Menu
User Guide
1. Introduction
2. Managing Users
3. Sending Registration Details
4. Privileged Roles
5. Managing Events
6. Management Reports
7. Scheduling Reports
8. Registering Users
9. Manual Usage
iPad Setup
1. Introduction
2. Selecting your iPad
3. Installing the NoahFace App
4. Connecting the NoahFace App
5. Open the NoahFace App
6. Verifying your Account Details
8. Adjusting your Camera
9. Secure your iPad
12. Kiosk Screen Types
13. Multi-Language Configuration
Face Recognition
1. Introduction
2. Recognition Settings
3. Liveness Detection
4. Face Recognition vs. Access Cards
5. Access Rules
Appendix A: Problem Solving
Appendix B: Dealing with Incorrect Matches
Appendix C: Minimising Incorrect Matches
Dashboard Setup
1. Introduction
2. Managing Sites
3. Managing Access Points
4. Registration Methods
5. Managing Users
6. Sending Registration Details
7. Managing Rules
7. Mounting your iPad
8. Privileged Roles
Appendix A: Security and Privacy
Appendix B: Data Retention
Heading
/
7. Managing Rules

7. Managing Rules

Rules are used to control which Users have access to which Access Points .

When you add an organisation, there will be a Rule called All Access added automatically. You can add rules using the Add Rule button, and edit and delete them from the context

menu next to each rule.

Adding Rules

To add a rule, simply follow the three-stage wizard to answer the following questions:

  1. Where. Which Sites or Access Points are you granting access to?
  2. How/When. What Identification is required and when does this rule apply?
  3. Who. Which Users or Groups are you granting access to?

Step 1 of 3: Where?

You need to provide a name for your rule and define which Sites , Access Point Types , or Access Points you are granting access to.

You can be as general or as specific as you want to be. For example:

  • You can create a rule that permits access to all Access Points in Sydney by only specifying a Site of Sydney.
  • You can create a rule that permits access to all machine rooms across Australia by specifying only an Acc ess Point Type of Machine Room .
  • You can create a rule that permits access to a single Access Point only.

You can also create rules that specify more than one Site or Access Point.

Step 2 of 3: How and When?

You need to specify what form of Identification is required and when this rule applies.

The Identification Required drop-down specifies how users can identify themselves. The options are as follows:

  • Face . Users can identify themselves by presenting their face.
  • Face + Authenticator . Users must present their face and then enter their time-based one-time passcode (eg: Google Authenticator) to confirm their identity.
  • Face + Number . Users must present their face and then enter their unique number (eg: Employee Number) to confirm their identity.
  • Face + Passcode. Users must present their face and then confirm their identity by entering their passcode.
  • Face + SMS . Users must first present their face. They will then be sent a one-time-use code by SMS, which they must enter to confirm their identity.
  • QR Code. Users identify themselves by presenting a QC Code which contains their unique user number (eg: employee number, member number, etc).
  • Passcode. Users must enter their passcode to identify themselves.

For time and attendance solutions, identification by Face only is usually sufficient.

However, for an access control solution, you might have, for example, one rule that allows entry by Face only during office hours (for convenience), and another rule that requires Face + Authenticator identification outside office hours (for added security).

Note: If you create a rule using passcode identification, you cannot have any other rules using another identification method.

The Registration Permitted switch controls whether registration (or manual identification) is allowed under this rule. For time and attendance solutions, this switch is normally left enabled. However, for an access control solution, you might have, for example, one rule that allows registration during office hours, and another rule that does not allow registration outside office hours.

For more information on Manual Identification, see the section Manual Identification Options under Managing Access Points.

The Days option controls which days of the week the rule applies, and the Time range controls which hours it applies. If the start time is after the end time (eg: from 17:00 to 08:00), then the rule applies overnight.

Step 3 of 3: Who?

By default, rules grant access to All Users .

To remove users and groups from the rule, simply press the cross next to their icon. If All Users is removed, you will be able to press the add icon to grant access to individual groups or users.

You can either scroll through the list and select them, or type part of their name in the search field. As you select them, they will be removed from the list and added to the rule.

While it is possible to add individual Users to Rules , we strongly recommend that you only ever add Groups to Rules . This makes the maintenance of Rules much easier.

When you have finished setting up your rule, simply press Done.

Testing your Rules

Before connecting your iPads you should test that your rules are providing the access you intended. In order to test a rule, view the Access Points page:

and then click on the name of your Access Point to view its details. In the section USERS / GROUPS, you will see a list of all the users and groups that have access to this access point, and the name of the rule which is granting them access.

If you do not see a User in this list, then they do not have access to this Access Point . If you expect them to have access, you will need to adjust your rule.

1. Introduction

2. Managing Sites

3. Managing Access Points

4. Registration Methods

5. Managing Users

6. Sending Registration Details

7. Mounting your iPad

8. Privileged Roles

Appendix A: Security and Privacy

Appendix B: Data Retention