OSDP protocol supports bi-directional communications between devices. This means that not only can OSDP readers “talk” directly to the system, but the system can also communicate directly with the readers. For this communication to be protected from attack, it must also be secure. Therefore, the OSDP reader is configured to use the secure channel to establish encrypted communication with its access controller.

Before linking an OSDP reader, the following needs to be configured for fully encrypted communication:

  1. On the access controller configuration screen: Make sure Use TLS encryption is enabled Toggle switch (on).
  2. Select "TLS Required" on the controller's configuration web page. (If Use TLS encryption is enabled, make sure "TLS Required" is also selected on the controller's configuration web page.)
  3. On the reader configuration screen: Enable Use Secure Channel Toggle switch (on) for a reader set to communicate using OSDP Protocol.

Linking

Link Mode Link mode icon is automatically started for an OSDP reader during a configuration save if Use Secure Channel is enabled for the reader, whether the reader is new, or changed from Wiegand to OSDP Protocol. If linking is successful, the reader will come online. If linking is unsuccessful, the reader will stay in Link Mode Link mode icon.

  1. From the Device tree, or the reader details screen, select Action menu for the Secure Channel OSDP reader, and then choose either Start Link Mode or Stop Link Mode to start or stop linking.

Once a reader has paired (linked) to an encrypted secure channel, the reader is paired to that specific port and will no longer work with any other reader port without first being unpaired (unlinked).

Prepare a Blue Diamond Reader for OSDP Secure Mode

  1. Configure BlueDiamond readers with OSDP using configuration cards. Begin using the cards within 60 seconds of the reader powering up, or within 60 seconds of presenting the BDC-UNLOCK configuration card. Each subsequent presentation of the configuration card extends the allowable configuration time by another 60 seconds. If 60 seconds passes, present the BDC-UNLOCK configuration card again.
  2. Use the BDC-UNLOCK configuration card to switch the BlueDiamond reader into configuration mode for 60 seconds. The reader confirms the BDC-UNOCK card with a multi-tone sound.
  3. Present the BDC-OSDPSEC configuration card to the reader after using the BDC-UNLOCK card.
  4. Use the BDC-OSDPSEC card to reset OSDP Secure Channel Key and prepare for pairing/linking with the OSDP panel in Secure Channel mode. This card can also be used to take the reader out of OSDP Secure Channel mode and place the reader in standard OSDP mode.
HID readers use a tool provided by HID Global to put the readers into Install Mode so they can be configured for Secure Channel.

Related Topics

Secure communications

Communication issue with OSDP readers



© Honeywell International Inc. All Rights Reserved.