ARCO Platform 6.1 Release Highlights
Please refer to the SPG Support site for the complete Release Notes.
JMP Seminar in Casablanca, Morocco
Our associates from JMP hosted a banking and multi-site client seminar in Casablanca in Morocco together with Protectas and Assa Abloy yesterday. We presented the latest technologies for cloud solutions available in today’s market.
Previous
Next
JMP Controls is a value-added distributor of innovative and efficient security solutions covering all areas of electronic security.
Check out the SPG Controls page to find out more about our collaborators: https://spgcontrols.com/partners/
ARCO Platform 6.0 Release Highlights
Please refer to the SPG Support site for the complete Release Notes.
SPG Controls FCC Certification
SPG Controls’ S1000 Smart Controller and Peripherals are FCC certified under 47 CFR PART 15, SUBPART B/ICES-003 issued by the independent testing company EMC Technologies Pty. Ltd.
List of FCC Certified Products
• S1000 Smart Controller: S1000-PCB
• SPG Power Supply: SP1-PSU-2A
• CRI Expansion Card: SE1-CRI-PCB
• Card Reader Interface Board: SD1-CRIO-PCB
• IO Expansion Card: SE1-8I2O-PCB
• 6 Output Expansion Card: SE1-6OUT-PCB
• S1000 Remote IO: SD1-REMIO-PCB
• Audio Listen In Module: SD1-AUDIO4-PCB
• Audio Converter Expansion Card: SE1-AUDIOBUS-PCB
• Dual Ethernet Expansion Card: SE1-ETHER2-PCB
• Cellular+WiFi Expansion Card: SE1-CELL-PCB
• Sensor Remote Device: SD1-2ADI-PCB
• Alarm Keypad: SD1-TKD-MFRICP-B
• S1000 Communicator: S1000-PENC
For a copy of the FCC certificate or the comprehensive testing report, feel free to contact us at info@spgcontrols.com
New Collaboration Announcement: Eclipse Digital Solutions
SPG Controls is pleased to announce a new collaboration with Eclipse Digital Solutions, a double award-winning pioneer of modern-day integrated security solutions. Eclipse Digital Solutions has long-established relationships with a wide range of public and private sector bodies and commercial clients in and around the UK.
Eclipse Digital Solutions Ltd have consistently delivered tailor-made and cost-effective security solutions to our client base across various sectors.
Clients include the Home Office, Centre for the Protection of National Infrastructure, Ministry of Justice and businesses and organisations requiring the highest level of security protection.
Dedicated to standards and is accredited to ISO9001 Quality Management System and ISO27001 and is a member of ADS – the premier trade association for organisations operating in our sectors – providing the best possible solutions, products and services.
Check out the Eclipse Digital Solutions website: https://www.eclipsedigital.co.uk/
Check out the SPG Controls page to find out more about our collaborators: https://spgcontrols.com/partners/
How To Detect and Mitigate the Log4j2 Vulnerability
Like many manufacturers in our Industry, we became aware on the 10th of December 2021 of the Remote Code Execution vulnerability CVE-2021-44228 in the popular Java logging library Log4j2 CVE (all versions between 2.0 and 2.14.1 are vulnerable).
While SPG Controls and our related products are safe from the Log4j2 vulnerability, you may have other products and services that are not.
Below is a brief infographic on how the Log4j2 works and potential fixes you can implement.
Contact us at info@spgcontrols.com and tell us how we can help you configure your systems integrations to be safe from the Log4j2 vulnerability.
Log4j2 CVE Vulnerability and SPG Controls
Description:
Like many of the manufacturer’s in our Industry, we became aware on the 10th of December 2021 of the Remote Code Execution vulnerability CVE-2021-44228 in the popular Java logging library Log4j2 CVE (all versions between 2.0 and 2.14.1 are vulnerable).
SPG Controls Action:
SPG Controls scan the published docker images for known security flaws. The Log4j2 CVE vulnerability has been included in this process by the Docker Hub team.
Vulnerability Summary:
- Code developed by SPG Controls does NOT use Log4j2 CVE.
- Some Official Docker Images do contain the vulnerability; however, the versions used by SPG Controls are NOT affected.
- SPG Control uses a version of Elasticsearch which does NOT contain the vulnerability.
Further Details:
Scan images on Docker Hub
Code developed by SPG Controls does NOT use Log4j2 CVE. Some Official Docker Images do contain the vulnerability; however, the versions in use by SPG Controls are not affected.
Repository | Patched version | Additional documentation |
7.0.3 | ||
6.8.22, 7.16.2 | ||
1.11.6, 1.12.7, 1.13.5, 1.14.2 | ||
3.10.10 | ||
Awaiting info | Awaiting info | |
6.8.22, 7.16.2 | ||
4.4.2 | ||
8.11.1 | ||
8.9.5, 9.2.2 | ||
Awaiting info | Awaiting info |
Elasticsearch mitigation
SPG Control uses a version of Elasticsearch which does NOT contain the vulnerability.
Elasticsearch | JDK | CVE IDs | Information Leak | Remote Code Execution | Complete Mitigation |
7.16.1 – 7.16.2 | ≥ 8 | CVE-2021-44228, CVE-2021-45046 | No | No | N/A (not vulnerable) |
7.0.0 – 7.16.0 | ≥ 9 | CVE-2021-44228, CVE-2021-45046 | No | No | N/A3 (not vulnerable) |
7.0.0 – 7.16.0 | < 9 | CVE-2021-44228, CVE-2021-45046 | Yes | No | System property1 |
6.8.21 | ≥ 8 | CVE-2021-44228, CVE-2021-45046 | No | No | N/A (not vulnerable) |
6.0.0 – 6.8.20 | ≥ 9 | CVE-2021-44228, CVE-2021-45046 | No | No | N/A3 (not vulnerable) |
6.4.0 – 6.8.20 | < 9 | CVE-2021-44228, CVE-2021-45046 | Yes | No | System property1 |
6.0.0 – 6.3.2 | < 9 | CVE-2021-44228, CVE-2021-45046 | Yes | No | Remove JndiLookup2 |
5.6.11 – 5.6.16 | 8 | CVE-2021-44228, CVE-2021-45046 | Yes | Yes | System property1 |
5.0.0 – 5.6.10 | 8 | CVE-2021-44228, CVE-2021-45046 | Yes | Yes | Remove JndiLookup2 |
< 5.0.0 | any | CVE-2021-44228, CVE-2021-45046 | No | No | N/A (not vulnerable) |
New Integration Announcement: Orange Business Services – Pack ID solution
SPG Controls is pleased to announce a new partnership with Orange Business Services, a global IT and communications services provider. Orange Business Services operations span 26 countries and serve 207 million mobile customers, including 8 million business customers.
Integration with ARCO Platform uses its Open API to interface to the Pack ID solution from Orange Cloud Service mobile credentials. Credential request on the Orange Cloud Server leverages the built-in security architecture and secure communication of the ARCO Platform to access Sites/Doors.
The API is based on the latest Web-based Restful Architecture. All data contained within ARCO Platform is securely communicated to the Orange Cloud Service.
Check out the Orange Business Services website: https://www.orange-business.com/fr/produits/pack-id
Check out the SPG Controls partners page to find out more about our collaborators: https://spgcontrols.com/partners/
New Partner Announcement: Avarn Security
SPG Controls is pleased to announce a new partnership with Avarn Security, a leading security group with operations in Norway, Sweden, Denmark and Finland. Avarn Security supply security to clients across the Nordic countries.
Avarn Security (earlier Nokas) is a leading and strategic security partner for corporate customers and public sector organizations. They provide security services and solutions in the Nordic market.
Avarn Security is known for its long history as a strong solution provider of access control solutions. They are expanding their current access control system offering by bringing the latest technology in the industry to Finland for the benefit of the customers. SPG Controls and Avarn Security have entered into a cooperation agreement, in which Avarn Security will continue to represent the ARCO Enterprise access control system in Finland alongside its current access control solutions.
The company’s main operations are based in Norway, Sweden and Finland. Its head office is located in Oslo, Norway and it is headed by Group CEO Vidar Berg, with 16,000 employees spread across the Nordic countries.
Check out the Avarn Security website: https://www.avarnsecurity.fi/
Check out the SPG Controls partners page to find out more about our collaborators: https://spgcontrols.com/partners/
ARCO Security configuration – making it happen though a Mobile Application
System configuration management is important, especially in large scale systems, where you need control over both hardware and software components essential to your security solution.
It’s important in establishing and maintaining consistency in a product; from performance to functionality to physical attributes to efficiently managing requirements, design, and operational information for hardware and software.
System configuration management is essential because the system-level design may be challenging. It is hard enough to manage hardware and software development projects independently but managing all the dependencies between the two disciplines while also accounting for security concerns, scheduling and distribution. It’s a complex problem to tackle.
The ARCO Setup APP makes installing and operating your S1000 Smart Controller quick and easy. In addition, ARCO Setup provides network settings to establish remote communications to the ARCO Platform, input and output testing both locally and end-to-end. Download the ARCO Setup APP on your mobile fast and easy configuration.
- Support BLE 4.2
- Android and iOS Compatible
- No Setup PC Required
- Allows For Easy Commissioning of Panel
- Secure Authentication Layer for Login
- Dashboard For Diagnostics and Testing
Contact us at info@spgcontrols.com and tell us how we can help you configure your systems using ARCO Setup app.