties has been enabled. Archived
data can be retrieved directly from the database for reporting purposes. Carriers who have been
issued violations or who have been blacklisted are clearly recognizable by their different
background colour.
If the ‘Display violation data on visitor announce screen’ option has been enabled in the system
properties (see Appendix A), then the number of violations by this carrier will appear at the top
of the ‘announce’ screen. Click on the -icon which appears next to the number of violations to
see a complete overview of all violations committed by this visitor .
19 Intrusion (optional)
You can also use AEOS to manage security components such as intrusion detection and fire
alarms. If you use this option, you can have the system display security events on the event
monitor or allow AEOS to decide which users may turn alarms on and off.
Intrusion – Intrusion areas. Intrusion area names are always formatted as follows:
<AEbcname@AEpuname>. For more information, see the AEOS Advanced Installation Manual.
Note: This function is visible only if you have enabled the ‘Intrusion option visible’ option (21.01)
at Administration – Maintenance – Settings – System properties.
Carrier announce screens will now include an Intrusion section. When announcing a carrier,
you must select the appropriate intrusion template (in the Template field). At Level you must
indicate which rights this carrier has: 0-no intrusion access; 1-Set area; 2-
Set/unset area; 3-Set/unset + request or 4-All functions.
With an AEOS Blue license, the Badge Management option can be enabled at Administration
– Maintenance – System properties. With an AEOS Classic license, users must have a
license to use the Badge Management option.
9. Click OK to save this series or click on Next series to create another series. Click OK to
exit.
The next screen lists all the identifiers in the series you just created, as well as the carriers’
names and first names (or license plate numbers), ID type, the status of their badges (and if
blocked, why: (Defective, Lost, Stolen or Unknown), and any remarks.
Use the audit trail (Monitor – Logbook – View) to see a chronological overview of any changes
made to badges.
Rules are used to automatically assign authorizations to a carrier when the carrier’s data
conform to a particular rule. One example would be a rule that automatically gives access to a
particular part of a building to any employee working in a specific unit.
The rule checks which unit an employee belongs to. If it is the same unit specified in the rule,
AEOS automatically assigns the appropriate template to this employee, providing access to all
entrances in a certain part of the building during certain hours.
With an AEOS Blue license, the Rule Engine option can be enabled at Administration –
Maintenance – Settings – System properties. With an AEOS Classic license, users must
have a license to use the Rule Engine option.
Employee data is often supplied by external HRM systems. The data can be imported into
AEOS from these systems using the AEOS import tool, and can be automatically verified by
AEOS (see Section 6.2).
To delete rules: select the rule(s) you wish to remove and click on Delete selection. The
selected rules and related authorizations are deleted.
The Archive selection button allows you to export the selected rules to a file. Archived rules
can be re-imported at Administration – Rule Engine – Import rules.
The Activate selection and Deactivate selection buttons are used to activate or deactivate
the selected rules.
Remarks:
To edit a rule, you must first select it, then edit it and then click the Update button to save
the changes.
Click Check to check the rule for correct syntax first.
To activate the rule, select Yes at Active.
For the Value field wild charts can be used for strings, see examples below:
o '' will not compile / is not allowed
o '*' or '**' is always true if Value field has at least one character
o '*xyz' searches for string that ends on xyz
o 'xyz*' searches for strings that starts with xyz
o '*xyz*' searches for strings that contains somewhere a xyz
o '*xy*z*' searches for strings that contains somewhere a xy*z (string including *)
stars (*) in the middle of a string are seen as normal characters.
Security level authorizations differ from the regular authorizations for entrance groups set by
means of templates and profiles, but they are not an overall emergency scenario in which
entrances (clustered in Emergency groups) are all locked or unlocked. Security level
authorizations are a refined type of access control, requiring alternative clustering of carrier
groups, entrance groups and authorizations.
Unlike regular authorizations, security level authorizations are not time-controlled. Security
scenarios must be activated manually when they are needed, and deactivated manually when
the situation returns to normal.
Note: When using Security Level Management, one of the existing scenarios must always be
activated, even under normal circumstances. In other words, the regular situation must also be
defined as a scenario. Scenarios apply to the entire AEOS system.
Import a list of groups from a text file or manually create new groups.
To display the Carrier group field on the visitor, contractor and employee ‘announce’ screens,
go to Management – System users – Maintain user role, tab Configuration. Set the values
and other parameters for this field for every carrier type. For more information on maintaining
user roles, see Section 3.2.
When entering an employee, contractor or visitor into AEOS, select the carrier group to which
they belong. Carriers who are not assigned to a group are assigned to the ‘no group’ category
by default.
Note: ‘No group’ and ‘unknown carriers’ are categories that cannot be deleted.
Note: It is possible at all times to see which scenario is active. For quick reference click on the
icon in the top left corner of the screen, directly under the AEOS logo..
By defining Security Scenario filters (Administration – Filters – Security scenario filters) the
administrator can limit the scenarios a user can choose from.
AEOS treats lockers as Access Points. To configure locker management, you must first confirm
the lockers as access points at Configuration – Maintenance – Confirm Access points.
Lockers can then be configured either as an entrance (e.g. a cupboard accessible to various
employees) or as an individual locker assigned to one carrier.
Disabled lockers cannot be assigned to carriers and are therefore not visible on the ‘announce’
screens.
The locker groups defined here will be visible in the Locker group pull-down menu on the
employee, visitor and contractor ‘announce’ screens.
Go to Management – System users – Maintain user, tab User to determine which users may
see and/or assign lockers to carriers. Select the appropriate Locker filter and click OK to exit.
Note: Lockers are assigned to carriers rather than identifiers. Therefore, it is possible to reserve
a locker for someone long before issuing the badge that will be used to open the locker.
Click the Get free lockers button to see which locker groups and lockers are available between
the dates entered.
Select a locker group to see an overview of the available lockers within that group during the
defined period.
Like all AEOS options, LoXS Integration software is available to licensed users only. To check
whether you have the required License option, go to Configuration—License—Info, tab
Software options. The number filled in for Max. lockers with LoXS Integration must be
greater than zero.
To configure and start using LoXS integration, you need to take the following steps:
Ensure that LoXS terminals are correct configured to integrate with AEOS (chapter 24.1)
Confirm LoXS terminals (Access Points) (chapter 24.2)
Create LoXS terminal groups (chapter 24.3)
Create LoXS terminal templates to define authorizations (chapter 24.4) and edit the
templates (chapter 24.4.1)
Assign long-term lockers to carriers or authorize carriers to claim a locker for short-term use
(chapter 24.5)
Create LoXS master users (chapter 24.6) and maintain LoXS master users (chapter 24.7)
Technical operations (chapter 24.8),
o Manual unlock (chapter 24.8.1)
o Blocking lockers (chapter 24.8.2)
o Unblocking lockers (chapter 24.8.3)
o Reloading LoXS terminal authorizations (chapter 24.8.4)
A locker that has been manually unlocked will remain unlocked for the specified length of time.
This unlock time has been set on the LoXS terminal.
System users can only unlock the entrances that are included in the ‘provide access’ filter they
have been assigned at Management – System users – Maintain user, tab Entrances, column
Provide access filter.
These lockers are now blocked. They cannot be opened by carriers until they are unblocked.
In some cases, it can be useful to release (unassign and unblock) a group of lockers at the
same time. This is possible by using the Release button.
1. Go to Entrance – LoXS terminal – (De-)Block or release locker.
2. Select the locker(s) you want to release.
3. Click Release.
4. Confirm by clicking OK.
The locker is now ready to use again.
When this option has been activated, AEOS tracks whether a carrier is present in the selected
entrance zone, and if so, for how long. If the time limit is exceeded, this is logged as an event
which may execute an event action, e.g. ‘issue violation’ or ‘block this carrier’, if so configured.
When this option has been activated, AEOS tracks how many times a badge is presented at
one of the entrances in the selected zone. This allows you to limit the number of movements a
carrier can make. To limit the number of times a carrier can enter the selected zone, select only
the ‘direction in’ entrances in the zone.
If the defined maximum number of movements is exceeded, this is logged as an event which
may execute an event action, e.g. ‘issue violation’ or ‘block this carrier’, if so configured.
AEOS can cope with multi-user operations in handling alarms – an essential capacity in
situations where security and guard duties are performed in shifts or where more than one
control room is involved. The clear protocol and allocation of duties make the handover at the
end of a shift, or from one control room to another, easy and error-free. No alarms are missed.
Each alarm is responded to, confirmed and assigned to a particular guard, while others are
notified. Each of the steps in this protocol is fully logged, allowing system users and their
supervisor to keep track of who responded and how quickly, etc.
The AEOS Alarm Handler works with freely definable alarms, allowing clients to set their own
definitions of which events should generate an alarm. Clients will generally want burglary
attempts to trigger an alarm, but some clients might also consider the presentation of an invalid
badge sufficient reason to generate an alarm. In addition, it is possible to define different
daytime and nighttime alarms for the same door, intrusion component, etc.
Note: One AEpu can be used in various alarm points. For example, if an invalid verification is
entered (event) at a standard access point (component type), this may be qualified as a
low priority alarm. The same AEpu can be used to define an alarm point combining an
unauthorized carrier (event) at that standard access point (component type), which can
then be categorized as a high priority alarm.
3. On the ‘Alarm Handler Instruction Sets’ screen, enter a name for the set.
4. Select the instructions you wish to include from the ‘Selectable’ list box, and move them to
the ‘Selected’ list box.
5. If desired, move the items up or down, or sort them alphabetically to customize the order in
which they will be displayed.
6. Click OK to save.
Defining an alarm handler definition consists of linking instruction sets to alarm points, selecting
a day/time schedule and setting a maximum response time. To define a filter,
1. Go to Configuration – Alarm Handler – Alarm definitions.
2. Click New to define a new filter.
3. On the ‘Alarm Handler Filter’ screen, give the filter a name and add a description.
4. Select a day/time schedule when this alarm is active from the available options.
5. In the bottom frame, select an alarm point you wish to include in, or add to, this filter.
Note: An alarm point can be included in ONE filter only.
6. Select the instruction set you wish to link to this alarm point.
7. Select the appropriate schedule (when the instruction set should be active) from the
available options.
8. Define the maximum response time. If an alarm has not been confirmed within this
timeframe, the alarm is routed to other logged-on users who are viewing events in the same
filter.
9. Click Add.
10. Repeat steps 5 through 9 until you have included all the alarm points you intend to include
in this filter.
11. Click OK to save this filter.
The face will now start, displaying an overview of the alarms as they take place. The window is
divided into two frames.
The top frame will display the alarms as they happen. The bottom frame shows the alarms after
they have been responded to.
If more than one alarm handler definition must be shown, they all must all added at the alarm
handler item of this face.The events in these alarm handler definitions will all be displayed in the
monitor..
Configuring the map alarm handler requires a significant amount of initial setup. The large
number of configuration properties and parameters makes it possible to tune the final Map
Alarm handler Face to a high level of detail.
At the left part an overview is shown of all maps and alarm points (with status indication), the
right part is the map where the state icons are placed. The icons used here can be determined
by the user.
Default some icons, maps, sounds, command templates, status templates and status rule
templates are predefined, just for easy starting.
28.1 Media
The graphical alarm handler uses media items as maps, floorplans, icons status symbols and
sounds. These are free to be chosen by the user and can be loaded at Configuration – Media
– Sounds / Images. The predefined available media can be changed by the user to his own
needs.
Sounds can be any sound, even a spoken text. Format must be .wav
Many of the above entities are re-used, so for each new alarm point many of the pre defined
templates can be used again.
28.4.1 Maps
Maps are attached to a node in the tree. Trees are part of the configuration and consist of
nodes and sub nodes. By adding nodes in the correct level, a hierarchy can be achieved e.g.
country, city, building, floor etc. Several sub nodes can be linked under a node.
For a node a map (loaded at Media – Image) must be selected. In this phase also the Country,
Site, Sub-site and Function labels are assigned to this map. (In the Map point screen, only
alarm points which have the same labels can be selected for placement on this map.)
Sub nodes can be made visible at their above belonging node by just drag and drop this sub
node (from the left part, the tree view) to their correct position on the map (on the right part, the
map view).
Nodes can be easily being moved to another level just by moving the node in the tree view to
the wanted position. All alarm points on the moved node (map) remain on this node.
28.4.2 Status
Statuses are definitions of the different alarm statuses that must be distinguished. Both the
alarm statuses (new, confirmed, suspended etc.) and the electronic/mechanical/technical states
of AEbcs or equipment are defined by assigning a Name, several colors, a state icon (Media –
Image) and optional a sound (Media – Sound).
‘Non system’ statuses can be defined as is idle. As a result, an alarm can only be closed
when the corresponding alarm point is in the is idle status.
For system statuses only (new, assigned, confirmed, suspended and closed) the Continuous
sound for AP with high priority? option can be enabled. As a result, the defined sound for this
status will continuously play for a High priority alarm, as long as its state is not changed by the
operator.
The colors that are defined here are used for the presentation of this alarm on the text part of
the screen.
1. Start by creating a new status rule template:New button, type a name and select a Status
template for the rules to be later created.
The name later be changed by clicking on the number in front of the Edit button.
2. Select the Component group and give it your own name by pressing the Edit or New button
at the Parameters row in the main screen, the component group(s) to be used in the rules
can be selected The defined name will later be shown at the rule selection (not the
component group).
The component groups represent the types of AEbcs for which rules can be created.
Remark: For some component groups predefined inputs can be made (using the Maintain
inputs button). Preferable is to leave this as default and make the link to the corresponding
input at the status completion face (at defining the alarm points)
3. Finally, for each status, define the rules which define the status (Edit button at Rules row).
In front of the Edit button the amount of defined statuses is shown.
Click on the Edit button
Select Status the rule must be created (or changed)
Click on New
At Logic several operators can be added to combine more than one rule. If only one
rule is used, leave this field unchanged.
Select the corresponding Component (as been defined at point 2)
At Status all possible status for this Component group will be shown.
If a status is selected for a variable item (e.g. Input Status for the InputGuard) an
additional screen will allow you to define your own Name for this Status type (and
optionally define a default number, see Remark at point 2)
At Value the occurrence must be selected for this status. This value is the link to the
event that is generated by the AEbcs.
Click OK and the generated rule is added at this screen
Click OK to go back to the different status.
Repeat above procedure for the status you want to use (it is not needed to directly fill all
status)
After OK you will return in the main screen and see the amount of used rules in front of
the Edit button
The generated face can be started by selecting it at Monitor – Faces – Activate. After
activating the correct face the graphical alarm handler is started as a Java web start application.
The initial loading of the maps may take some time (clocks are shown) because the map tiles
must be generated on the server. Once the map tiles are created, starting the Face in later
sessions will be faster
Color settings
Background color camera Background color area mouseout Color area title mouseout
When dragging layer: When moving mouse over area: When moving mouse over title:
Background color dragged layer Background color area mouseover Color area title mouseover
Enable the open camera filter if you want the Face to show the alarm points only when there are
open alarms (new, confirmed, assigned or suspended). This will set the default value for both
the trees and the maps. The open camera filter can also be enabled (or disabled) in the
Graphical alarm handler.
Debug mode
The mouse can be used to zoom (scroll wheel) or move the map (left click + move mouse).
Right mouse button on the map presents menu with following items:
Fit to screen
Refresh ground plan: if a map is not shown correct, the map can be reloaded from the
server
Generate new tiles.
To achieved this there are on several screens at the Alarm handler data an Export and Import
button added. With the Export button the (selected) data belonging to this specific screen can
be saved into a file. With the Import button the saved data can be read into this specific screen.
The Import and Export functionality can also be useful to transfer only some parts of a alarm
handler configuration.
The used data format is an XML file, this file should not be edited.
For more information about this intercom integration, please refer to the AEOS Graphical Alarm
Handler Intercom User Manual.
29 Video Surveillance
The AEOS Surveillance application is a full-featured application for video surveillance in small
and mid-sized locations that can be deployed locally and inter-locally. It is an integrated part of
AEOS.
AEOS Surveillance uses sliding panels to allow for the maximum display of video images. What
doesn’t need to be on-screen can be hidden with one mouse pointer move. What needs to be
on-screen can be pinned there with a single click.
AEOS Surveillance essentially consists of two parts: ‘Live mode’ for viewing real-time video
images and ‘Review mode’ for viewing, analysing and if necessary, safeguarding recorded
video footage. Both modes have various practical functions, which not only enhance ease of
use but also personalise it. The system also generates standardised verification files of video
images saved by users, which can be used to determine the images’ authenticity.
For a short and practical description of all of the application’s options and functions, please refer
to the AEOS Surveillance User manual. For the configuration of users and their permissions,
cameras and their functions, and installing the application itself, please refer to the
AEOS Surveillance Setup manual.
Typically, a guard is sent on a tour with a printed set of instructions, specifying the sequence of
the tour and the actions he/she must perform at each checkpoint. The checkpoints, instructions
and order of the tour are freely definable. Tours can be scheduled to start at designated times,
or started manually at any given time. Tours can be monitored while in progress and analyzed
afterwards by viewing the audit trail.
While a guard is on patrol, you can check his or her progress, or make changes to the tour, by
Monitoring the current Guard Tour (see Section 30.9)
To define an instruction:
1. Go to Configuration – Guard Tour – Instructions.
2. Click New to create a new instruction.
3. Enter a name.
4. In the Instruction memo field, specify what the guard must do. For example, present badge
to badge reader, turn on a light, check the windows in this room, etc.
Note: Even if only one instruction applies, you must put it in an instruction set to be able to
assign it to a tour.
With an AEOS Blue license, the Guard Tour option can be enabled at Administration –
Maintenance – Settings – System properties. With an AEOS Classic license, users must
have a license to use the Guard Tour option.
3. On the ‘Edit Scheduled Guard Tour’ screen, click the […] button.
4. On the search screen, search and select the guard you want to send on patrol.
5. Select a tour in the Guard Tour field.
6. Select one of the available schedules in the Schedule field.
7. Click OK to save and exit.
2. To print a list of Guard Tours, select empty box (= All) in dropdown menu at Guard tour ,
then click on Print.
3. To print a single tour, select a tour and on the next screen, showing the tour’s details, click
on Print.
31 Responses (optional)
The Responses functionality is an expansion of the Event Action functionality in earlier AEOS
versions. It allows you to include programmable responses to a particular event. It is designed
to raise the alarm or notify key people when attempts are made to tamper with authorizations.
Some Responses are for free and are default available.
You can define who will be alerted: the data subject (carrier whose data have been changed or
whose expiry date is coming up); the carrier’s contact within the company; or a – freely
definable – person or group of people (Section 31.4) You can also set which languages are
available for e-mailing and texting (SMS) (Section 31.5).
Where carrier data can be entered, wildcards can be used to select a group of carriers.
For further details on configuring responses to events, see the AEOS Advanced Installation
Manual.
Day/time schedule: select the schedule during which this response is applicable.
Durable: When enabled, AEOS will keep trying to execute an action after earlier
attempts have failed (due to a network error, for example).
Priority: When AEOS has to perform several operations at the same time, prioritized
items will be handled first.
Enabled: check this box to enable the response to event.
Note: Default is set to OFF!
: brings you to the ‘Extra Carrier Info’ screen, where you can fill in search criteria to
define to which carriers the event applies. As with most search screens, wild charts can
be used to select a group of carriers.
5. Click OK to save this Response to Event.
6. Saved Responses will appear in a list on the ‘Response to Event’ screen, where they can
be selected and edited.
Response is triggered when the following user action is performed: check one or
more boxes to indicate when AEOS must respond (i.e. which specific action(s) the user
applies to the category of data selected above will trigger the response):
Create
Replace
Update
Delete
Notify: choose whom is to be notified:
For further details on configuring responses, see the AEOS Advanced Installation Manual.
Action: select the date field in response to which the alarm is raised or the alert is sent
out. You can choose from all carrier date fields in the system, including any free, user-
defined date fields. These are all automatically included in this drop-down box.
Enabled: check this box to enable the response to expiry date.
Respond when: check one or more boxes to indicate when AEOS must respond:
Before/after: choose between Before expiry date/time and After expiry
date/time.
Number of days before/after: fill in the number of days.
Check interval (hrs): fill in how often the system should check for impending
expiry dates.
Number of notifications: number of messages to be sent.
Start time: time when first response should be given.
Notify: choose whom is to be notified:
E-mail or text group
Another individual person
Person involved
E-mail or text groups are defined at Administration – Maintenance – Notification – E-
mail group / SMS group (see Section 31.4).
If you have chosen to notify a group or an indiivdual other than the data subject
(carrier), use the button to search and select the group or person whom you want
to notify.
Notify contact person: if you do not want to notify the data subject, but instead the
carrier’s contact within the company (for example, if the carrier is a visitor), check the
Notify contact person box.
Description: the description given here will show up in the list of configured responses
on the maintenance screen (Configuration – Responses – Response to User
Action).
Default language: allows you to set the default language for the message to be sent.
The message related to the default language is sent if the corresponding language is
not available on the ‘announce’ screen (or no language is available)
Message language: select the language in which the message will go out.
Text/E-mail subject: fill in the subject of the message. This must done for each
language available.
Text/E-mail body: Enter the actual text of the message.
You can use the following wildcards:
o $action: substitutes the user action which has triggered the response.
o $carriername: substitutes the name of the carrier being notified.
o $date: substitutes the current date.
o $time: substitutes current time
o $user: substitutes the system user who has made the change that triggers the
response.
4. Click OK to save.
5. Saved Responses will appear in a list on the Response to Expiry Date screen, where they
can be selected and edited.
Offline Access Control is an AEOS license option providing an interface with e.g. Salto
technology. Salto is a manufacturer of offline access control systems. Such systems have the
advantage of providing basic access control without the need to run cabling to physical
entrances.
In order to use e.g. Salto offline authorizations in AEOS, you need Salto hardware, Salto server
software and a license option to use the AEOS interface. (Licenses are issued per Offline
entrance). For more information check the AEOS Advanced Installation Manual.
A maximum of one card per carrier for the offline system can be issued.
32.3 Linking AEOS Offline entrance data to the Offline entrance data
Use the Synchronise with offline button to load the necessary data from the Offline system
into AEOS (entrances, entrance groups and sometime the templates).
To link AEOS Offline entrances / offline entrance groups to the offline entrances / offline
entrance groups:
1. Create offline entrances and/or offline entrance groups in the Offline system. For more
information on how to do this, see the Offline systems Installation Manual.
2. In AEOS, go to Configuration – Maintenance – Offline entrances. or
go to Authorization – Maintenance – Offline entrance groups.
3. Click Synchronise with offline to load the externally defined entrances/ entrance groups.
4. Click OK to save and exit.
Note: Defining the contents of the AEOS entrance group is not strictly necessary, as the link
between the entrances and the group has already been established in the offline system.
Caution: Do not change any of these properties, unless you have been explicitly authorized to
do so. System properties which are incorrectly set may cause AEOS to malfunction.
Caution: Depending of the AEOS options not all system properties can be visible.
Caution: Changes in system properties may require a log out / log in or a server restart.
01.01 AEOS version: The AEOS software version. This information is also shown at the
bottom of the screen and by clicking on the icon under the AEOS logo top left.
02.01 Default session timeout (min.): The number of minutes after which a user is
automatically logged off if AEOS is not used. This time can be customized for every
user at Management – System users – Maintain user.
02.02 Check AEpu status interval (sec.). Allowed range: 10-3600: Shorter intervals
result in more frequent AEpu status checks, but have a greater impact on AEOS
performance.
02.03 Default identifier state for search: Set default status for identifier type in queries to
Blocked, in use or Replacement in use.
02.04 Enable Identifier label: If enabled, the ‘announce’ screens will include an Identifier
label field in the Authorization section.
02.05 Block menu at right mouse button: When enabled, users cannot access the
context menu (to prevent them from saving photos, for example).
02.06 Delete visitors still having an identifier: If enabled, visitors who have not returned
their badge (or other identifier) can be deleted.
02.07 Display carrier presence on ‘announce’ screens: If enabled, the carrier’s
presence or absence is displayed on the ‘announce’ screens.
02.08 Default value for: Access during holidays: This sets the default value for access
during holidays on the ‘announce’ screens.
02.09 Keep link between persons and vehicles in tact: If enabled, the owner of a car
can only be removed after all cars linked to him/her have been removed.
02.10 Use Identifier type mapping: If enabled, several Nedap identifier types can be
merged.
02.11 Use blocking reason when a replacement is issued: If enabled, system users can
select a blocking reason when issuing a temporary badge. Otherwise, the default
blocking reason is ‘forgotten’.
02.12 Display extra info on contact person: If enabled, authorized users can enter
personal information about contractor contact persons.
02.13 Display the standard mandatory fields in announce: If enabled, you can change
the settings in user roles to allow them to disable mandatory fields.
02.14 Threadpriority of the user system for AEPU synchronization (1-10 ->1 max, 5
normal, 10 min): Indicate which AEpus have priority while updating authorizations.
Particularly useful in large organizations with many AEpus, to ensure that the most
critical AEpus are updated first. For example, a visitor who has just been issued a
badge must be able to leave the lobby, so the AEpu located at this entrance must be
prioritized.
02.15 Seconds to wait between archiving next day (in seconds): Define the interval
between daily archiving to ensure it does not all take place at once and overload
your system.
02.16 Check employee personnel no. for uniqueness: if enabled, the system checks
whether the personnel number entered on the ‘announce’ screen is unique.
02.17 Generate personnel no. for contractor: This determines whether AEOS
automatically generates a personnel number if you enter a new contractor (database
setting).
02.18 Add users and change units only by administrator: Only the administrator can
add users and assign units.
02.19 Progressbar delay (ms): Time (in milliseconds) before AEOS shows a progress
bar.
02.20 Century switch year for 2 digit year in date fields (0..99): This value defines the
switchover point between the 19th and 20th centuries; any number lower than this
value is interpreted as 19xx, any number over this value as 20xx.
02.21 Disable default (OK) button for carrier ‘announce’ pages: This allows you to
disable the <Enter>=OK command on ‘announce’ screens (where a large amount of
data is entered manually), so that OK is only a mouse command on those screens.
02.22 Enable ‘confirm’ pop-up for OK button on carrier ‘announce’ pages: If enabled,
an “Are you sure” text box pops up when clicking OK or pressing <Enter> on an
‘announce’ screen.
02.23 Enable confirm value for external badgenumber input: If your company uses
badges with an automatically read internal number linked to an external number that
must be entered manually, enabling this system property means the external number
must be entered twice (to prevent errors).
02.24 Event monitor pops up in case of alarm: If enabled, the event monitor pops up
when an alarm is raised.
02.25 Use 3M swipe reader: This property needs to be enabled if you use a 3M swipe
reader (workstation device) to read passports (and automatically transfer the data to
the corresponding fields in AEOS).
02.26 Mixed language input: If enabled, different alphabets may be used in combination
(e.g. Hebrew, Arabic, Greek or Cyrillic alongside Latin, for instance).
02.27 Show field <timestamp> in presence list: If enabled, the presence list will display
the time of the carrier’s latest recorded movement.
02.28 Alarm reminder interval (minutes, 0=off):
02.29 Hide expired authorizations: If enabled, the expired authorisations are not shown
in the authorizations overview.
02.30 Remove expired authorizations after xx days (0=off): Delete expired
authorization after stated number of days. This action is performed at 00:02:30. It will
remove authorizations for visits (option Visit Management) and ‘normal’
authorizations for other carriers. Visits will not be removed in case of using visit
management. The removal actions will be logged in the audit trail.
02.31 Default emergency unlock reason:
02.32 Default unlock reason:
02.33 Print search criteria on reports: When reports are printed, the defined search
criteria are printed as well.
02.34 Default card layout of replacement identifier: If a card printer is used, the default
layout for a replacement identifier can be defined.
02.35 Separated person name columns: When enabled this property creates separate
columns for the person’s names. (Name, Initials, Middlename etc). This makes it
easier to handle data that is been exported to another system
02.36 Resolve the host name of the workstation, otherwise IP-address: Sometimes
needed for workstations in situations where the host name cannot be resolved
02.37 Default issue replacement block reason:
02.38 Default withdraw block reason:
02.39 Check contractor personnel no. for uniqueness: Check the uniqueness of the
personnel number for Contractors
02.40 NA
02.41 Remove visitor authorizations on withdraw identifier:
02.42 User login authentication method: Indicates which user authentication method to
03.01 Default template for employees: The default template shown on the ‘announce
employee’ screen.
03.02 Default template for visitors: The default template shown on the ‘announce visitor’
screen.
03.03 Default template for contractors: The default template shown on the ‘announce
contractor’ screen.
03.04 Default template for cars: The default template shown on the ‘announce vehicle’
screen.
04.01 General Default identifier type: Allows you to set the general default identifier type
on screens where an identifier type must be selected.
04.02 Default identifier type for employees: Sets the default identifier type for ‘announce
employee’ screen.
04.03 Default identifier type for visitors: Sets the default identifier type for ‘announce
visitor’ screen.
04.04 Default identifier type for contractors: Sets the default identifier type for ‘announce
contractor’ screen.
04.05 Default identifier type for cars: Sets the default identifier type for ‘announce
vehicle’ screen.
06.01 Visitor announcement after this time will result in an extra day: If a visitor is
announced after this hour, the default visitor’s authorization (see 08.01 below) is
extended by one day.
06.02 Contractor announcement after this time will result in an extra day: If a
contractor is announced after this hour, the default contractor’s authorization (see
08.02 below) is extended by one day.
06.03 Car announcement after this time will result in an extra day: If a car is
announced after this hour, the default car’s authorization (see 08.03 below) is
extended by one day.
06.04 Employee announcement after this time will result in an extra day: If an
employee is announced after this hour, the default employee’s authorization (see
08.04 below) is extended by one day.
07.01 Automatic import person function: Enables the automatic import feature (to
configure this correctly, see the AEOS Advanced Installation Manual’).
07.02 Automatic import person schedule: Select one of the day/time schedules that
were defined earlier.
07.03 Automatic person file import: Interval (min.): Allows you to set the interval
between automatic carrier import runs.
07.04 Automatic person file import start time: Sets the time at which automatic import
commences.
07.05 Automatic person file import enabled: This enables or disables automatic carrier
import from a text file.
07.06 Import is allowed to create template when it does not exist : Enables or disables
the creation of a given template that does not exist in AEOS
07.07 Import is allowed to create entrance group when it does not exist : Enables or
disables the creation of a given entrance group that does not exist in AEOS
07.08 Import carrier: Delete of a contact/owner is allowed: Enables or disables the
deletion of carries by import that is used as contact person or car owner
08.01 Default number of validity days for a visitor: The default number of days that a
visitor’s authorization (and hence his/her badge) is valid. This number is added to the
start date to automatically generate the end date on the ‘announce visitor’ screen.
08.02 Default number of validity days for a contractor: The default number of days that
a contractor’s authorization (and hence his/her badge) is valid. This number is added
to the start date to automatically generate the end date on the ‘announce contractor’
screen.
08.03 Default number of validity days for a car: The default number of days that a car’s
authorization (and hence its badge) is valid. This number is added to the start date to
automatically generate the end date on the ‘announce car’ screen.
08.04 Default number of validity days for an employee: The default number of days that
an employee’s authorization (and hence his/her badge) is valid. This number is
added to the start date to automatically generate the end date on the ‘announce
employee’ screen.
08.05 Default number of days for an additional authorization for an employee: The
number of days that the system adds to the start date (in order to generate an
automatic end date) on the screen where an employee’s individual authorization
profile is edited.
08.06 Default number of days for an additional authorization for a visitor: The number
of days that the system adds to the start date (in order to generate an automatic end
date) on the screen where a visitor’s individual authorization profile is edited.
08.07 Default number of days for an additional authorization for a contractor: The
number of days that the system adds to the start date (in order to generate an
automatic end date) on the screen where a contractor’s individual authorization
profile is edited.
08.08 Default number of days for an additional authorization for a car: The number of
days that the system adds to the start date (in order to generate an automatic end
date) on the screen where a car’s individual authorization profile is edited.
08.11 Visit default start time: For visit management the default start time for a visitors visit
08.12 Visit default end time: For visit management the default end time for a visitor visit
10.01 NA
10.02 Max number of messages in MQ (events): Do not change this value.
10.03 MQ Cleaning Interval (sec): Do not change this value.
10.04 MQ Max messages for Cleaner: Do not change this value.
10.05 Max number of messages in MQ (authorizations): Do not change this value.
Note: Message queue and memory queue properties should be kept at default settings. These
system properties should only be changed after consulting with Nedap or a Nedap business
partner.
11.01 Rule Engine checking interval for new carriers (in seconds): When you add new
carriers, the Rule Engine must apply its rules to these new carriers and send the
modifications to the access points. The value you enter here sets the interval at
which the Rule Engine checks for new carriers.
11.02 Rule Engine wait after processing carrier (in ms) (higher value = better Server
performance but longer processing time): If your system contains many carriers,
the Rule Engine needs a lot of processor capacity to apply its rules. If this impairs
system performance, increase this value to reduce processor load.
12.01 Length of PIN: Required number of PIN characters (database setting, cannot be
changed here).
12.02 NA
12.03 ‘Verification Disabled’ Schedule: The day/time schedule selected here determines
when verification is disabled. This overrides all other settings.
12.04 Default verification method: Select the default method for carrier verification.
12.05 Maximum number of fingers for enrolment: Maximum number of fingerprints to be
enrolled.
12.06 Minimum number of fingers for enrolment: Minimum number of fingerprints to be
enrolled.
12.07 Iris identifier: If you want to use iris scans for identification purposes, select the
(Wiegand) iris identifier type.
12.08 NA
12.09 NA
12.10 Card Encoder Type: The type Sagem card encoder used
12.11 Mifare Card type: Select correct Mifare card type (1K, 4K, etc) that is used to write
data on the card (verification)
12.12 Default number of days for visitor verification: This value is added to the start
date to generate an end date, both of which are automatically entered in AEOS. After
this end date, visitors are automatically denied access.
12.13 Default number of days for employee verification: This value is added to the start
date to generate an end date, both of which are automatically entered in AEOS. After
this end date, employees are automatically denied access.
12.14 Default number of days for contractor verification: This value is added to the start
date to generate an end date, both of which are automatically entered in AEOS. After
this end date, contractors are automatically denied access.
12.15 Default number of days for car verification: This value is added to the start date to
generate an end date, both of which are automatically entered in AEOS. After this
end date, cars are automatically denied access.
12.16 Write extended carrier details on card.: Should carrier data be written along with
Sagem data on the card
12.17 Holiday schedule overrules verification disabled schedule: On holidays the
verification disabled schedule is overruled.
12.18 Total load for biometric data: The number of finger prints that can be loaded in the
system
12.19 Filtered laod for biometric data: The number of finger prints that can be added to
the filter
12.20 Daily load for biometric data: The number of finger prints that can loaded daily
12.21 Biometric filter reload time: The length of time it takes for fingerprints to reload
12.22 Enable biometric filter reload: Enables reloading of fingerprints
12.23 Timeout (in sec) for Sagem Enrollment: The number of seconds time out time
lasts for the enrolment of Sagem finger prints
12.24 Sagem storage on card: Enables storage of fingerprint on the carrier’s Mifare card
12.25 Sagem fingerprint matcher active: Temporarily disables the matcher functionality
12.26 Excluded pincodes (eg. 1111, 4711, etc.): The here defined PIN codes cannot be
used. To prevent people using simple PINcode such as 1234, 1111, etc.
12.27 Type of the used template
12.28 Store finger enrolment action: Indicate that the fact that fingers were enrolled on
card will be marked in AEOS. Be aware: Just the fact that a template is stored is
stored in AEOS, not the template itself is stored in AEOS!
12.29 DES encryption on card: Enable/disable to DES encryption of data on the card
12.30 Generate pincode: The pin code will be generated
13.01 Export events, using event filter: Applies if AEOS is linked to a ‘third party’ system
that processes the AEOS events itself (see the AEOS Advanced Installation Manual).
13.02 Export events, using entrance filter: Applies if AEOS is linked to a ‘third party’
system that processes the AEOS events itself (see the AEOS Advanced Installation
Manual).
13.03 Export events, using Aepu filter: Applies if AEOS is linked to a ‘third party’ system
that processes the AEOS events itself (see the AEOS Advanced Installation Manual).
14.01 Delete visitors without badge(s) after given number of days: Deletes visitors
after leave date has been exceeded by xx days.
Keep this value low if your system deals with large numbers of visitors.
14.02 Delete contractors without badge(s) after given number of days: Deletes
contractors after leave date has been exceeded by xx days .
Keep this value low if your system deals with large numbers of contractors.
14.03 Delete employees without badge(s) after given number of days: Deletes
employees after leave date has been exceeded by xx days.
Keep this value low if your system deals with large numbers of employees.
14.04 Delete cars without badge(s) after given number of days: Deletes cars after leave
date has been exceeded by xx days.
Keep this value low if your system deals with large numbers of cars.
14.05 NA
14.06 Delete visitors after given number of days: Deletes the visitors when leave date
has been exceeded by xx days
14.07 Delete contractors after given number of days. Deletes the contractors when
leave date has been exceeded by is xx days
14.08 Delete employees after given number of days: Deletes the employees when leave
date has been exceeded by xx days
14.09 Delete cars after given number of days: Deletes the cars when leave date has
been exceeded by xx days
14.10 NA
14.11 Erase deleted visitor data after given number of months: Erases visitor data
when removal date has been exceeded by xx months.
14.12 Erase deleted contractor data after given number of months: Erases contractor
data when removal date has been exceeded by xx months.
14.13 Erase deleted employee data after given number of months: Erases employee
data when removal date has been exceeded by xx months.
14.14 Erase deleted car data after given number of months: Erases car data when
removal date has been exceeded by xx months.
14.21 Defines the schedule start time of the delete carrier actions
14.22 Defines the schedule start time of the erase carrier actions
15.01 Automatic vendor import: Enable: Allows you to automatically import a list of
vendors.
15.02 Automatic vendor import: Interval (min.): Sets the interval at which the vendor list
is automatically imported.
15.03 Automatic vendor import: Start time: The time at which automatic vendor import
should start.
17.01 Archive violations: If you use the ‘Violations and blacklist’ feature, you can
permanently store violations that have been deleted from the list in the database,
along with the date on which they were deleted.
17.02 Can blacklisted carriers be deleted: Disable if you want to prevent blacklisted
carriers from being deleted.
17.03 Display violation data on announce visitor screen: If enabled, the ‘announce’
screen will display the number of violations a visitor has been issued.
17.04 Maximum number of violations before blacklisting carrier: This sets the number
of violations after which a carrier is placed on the blacklist.
17.05 Blacklist reason for exceeding maximum number of violations: Indicates the
reason to use when carriers are blacklisted due to too many violations.
17.06 Allow modifying blacklist carrier: Indicates that it is permissible to modify a
blacklisted carrier.
18.01 Visitor announcement start date/time and until date/time will be filled in
automatically: If enabled, a visitor’s arrival date and time are automatically entered
when he/she is registered in AEOS. From the moment you open one of the visitor
screens, the start date and time are updated every sixty seconds. As soon as you
start entering data, updating stops and the time is set.
18.02 Visitor announcement shows a warning when dates are in the past: If enabled,
the system user announcing a visitor will be alerted if he/she enters a date in the
past.
18.03 Visitor announcement start time will be filled in automatically: If enabled the, the
arrival time on the visitor screen will be updated automatically.
18.04 Show a warning when withdrawing a badge from a present visitor: If enabled a
warning is given when a user withdraws a badge while the visitor is still present.
19.01 Events in filter will be logged: Allows you to select an event filter for logging
events.
19.02 Don’t store authorised badge events of visitors from entrances in selected
filter: Authorised badge events of visitors belonging to entrances in this filter will
NOT be stored into the database
19.03 Don’t store authorised badge events of employees from entrances in selected
filter: as 19.02, for employees
19.04 Don’t store authorised badge events of contractors from entrances in selected
filter: as 19.02, for contractors
19.05 Don’t store authorised badge events of cars from entrances in selected filter:
as 19.02, for cars
20.01 Report generation window start: The time at which report generation starts.
20.02 Report generation window end: The time at which report generation ends.
20.03 Report generation enabled: If enabled, reports are generated in the time slot
defined in 20.01 and 20.02.
20.04 Immediate report generation interval (seconds): Number of seconds after which
report generation starts after clicking on the Generate now button.
21.01 Intrusion options visible: If your company uses the Intrusion option, you must
check this box to have AEOS display the intrusion functions in the menus and on the
screens.
21.02 Intrusion (2) options visible : this option should be enabled to be able to use
Intrusion (2)
21.03 Use multiple monitor centre accounts: This option makes it possible to configure
multiple account numbers for reporting area specific events.
22.09 Maximum file size in MB of export photo file (Photos.zip): Maximum file size for
manual exporting photos. If exported data exceeds this file, a message is given and
export to this file is stopped.
23.01 Max. presence time Entrancezone: Select the zone where carriers’ presence time
will be monitored.
23.02 Presence times values (e.g. 30, 60. 120): The number of minutes a carrier is
permitted to stay in the zone selected at 23.01.
23.03 Max. presence time Entrancezone: Select the zone where carriers’ presence time
will stopped being monitored.
24.01 Count movements Entrancezone: Select the zone where carriers’ number of
movements will be monitored.
24.02 Unblock visitor with selected block reason when withdrawing identifier:
Unblock visitor after withdrawal identifiers when block reason is selected one
25.01 Assign locker on date: If enabled, you can limit the period for which a locker is
assigned to a carrier.
25.02 Free field for LoXS user type: the free field that must be used to declare carriers to
be a LoXS master key user
27.01 Default vendor for carrier replacement: The vendor you select here is the default
vendor (mandatory field) for contractors whose carrier type is changed in a ‘change
carrier type’ operation.
27.02 Prevent deletion of vendors assigned to contractors. If active, vendors that as
still assigned to contractors cannot be deleted.
28.01 Query method for field ‘Last name’: Select the query method for ‘Last name’
search operations. Choose between letter combinations (Default), sound
recognition (Soundex), or both (Default + Soundex).
28.02 Query method for ‘Last name Heb’ (special free field): Select the query method
for searching Hebrew last names. Choose between letter combinations (Default),
sound recognition (Soundex), or both (Default + Soundex).
28.03 Query method for vehicle: Select the query method for ‘Vehicle’ search operations.
Choose between letter combinations (Default), sound recognition (Soundex), or
both (Default + Soundex).
29.01 Employee default language: Select the default language for employees.
29.02 Visitor default language: Select the default language for visitors.
29.03 Contractor default language: Select the default language for contractors.
30.01 Offline system: Select the offline system you are interfacing AEOS with.
30.02 Identifier type used by offline system: Select the appropriate identifier type for the
system.
30.03 Free field for validity period: defines the FreeField that holds the validity period of
the badge
31.01 Ask deblock replaced identifier question: When checked, a pop-up dialogue box
will ask system users whether a replaced identifier should be unblocked.
31.02 Always deblock replaced identifier: Check box to enable.
31.03 Withdrawal of a badge is not allowed when carrier is present: When checked,
badges cannot be withdrawn when the carrier is on site (according to presence list).
33.01 AEOS User should also be a carrier: Requires users to be included as carriers in
AEOS
34.01 Default user role for generating user accounts: Only this user role is allowed to
generate user accounts.
34.02 Default user role for generating external user accounts: Only this user role is
allowed for generating external user accounts.
35.01 1. Composed field: To compose printable fields for use on the card/label or receipt.
With these composed fields combinations can be generated from several database
fields and/or fixed text
35.02 2. Composed field: See above
35.03 3. Composed field: See above
35.04 Cardprinter: select identifier to be printed.
35.05 Card layout of replacement identifier can be selected
35.06 Visitor cardprinter project
35.07 Visitor cardprinter layout
35.08 Default visitor card layout of replacement identifier
35.30 Receipt printing must succeed: If active there will be no card issues if no printer is
available for this user.
35.31 Show popup message when the print card job is successfull on announce
screen: Default Off: no popup is shown after card is printed
35.32 Cardprinter selectable: Specify whether the card printer is selectable. Be aware: his
option is only available for DataCard!
36.01 Key cabinet system: Define the Key cabinet system connected with AEOS
36.02 Identifiertype used by Key cabinet system: Defines the badge type used by the
Key cabinet system
36.03 Badge type exclude for Key cabinet system: defines the badge type that is
exclude for the Key cabinet system
37.01 Default template for remotely added employees: Default template assigned to
employees that are added using the Intermediate server solution
39.01 Export visitors: If active export data for visitors will be made available
39.02 Export employees If active export data for employees will be made available
39.03 Export contractors If active export data for contractors will be made available
39.04 Export cars If active export data for cars will be made available
39.05 Export free fields: Export the free fields of the selected carrier types
39.06 Export authorizations: Export the authorizations of the selected carrier types
39.07 Export authorizations incl. entrance group(s): Expand the exported authorizations
to entrance group(s) of the selected carrier types
39.08 Export authorizations incl. entrance(s): Expand the exported authorizations to
entrance(s) of the selected carrier types
39.09 Export authorizations due to template modifications: Export the expended carrier
authorizations due to template modification
39.10 Export authorizations due to entrance group modifications: Export the expanded
carrier authorizations due to an entrance group modification
40.01 Check the validity of the contact person for employees: Should the validity of the
employees contact persons be checked or not
40.02 Check the validity of the contact person for visitors: see 40.01 for visitors
40.03 Check the validity of the contact person for contractors: see 40.01 for
contractors
AEOS Blue system properties that are license options with an AEOS Classic license:
44.01 Alarm handler: Text based tool to handle alarms in AEOS, including work
instructions. The alarm handler shows the actual status of the alarms and who is
handling them. Alarm events can be categorized as critical, high, medium or low
importance.
44.02 Graphical alarm handler: Graphic based tool to handle alarms in AEOS, including
work instructions. The alarm handler shows the actual status of the network
components, the alarms and who is handling them.
44.03 Anti-Passback: Anti-Passback (APB) function per Access Point. To provide one-
card, one-way access into and then out of a secure area. It prevents someone from
using a card to enter a secure area and then passing that card back to someone else
to enter that same area. A distinction can be made between Soft APB (only
registration of APB errors), Hard APB (function described above) and Timed APB
(APB status will be reset automatically after the stated time).
44.04 Contractor management: The Contractor Management feature makes management
and registration of contractors in AEOS possible. It includes tasks such as
announcing and searching contractors, deleting and changing contractor data and
issuing contractor identifiers and verifiers.
44.05 Countgroup in zones (except neutral): This option allows counting administration
for count groups in defined zones. The Count-groups in zones feature makes it
possible to control the number of parked vehicles or to control the number of persons
in an area. This feature is required for every count group in a zone.
44.06 Counting movements (strip ticket): This feature generates an event if the
maximum permitted number of access movements in a specific zone has been
reached
44.07 Filters (Entrance/Area/LoXS related): Filters are required to restrict information in
the AEOS user interface. If no filter is assigned, a user can view all the information
available in the system.
44.08 Guard tour: With AEOS Guard Tour guards can be sent on their rounds while their
progress is monitored from the control room. The control room can check whether
the guard is actually making his rounds and respond to alarms triggered when
irregularities occurs.
44.09 Integration to Milestone: The Milestone Integration feature supports integration
between Milestone’s XProtect Corporate CCTV software and AEOS software from
Nedap. The integration consists of web service-based communication between the
XProtect server and AEOS server.
44.10 Maximum presence time: This feature enables checking and verifying the presence
time of employees, visitors, contractors and vehicles in one particular zone. Expiry of
the maximum presence time generates an event. In combination with Event Actions a
carrier can be blocked.
44.11 Multiple time zones: Multiple time zones for central administration with a single
server concept for multiple units that are located in different time zones.
44.12 Special or invisible badges: Special badges will be shown in a special defined
event monitor. Invisible badges will never be shown.
44.13 Rule engine: The Rule Engine is automatically assigning and/or changing
information and authorizations by means of user-defined rules. It can quickly and
simply couple access authorizations for employees, vehicles, visitors or contractors
to different attributes such as age, department or building. Authorizations can be
applied to individuals or complete groups, locally or across the world. The following
based on its attributes. The user interface is fully integrated in AEOS and actual
registration is based on the software used by the Enrollment Station.
44.34 Enrollment Sagem fingerprint: The enrollment features in combination with an
enrollment station allow registration of person-related biometric identification data
based on its attributes. The user interface is fully integrated in AEOS and actual
registration is based on the software used by the Enrollment Station.
44.35 Sagem fingerprint matcher: The Sagem Fingerprint Matcher feature extends the
Enrolment Fingerprint Sagem feature by adding the option of searching for and
checking fingerprints in the AEOS database. This functionality allows a fingerprint to
be compared with all the other records in the database in order to prevent the
creation of multiple registration records for the same person.
General functions
Logging in .......................................................................................... 2.1
Logging off ......................................................................................... 2.2
Searching for data ............................................................................. 2.3
Switching languages ....................................................................... 2.1.1
Management
System users
Maintain user ..................................................................................... 3.3
Maintain LDAP user template ......................................................... 3.3.3
Maintain LDAP configuration .......................................................... 3.3.3
Assign user to carrier ..............................................................................
Maintain user template Configurations .............................................. 3.3
Maintain user role .............................................................................. 3.2
Change password .............................................................................. 3.1
Maintain tasks ................................................................................. 2.5.1
Change user favorites .................................................................... 2.5.3
Maintain My Queries ....................................................................... 2.5.2
Maintain connected users ............................................................... 3.3.4
Activate disabled account ............................................................... 3.3.2
Assign new password ..................................................................... 3.3.1
Maintain user group ................................................................................
Identifiers
Unblock .............................................................................................. 5.5
Administration
Filters
Entrance filters ................................................................................... 7.6
Locker filter ................................................................................... 23.2.6
LoXS terminalgroup filter .................................................................... 24
Event filter ....................................................................................... 8.1.1
Intrusion area filter ........................................................................... 19.3
Template filters ............................................................................... 3.7.2
Schedule filters ............................................................................... 3.6.2
Count zone manager filters .......................................................... 13.4.2
APB zone manager filters ................................................................ 12.6
Authorization
Maintenance
Templates ....................................................................................... 3.7.1
Offline templates .............................................................................. 32.4
Key templates .........................................................................................
LoXS terminal templates ................................................................. 24.4
Entrance groups ................................................................................ 7.5
Offline entrance group ..................................................................... 32.3
Key groups..............................................................................................
Locker groups ............................................................................... 23.2.2
Day/time schedules ........................................................................... 3.6
Holidays ............................................................................................. 4.6
Intrusion templates .......................................................................... 19.2
Overview
Templates ....................................................................................... 3.7.1
Entrance groups .....................................................................................
Day/time schedules ................................................................................
Person
Visitor
Pre-announce ................................................................................. 6.3.1
Pre-announce yourself ...................................................................... 6.3
Announce.......................................................................................... 6.3
Search ..................................................................................... 6.3.3; 2.3
Delete ................................................................................................ 6.5
Edit ..................................................................................................... 6.6
Search visits ...........................................................................................
Issue identifier.................................................................................... 5.2
Issue replacement ............................................................................. 5.6
Withdraw identifier ............................................................................. 5.3
Withdraw and block identifier............................................................. 5.4
Block identifier ................................................................................... 5.4
Unblock identifier ............................................................................... 5.5
Assign LoXS master key ................................................................. 24.7
Employee
Announce........................................................................................... 6.4
Search .................................................................................... 6.3.3; 2.3
Delete ................................................................................................ 6.5
Edit ..................................................................................................... 6.6
Search visits ...........................................................................................
Issue identifier.................................................................................... 5.2
Issue replacement ............................................................................. 5.6
Withdraw identifier ............................................................................. 5.3
Withdraw and block identifier............................................................. 5.4
Block identifier ................................................................................... 5.4
Unblock identifier ............................................................................... 5.5
Assign locker master key.............................................................. 23.2.5
Assign LoXS master key ................................................................. 24.7
Contractor
Announce........................................................................................... 6.4
Search .................................................................................... 6.3.3; 2.3
Delete ................................................................................................ 6.5
Edit ..................................................................................................... 6.6
Issue identifier.................................................................................... 5.2
Issue replacement ............................................................................. 5.6
Withdraw identifier ............................................................................. 5.3
Withdraw and block identifier............................................................. 5.4
Block identifier ................................................................................... 5.4
Unblock identifier ............................................................................... 5.5
Assign LoXS master key ................................................................. 24.7
Shared functions
Maintain person ................................................................................. 6.6
Identifier
Issue .................................................................................................. 5.2
Issue replacement ............................................................................. 5.6
Withdraw ............................................................................................ 5.3
Withdraw and Block ........................................................................... 5.4
APB
Reset carrier(s) ................................................................................ 12.9
Reset all ........................................................................................... 12.9
Activate ............................................................................................ 12.8
Deactivate ........................................................................................ 12.8
Verification
Activate ............................................................................................ 14.2
Deactivate ........................................................................................ 14.2
Biometric filter .........................................................................................
Vehicle
Car
Announce........................................................................................... 6.4
Search .................................................................................... 6.3.3; 2.3
Delete ................................................................................................ 6.5
Shared functions
Block .................................................................................................. 6.8
Unblock .............................................................................................. 6.9
Access overview ................................................................................ 6.1
Activate auto-block ............................................................................ 6.1
Deactivate auto-block ........................................................................ 6.1
Set special ......................................................................................... 6.1
Reset special ..................................................................................... 6.1
Set invisible........................................................................................ 6.1
Reset invisible.................................................................................... 6.1
Identifier
Issue .................................................................................................. 5.2
Issue replacement ............................................................................. 5.6
Withdraw ............................................................................................ 5.3
Withdraw and block ........................................................................... 5.3
Block identifier ................................................................................... 5.4
Entrance
Entrance
Provide access ............................................................................... 7.4.1
Simulate passage ........................................................................... 7.4.4
Simulate vehicle passage ............................................................... 7.4.4
Provide count zone access .............................................................. 13.5
Configure schedules .......................................................................... 7.2
Reload entrance ............................................................................ 7.4.3
Locker
Provide access ................................................................................... 23
Reload locker ................................................................................ 23.2.4
LoXS terminal
Overview lockers ............................................................................. 24.8
Provide access ............................................................................. 24.8.1
(De-)Block locker .............................................................. 24.8.2; 24.8.3
Reload LoXS terminal ................................................................... 24.8.4
Access point
(De) activate access control .............................................................. 4.7
Configuration
Maintenance
Confirm access points ...................................................................... 3.4
Entrances..................................................................................... 3.5;7.1
Offline entrances ............................................................................. 32.3
Keys ........................................................................................................
Lockers ............................................................................................ 23.2
LoXS terminal groups ...................................................................... 24.3
View configuration ................................................................................ 7
Access points..................................................................................... 3.4
Maintain AEpus ............................................................................... 4.10
APB
APB zones ....................................................................................... 12.5
Reset APB zones ............................................................................ 12.9
APB zone managers ........................................................................ 12.3
Configure APB ................................................................................. 12.7
License
Info .................................................................................................. 2.3.6
Import.............................................................................................. 2.3.6
Zones
Entrance zones ....................................................................... 25.1; 26.1
Counting
Groups ............................................................................................. 13.2
Zones ............................................................................................ 13.2.2
Zone/group ................................................................................... 13.2.3
Reset zones ..................................................................................... 13.3
Count groups reset .......................................................................... 13.3
Count zone managers ..................................................................... 13.4
Configure counting ....................................................................... 13.2.3
Responses
Response to event ........................................................................... 31.1
Response to user action .................................................................. 31.2
Response to expiry date .................................................................. 31.3
Intrusion
Intrusion areas ................................................................................. 19.1
Guard Tour
Print single tour ................................................................................ 30.6
Scheduled guard tour ...................................................................... 30.8
Guard tours ...................................................................................... 30.4
Instructions ...................................................................................... 30.2
Checkpoints ..................................................................................... 30.1
Alarm handler
Alarm definitions .................................................................. 28.4.8; 27.4
Alarm points ......................................................................... 28.4.6; 27.1
State points .......................................................................... 28.4.6; 27.1
Instruction sets..................................................................... 28.4.7; 27.3
Instructions .......................................................................... 28.4.7; 27.2
Maps ............................................................................................. 28.4.1
Map-points .................................................................................... 28.4.9
Status ............................................................................................ 28.4.2
Status Template ........................................................................... 28.4.3
Status Rule Template ................................................................... 28.4.4
Command Template ..................................................................... 28.4.5
Media
Sounds ............................................................................................. 28.1
Images ............................................................................................. 28.1
Monitor
Event monitor
Text events ..................................................................................... 8.1.2
Photo events ...................................................................................... 8.1
Photo event properties ................................................................... 8.1.3
Presence
View presence persons ..................................................................... 8.4
View presence vehicles ..................................................................... 8.4
Events
View log ............................................................................................. 8.2
Logbook
View .................................................................................................. 8.2
Audit trail filter ................................................................................. 8.3.1
Emergency
Lock ................................................................................................ 7.4.2
Unlock ............................................................................................. 7.4.2
Undo ............................................................................................... 7.4.2
Emergency entrance groups .......................................................... 7.4.2
System status
Message subscription overview....................................................... 4.12
Maintain access point modifications .................................................. 4.8
Check AEpu AC Data ........................................................................ 4.9
Faces
Activate ......................................................................................... 10.4.9
Security Levels
Activate scenario ............................................................................. 22.6
SL scenarios .................................................................................... 22.5
SL templates .................................................................................... 22.4
SL entrance groups ......................................................................... 22.3
SL carrier groups ............................................................................. 22.2
Guard Tour
Start ................................................................................................. 30.7
Monitor and edit ............................................................................... 30.9
View audit trail ............................................................................... 30.10
Alarm Handler
View log ........................................................................................... 27.7
Keys
In use ......................................................................................................
My tasks 2.5.1
My Queries 2.5.2
Favourites 2.5.3