pivCLASS How to Order Guide D00546, Release A.4 May 2013
pivCLASS How to Order Guide D00546, Release A.4 May 2013 The most current version of this document is available for download at www.hidglobal.com/main/developers/pivclass. To check order status, go to: www.hidglobal.com > Knowledge Center > Customer Support > Customer Order Status. HID, HID Global, the HID logo, pivCLASS, iCLASS, iCLASS SE, Trusted Identity Platform and Secure Identity Object are the trademarks or registered trademarks of HID Global Corporation, or its licensors, in the U.S. and other countries. This document is subject to change without notice. Document History Date Author Description Version 5/10/13 7/6/12 6/28/12 BD LD BD, RP A.4 A.3 A.2 4/12/12 DD, BD 2/26/12 DD, BD Updated for Release 3.2 Corrected an error. Added the Validation Server USB option. Removed pivCLASS Validation Server CD, 6714-306-01 and PIV Audit Card Package. Added 6714-306-04. Corrected PIV+PIN typos; added PIV Audit Card Package Part Number, API DTK and new training Initial release A.1 A.0 pivCLASS How to Order Guide – D00456, A.4 Contents pivCLASS Introduction ............................................................................................................................... 3 pivCLASS Certification ............................................................................................................................... 3 Reader Configuration Choices .................................................................................................................. 3 Reader Part Number Configuration Aides ................................................................................................ 3 pivCLASS Readers ...................................................................................................................................... 4 pivCLASS Bundles ...................................................................................................................................... 5 pivCLASS Authentication Module (PAM) ................................................................................................. 6 Validation Server ......................................................................................................................................... 7 Evaluation Kits & Credential Testing Aides ............................................................................................. 8 Evaluation Kits ..........................................................................................................................................................8 Credential Testing Aides ...........................................................................................................................................8 Certification Training Course..................................................................................................................... 9 Reader Programming Cards .................................................................................................................... 10 Reader Configuration Cards.................................................................................................................................... 10 Firmware Update Cards .......................................................................................................................................... 10 Reader Accessories .................................................................................................................................. 11 Page 2 of 11 © 2007-2013 HID Global Corporation/ASSA ABLOY AB. All rights reserved. pivCLASS How to Order Guide – D00456, A.4 pivCLASS Introduction ® HID Global’s pivCLASS Government Solutions portfolio is an extensive product family making it easy for U.S. Federal Government, government contractors and other facilities to comply with security regulations. By using Personal Identity Verification (PIV) and other smart cards for physical access control results in compliance, interoperability and high security. The pivCLASS modular approach provides government agencies the ability to use their PIV identity cards for strong Public Key Infrastructure (PKI)-based validation for physical access control. The solution enables this functionality without the need to “rip and replace” existing Physical Access Control systems (PACs), reducing costs, and removing complexities to make it easy and affordable to acquire, install and maintain compliant physical access control systems. pivCLASS accomplishes this in part by communicating with an agency’s PACs and external trust authority PKIs to deliver functionality specified by National Institute of Standards and Technology (NIST) Federal Information Processing Standards Publication 201 (FIPS 201). Ordering information for all Release 3.2 pivCLASS components are included in this How to Order guide. pivCLASS Certification You must be a pivCLASS certified reseller to order either the pivCLASS Validation Server or the pivCLASS Authentication Module (PAM). You do NOT need to be certified to order any pivCLASS reader. Certification is achieved by having at least two members of your staff successfully complete the pivCLASS training program. Reader Configuration Choices All pivCLASS readers are designed to be “transitional readers”. Transitional readers can be configured to support two different operational modes: 1. Wiegand Mode – in this mode the reader will read the FASC-N or UUID from the card and pass this data directly to the door controller or panel over a Wiegand interface. The FASC-N output can be configured to provide various output formats including 64 bit BDC, 75 bit GSA and 200 bit full FASC-N. The UUID output is always 128 bits. Custom FASC-N output formats are available but some of these may not be supported in PAM mode. It is important to note that in this mode NO AUTHENTICATION is done; it is provided to enable a phased implementation approach. 2. PAM Mode – in this mode the reader is connected to a pivCLASS Authentication Module (PAM) using RS485 communication protocol. This mode supports CHUID, CAK (card authentication key), PIV+PIN, PIV+PIN+BIO authentication, as defined in FIPS 201, depending on the capabilities of the reader (i.e., contactless, contact or biometric). This mode also supports the additional TWIC authentication modes CHUID + BIO and CAK + BIO. These readers can be reconfigured in the field to support either mode. For example, the following two step process can be used to reconfigure from Wiegand to PAM mode: • Connect the reader to the PAM • Reconfigured the reader to PAM mode using a pivCLASS Reader Programming Card Reader Part Number Configuration Aides In addition to this document HID provides an online tool for determining the part number for various pivCLASS readers. You can access this tool on the PIV & FIPS 201 Solutions page by following the link https://www.hidglobal.com/government/piv and clicking on “pivCLASS, iCLASS SE, multiCLASS WE Configuration Guide” link under the Related Documents column. Note: This is a large Excel file that will take some time to download. May 2013 © 2012-2013 HID Global Corporation/ASSA ABLOY AB. All rights reserved. Page 3 of 11 pivCLASS How to Order Guide – D00456, A.4 pivCLASS Readers Obtaining individual pivCLASS reader part numbers requires the use of the online pivCLASS Reader Configurator. You do not need to be pivCLASS certified to resell pivCLASS readers. Part Number Description Base Part No. pivCLASS R10 & RP10 Mini-Mullion Contactless Reader 900 pivCLASS R15 & RP15 Mullion Contactless Reader 910 pivCLASS R40 & RP40 Wall Switch Contactless Reader 920 125 kHz Interpreters1 13.56 MHz Interpreters Controller Communications2 Controller Hardware Connection Product Version Color Security3 Specific Configuration Settings4 N = Without Prox P = With Prox (Std) H (contactless) P = RS485 HDX R = RS485 FDX (See note 2) N = Pigtail E T = Terminal Strip K = Black 0 = Standard G = Gray E = Elite XXXX N = Without Prox P = With Prox (Std) P (contact + contactless) P = RS485 HDX R = RS485 FDX (See note 2) N = Pigtail E T = Terminal Strip K = Black 0 = Standard E = Elite XXXX pivCLASS RK40 & RPK40 921 Wall Switch Contactless Keypad Reader Keypad pivCLASS RKCL40 & RPKCL40 Wall Switch Contact/Contactless Keypad Reader 923 with LCD display pivCLASS RKCLB40 & RPKCLB40 Wall Switch Contact/Contactless Keypad Reader 924 with LCD display and Biometric sensor 125 kHz Prox Interpreters Order P for standard format support = HID Prox, AWID, EM4102 and Indala (10022 – 26-bit). All pivCLASS readers support high frequency 13.56 MHz technology. 2 Controller Communications R = Default option. Supports both Wiegand out and full duplex (FDX) RS-485. Reconfigurable in field from Wiegand to RS485 using a programming card. FDX required for use with PAM. P = Supports both Wiegand out and half duplex (HDX) RS485 with OSDP v1 protocol. Reconfigurable in field from Wiegand to RS485 using a programming card. HDX is not supported by PAM. Factory configuration option for Wiegand mode is determined by the “Specific Configuration Settings”. See note 4 below. 3 iCLASS® Security Options (Factory or Field Configurable) 0 = Standard Security (Version 1) Keyset – compatible with iCLASS SE®, iCLASS SR, standard iCLASS, SE for MIFARE Classic and SE for MIFARE DESFire EV1 credentials. E = Elite, reads only SE EliteTM credentials with unique matching keys – compatible with iCLASS SE, iCLASS SR, standard iCLASS, SE for MIFARE Classic and SE for MIFARE DESFire EV1 with matching Elite keys. Line item on PO requires ICE reference number. 4 Specific Configuration Settings Identifies all firmware configurations including Wiegand output settings, PAM and OSDP mode settings and audio/visual settings (e.g., default setting): buzzer on, LED normally red, flashes green on read, buffer one key, no parity, 4 bit message. Use the pivCLASS, iCLASS SE, multiCLASS Configuration Guide located on the HID Global PIV & FIPS 201 Solutions web page (https://www.hidglobal.com/government/piv) to obtain the complete reader part number. 1 Page 4 of 11 © 2007-2013 HID Global Corporation/ASSA ABLOY AB. All rights reserved. May 2013 pivCLASS How to Order Guide – D00456, A.4 pivCLASS Bundles Bundles consist of two (2) pivCLASS readers and one (1) pivCLASS Authentication Module (PAM). You must be a pivCLASS Certified Reseller to purchase these bundles. To obtain the desired bundle part number first determine the individual pivCLASS reader part number and then insert a “B” in front of the Base Part Number as shown below. First year maintenance and support is mandatory with every PAM and must be purchased separately (not included with Bundle purchase). Part Number Description Qty 2 x Base Part No. 13.56 MHz Interpreters Controller Communications2 Controller Hardware Connection Product Version Color Security3 Specific Configuration Settings4 Qty 1 x pivCLASS R40-H OR pivCLASS Authentication Module pivCLASS RP40-H (Model: M2000) B920 Contactless Smart Card Reader: Authentication module hardware, Finished Reader, Wall Switch firmware and installation guides. Includes PAM with plastic enclosure and mounting plate. Qty 2 x Qty 1 x pivCLASS RKCL40-P OR pivCLASS RPKCL40-P Contactless and Contact Smart Card Reader: Finished Reader, Wall Switch, Key Pad, LCD US Double-Gang Size 125 kHz Interpreters1 pivCLASS Authentication Module (Model: M2000) B923 Authentication module hardware, firmware and installation guides. Includes PAM with plastic enclosure and mounting plate. N = Without Prox H P = With Prox (contactless) (Std) P = RS485 HDX R = RS485 FDX (See note 2) N = Pigtail T = Terminal Strip E K = Black G = Gray 0= Standard E = Elite XXXX P N = Without Prox (contact + P = With Prox contactless) (Std) P = RS485 HDX R = RS485 FDX (See note 2) N = Pigtail T = Terminal Strip E K = Black 0= Standard E = Elite XXXX 125 kHz Prox Interpreters Order P for standard format support = HID Prox, AWID, EM4102 and Indala (10022 – 26-bit). All pivCLASS readers support high frequency 13.56 MHz technology. 2 Controller Communications R = Default option. Supports both Wiegand out and full duplex (FDX) RS485. Reconfigurable in field from Wiegand to RS485 using a programming card. FDX required for use with PAM. P = Supports both Wiegand out and half duplex (HDX) RS485 with OSDP v1 protocol. Reconfigurable in field from Wiegand to RS485 using a programming card. HDX is not supported by PAM. Factory configuration option for Wiegand mode is determined by the “Specific Configuration Settings”, see note 4 below. 3 iCLASS Security Options (Factory or Field Configurable) 0 = Standard Security (Version 1) Keyset – compatible with iCLASS SE, iCLASS SR, standard iCLASS, SE for MIFARE Classic and SE for MIFARE DESFire EV1 credentials. E = Elite, reads only SE EliteTM credentials with unique matching keys – compatible with iCLASS SE, iCLASS SR, standard iCLASS, SE for MIFARE Classic and SE for MIFARE DESFire EV1 with matching Elite keys. Line item on PO requires ICE reference number. 4 Specific Configuration Settings Identifies all firmware configurations including Wiegand output settings, PAM and OSDP mode settings and audio/visual settings (e.g., default setting): buzzer on, LED normally red, flashes green on read, buffer one key, no parity, 4 bit message. Use the pivCLASS, iCLASS SE, multiCLASS Configuration Guide located on the HID Global PIV & FIPS 201 Solutions web page (https://www.hidglobal.com/government/piv) to obtain the complete reader part number. 1 May 2013 © 2012-2013 HID Global Corporation/ASSA ABLOY AB. All rights reserved. Page 5 of 11 pivCLASS How to Order Guide – D00456, A.4 pivCLASS Authentication Module (PAM) Order individual pivCLASS Authentication Modules using the part numbers on this page. The PAM supports up to two (2) pivCLASS readers. Note: Must be connected to a pivCLASS Validation Server. First year maintenance and support is mandatory with every PAM and must be purchased separately (not included with the PAM purchase). You must be a pivCLASS Certified Reseller to purchase PAMs. Description pivCLASS Authentication Module Model: M2000 Authentication module hardware, firmware and installation manuals. Part Number Base Part No. 91000 Description Product Version A B = Plastic Enclosure Backplate & Cover N = No enclosure (board only) Configuration Settings NNN = Default Part Number pivCLASS Authentication Module Standard Maintenance & Support One year support for one (1) authentication module with the first year mandatory. PCAMM4 pivCLASS Authentication Module Maintenance & Support Reinstatement fee per unit PCAMM4R Page 6 of 11 Packaging © 2007-2013 HID Global Corporation/ASSA ABLOY AB. All rights reserved. May 2013 pivCLASS How to Order Guide – D00456, A.4 Validation Server Order the pivCLASS Validation Server using the part numbers found on this page. First year maintenance and support is mandatory with every pivCLASS Validation Server and must be purchased separately (not included with the Validation Server purchase). You must be a pivCLASS Certified Reseller to purchase a Validation Authority. Description Part Number pivCLASS Validation Server Includes pivCLASS Management Station, Validation Server, Path Builder SerVE and Enroller software and supporting documentation. PCVSL pivCLASS Validation Server Standard Maintenance & Support One year support for one (1) validation server. First year mandatory. 8x5 Central M-F. PCVSM4 pivCLASS Validation Server Software Maintenance & Support Reinstatement Per server installation PCVSM4R May 2013 © 2012-2013 HID Global Corporation/ASSA ABLOY AB. All rights reserved. Page 7 of 11 pivCLASS How to Order Guide – D00456, A.4 Evaluation Kits & Credential Testing Aides Order evaluation kits using part numbers on this page. Evaluation kits provide all parts necessary to setup and evaluate a mini-pivCLASS system. You must be a pivCLASS Certified Reseller to purchase a pivCLASS Evaluation Kit. Evaluation Kits Description Part Number Evaluation Kit for CAK / CHUID Authentication Includes 1 x pivCLASS R40-H reader, 1 x pivCLASS Authentication Module & SD card, 1 x EDGE Solo single-door stand-alone access control system, OMNIKEY 3021 D91920ANN PC contact card reader, USB memory stick containing documentation and software, PIV test card kit, legacy test card kit containing iCLASS & HID Prox cards and documentation. Evaluation Kit for PIV + PIN Authentication Includes 1 x pivCLASS RPKCL40-P reader, 1 x pivCLASS Authentication Module & SD card, 1 x EDGE Solo single-door stand-alone access control system, OMNIKEY D91923ANN 3021 PC contact card reader, USB memory stick containing documentation and software, PIV test card kit, legacy test card kit containing iCLASS & HID Prox cards and documentation. Credential Testing Aides Description Part Number PIV Test Card kit Includes 3 cards – 2 of which are “golden” cards with no errors and the remaining 1 has been revoked. The package also includes CA certificates the associated CRL. Note: This part is included in the evaluation kit – order this part additional or replacement cards. 01-0032-01 Legacy Test Card kit containing iCLASS & HID Prox cards Includes 1 x standard iCLASS card and 1 x HID Prox card. Note: This part is included in the evaluation kit – order this part as additional or replacement cards. 6712-311-01 PIV Audit Cards Includes a mix of 23 PIV and PIV-I cards 21 of which have altered data that would, if not detected, result in an access control system compromise. Includes CA certificates, CRL and a User Guide. 01-0034-01 Page 8 of 11 © 2007-2013 HID Global Corporation/ASSA ABLOY AB. All rights reserved. May 2013 pivCLASS How to Order Guide – D00456, A.4 Certification Training Course Sign-up for pivCLASS certification training using part numbers on this page. Only certified resellers are authorized to sell pivCLASS Authentication Modules and Validation Servers. Use this training course to become a certified reseller. Description Part Number pivCLASS Certification Training and Materials – HID Facility Three day training session leading to pivCLASS certification performed at the HID Facility. 6712-914 Includes course and materials. Does not include travel expenses. pivCLASS Certification Training and Materials – Customer Facility Three day training session for up to 10 people leading to pivCLASS certification performed at the Customers facility. 6712-915 Includes course and materials. Does not include travel expenses. pivCLASS Certification Training and Materials - Customer Facility Includes cost associated with Travel and Expenses for training at the Customer's Facility. May 2013 PIV-TRAIN-xxxx © 2012-2013 HID Global Corporation/ASSA ABLOY AB. All rights reserved. Page 9 of 11 pivCLASS How to Order Guide – D00456, A.4 Reader Programming Cards Reader programming cards are used to reconfigure a reader to a desired target configuration by using Reader Configuration Cards. Firmware Update Cards can be used to reload the reader with the latest version of firmware. Contact HID Technical Support (https://support.hidglobal.com) to ensure selecting the proper configuration card extension. Reader Configuration Cards Part Number Description Base Part No. 1 2 iCLASS Security Keys Configuration Card Extension Reader Mode and Output Configuration Settings Use these part numbers to order configuration cards to change reader modes (e.g., Wiegand to PAM) and output formats (e.g., 200 bit Wiegand). Includes reader configuration programming card and instructions SEC9X-CRD- 0 = Standard E = Elite -XXXX = Specific configuration1 Reset Beeper / LED, Keypad and IPM to Factory Defaults Use these part numbers to order configuration cards to reset reader settings to factory defaults. Includes reader configuration programming card and instructions SEC9X-CRD- 0 = Standard E = Elite -0000 = Factory configuration (Rx models)2 -0001 = Factory configuration (RPx models) -0002 = Factory configuration (RKx models) -0003 = Factory configuration (RPKx models) Contact your HID Global Support representative (https://support.hidglobal.com) to determine your specific configuration extension. Factory Default configurations include: LED normally red, beep on and flashes green on read card; keypad data = buffer one key, no parity, 4 bit message, Intelligent Power Management = Off; Prox reads 125 kHz HID Prox, AWID, Indala (ASP10022), EM4102. Firmware Update Cards For updating reader interpreters and other functionality to the latest firmware version over an RF interface. Part Number Description Programming Cards – Firmware Base Part No. Firmware Update Cards Includes latest version of reader firmware on a RF programming card and instructions. 1 Contact SEF9X-UPG- iCLASS Security Keys 0 = Standard E = Elite Version E = Rev E Version Update Card Extension -XXXX1 your HID Support Representative (https://support.hidglobal.com) to obtain the Firmware Update Card extension. Page 10 of 11 © 2007-2013 HID Global Corporation/ASSA ABLOY AB. All rights reserved. May 2013 pivCLASS How to Order Guide – D00456, A.4 Reader Accessories Part Number Description Mounting Plates, Spacers, Screws and Accessory Kits R10 (or equivalent size model) Mini-Mullion Reader Mounting Plate, Any Color 6303-104-01 R15 (or equivalent size model) Mullion Reader Mounting Plate, Any Color 6309-103-01 R30 (or equivalent size model) EU/Asian Reader Mounting Plate, Any Color 6402-103-01 R40 (or equivalent size model) Wall Switch Reader Mounting Plate, Any Color 6403-109-01 R10 (or equivalent size model) Reader Spacer, Black 6132AKB R10 (or equivalent size model) Reader Spacer, Gray 6132AGB R15 (or equivalent size model) Reader Spacer, Black 6132AKC R15 (or equivalent size model) Reader Spacer, Gray 6132AGC R30 (or equivalent size model) Reader Spacer, Black 6132AKD R30 (or equivalent size model) Reader Spacer, Gray 6132AGD R40 (or equivalent size model) Reader Spacer, Black 6132AKE R40 (or equivalent size model) Reader Spacer, Gray 6132AGE RK40 (or equivalent size model) Reader Spacer, Black 6132AK RK40 (or equivalent size model) Reader Spacer, Gray 6132AG RKCL40 (or equivalent size model) Reader Spacer, Angle Right, Black 6132AKK RKCL40 (or equivalent size model) Reader Spacer, Angle Left, Black 6132AKL RKCL40 Wall Plate, two piece, Black 6714-119-01 RKCL40 Mounting Plate for two piece Wall Plate, Black 6714-305-01 Security Screw 400-2D71-06 Reader Accessory Kit (includes terminal blocks, screws and installation guide) 6700-300-02 Reader Accessory Kit (includes terminal blocks, screws and installation guide for reader with side car) 6714-306-04 May 2013 © 2012-2013 HID Global Corporation/ASSA ABLOY AB. All rights reserved. Page 11 of 11
© Copyright 2024