Secure Single-Head VGA USB KVM Switch - EAL2+ EAL4+ Certified, TEMPEST Level I (Level A)
Combat security threats with this hard-wired KVM switch for VGA video.
- Used in Secure KVM applications that require mixing of secure and non-secure systems
- Supports protection against radiated emissions and port to port crosstalk in addition to many other security threats
- Support for VGA targets up to 1920x1200 (1080) with USB or PS/2 keyboard and mouse (uses EHNSECUREx CPU Cables)
The ServSwitch™ Secure KVM Switch with USB, EAL4+ Certified/TEMPEST Level I (Level A) Qualified, VGA, surpasses the security profiles of most other KVM switches.
In addition to its superior hardware-based data-isolation features, the switch has been certified for Common Criteria Evaluation Assurance to Level 4+ (EAL4+), augmented by ALC_FLR.2 and ATE_DPT.2.
The Common Criteria is an international standardized process for information technology security evaluation, validation, and certification. The Common Criteria scheme is supported by the National Security Agency through the National Information Assurance Program (NIAP). EAL4+ itself defines a common set of tests to evaluate the security of an IT product relating to its supply chain, from design and engineering to manufacturing and distribution.
The ServSwitch Secure KVM Switch with USB, EAL4+ Certified/TEMPEST Level I (Level A) Qualified, VGA provides control and separation of two PC CPUs/servers connected to secure and non-secure networks through just one keyboard, monitor, and mouse. Users can safely switch among the connected computers operating at different classification levels without worry.
Plus, it is TEMPEST USA NSTISSAM Level I and NATO SDIP-27 Level A qualified. What this means is the low radiated emissions profile of the switch meets the appropriate requirements for conducted/radiated electromagnetic emissions.
The TEMPEST designation is required by military organizations. As a security standard, it pertains to technical security countermeasures, standards, and instrumentation that prevent or minimize the exploitation of vulnerable data communications equipment by technical surveillance or eavesdropping.
1. Prevent data leaking between ports and to the outside world.
Threat: Microprocessor malfunction or unanticipated software bugs cause data to flow between ports.
Solution: Unidirectional keyboard and mouse data flow is enforced by hardware "data diodes" so data isolation doesn't rely on software integrity. This makes it impossible for the computer to send data along the keyboard and mouse signaling channel. This advanced design also ensures data isolation through hardware and prevents the keyboard and mouse interfaces from becoming covert computer-to-computer signaling channels because of software holes or unanticipated bugs.
In addition, keyboard and mouse devices can only be enumerated at the keyboard and mouse ports. Any other USB peripherals, such as a USB thumb drive, will be inhibited from operating, preventing any uploading or downloading of data.
Threat: Physical proximity between ports enables data leakage.
Solution: Isolation is improved by placing the red and black ports at the opposite edges of the switch.
Threat: Accidental port switching.
Solution: Locked-down operation disables all keyboard hotkey and mouse switching functions in both software and hardware so that data corruption can't inadvertently cause an unanticipated channel change. The only way to change the channels is with the front-panel keys. There is only one button per channel, so channel selection is clear. Color-coded visual feedback confirms the channel selection.
Threat: Signaling by shorting the power supply or loading the power.
Solution: Each port is independently powered by its USB port. Shorting the power supply on one port will not cause the power on the other ports to be switched off. The shared keyboard, mouse, and monitor circuitry are powered by the power supply. The lack of a common power supply minimizes electronic signaling.
Product works with:
* Technical specification weight is the unit weight. It is not the packaged shipping weight. For shipping weight, please contact Black Box customer service at 1-877-877-2269.
Double Diamond™ Warranty (Standard)
Take the risk out of equipment purchases with the Double Diamond™ Warranty from Black Box Network Services.
The Double Diamond Warranty is our warranty that protects your Black Box® brand products* from accidental damage, including drops, water, and power surges.
During the warranty period, Black Box Network Services will repair or replace your damaged equipment within one week of receipt at NO CHARGE!*
Plus, get an Extended Double Diamond Warranty.
You can also extend your warranty or protect a previously purchased Black Box® brand product** for an additional year—for only 10% of the purchase price! Or, extend your coverage for a full three years for only 20% of the purchase price!
Ordering an extended warranty is easy: When viewing a product in your shopping cart, just select the one or three years of additional coverage in the dropdown menu under “Warranty Options.” For details, contact Customer Service at 724-746-5500.
* Warranty subject to certain exclusions and limitations ** Certain products may not be eligible.
What’s more, we also have a 45-day return policy. Simply call Customer Service for a Return Authorization (RA) number, return your product in new condition and in the original package, and receive a full refund.