5.7 Anti-Passback

The Anti-passback function enhances the access control system with monitoring of unauthorized re-entering of a reserved space. The areas to be monitored are delimited by edge devices which monitor all entries and exits. These devices check the authorizations of the passing persons as specified for the areas monitored.

List of Areas

The tab provides a list of all Anti-passback areas created in the system. Use the tab to create, delete and show details of the areas as well as deactivate and show states of the areas.

  • functional
  • non-functional

Exceptions

Use the tab to add and remove the users to which no Anti-passback rules are applied. 

Note

  • Typically, the exceptions are used for:
    • CEOs
    • building managers
    • VIP users

Settings

Settings applies to all the Anti-passback areas.

  • Type – set the Anti-passback type:
    • Soft Anti-passback – no Anti-passback area access is limited if the rules are broken; the event is only logged with an optional administrator notification.
    • Hard Anti-passback – the Anti-passback area access is limited temporarily or permanently and unblocked as a result of the time limit, system administrator's instructions or exit passage.
  • Notify blocked user via email – the Anti-passback rule-breaking user is sent an information e-mail.
  • Notification settings – switch to the Notifications section.
  • Reset – set the day/time on which the Anti-passback log is deleted, i.e. when all the users are allowed to pass regardless of the previous Anti-passback breach.
  • User timeout – set the timeout in which the user will be allowed to re-enter after its previous Anti-passback breach.

Anti-Passback Area Detail 

When Anti-passback is set up incorrectly and thus limited in function, the error list is written out automatically. Use the detail to activate/deactivate the function and edit the Anti-passback area name.

  • Error list – display the list when an Anti-passback error occurs.
  • Activate Anti-passback – use this parameter to activate/deactivate an Anti-passback area.
  • Anti-passback area name – edit the Anti-passback area name.
  • Authorization check – check the Anti-passback area entry/exit direction.
    • On entry – check authorization on entry. On entry disables an Anti-passback area entry without prior exit.

Caution

Most frequent Anti-passback problems:

  • No device is added to the APB area. Assign one device at least.
  • The entry/exit is not defined. Assign one device at least to define the entry/exit direction.
  • An entry/exit device has not been configured correctly or does not include a reader.
  • An APB area entry device has been used for entry to another area. Modify the assignments to make the function work correctly.
  • A device has not the proper licence.
  • A device has been deactivated.
  • A device has been disconnected.
  • A device has an incompatible firmware version.
  • A device is equipped with the REX button that allows the user to leave the APB area without authorization. Deactivate the REX button to make the function work correctly.

Warning

  • Should an error occur in an Anti-passback area, the whole area will be deactivated and reactivated once the error is removed.

Devices

The tab displays all the devices that border the Anti-passback area. 

Make sure that an active Enhanced security or Gold licence is available on all the edge devices. 

Caution

  • The Access points in 2N® Access Commander are marked 1 and 2 as follows:
    • Access point 1 = Entry rules
    • Access point 2 = Exit rules
  • Make sure that a reader is added to the device for each Access point.

Device Settings before Adding to Area

Set the entry/exit rules in the Door section for selected devices to make Anti-passback work properly. Also, specify the entry/exit readers in the device settings. This setting is used for an independent device. 

Area Settings

Set the area in 2N® Access Commander where multiple devices are used in large areas. 

Click Add device to open a bulk adding window. The Access points are completed automatically: AP 1 = entry, AP 2 = exit. Click the arrowsto switch the Access points if necessary. 

Blocking

The tab displays the list of blocked users who tried to breach the Anti-passback rules. The system administrator can unblock a user by clicking the icon next to the username or unblock all the users at once by clicking Unblock all.

Warning

  • The Anti-passback area becomes useless and can be potentially dangerous if there is a device in the area with an active REX button, which provides unauthorized access.