Architecture of Global cardholder management

In order to share cardholders across multiple independent Security Center systems, one of the system must act as the sharing host, while the others act as sharing guests.

Sharing host system

The sharing host is the Security Center system you choose to initiate the sharing process, by creating a global partition on that system. All cardholders, cardholder groups, credentials, and badge templates which are members of the global partition automatically become available for sharing. Other types of entities can be part of the global partition, but will not be visible to the sharing guests.

The sharing host owns the master copy of the global partition and the entities that are in it. All changes made by the sharing guests to the content of the global partition must first be validated by the sharing host before they are propagated to other sharing parties.

The global partition is like a central database, the sharing host is like the database server, while the sharing guests are like the database clients. There is no limit to the number of global partitions a host system can share.

Sharing guest systems

The sharing guest is a Security Center system that participates in the sharing process. Participation is achieved by creating a Global Cardholder Synchronizer (GCS) role on that system, and using it to connect the sharing guest to the sharing host.

As the sharing guest administrator, you can decide which partitions shared by the host are of interest to your system. The GCS role then creates a copy of the selected global partitions and entities on your local system. Only cardholders, cardholder groups, credentials, and badge templates are eligible for sharing. The shared entities are visually identified with a green icon () superimposed over the regular entity icon.

You can assign local access rules and credentials to global cardholders to grant them access to your local areas, doors, and elevators. You can create, modify, and delete entities from the global partition. The actions you can perform depend on the rights of the user representing the GCS role on the sharing host. All changes made to global entities on the guest system must be validated on the host system. All modifications rejected on the host system are also rejected on your local system.