Safely access servers between secure and non-secure networks.

Black Box Secure Desktop KVM Switches are TEMPEST Level 1 or 2 approved, which means they provide a high level of port-to-port electrical isolation. This port isolation facilitates data separation (RED/BLACK).

High-performance, secure KVM
These secure desktop KVM switches support USB control and connection of up to four connected PCs. Choose from switches with DVI-I or VGA support.

Prevent electronic eavesdropping
Channel-to-channel crosstalk isolation between –60dB and –80dB provides robust protection between networks, which enables secure access for agencies that connect to classified networks in addition to public networks such as the Internet.

Secure KVM Switches provide control and separation of up to four PCs connected to secure and non-secure networks through just one keyboard, monitor, and mouse. Users can safely switch among as many as four computers operating at different classification levels without worry.

Choose from secure EAL4+ and TEMPEST LEVEL 1 switches or Secure Aire Force approved switches.

Additional features:

• The low radiated emissions profile protects against electronic snooping.
• Switches are permanently hard-wired, preventing access from one CPU or network to the others.
• External seals reveal any attempted tampering.
• Switches support DVI-I video, which is DC balanced and can be encoded for even more security.

Threat/Solution Profiles:

1.  Prevent data leaking between ports and to the outside world.

Threat: Microprocessor malfunction or unanticipated software bugs cause data to flow between ports.

Solution: Unidirectional keyboard and mouse data flow is enforced by hardware “data diodes” so data isolation doesn’t rely on software integrity. This makes it impossible for the computer to send data along the keyboard and mouse signaling channel. This advanced design also ensures data isolation through hardware and prevents the keyboard and mouse interfaces from becoming covert computer-to-computer signaling channels because of software holes or unanticipated bugs.

In addition, keyboard and mouse devices can only be enumerated at the keyboard and mouse ports. Any other USB peripherals, such as a USB thumb drive, will be inhibited from operating, preventing any uploading or downloading of data.

Threat: Accidental port switching.

Solution: Locked-down operation disables all keyboard hotkey and mouse switching functions in both software and hardware so that data corruption can’t inadvertently cause an unanticipated channel change. The only way to change the channels is with the front-panel keys. There is only one button per channel, so channel selection is clear. Color-coded visual feedback confirms the channel selection.

2. Prevent data from being stored in the device.

Threat: Data transfer by means of common storage or common RAM.

Solution: Shared circuitry and the keyboard and mouse are powered down at each channel change to clear all volatile memory of any previous connections. This erases the entire RAM, preventing residual data from remaining in the channel and being transferred to another computer. In addition, the USB host controller and the shared USB peripherals are also powered down, reset, and re-enumerated. This ensures no residual data transfer.

3. Prevent electronic snooping.

Threat: Subversive snooping by detecting electromagnetic radiation emitted from the equipment.

Solution: The shielded metal case features double shielding in critical areas and a low emissions profile to thwart eavesdropping.