Versions Compared

Old Version 9

changes.mady.by.user Anand Rajaraman

Saved on

compared with

New Version Current

changes.mady.by.user Del Gonzalez

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • The FED Unlimited Edition of Velocity must be updated to the version 3.6 SP2 or later release, and you must obtain a license for the Velocity Certificate Checking Service (version 3v3.6.5.108 or later)

  • Each controller running in FICAM mode must include a SNIB3 communications expansion board Communications Expansion Board (with SNIB3 firmware version 2.01.0005 or later) and an RS-485 Readers Expansion Board (RREB), or have the equivalent functionality built onto the mainboard

  • M2, M8, Mx, Mx-1, or Mx-1-ME controllers (CCM firmware version 7.5.63 or later)

  • To enroll PIV, PIV-I, or TWIC cards into Velocity, you also need a smart card reader with contacts (such as Identiv's SPR332 v2.0 Secure Class 2 PIN pad reader)

  • New FICAM-capable RS-485 card readers (such as Identiv’s uTrust TS Government readers, Veridt’s Stealth Bio, or Stealth Dual readers) are required

  • FICAM uses larger data structures that require more memory per credential, you should consider adding a memory expansion board to each controller running in FICAM mode or the user can switch to SNIB3 DB mode for extra user capacity

  • For more information about Identiv’s FICAM Solution, see the following Web page:

...

  1. Contact Identiv to purchase the VCCS

  2. Obtain the installation file for the VCCS from Identiv, and copy it to your Velocity Server

  3. Locate the installation file (such as VelocityCertService_3x.8x.4x.41xx.exe), then right-click on it and choose the “Run as administrator” command from the pop-up menu

  4. While running the VCCS setup, a dialog appears displaying the ValidationSystemID as shown. Please make a note of this ID.

If your Velocity system is already running the previous certificate checking service provided by Identiv’s Professional Global Services Group(IGS), the installer will automatically upgrade your system to use the new Velocity Cert Check Service, and your existing configuration settings will be migrated from the config.xml file into the Velocity database.

...

If you have forgotten to make a note of the ValidationSystemID while running the VCCS setup, follow the steps 1 till to 3 below to get the System ID.

...

  1. Click on the menu button in the upper left corner of Velocity’s main window.

  2. Click on the Preferences button at the bottom of the drop-down menu.

  3. On the General tab of the resulting Velocity Preferences dialog, check the Enable the FICAM Mode checkbox.

    For more details about FICAM Degraded Mode Timeout, refer to the Velocity help pages under Home -> FICAM Solution -> Enabling FICAM Mode and Specifying the FICAM Degraded Mode Timeout setting.

  4. Restart the Velocity client and all Velocity Services for the configuration to apply.

...

  1. From the Enrollment Manager’s menu bar, choose the Tools > User Defined Fields… command.

  2. On the User Defined Fields page of the resulting User Defined Setup dialog, tab create the user-defined fields needed for the data of a PIV card, with the Caption and Type specified.

  3. When you are finished creating the user-defined fields, click the OK button.

  4. From the Enrollment Manager’s menu bar, choose the Tools > Preferences command.

  5. On the General page of the resulting Preferences dialog, tab click on the drop-down list in the UDF Name Parsing section and select the user-defined field you created earlier for the Full Name, then click the OK button.  (This text data will be parsed into separate First Name, Middle Name, and Last Name fields.)

  6. Click the OK button on the message dialog informing you that these changes will not take effect until after the Enrollment Manager has been restarted, then close and reopen the Enrollment Manager.

...

  1. In Velocity’s main window, expand the System Tree (in the left pane of the Administration module) to display the Velocity Configuration > Credential Templates folder, and click on that folder.

  2. In the right pane of the Administration module, double-click the Add New Template item.

  3. In the New Credential Template Properties dialog, specify the appropriate values on the General page.

    1. In the Description field, type a unique descriptive name for this new credential template

    2. From the Badge Template drop-down list, select (None) because you will not be creating new printed badges

    3. From the IDF drop-down list, select an entry that includes Card

    4. From the card Type drop-down list, select 200-bit FASCN

    5. Click on the UDF… button (on the right of the Data field)

  4. On the Concatenate FASCN UDFs dialog, select the corresponding numeric UDF (previously defined in Creating the User-Defined Fields for a PIV Card) from each drop-down list, then click OK.

  5. For creating a credential template for PIV-I smart cards, follow steps 1 till to 3. In the Concatenate FASCN UDFs dialog, for UDF field selection on Agency Code, select 'UUID' from the drop-down for PIV-I card.
    Unlike the PIV cards, the PIV-I cards accept only one UUID value.

Setting up the Door Properties

The RS-485/OSDP reader configuration for FICAM must be configured for an entry reader or exit reader.

FICAM-Related Options on the Setup (or General)

...

Tab

The fields and options that appear on this setup page Setup tab vary somewhat depending on which value is selected for the Reader Interface option. For example, When when the RS-485 RS485 Interface value is selected for the Reader Interface option, the RS-485/OSDP group of fields and options appear:

...

FICAM-Related Options on the Card Reader Setup

Select the RS-485 RS485 Interface value for the Reader Interface option on the Setup pagetab, to display the following version of the Card Reader Setup page tab as below.

...

  1. Select the appropriate Custom Card Codes from the drop-down to remap the data. Only those card data maps previously defined for this system appear in this drop-down list.

  2. For FICAM, select Hex Pass-Through (NP) option in MATCH Algorithm (any bits).

  3. Check Enable Keypad only if the reader includes a keypad for entering PIN codes.

  4. For FICAM, select PIV-I/PIV-C, 32 Hex Digit UUID option in Fixed bit length cards.

  5. For FICAM, select either 200 bits in, 32 digits out or 128 bits in, 32 digits out in PIV Card (FASCN handling).

  6. Click OK. The Reader configurations gets downloaded to the controller.

  7. Reopen the Door Properties window.

  8. If secure OSDP reader type is used, then Goto Entry Reader->Card Reader Setup tab and click the Initiate Secure OSDP Connection button as shown.

  9. The reader restarts and comes back online. Click OK.
    The reader firmware version is available in the General tab.

...

  1. Open the Microsoft Management Console (MMC) by clicking Start-> Run-> type mmc and hit [Enter].

  2. In the Console window, choose File-> Add/Remove Snap-in..

  3. Under Available snap-ins, select Certificates and click Add then click OK.

  4. Select Computer Accountaccount and click Next.

    Image RemovedImage Added

  5. Click Local computer: (the computer this console is running on) and Finish.

    Image RemovedImage Added

  6. On the resulting Console window, select Certificates (Local Computer)-> Certificates-> More Actions-> All Tasks-> Import..

  7. In the Certificate Import Wizard window, click Next to continue to import the certificate.

  8. Select Browse to import the certificate and click Next.

  9. After choosing the Security type files. Click Next to proceed to Completing the Certificate Import Wizard window and click Finish as shown.

  10. The successful certificate import wizard window appears. Click OK to close the wizard.

...

To enroll PIV, PIV-I cards in Velocity, a contact smart card reader with contacts is required. At the card enrollment station, set up a contact smart card reader with contacts, such as Identiv's SPR332 v2.0 Secure Class 2 PIN pad reader.

...

  1. From the Enrollment Manager’s menu bar, choose the Tools > Device Configuration… command.

  2. On the Device Configuration dialog, select PIV Reader tab.

    1. Make sure that the Enable PIV reader(s) option is checked.

    2. Make sure that the Default Card Type is set to FIPS 201 Contact.

    3. Click the Map UDF Fields… button.

  3. On the Map UDF Fields window:

    1. Select the Auto Map button to automatically map between like-named data objects on a PIV card and the corresponding user-defined fields that you created earlier in the UDF setup dialog previous.

    2. To manually map fields, click on an entry in the Document Field list, and drag it onto the corresponding entry in the UDF Field list.

    3. After you have finished specifying all of the mappings, click the Apply button, and then click the Close button.

  4. Back on the Device Configuration dialog, click the OK button.

  5. Click the OK button on the message dialog informing you that these changes will not take effect until after the Enrollment Manager has been restarted, then close and reopen the Enrollment Manager.

...