Store home > KVM > Secure KVM > EAL > ServSwitch Secure VGA USB KVM Switch EAL4+/TEMPEST
ServSwitch Secure VGA USB KVM Switch EAL4+/TEMPEST
Photo may vary from actual product
SW2006A-USB-EAL: w/o card reader support, 2 port
SW4009A-USB-EAL: with card reader support, 4 ports
SW4009A-USB-EAL: with card reader support, 4 ports
 

ServSwitch Secure VGA USB KVM Switch EAL4+/TEMPEST


Combat security threats with this hard-wired KVM VGA switch with CAC support.


  • Facilitates data separation with a high level of port-to-port electrical isolation.
  • Protects against signal snooping using channel-to-channel 60-dB crosstalk isolation.
  • Prevents access from one CPU or network to the others being permanently hard wired.
  • Low radiated emissions.
  • External tamper-evident seals.
  • Solid metal case and a long-wearing switching mechanism.
  • USB host controller erases entire RAM (No residual data remain on channel.
  • Dedicated DDC bus and EDID memory emulation at each port.
  • Options with CAC card reader support.
  • Clear, unmistakable channel selection.
  • Non-Flash-upgradable ROM.
  • To minimize electronic signaling, no common power supply.

.
  • Warranty: 2 Year Double Diamond™ Warranty (Standard)
   
  Product       Code  
w/o card reader support
 
2 port
  ServSwitch Secure VGA USB KVM Switch EAL4+/TEMPEST  
ServSwitch Secure VGA USB KVM Switch EAL4+/TEMPEST
  SW2006A-USB-EAL  
with card reader support
 
4 ports
  ServSwitch Secure VGA USB KVM Switch EAL4+/TEMPEST  
ServSwitch Secure VGA USB KVM Switch EAL4+/TEMPEST
  SW4009A-USB-EAL  
Note: Please order the card reader for SW2009A-USB-EAL and SW4009A-USB-EAL separately.

Accessories

  Product     Code  
 
  ServSwitch Secure Cable, VGA/USB to HD26, 1.8m - VGA, USB, 1.8m
ServSwitch Secure Cable, VGA/USB to HD26, 1.8m
  EHNSECURE2-0006  
  ServSwitch Secure Cable, VGA/USB/CAC to HD26, 1.8m - VGA, USB, 1.8m
ServSwitch Secure Cable, VGA/USB/CAC to HD26, 1.8m
  EHNSECURE3-0006  

The ServSwitch™ Secure VGA USB KVM Switch with EAL4+/TEMPEST surpasses the security profiles of most other KVM switches.

In addition to its superior hardware-based data-isolation features, the switch has been certified for Common Criteria Evaluation Assurance to Level 4+ (EAL4+), augmented by ALC_FLR.2 and ATE_DPT.2. 



The Common Criteria is an international standardized process for information technology security evaluation, validation, and certification. The Common Criteria scheme is supported by the National Security Agency through the National Information Assurance Program (NIAP). EAL4+ itself defines a common set of tests to evaluate the security of an IT product relating to its supply chain, from design and engineering to manufacturing and distribution. 



The ServSwitch Secure VGA USB KVM Switch provides control and separation of up to four PC CPUs/servers connected to secure and non-secure networks through just one keyboard, monitor, and mouse. Users can safely switch among the connected computers operating at different classification levels without worry. 



Tempest
Plus, it's TEMPEST USA NSTISSAM Level I and NATO SDIP-27 Level A qualified. What this means is the low radiated emissions profile of the switch meets the appropriate requirements for conducted/radiated electromagnetic emissions.



The TEMPEST designation is required by military organizations. As a security standard, it pertains to technical security countermeasures, standards, and instrumentation that prevent or minimize the exploitation of vulnerable data communications equipment by technical surveillance or eavesdropping.





Options with CAC (Common Access Card) Reader support
SW2009A-USB-EAL and SW4008A-USB-EAL feature a support for special Common Access Card (CAC) reader that enhances its functions and gives you even more fail-safe security features. 




Threats/Solutions Scenarios


1. Prevent data leaking between ports and to the outside world. 



Threat 1.1: Microprocessor malfunction or unanticipated software bugs cause data to flow between ports. 

Solution: Unidirectional keyboard and mouse data flow is enforced by hardware “data diodes” so data isolation doesn’t rely on software integrity. This makes it impossible for the computer to send data along the keyboard and mouse signaling channel. This advanced design also ensures data isolation through hardware and prevents the keyboard and mouse interfaces from becoming covert computer-to-computer signaling channels because of software holes or unanticipated bugs.

In addition, keyboard and mouse devices can only be enumerated at the keyboard and mouse ports. Any other USB peripherals, such as a USB thumb drive, will be inhibited from operating, preventing any uploading or downloading of data. 



Threat1.2: Physical proximity between ports enables data leakage. 

Solution: Isolation is improved by placing the red and black ports at the opposite edges of the switch.



Threat 1.3: Accidental port switching. 

Solution: Locked-down operation disables all keyboard hotkey and mouse switching functions in both software and hardware so that data corruption can’t inadvertently cause an unanticipated channel change. The only way to change the channels is with the front-panel keys. There is only one button per channel, so channel selection is clear. Color-coded visual feedback confirms the channel selection.



Threat 1.4: Signaling by shorting the power supply or loading the power.

Solution: Each port is independently powered by its USB port. Shorting the power supply on one port will not cause the power on the other ports to be switched off. The shared keyboard, mouse, and monitor circuitry are powered by the power supply. The lack of a common power supply minimizes electronic signaling.



Threat 1.5: Detection of signals on one computer by monitoring for crosstalk (leakage) signals on another computer.

Solution: Minimum crosstalk separation of 80 dB provided between signals from one computer and input or I/O signals to another. There are no connections to sensitive analog inputs, such as computer microphone ports. Microphone circuitry enables sensitive recording of small analog signals. Even very low crosstalk levels could be recorded and act as a means by which a non-selected computer could read data being sent to another computer.



Threat 1.6: Timing analysis attacks (looking at what happens on one port to determine data flow patterns on another).

Solution: Only one computer is connected at a time to any shared circuitry. Links are unidirectional, preventing timing analysis.



Threat 1.7: Electromagnetic emissions. 

Solution: Special low emissions cables are used to minimize radiated electromagnetic signal leakage. Filtered power connections minimize emissions down the power lines. 


2. Prevent data from being stored in the device.



Threat 2.1: Data transfer by means of common storage or common RAM. 

Solution: Shared circuitry and the keyboard and mouse are powered down at each channel change to clear all volatile memory of any previous connections. This erases the entire RAM, preventing residual data from remaining in the channel and being transferred to another computer. In addition, the USB host controller and the shared USB peripherals are also powered down, reset, and re-enumerated. This ensures no residual data transfer.

3. Prevent electronic snooping. 



Threat 2.2: Subversive snooping by detecting electromagnetic radiation emitted from the equipment. 

Solution: The shielded metal case features double shielding in critical areas and a low emissions profile to thwart eavesdropping.



Threat 2.3: Physically tampering with the switch. 

Solution: The switch is designed with tamperproof seals to be fitted over the countersunk screws.