Home
Administrator Guide
Learn about Synergis Cloud Link hardware and software.
General configuration
Learn how to configure your Synergis Cloud Link unit.
Synergis Cloud Link configuration
Configuring MIFARE DESFire
To enable MIFARE DESFire on your Synergis™ Cloud Link, you must load the configuration file, then associate the configuration with your STid SSCP or OSDP transparent readers.

Release Notes
Learn about the Synergis Cloud Link release.
Hardware Installation Guide
Learn how to install and connect your Synergis Cloud Link appliance.
Administrator Guide
Learn about Synergis Cloud Link hardware and software.
- Preface
- Introduction
- General configuration
  Learn how to configure your Synergis Cloud Link unit.
  - Synergis Cloud Link configuration
    - Preparing to configure the Synergis Cloud Link unit
      Before you can configure a Synergis™ Cloud Link unit, you must perform some pre-configuration steps.
    - Configuring the Synergis Cloud Link unit
      You can configure the Synergis™ Cloud Link unit after the pre-configuration steps are completed.
    - Configuring the network properties
      To make sure the Synergis™ Cloud Link unit can be reached on your Security Center system’s network, you must configure the unit's network properties.
    - Using self-signed certificates
      A Synergis™ Cloud Link comes with an X.509 certificate that was generated during production. Replace the default certificate to enhance security by generating a new self-signed certificate.
    - Using trusted certificates
      The authenticity of the self-signed certificate that comes with the unit by default is not enforced as usual with the Public Key Infrastructure. To be more secure, you can use a fully trusted certificate signed by a certificate authority instead.
    - Configuring interface modules connected to the Synergis Cloud Link unit
      To establish communication between the Synergis™ Cloud Link unit and the connected interface modules, you must configure them in the Synergis™ Appliance Portal.
    - Testing the connected interface modules
      You can test your hardware connections and configuration by monitoring their responses in real time on the I/O diagnostics page of the Synergis™ Appliance Portal.
    - Configuring unit-wide parameters
      Most interface module behavior is common to all interface modules connected to the same Synergis™ Cloud Link unit. You can configure these unit-wide settings on the Unit-wide parameters page of the Synergis™ Appliance Portal.
    - Configuring reader LED and beeper settings
      You can configure the reader LED and beeper behavior to communicate various access control states to the person standing at a door. For example, you can make the LED flash in amber color when the system is waiting for a PIN to be entered.
    - Copying the reader LED and beeper settings from one unit to another
      You can export the LED and beeper settings from one Synergis™ Cloud Link unit and import them into other Synergis Cloud Link units.
    - Disabling output controls
      To prevent doors from being unlocked through the Synergis™ Appliance Portal, you can disable the control of output states.
    - About the automation engine feature
      Automation engine is the Synergis™ Softwire feature that executes rules, similar to event-to-actions in Security Center. Automation engine works even when the Synergis™ unit is disconnected from its Access Manager.
    - Configuring automation engine rules
      To trigger actions when an access control event occurs, configure automation engine rules in the Synergis™ Appliance Portal. For example, increase the minimum security clearance of an area when a door input goes into a trouble state.
    - Configuring downstream controller settings
      You can configure interface-module-specific behavior for all the interface modules connected to the same Synergis™ Cloud Link unit on the Downstream controller settings page of the Synergis™ Appliance Portal.
    - Configuring MIFARE DESFire
      To enable MIFARE DESFire on your Synergis™ Cloud Link, you must load the configuration file, then associate the configuration with your STid SSCP or OSDP transparent readers.
      - Enabling DESFire EV2 secure messaging
        To use secure DESFire EV2 secure messaging, you must enable EV2 authentication on your DESFire configuration files and export them to your workstations and Synergis™ Cloud Link units.
    - Unlocking SAM cards
      Storing cryptographic keys on MIFARE Secure Access Module (SAM) cards instead of the Synergis™ key store increases security because the keys cannot be retrieved. The SAM cards must be unlocked to interact with Synergis™ Cloud Link for cryptographic operations.
    - Enabling key versioning for SAM cards
      To use application read key versions with your MIFARE SAM cards, configure the cards with up to three keys using a SAM card configuration tool, then enable key versioning in the Synergis™ Appliance Portal.
    - About the Synergis key store
      The Synergis™ key store is used to configure and store cryptographic keys.
    - Using key hashes in the Synergis key store
      You can use key hashes to verify keys in the Synergis key store against other units, or against the SAM card or key card production tool that produced the keys.
    - Changing the PIN entry timeout for doors
      When long PINs are being used, you can change the PIN entry timeout to give cardholders more time to enter their PINs.
    - Configuring event logging on the Synergis Cloud Link unit
      The Synergis™ Cloud Link unit can keep detailed logs for troubleshooting and support. However, these logs are turned off by default. Turn them on if you want to view troubleshooting reports or to download the support logs.
    - Configuring auxiliary event logging in the cloud for the Synergis Cloud Link unit
      Configure your Synergis™ Cloud Link unit to connect to an Azure Application Insights resource, so that logs can be stored in the cloud in addition to being stored on the unit itself. This can simplify analyzing logs and running monitoring tools on them.
    - Configuring audit log retention for the Synergis Cloud Link unit
      You can configure how long the audit logs for the Synergis™ Cloud Link unit are kept before they are automatically deleted.
    - Enrolling Synergis Cloud Link units in Security Center
      To enroll a Synergis™ Cloud Link unit in Security Center, assign the unit to an Access Manager role.
    - Synchronizing the Synergis Cloud Link unit with the Access Manager
      Some settings on the Synergis™ Cloud Link unit are not automatically synchronized with the Access Manager. If you change settings on the unit through the Synergis™ Appliance Portal, such as its logon password, its IP address, or the way it responds to connection requests, then you must change the same settings on the Access Manager in Config Tool.
    - Configuring the monitoring inputs on the Synergis Cloud Link appliance
      You can use the four inputs on the Synergis™ Cloud Link appliance to monitor the physical installation of the appliance. For example, you can connect an input to a tamper switch on the enclosure in which the appliance is installed.
- Integration-specific configuration
  Learn how to configure third-party devices to work with your Synergis Cloud Link unit.
- Maintenance and troubleshooting
  Learn how to troubleshoot issues and keep your Synergis Cloud Link unit up to date.
Glossary
Where to find product information
You can find our product documentation in the following locations:
Technical support
Genetec™ Technical Assistance Center (GTAC) is committed to providing its worldwide clientele with the best technical support services available. As a customer of Genetec Inc., you have access to TechDoc Hub, where you can find information and search for answers to your product questions.

Configuring MIFARE DESFire

2024-05-09

To enable MIFARE DESFire on your Synergis™ Cloud Link, you must load the configuration file, then associate the configuration with your STid SSCP or OSDP transparent readers.

Before you begin

Configure STid SSCP readers or OSDP readers.

Procedure

Log on to the Synergis Cloud Link unit.
Click Configuration > MIFARE DESFire .
Click Select smart cards sites file, and browse to either your custom configuration file (SmartCardsSites.xml) or the default file that came with your Security Center installation.
For more information about the SmartCardsSites.xml file, see Configuring MIFARE DESFire in Security Center.
If you are using DESFire EV2 secure messaging, enable this feature in your system.
Click Upload.
The following message is displayed: Upload successful.
Associate the readers and MIFARE DESFire configurations:
1. For each reader, select a site from the Available configurations list.
2. Click Add.
If your system uses key versioning, select the Use key version checkbox.
Two scenarios must be considered:

Keys are stored in the Synergis key store

When the checkbox is selected, the system asks the card, which key version it is using and tries to find it in the key store. If the checkbox is cleared, then system always uses the last version. For more information, see About the Synergis key store.

Keys are stored on the SAM card

When the checkbox is selected, the system asks the card which key version it is using and try to find it on the SAM card. If the checkbox is cleared, then system always uses the key version 0. For more information, see Enabling key versioning for SAM cards.
Click Save.