NXT-MSC - Controller Encryption

NXT-MSC - Controller Encryption

1.0 NXT-MSC Controller Encryption


The ability to encrypt the communications path is needed when that path includes a network that is shared and carries other data. In the case of a serial connection, physical access to the communication wires is required and encryption is typically not required. The Doors.NET™ system has the ability to encrypt the data between the Application Server and the Gateways/Clients and also between the Gateway and the Controllers. It is important to note that these are independent of each other and can be different encryption algorithms and bit strength.


Encryption capabilities are implemented in two areas: Network socket communications between the Application Server and all incoming connections and the Gateway communications to each controller connected to that Gateway.



2.0 Encryption Options

The encryption options for the network sockets are:

  • No Encryption
  • RC2
  • DES
  • TripleDES (128 or 192 bit keys)
  • AES/Rijndael (128,192 or 256 bit keys) - Please contact Keri Systems directly if this option is required.


3.0 Data Security Between the Controllers and the Gateway

Data security for connections between the controllers and the Gateway is provided by the full implementation of the Federal Information Processing Standard, FIPS-197, utilizing the Advanced Encryption Standard (AES), also known as Rijandael, a symmetric encryption algorithm. FIPS-197 supersedes the aging Data Encryption Standard (DES) defined in FIPS-46-3. The common notation AES followed by a numeric suffix indicates the particular key size used in the implementation. AES-128 indicates the use of a 128-bit key and is the algorithm/bit strength supported between the controller and the Gateway. A thorough description of the AES algorithm can be found in NIST-197.



4.0 Configuring Encryption on the Controller

Enabling the data security feature ensures that panels can only connect to the correct gateway. If other SCP gateways are present on the system, panels with data security enabled will not connect to them.


To set up the feature:


  1. Add the panel to the gateway in the normal way.
  2. Ensure that the panel is on-line.
  3. Select the controller entry in the hardware tree.

    MSC Select Controller

  4. The panel properties, navigate to “Communication Settings” and set “ Password Required” to “Yes”. Enter your chosen password in the “Password” field and save the changes. The MSC Gateway will send the password settings to the panel automatically.
  5. Browse into the panel using a web browser of the “Scan Network” feature of Doors.Net.
  6. Navigate to the “Host Comm” page.

  7. In the “Data Security field select either “ TLS Required” or “TLS if Available” Click on “Accept” to save the entry, then navigate to “Apply Settings” to reboot the panel.

  8. “Accept” to save the entry, then navigate to “Apply Settings” to reboot the panel.

    MSC Controller Encryption Settings

  9. Go back to the panel properties page in Doors.Net – hardware. In the “Misc\Communications” field you will see the panel as “Online (Encrypted).
    Online Encryption Status

    • Related Articles

    • NXT-MSC - Controller Internal Configuration

      Effective from Doors.NET v4.0.3 it is now possible to make various controller configuration changes within Doors.NET rather than via a web browser. This section explains how to access the controller internal configuration and which configuration ...
    • NXT-MSC Controller - Feature Highlights

      NXT Mercury-Powered (MSC) 2D/4D Controller Feature Highlights Cardholders • Temporary Cards (automatic card expiration) by use count, number of days or date/time • Supervisor Cards, 2 Man Rule, Man Trap/Airlock • Area Control for Local Anti-Passback, ...
    • NXT-MSC Controller - Controller Setup Guide

      1.0 Introduction Doors.NET installation and configuration is a three step process. Each of these steps is covered separately in the help file and there are also separate standalone documents available: Doors.NET Software Installation (document P/N: ...
    • NXT-MSC Controller - Advanced and Extended Features

      1. 0 Introduction The NXT-MSC (Mercury-Powered) controller is programmed with the firmware of a Mercury EP1502 controller. It has all the standard and advanced functionality of an EP1502, such as: temporary cards (by use count, number of days or ...
    • NXT-MSC 2D/4D Controller Specifications

      1.0 NXT-2D/-4D Dimensions NXT Enclosure - 13.00 inches high by 10.5 inches wide by 3.00 inches deep - 33.02 cm by 26.67 cm by 7.62 cm. NXT Controller PCB - 6.50 inches high by 5.50 inches wide by 1.00 inches deep, not including wiring connectors - ...