Bosch AMS Offline Doors User Manual
AMS Offline Doors
Configuration and Operation
en
Software manual
AMS Offline Doors Table of contents | en 3
Table of contents
1
Introduction 5
1.1 Explanation of terms 5
1.2 Special features of locking systems 5
1.3 PegaSys components 6
2
3
System overview 7
System Components 9
3.1 Workstation 9
3.2 Server 9
3.3 Read-write units 9
3.4 Card 9
3.5 AMC2 4R4 Controller 9
3.6 Access control readers 9
3.7 Read-write unit at the workstation 9
3.8 System cards 9
3.9 Mobile read-write unit (optional) - timesetter 10
3.10 PegaSys - door terminal/cylinder 10
4
Offline Doors - Device Data Editor 11
4.1 Adding hardware components 11
4.2 Configuring the read-write unit 12
4.2.1 Changing the reader type 14
4.3 Dialog read-write unit 15
5
Offline Doors - Configuration dialog 17
5.1 Getting started 17
5.2 Locking systems 17
5.3 Configuring locking systems 20
5.3.1 Systems (PegasysSystem) 20
5.3.2 Door groups 24
5.3.3 Doors 25
5.3.4 Time models 29
5.3.5 Holidays, holiday periods, daylight saving time 31
5.3.6 Writing time cards 34
5.3.7 Updating the date and time 34
5.4 Event-log (booking) cards 35
5.5 Possible data structures 36
5.6 Batteries 36
6
7
Offline Doors - System limits 40
LED display signals 41
7.1 Display with explanations 43
7.1.1 Signals for user cards 43
7.1.2 Special signals 44
7.1.3 LED displays for mobile read-write device 46
8
Offline doors - Managing Personnel Data 48
8.1 Adding personnel data 48
8.2 PegaSys - Blocked cards 51
8.3 Online/offline access authorizations 52
8.4 Offline data on Temporary cards 52
8.5 Personnel classes - Validity period 53
8.6 Status bar in main access control system 53
Bosch Security Systems
Software manual
2021-02 | 3.0.1.1 |
4 en | Table of contents AMS Offline Doors
8.7 Lists for offline data 54
8.7.1 PegaSys data in online reports 55
8.8 Special settings 55
9
Offline doors - Description of Procedures 56
9.1 Data creation 56
9.2 Access 56
9.2.1 Write process 57
10
Offline doors - Application Examples 59
2021-02 | 3.0.1.1 |
Software manual
Bosch Security Systems
AMS Offline Doors Introduction | en 5
1 Introduction
The PegaSys locking system is an offline system used to secure objects that cannot, should
not or must not be monitored online.
Offline systems are normally used where the lack of a need for continuous synchronization
makes the high availability of individual components unnecessary, where the terrain prevents a
direct connection (e.g. excessive cabling distances between installations) or where the
installation of online components would be too expensive. In comparison with conventional
locking systems (security locks with specially manufactured keys), the advantage of offline
systems is that significant investment costs are only incurred when installing or extending the
system. Locks and keys do not need to be updated or replaced (e.g. in the event of loss or
theft), as the software can deactivate the units concerned (badges) and thus render them
unusable.
Suitable objects for offline systems are generally installations with a number of individual
rooms to secure, such as hotels, student residences and hospitals.
PegaSys components are integrated into the access control system and managed from there.
1.1 Explanation of terms
In order to differentiate between the individual access control components, the following
terms are used for the various components:
– Access control system
This refers to the online components
– The data management level (dialog system, database, event log etc.).
– Access controllers, which grant or deny access on the basis of data received from
the data management level.
– Readers, which read the data from the cards and forward it to the controllers.
– Locking system
The offline system elements (by contrast, the term system refers to only a subset of the
locking system.)
– Cards, which contain the authorization data.
– Door terminals, which grant or deny access on the basis of the authorization data
read from the cards.
The locking system as an integrated unit also makes use of the access control system's
dialogs, access controllers and readers.
1.2 Special features of locking systems
In access control systems, code data is read off the card and stored in the database in
combination with the personnel data and access authorizations. When scanned at an access
control reader, the code number is read again and compared with the stored data. If this
check is positive, the person in question is granted access.
A connection to a data storage element of the system (i.e. online system) is therefore
essential.
With offline systems, access authorizations for certain doors are stored on the card. When
scanned, these authorizations are read and checked as to whether they contain the
identification for the door concerned and are up-to-date.
The offline variant poses a basic security risk, as it is essentially impossible to prevent misuse
in the event of loss or theft. In online systems, misused cards can be blocked, deleted from
the database or assigned an expiration date, whereas offline systems offer no means of direct
Bosch Security Systems
Software manual
2021-02 | 3.0.1.1 |
6 en | Introduction AMS Offline Doors
intervention. However, in order to keep the risk of misuse as low as possible, the
authorizations are assigned an expiration date/time. At this deadline, the authorizations lose
their validity. In order to reactivate them, the validity period must be extended. This is carried
out via a special reader with write capability. If the authorizations have not been deleted or
blocked in the meantime, they are extended or renewed when the card is scanned at this
online reader.
1.3 PegaSys components
When the offline locking system is installed, the following applications and extensions are set
up:
– Software
– Configuration dialog for PegaSys
This application is used to set up the systems and make all the general settings (e.g.
validity period), create time models, and configure doors and door groups.
– AMS Dialog manager > Configuration > Device editor
– When door models are created, write capability can be activated and configured on
the Additional settings tab.
– Persons > Cards in the dialog manager
This dialog contains an additional tab called PegaSys, where you can allocate
authorizations for the locking system.
– Reports > Master data lists > PegaSys persons
Lists about equipment and allocation of authorizations for offline doors can be
created using different filter and search criteria.
– Hardware
– System cards
System cards are used to initialize the door terminal and to update data (e.g.
blacklists).
– A read-write device for user cards and system cards must be connected to the
workstation(s) at which PegaSys data is processed.
– A mobile read-write device (timesetter) for the time stamp which in turn is used to
update/initialize the door terminals (optional).
– Terminals to read the user and system cards at the doors in the offline locking
system.
2021-02 | 3.0.1.1 |
Software manual
Bosch Security Systems
AMS Offline Doors System overview | en 7
2 System overview
Bosch Security Systems
1. Workstation
2. Server with configuration application and database
3. Access control reader with write unit
4. Card - for both systems
5. AMC2 access controller
6. Access control readers
7. Dialog read-write unit for online and offline data
Software manual
2021-02 | 3.0.1.1 |
8 en | System overview AMS Offline Doors
8. Various system cards for the locking system
9. Mobile read-write units for date/time stamping
10. Door terminal/cylinder with read unit
When the PegaSys locking system is integrated with a Bosch access control system, certain
components are used by both systems. The gray area in the diagram above contains the
system components that are used by both the access control system and the locking system.
2021-02 | 3.0.1.1 |
Software manual
Bosch Security Systems
AMS Offline Doors System Components | en 9
3 System Components
3.1 Workstation
The same dialog interface [1] is used to create and view personnel data in the access control
system and the offline locking system. Access authorizations for both the main access control
system and offline system can be assigned simultaneously.
3.2 Server
The software for the access control system and the locking system runs on this computer [2].
The Configuration Browser for the BIS system is also used to configure the readers [3] for the
locking system.
PegaSys data is managed in special tables of the database of the main access control system.
3.3 Read-write units
At least one read-write unit [3] must be available. Ideally, these are placed at entrances that
are used on a frequent basis (e.g. the main entrance) so that authorization for the locking
system is extended at the same time as access is granted to the secured facility.
However, it is also possible to install these readers at special locations, independently of the
access control system, so that PegaSys rights are not extended automatically but have to be
obtained specially.
3.4 Card
The offline locking system does not require its own special cards [4]. The data required for the
locking system is written to dedicated sectors of the access control card.
3.5 AMC2 4R4 Controller
An AMC2 4R4 [5] (=access control panel with RS-485 reader interface) is required for the
DELTA 7020/1000/1010 [3] that is used as a read-write unit for the locking system.
The readers dedicated solely to access control [6] can use any protocols and read procedures,
and can be operated with any AMC2 variant.
3.6 Access control readers
These readers [6] have nothing to do with the locking system; they simply regulate access
requests in the access control system. Cardholders who are able to use the doors in the
offline locking system [9] can also have authorizations for doors in the online access control
system.
3.7 Read-write unit at the workstation
This device [7] is connected directly to the workstation computer via a USB interface and is
used to transfer authorizations to user cards and system-related data (e.g. door and time
initialization data) to special system cards [8]. It can be used simultaneously as an enrollment
reader for cards from the online system.
3.8 System cards
Special system cards [8] are required to transfer access data - e.g. initialization data - to the
door terminals [9].
The following system card types exist:
Bosch Security Systems
Software manual
2021-02 | 3.0.1.1 |
10 en | System Components AMS Offline Doors
Facility cards
This card contains general system data such as system identification code, data type and
record size. It is used as an "initialization card" both for the software and for each door
terminal.
Door initialization cards
Used for transmitting door data to the relevant door terminal.
Time initialization cards
Used for transmitting time models and the time to the door terminals.
Clock initialization cards
Used exclusively for transmitting the clock time (date and time accurate to the minute).
Blocking cards
Information about blocked cards can be transmitted to the door terminals using these cards.
Booking cards
Access data saved in the door terminals can be retrieved and transferred to the database
using this card type.
Battery-replacement cards
Cylinders cannot be opened for a battery change (for example) until a battery-change card has
been read correctly.
Disassembly cards
The cylinder cannot be removed from the door fitting until a disassembly card has been
scanned at the door.
3.9 Mobile read-write unit (optional) - timesetter
In order for the times to be updated, particularly following a power failure at the terminals,
this unit writes the current date and time to clock initialization cards. These cards can then be
used to reset the terminals.
3.10 PegaSys - door terminal/cylinder
This read unit checks the identification of an individual door or its group against the access
rights for the cardholder.
The access rights on the badge must be continually updated via special readers with write
capability [3].
If emergency access is required, e.g. if the electronics fail, the terminals also have mechanical
cylinder locks.
2021-02 | 3.0.1.1 |
Software manual
Bosch Security Systems
AMS Offline Doors Offline Doors - Device Data Editor | en 11
4 Offline Doors - Device Data Editor
Readers with write capability are used for the offline system to load authorizations to the
card. They can also be used in parallel as access control readers.
4.1 Adding hardware components
Open the Device Editor.
– AMS Dialog manager > Configuration > Device editor
1. Select the entry MAC in the device overview.
2. Select the option New object ... in the popup menu .
3. Select the entry AMC2 4R4 in the selection dialog for the controller.
Bosch Security Systems
4. Select the option New object ...> from the popup menu for the new controller New
entrance.
5. Choose the desired door model from the selection list.
6. Select the entry DELTA7020 for at least one reader.
Software manual
2021-02 | 3.0.1.1 |
12 en | Offline Doors - Device Data Editor AMS Offline Doors
The following readers can be used as read-write units for PegaSys authorizations
– DELTA1000 (with special firmware)
– DELTA1010 (with special firmware)
4.2 Configuring the read-write unit
If this reader is also used as an access control reader you may configure it as such. For further
information about the relevant parameters, please see the online help for the online access
control system.
Parameters for extended reader functions, which can be used to configure the settings for
the locking system, have been combined on the Offline Locking System settings tab.
2021-02 | 3.0.1.1 |
Software manual
Bosch Security Systems
AMS Offline Doors Offline Doors - Device Data Editor | en 13
Reader function Read only (= default setting)
This reader is purely an access control reader
and is not part of the locking system.
All other parameters in this area are
deactivated.
Read/Write
This reader has access control functions and
is also activated for the locking system.
Activation of the following functions.
The drop-down list is only enabled when the selected reader
type is a DELTA 7020.
The Read only setting prevents readers from using the Write
function at certain times, for example, when offline system
components are not available or (in cases where several writecapable readers exist) when only a select few are to have writecapability, such as during peak periods of use.
Write to card
only
The access control and door control functions
for the online system are deactivated.
Deactivated (check box is cleared (default
setting)): The usual access control checks are
performed after data is written to the card.
Activated (check box is selected): No access
control performed after data is written to the
card.
This check box should be selected if the reader is only used as
a read-write unit for the offline system. Otherwise the
additional signal traffic would cause unnecessary delays.
Access even with
write error
Access control (in the online system) does
not depend on the success of the write
process (in the offline system).
Access control is performed even after
unsuccessful write attempts.
Deactivated (check box cleared): If it is not
possible to write to the card, access is also
denied.
Activated (check box is selected (default
setting)): The write process has no impact on
the access control.
Bosch Security Systems
Write to card
only if authorized
Rights for the locking system will only be
written to the card if the cardholder has
(online) access authorization for the
entrance.
Deactivated (check box cleared (default
setting)): Data is always written to the card.
Activated (check box selected): Data is only
written to the card if valid authorization is
present.
Software manual
2021-02 | 3.0.1.1 |
14 en | Offline Doors - Device Data Editor AMS Offline Doors
If the check box is selected the write process will be prevented,
even if authorizations are only temporarily suspended (e.g. by a
time model).
Only write if LAC
online
The rights are only written to the card or
updated when the Local Access Controller
(LAC) is guaranteed to have received the
latest data from the access control system.
For security reasons any deletions due are
always performed.
Deactivated (check box is cleared (default
setting)): Data is always written to the card.
Activated (check box selected): Data is only
written when there is a connection between
the controller and MAC.
If this check box is selected and the check box Access even on
write error not selected, then the online system denies access
if the LAC/MAC link is broken and the card's offline data is not
up-to-date.
Rule for writing In the default setting, the validities are
extended when two thirds (66%) of the
validity period specified for the person has
expired. See also
rules, page 58
Example of default writing
.
This parameter can be used to extend validity
periods by individually specified amounts.
Possible values:
Locking system specification
Always write
[when ... of the validity period has expired:]
16%, 33%, 50%, 66%, 83%, 100%
Locking system specification - see
4.2.1 Changing the reader type
As a rule, readers with write capability are installed at major entrances (e.g. as the entry
reader at the main entrance), so that when personnel enter the site in the morning, the access
rights for the locking system are automatically updated.
When refitting an installation with PegaSys, at least one reader in the facility must be replaced
with a write-capable reader. The Device Editor does not allow the subsequent modification of
door models and their readers.
Staying with the example of the entrance reader at the main entrance, the existing entrance
would need to be deleted and a DELTA 7020 reader added in its place.
If an existing entrance is deleted it is also removed from all access authorizations. All
authorizations would therefore need to be added to the new entrance.
To avoid this laborious and error-prone process, the drop-down list Type has been added to
the first page of the reader configuration.
2021-02 | 3.0.1.1 |
Standard validity, page 21
Software manual
.
Bosch Security Systems
AMS Offline Doors Offline Doors - Device Data Editor | en 15
This drop-down list is set up for all readers so that replacements can be configured by
selecting and assigning the type DELTA 7020, without the need to delete existing entries.
4.3 Dialog read-write unit
In contrast to the online system, where a card number can also be entered centrally, offline
data can only be transferred to or read from a card by peripheral read-write units. These readwrite units can be either dialog readers connected directly to the workstation or access
control readers (e.g. DELTA 1000, or DELTA 1010).
The dialog reader for writing and reading system and user cards from the offline system, as
well as recording card data for the online system, is installed using the online system.
– AMS main menu > Configuration > Options > Card reader
– Select the relevant workstation in the Workstations field.
– In the Type drop-down list, select the PegaSys reader that corresponds to the card-type
used.
Reader name Reader type Coding
PegaSys-MF-BC-USB MIFARE Classic Bosch Code
PegaSys-MF-SN-USB MIFARE Classic Serial number
PegaSys-MFDESFire-BCUSB
MIFARE DESFire
EV1
Bosch Code
Bosch Security Systems
PegaSys-HITAG-BC-USB HITAG1 Bosch Code
PegaSys-HITAG-SN-USB HITAG1 Serial number
PegaSys-Legic-BC-USB LEGIC Prime Bosch Code
PegaSys-Legic-SN-USB LEGIC Prime Serial number
Software manual
2021-02 | 3.0.1.1 |
16 en | Offline Doors - Device Data Editor AMS Offline Doors
Reader name Reader type Coding
PegaSys-LegicAdvant-BC-
LEGIC Advant Bosch Code
USB
Restart the access control system to make the selected reader available in the personnel data
dialogs of the access control system.
2021-02 | 3.0.1.1 |
Software manual
Bosch Security Systems
AMS Offline Doors Offline Doors - Configuration dialog | en 17
5 Offline Doors - Configuration dialog
5.1 Getting started
After the PegaSys component is installed, the configuration dialog for the component is
located in the System data menu of the Dialog Manager of the access control system, and can
be opened by clicking the
button.
5.2 Locking systems
During installation the Locking systems node is added as a base entry in the explorer tree
(left dialog pane). Autonomous systems that operate independently from one another can now
be set up under this entry.
Setting up systems
– Select the base entry Locking systems.
Systems that have already been set up appear in a list on the right hand side.
Bosch Security Systems
– Click the button (above the list field) to set up additional systems.
Software manual
2021-02 | 3.0.1.1 |
18 en | Offline Doors - Configuration dialog AMS Offline Doors
Name Give the system a unique name.
This information also appears in the access
rights dialog.
Location This information appears in the access rights
dialog.
Division If you have set up divisions, you can also
assign the individual systems to one of these
divisions.
Type "PegaSys" - is card is the only one supported
offline locking system for now.
Card type Display field (HITAG1, MIFARE classic, LEGIC
prime and LEGIC advant) - is informed by the
connected read-write device.
– Place the facility card for this system on the read-write unit and then press the Read
facility card button.
2021-02 | 3.0.1.1 |
When a facility card is read, the system offers to create a working copy. This option should be
accepted at least once for each facility card to guard the original from accidental overwriting
or loss.
Software manual
Bosch Security Systems
AMS Offline Doors Offline Doors - Configuration dialog | en 19
i
i
Notice!
Automatic data correction, and consequences
If data unsuitable for the size of the record is added to the card, a message appears after the
facility card is read indicating that the data has been corrected automatically.
In this case a new facility card must be written and the door terminals reinitialized with it.
Click Yes to confirm that a new facility card should be written.
A list entry and another Explorer entry with the specified name are generated. Depending on
the version of the facility card read, the Explorer entry contains a different number of
subentries required to configure the system - see also
Configuring locking systems, page 20
.
Notice!
List entries with a white background can be modified at any time. As an additional indicator,
the mouse pointer changes when moved over one of these fields:
Double-clicking in the relevant list field activates write mode - press the ENTER key to exit the
field after making any changes.
The number of licensed door terminals is displayed under the list field for the individual
systems.
This value is the upper limit for all of the locking systems. The basic version of PegaSys
includes 25 door licenses with the software. The number of licenses can be increased in
multiples of 25.
Overwriting the card type
When overwriting system cards, a confirmation prompt appears once for each system card
type - after that, the card is overwritten without further warning.
Bosch Security Systems
Software manual
2021-02 | 3.0.1.1 |
20 en | Offline Doors - Configuration dialog AMS Offline Doors
Deleting systems
Selected list entries can be removed again using the button.
Click Yes to confirm that you wish to delete the system.
5.3 Configuring locking systems
A system is configured in four steps which can be invoked from the corresponding tree node.
Each type of node has its own icon; the icons of selected nodes contain a yellow checkmark.
Explorer node Icon When selected
<System name>
Door groups
Doors
Time models
The following sections describe which settings are configured, where and how.
5.3.1 Systems (PegasysSystem)
Specified system parameters and the data read from the facility card are displayed in the list
window for this entry.
Locking system Name of the system as specified
at setup.
2021-02 | 3.0.1.1 |
Location Name of the location as specified
at setup.
Type PegaSys-<Version no.>
Object number Customer-specific code
Software manual
Bosch Security Systems
Loading...