Well, most facilities won't have their staff all too professional, either. Or their tech security actually all that secure.

Right, that whole balance issue is why infiltrations are possible at all. But astral security is something most employees won't even be aware of beside the usual "some weirdo is out there working his mojo to protect us".

Of course (although that means the infiltrator will have to be Awakened or do drugs). However, abstracting things past specifics seems dull to me. Basically, I just wanted the answers for the questions in my initial post akin to the ones found for tech security in Core: you can do this, that or that other thing to get past it, and you'll need to roll this and that (but for a competent infiltrator, those rolls are all pretty much autosucceeding).

For secure facilities any alarm means rapid response in force. And it gets progressively harder to dodge those in addition to what you had your hands full with before that. But yeah, you're making a valid point here, saying that a single failed roll is a failure for the whole enterprise is a bit of an exaggeration.

My first 4th ed runner was in fact a mundane Elf "ninja" with Astral specialization for infiltration.
In the end, if you can get yourself a cardboard box with ruthenium on it and a transparent part so you can see around, you are good to go in any facility.
Solid Snake WAS RIGHT, after all!

Regarding Detect Life:


I still think some writer screwed up - making a spell do something in an example outside of the spell description that the spell description makes no mention of at all. I mean, how does "detects all living beings (but not spirits) within range of their sense and knows their number and relative location" suddenly tell you that they're armed? Can add extra functionality to other spells too if we feel like it?

Anyway, the spell description tells you that it's useless on crowds, so the way to foil the spell would be to sneak in during office hours, perhaps disguised.



I think you missed part of the text there:


The way I read that, it takes an Observe In Detail action to use an Active detection spell. You don't get an automatic roll whenever someone walks into the AoE; you have to constantly look for it.

Suppose your spirit checks every half minute, that's 2880 checks per day; even with a 0.1% glitch chance that's still about 3 glitches per day.

Also, the chance of successfully identifying someone isn't all that high: it takes 4 net hits to identify. People in a security facility would have an average Willpower of say, 4 (ambitious, training in defense against mages perhaps), so that means you need 16 dice to succeed on average. So only an F8+ spirit can do it reliably.

If the spirit sounds the alarm every time it can't identify someone, that's a LOT of false alarms.

Of course, there's also the problem that spirits don't understand the physical world. Sure, they can be really smart, but they're also fundamentally alien. Not necessarily qualified to really assess security in a real-world environment.

However, I also wouldn't trust a mage with this. For one, because a mage with 16 dice on Spellcasting+Magic should be simply above guard duty like this, but also because humans just don't really have the kind of attention span for this sort of thing.

All in all, I think you've overestimated the effectiveness of Detect Life for the protection of facilities which actually have staff in them.

Well, maybe it allows you to detect them with such precision that you can tell what they're holding by the position of their hands?
Still doesn't explain why it lets you recognize specific people, though.

As has been said in this thread several times already, using fast talk and disguise for infiltration is a whole other can of worms, which is only slightly related to stealth-based infiltration.

I don't feel that "Using the sense may require the subject to take a Simple Action to Observe in Detail" means that the magician with an active sense on must do that; besides, there's nothing on each Observe in Detail being a separate test, as opposed to the sustained spell affecting anyone entering its range as normal.
Even if we go with your calculations, and assume each glitch (which, btw, happens about once in 50000 rolls for 10 dice, if I recall) is a false positive - just testing immediately again removes the problem, as does sending out a rapid response team - exercise is useful for grunts, after all.

Yeah, I agree that Detect Life is of limited usefulness when there are crowds of genuine workers around, just like motion sensors, trip beams and other security measures are. During the off hours, however, it allows a single mage to control kilometers of territory, and quite reliably even with your rules interpretation.

No it doesn't. It means someone is tasked to check it out first. Rapid Response scares employees, and is often reserved only for verifiable threats. I have worked in such facilities, and we did not activate a reactionary force for something that was not verified. We tasked a single unit to investigate. In most cases this is one or two guards. We heightened our awareness, but did not start blowing the crisis sirens, because, again, that tends to scare the workers. Once we had verification, then we called in a response that was appropriate to the situation. Calling in an HTR Team because a squirrel triggered an alarm gets costly real quick.

An infiltration should result in a series of infiltration rolls, among other rolls. Single Roll resolution is way to simplistic, for something that is so complex.

"Active: The sense actively analyzes or seeks out certain information when the subject concentrates on it."
That's a line from page 205 of SR4A. I'd say that you'd need to observe in detail to use an active detect life spell.



Kilometers? Force 6 spell of a Magic 6 mage using the extended version is 360 meters (6*6*10). Now 360 meters is still a sizable chunk of terrain, but not as large as you may have assumed.

Active Detection spells are treated as an Opposed Test, pitting the caster’s Spellcasting + Magic
vs. the target’s Willpower (+ Counterspelling, if available);
Note that Counterspelling may be used to defend against active Detection spells, even if the magician is not aware of them.

So I'm sneaking into a system. I'm rolling willpower+counterspelling vs spellcasting+magic. This starts to look better for the sneaking in guy.

Range: The standard sensory range for a Detection spell is the spell’s Force x Magic in meters. For extended range Detection spells, the effective range of the new sense is Force x Magic x 10 meters. Note
that any of the standard range spells listed below may be learned with an extended range instead (adding +2 DV)

Force 6 x Magic 6 x 10 meters: 360 meter diameter around the mage. That's nice, but it's not easy, and the drain on that is high: 5. Not to mention that a Magic 6 Wagemage is.. expensive to keep around for guard duty.

Would the critter power concealment help at all to avoid detection? I don't suppose it would. It does help hide astral forms. Anyway just a thought.

Well, it is a 360 Meter Radius, to be fair, so that is a pretty good chunk of change as far as area goes. But yes, I too was going to comment on the Kilometers statement. It is not that good.

Well, I've worked my share in one, as well. Any alarm triggered meant a patrol of three dispatched in full dress: body armor, SMGs, the works. Since those patrol groups milled around constantly, it's not like it grated on anyone's nerves - yeah, the grunts are off somewhere again, yeah, maybe they're in a bit more hurry than usually, what's it to you?
Our security was mostly human-based, though - most approaches were just constantly monitored in person in addition to the cams.

And even a couple of guards, if those are pros, is a lot of trouble for an infiltrator. And it's not like it's too expensive to add a couple of high-Sensor drones to them. But again I'll reiterate - yeah, you're right, for any facility where acting on security alarm means moving out somewhere and not just looking out of the guard room, a single failure during the infiltration does not spell a catastrophe.

Radius, Sabs, not Diameter...

Agreed... the Infiltrator is going to have to contend with whomever/whatever is sent to investigate. But those investigators also have to locate the infiltrator, which may be a bit of a task. And if they cannot, it is likely chalked up to a false positive, glitch, or whatever.

As for the rest, it seems like we have come to an understanding of sorts. Works for me...

And no single infiltrator should be trying to get into that facility by himself.

Where is his hacker/rigger/technomancer backup that's doing his best to deal with the cameras and the drones. Where is his mage backup dealing with the patrolling spirits, and that wanker mage sustaining detect life.

Detect Life: Unless that wanker mage is also part of every single ward in the building, he needs to drop detect life every so often. He also needs 4 net hits, over the opposed test to get good details. Which he can't even GET if I can guarantee myself 3 good hits. 5 Willpower+4 counterspelling gets me 9, that's really close to 3 hits. Maybe this is the time to be spending edge. Maybe it's not. I don't know.

I'm an infiltrator, my tag stat is agility. Do I have a stun baton, or a stun gun with a silencer. 8(S)e -half impact armor. That's very nice. That's going to drop a lot of guys. Especially if I get to surprise strike them. Flashbang grenades for groups, or smoke grenade. Directional Jammer*, so I jam their commlink before I decide to drop on them.

Note: Willpower is a good stat for an infiltrator.
* The Jammer rules have some issues

Two main points.

If security was impenetrable you could not play Shadowrun. If this is the outcome you want, then you can't play. If you want to play, then security can be overcome. There's is no universal security measure that beats all. Work on the presumption there is a way around all measures. Otherwise you cannot play.

There are N number of security measures. There are variations in response. You as GM set the model for response and escalation. What I suggest is to make it simple for yourself. If you determine it's a threshold 4 target to overcome security, then pick 4 standard security measures that you describe and that the players need to overcome. Pick a different set of standard measure for each facility. If it's threshold 4, and the players gets 3 successes, I will leave one describing one security measure, that is the one that trips them up. If I multi layers the security defense, I might let extra successes on the first layer give them extra success that carry over on the next layer. You can also model it as an accumulation of successes. For example, 30 minutes per success, roll once over thirty minutes, this is especially fun if they have a deadline to infiltrate.

Any single security measure may look uber, but just because you don;'t know what would beat it, doesn't mean there isn't a way to beat it. It just means you don't know it. If you struggle with one, then ask for suggestions. If you choose to consider a security measure unbeatable, then that's your choice.

GM Tip: Security Measure A looks tough. You can't think of a way to explain it being beat. Set a target and let the players roll the dice, if they succeed, then ask them how they did it, and just let that happen! Isn't that collaborative storytelling? Why does Fatum need to know everything?

Keep in mind that the more rolls you make a player make, the higher the chance of failure. If you have a 97% chance of success your chance of succeeding 10 times in a row is under 74%

Yes, I Know that... But Facilities that require large numbers of rolls are inherently more difficult, thus the reducing chance of success makes a bit of sense. And I think that your Percentages are a bit skewed, as well... If you require 2-3 successes per test for static obstacles, your Infiltration specialist will have to work extremely hard to fail those rolls. And opposed tests are their own challenge. No Single roll should blow the infiltration, either, so it leaves a bit of leeway for dramatic license.

I'm really enjoying this topic. It is a good question to ask: how do you run attempts to sneak into a base, and why are runners capable of being successful?

There are trade-offs involved in base design: on one hand, security. On the other hand, the smooth functioning of the facility. On the gripping hand, budget.
A dedicated HTR team is expensive; several thousand nuyen a day when they don't have to do anything. Roaming spirits cost a lot in binding materials. Mage wages are high; the mages good enough for security work are also in demand for research and enchanting work, which probably pays pretty good.
Going to heightened security when some alarm triggers, reduces the smooth functioning. Extra people may have to be activated, which costs money. Drones and vehicles readied for takeoff. Logistics curtailed to prevent easy sneaking around, slows down normal work.
Lockdowns may cost millions; they probably spoil experiments as prototypes are shuffled off into vaults to prevent anyone getting at them.
All in all, the budget for security will always be less than the value of the facility's product; otherwise the facility runs at a loss, and that's bad.

Because the security cheaper than the target, the runners stand a chance!
If the security budget is 20% of the facility's value, then it's still vulnerable to Johnson willing to spend 60% on an attack, and that still leaves Johnson with profit.
Take a look at Neuromancer and Count Zero: those are really expensive shadowruns, none of this penny-pinching 5K per PC nonsense.

So the security director didn't get everything he wanted; he still has all manner of obstacles (guards, walls, locked doors, sensors, traps) and HTR for counterattacks available to make sneaking in difficult. This will definitely deter common schmucks from making attempts, but it isn't always sufficient against shadowrunners.

What the runners need to do first is legwork. Without legwork they will fail.
They do all manner of things to get an idea of what kind of Obstacles they'll face in the building. How they do legwork is a different subject. You can sneak into StufferShack without legwork, just by being good, but it doesn't scale to megacorporations; you always need to know the Obstacles.

Every Obstacle can be circumvented somehow. (As a GM, try to come up with 2-3 different ways to do so; if you can't come up with a way, you might have made the adventure Impossible.) Knowing what and where the Obstacle is will help the PCs do something about it. For example:
Guards: Infiltration, violence, sleep gas, bribery, blackmail, mind-control magic, seduction, false credentials
Barriers: break through with Demolitions or a monofilament chainsaw, go around
Locked door: hacking, maglock passkey, lockpicking, stolen key, employee at gunpoint, trojan Face or Drone
Sensors: Infiltration, hacking, influencing whoever watches the surveillance, disguise
Magical detection: Masking metamagic, getting at the mage, make the mage think you're someone else, mana static
Traps: detect-and-bypass, detect-and-disable, hacking, have an authorized person disable them

As you can see, the Infiltration skill comes into play in only some of these cases. I don't think it was intended as a one-stop sneaking in skill, although it does more than just moving really quietly. It also includes knowledge that would let you recognize when you just can't go through somewhere unseen: "there's just no way to pass through that wide open room with the camera aimed at the door; there just isn't any cover." In this case, the skill helps you recognize a potential mistake before you make it.

The camera aimed at the door, and the watcher spirit in the featureless room, are what I'd consider traps. They aren't really sneaking challenges; it has to be solved in a different way. Perhaps the spirit can be lured away by a fascinatingly life-forcey rodent scampering away (followed by Infiltration!) Maybe you can hide behind an employee, using him as cover (using Shadowing). A Disguise as someone with a right to be there could work. A camera neutralizer would prevent it from seeing you (but not that something happened), or maybe the ninja uses his relay transmitter so that the hacker can hack the camera.

Traps and things that sound the alarm are tricky to use as a GM. Ideally, the PCs have a chance to learn about most of them through legwork (the better the legwork, the more triggers they know of, and the more precisely they know how they're triggered and how they can be fooled). It can be entertaining to keep some secret until the run is underway, however, but:

Every trap should be detectable before it's triggered
It doesn't have to be easy; a dice roll, certainly. And knowing about it from legwork is much better for your nerves.

There is a way past every trap without triggering it.
Well, unless you want to railroad of course.

If a trap is triggered, there's some way to salve the situation
Security shows up to investigate if this is a real alarm or a false alarm. It isn't easy to hide evidence of your intrusion, but possible; if you succeed, the alarm stands down, although they'll be twitchier. If you fail, however, Threat Response begins.


Threat Response doesn't mean the end of the mission rightaway
HTR teams need to mobilize and move to the PCs. Sometimes the HTR guys don't know exactly where the Team is. The point is, it takes a while before they show up; the PCs need to get as much as possible done before the HTR corners them.

With a well-armed PC team, it takes pretty extreme HTR teams to have chance of winning. Assembling those and acquiring a tactically favorable position may take even longer. God help the HTR if the PCs take the lead scientist hostage.

So while security tries to find the PCs, use lockdown procedures to keep them penned in until HTR can deal with them, the PCs now move as fast as possible, blow shit up to get through obstacles and try to get out again before they're outmatched.

Success on the mission is still possible, but now it becomes a matter of speed and firepower, not stealth.


---
Concluding:

A Perfect Run™ involves successful legwork that reveals all Obstacles. The PCs then come up with a way to get past each of those obstacles. They go in, discover an Obstacle they didn't know about, and find a way past it. Then they accidentally trigger a trap, but manage to hide when the guards show up to investigate. They get out without pursuit. This is the Ocean's Eleven kind of run.

The Other Kind of Perfect Run is a lot like this, except the alarm does trigger, Threat Response commences and the team escapes in a glorious running battle with security, followed by a street chase until they make it to some random other extraterritorial terrain, they shake off pursuit, lay low and then go to Johnson.

Infiltration isn't a one-stop skill to do everything with; it's for sneaking when sneaking is possible. Sometimes you have to make the sneaking possible.

Sneaking into a real base isn't just one skill check; it's an entire adventure. Sneaking into the StufferShack however, takes just one Maglock Passkey and one Infiltration check

Well, I hope this gives you some ideas on how to set up believable beatable security

All non-computer security system and measures are designed to slow down an attacker or buy time for the response team. Locked doors require that you break the door, or attack the lock. Fences take time to cross and make it hard to carry out the 800 pound safe. motion detectors make you move very slowly, etc. Alarms get the security response team rolling. The longer you spend in on the site the greater the chance of detection. The longer it takes after detection to get in and out the greater the chance of apprehension.

All security systems make the normal day to day operation of the actual productive occupants harder. For example, many years ago I was talking to the Defense Mapping Agency about a job, and one of the great things about their training facility was that you could go outside for lunch. Because at the sites where real work was done it took so long to make it though security that you wouldn't actually make it to the exit doors before you would have to turn around and head back to work. That's because the DMA, now the National Geospatial-Intelligence Agency, is NOT a normal corporation and has totally different idea of risks than a commercial outfit. So security is almost limited by things other then what is theoretically possible.


Ideally the security system will detect you at the perimeter and start a response team rolling at you then, so by the time you cross the fence, slowly sneak past 200 yards of grounds covered by intelligent cameras, bypass the door sensors and open an emergency door and start heading for the lab there is a reception party waiting for them.

Consider instead if the first warning that same security force has is when a linear shaped charge blows a hole in the lab secure storage area and a hole gets blown in the fence, followed by a stolen 8x8 truck with a liftgate driving up to the building while the intruders roll out the goodies. By the time a security response team arrives all that is left are tire tracks in the grass and some new entrances and exits.

Ascalaphus, that is a beautiful post.

I would like to add one: If the Heavy/Rapid Response Team is already at the target site, it is highly likely the Shadowrunners were setup, then they can Get Out Of Dodge and/or Get Payback on whoever set them up. That would be where the run is The Trap. Commonly, it seems this means it was the Mr. J is really a Butler and did it, but really it could be any number of different kinds of Contacts.

Stealth then enters that fray in disappearing into the shadows to live to fight another day and pop back out briefly to put two in the back of the head(s) of the Betrayer.

Just throwing that out there since this thread seems to be just as much about rail roading as stealth.

^^^^^^^^^^^ Excellent post Ascalaphus... in the end it all comes down to economics. Very easy to forget. Then again massive security guarding a paste diamond does make for great angst :).

I see security as a multi-tiered response structure. Tier 1 is going to be cheap electronic trip wires, automated sensors, etc. Tier 2 is going to be a dude (or a pair, if affordable) checking out triggers from Tier 1. Tier 3 will be "calling all cars" to get all personnel on site to respond to a target identified by Tier 2. Further tiers can be off-site HTR teams, the fuzz (mostly if the site is not extraterritorial), or possibly magical assets.
For strictly magical threats, such as wandering astral entities, there will be a similar tiered structure. Tier 1 could be patrolling watchers, but these would be limited to internal areas with lower headcounts around, since watchers are VERY stupid. Also, Tier 1 could be mana barriers, but these will be very limited because they are VERY expensive, and troublesome to work with on a day-to-day basis. Tier 1 could also be patrolling higher force bound spirits (again VERY pricey, and limited to a year's service usually) which will rarely be told to attack on sight of intruders. They may be fairly intelligent, but they are very alien as well, so almost always his response should be to alert Tier 2 (mage on-call, call center, etc.). Tier 2 will be an Awakened metahuman for magical threats, and/or HTR teams depending. Tier 3 will be combat spirits summoned/called by a Tier 2 mage to deal with the magical threat, or as for mundane Tier 3 responses.

The thing is, unless the corp in question has a damn good reason to justify the expense and inefficiency overhead, most magical assets are NOT on-site. Magic IS rare, and rare = [nuyen]+++. So, they will share that cost over multiple sites and/or use third-party vendors with a call-center. This means magical security will be based on escalation to meet the threat, the same as mundane security. It makes economical sense to do it that way, and Ghost knows corps are all about money.

Astral patrols are looking for astral intruders almost excusively. Noticing and more importantly IDENTIFYING from astral space a mundane target is difficult in a corp setting with thousands of legitimate employees who have access to the site. Mundane security is more effective at those types of intrusions. Astral security versus astral intrusions is much more effective. Keep in mind, astral intrusions by entities would be fairly common as well, as most spirits regard the astral plane as their turf, and wandering through an installation will only be halted if something prevents them, like a bigger fish telling them to go away, or barriers to block their path, such as mana barriers or earth. There will be plenty of false positives, which some bored mage will have to check out and deal with enough to make it become routine - the bane of alertness! Often, by the time he gets there, the triggering entity will have buggered off, so finding nothing will be a very common result for an alert.