HighSecLabs - SECURE 2 PORT SINGLE-HEAD KVM SWITCHES

Order

Overview

Features

Specifications

Downloads

How to Order

KVM device models addressed in this page:

SK21D-3 - Secure 2-Port DVI-I Video KVM Switch, PP 3.0
SK21H-3 - Secure 2-Port 4K HDMI Video KVM Switch, PP 3.0
SK21P-3 - Secure 2-Port DisplayPort to HDMI Video KVM Switch, PP 3.0

-------------------------------------------------------------------------------

KVM HIGHLIGHTS

Keyboard Video Mouse (KVM) switch offered by HSL allows securely sharing keyboard, video, mouse and audio peripherals between two computers while maintaining the highest isolation.

Obviate the need for purchasing and installing dedicated, per-computer peripheral sets.

NIAP Common Criteria PP3.0 Certification

HSL KVMs qualify to the latest NIAP Common Criteria Protection Profile version 3.0 (PP3.0) certification for peripheral Sharing Switch (PSS) devices.

Securely share peripherals across different security domains

Securely share peripherals between computers that belong to different security classifications levels while keeping the highest possible data separation security.

Prevent information leaks

Obstacle threats derived from sharing and switching of vulnerable, untrusted or unauthorized peripheral devices. Block peripheral exploits, information leaks, eavesdropping, signal transmission, computer malware, hardware and firmware tampering by enforcing multilayered security mechanisms.

System Diagram

Interact with two isolated computers using a single set of keyboard, video and mouse peripherals.

Smoothly switch between computers (Virtual Display Technology):
Automatically switch control from one computer to another by dragging the mouse cursor over the computer’s display border. Peripherals switch to the next computer without hav‌ing to press any buttons once the mouse is passing the display border.

View applications in Ultra High Definition (UHD) 4K video quality:
Never compromise on video quality. Run graphic-intensive, ultrahigh definition applications on all single and dual monitor KVM models.

Avoid typing mistakes:
Since two-way communication is blocked by the KVM security, keyboard lock LEDs do not function. Help users avoid typing mistakes by visually indicating the status of keyboard locks (CAPS-LOCK | NUM LOCK | SCROLL LOCK) on the product’s front facing panel.

Keep up with future requirements through interchangeable KVM / KM functionality:
Adjust with versatile setup scenarios. The device can be configured in two modes, KVM and KM. In KVM mode (default) one display, keyboard and mouse set is shared between all computers. In KM mode each computer is connected to a separate display while keyboard and mouse are shared, thus allowing simultaneous work on multiple computers.

Keyboard & Mouse Threats Protection

Attack Type	Vulnerability	Risk
Signal/Virus	Programmable components may include malicious code and are vulnerable to manipulation. May include memory chips that can store data Bi-directional keys (Num Lock, Scroll Lock, Cap Lock, Pause Break) can be used to send and decode data between systems	Data leakage from one system to another
Solution Components	Solution Highlights
Unidirectional Optical Data Diodes	Allowing data to flow only in one direction, from the device- to-host computer. Preventing host-to-peripheral data flow eliminates data leakage through the shared peripheral. Preventing host-to-host connectivity isolates all hosts from each other.
Hardware-based Peripheral Isolation per Port	Each port is fully isolated from other ports.
Hardcoded HID Filter	Accepts only USB HID Devices (Keyboard & Mice) rules out others. Hardcoded ASCII keyboard / mice characters. Incapable of processing any other code than HID-ASCII.

Monitor / Display Threats Protection

Attack Type	Vulnerability	Risk
Signal/Virus	Programmable components may include malicious code and are vulnerable to manipulation. Manipulating monitor settings can be used to send and decode data between systems	Data leakage from one system to another
Solution Components	Solution Highlights
Extended Display Identification Data (EDID) Emulation	Prevent direct access to the monitor’s Extended Display Identification Data (EDID). Dedicated, read-only, EDID emulation for each computer provides complete isolation.
No Shared Circuitry	Computer video input interfaces are isolated through the use of different electronic components, power and ground domains.
Block Monitor Control Command Set (MCCS)	Ignore MCCS commands, so they cannot pass through and exploit the monitor’s internal memory.

Audio Threats Protection

Attack Type	Vulnerability	Risk
Signal/Virus/Hot Microphone	Programmable components may include malicious code and are vulnerable to manipulation. Manipulated sound card can reprogram a speaker into a microphone to act as an audio reception tool (e.g. microphone).	Data leakage and eavesdropping
Solution Components	Solution Highlights
Unidirectional Diodes	Enforce computer-to-speaker, one-way flow of sound through unidirectional optical data diodes. Prevent re-tasking of the audio line-in (headset/speaker) into a microphone line and thus block eavesdropping attempts by reprograming a speaker to act as an audio reception tool (e.g. microphone).

USB Threats Protection

Attack Type	Vulnerability	Risk
Virus	Highly popular standard commonly used by computer and mobile users. Provides on-the-fly high speed, bidirectional flow of data to and from the computer. Multifunctional port: numerous device types can connect through the same physical port Programmable components may include malicious code and are vulnerable to manipulation. Can be used to store/inject data.	Data leakage from one system to another
Solution Components	Solution Highlights
Block un-authorized USB	Completely block and disable unauthorized USB devices and traffic
Secure & Dedicated Keyboard / Mouse Ports	Accepts only USB HID Devices (Keyboard & Mice) rules out others Refer to Keyboard & Mouse threats table for additional information

Hardware Tampering Protection

Attack Type	Vulnerability	Risk
Implant malicious hardware	Open product and implant malicious hardware.	Data leakage and eavesdropping
Solution Components	Solution Highlights
Always-ON tamper evident system	Any attempt to open the product enclosure will activate an anti-tamper system making the product inoperable.
Blinking LEDs provide a clear indication of a tampering event.	Special holographic tampering evident labels on the product’s enclosure provide a clear visual indication if the product has been opened or compromised.

Firmware Tampering Protection

Attack Type	Vulnerability	Risk
Firmware Reprogramming	Attempt to reprogram firmware components to include malicious code. Attempt to store/inject data.	Data leakage and eavesdropping
Solution Components	Solution Highlights
Tamper-proof electrical design	There is no access to the product’s firmware or memory through any port. Firmware is permanently stored on a nonreprogrammable Read Only Memory (ROM) to prevent any modification. Firmware integrity is verified through a self-test procedure during power-up. Upon detection of a critical failure the device disables normal operation and provides the user with a clear visual indication of failure.

SECURE 2 PORT SINGLE-HEAD KVM SWITCHES
Part Number	SK21D-3	SK21P-3	SK21H-3
No. of Sources	2	2	2
Console Ports
Displays	1 x DVI-I, single-link / dual-link	1 x HDMI 1.4	1 x HDMI 1.4
Mouse & Keyboard	USB Type A	USB Type A	USB Type A
Audio Jack	3.5 mm Jack	3.5 mm Jack	3.5 mm Jack
fUSB Port	N/A	N/A	N/A
Computer ports
Display Type	1 x DVI-I, single-link/dual-link	1 x DisplayPort 1.2	1 x HDMI 1.4
Max Resolution	UHD 4K - 3840X2160 @ 30 Hz (via DVI to HDMI cable) DVI dual-link - 2560X1600 @ 60 Hz (via DVI cable)	Supporting UHD 4K resolutions up to 3840x2160 @ 30 Hz	Supporting UHD 4K resolutions up to 3840x2160
Mouse and Keyboard	USB Type B	USB Type B	USB Type B
Audio Jack	3.5 mm Jack	3.5 mm Jack	3.5 mm Jack
fUSB Ports	N/A	N/A	N/A
Power	Power input 100 to 240V AC External, 12V DC, 1.5A
Environmental	Operating Temperature: 32° to 104° F (0° to 40° C) Storage Temperature: -4° to 140° F (-20° to 60° C) Humidity: 0-80% RH, non-condensing
Regulatory Compliance	CE, RCM, FCC class B, VCCI, TUV US, TUV Canada
Security Accreditations	NIAP Common Criteria PP3.0 for Peripheral Sharing Switch (PSS) devices
Physical Characteristics	Dimensions: 177 x 82 x 35 mm / 7 x 3.2 x 1.4 inches Device weight: 0.52 kg (1.1 lbs)
Warranty, reliability	Product life-cycle 10 years Warranty 2 Years

Installation Guides	File	Size	Date
Installation Guide - 2/4/8 Ports High Security Single Head KVM Switches This guide includes instructions for installing HSL SK21D/P/H-3, SK41D/DU/P/PU/H/HU-3, SK81DU/PU/HU-3 KVM devices.		970 KB	17 May, 2017

Model	Description	CPN
SK21D-3	Secure 2-Port DVI-I Video KVM Switch, PP 3.0	CPN10282
SK21H-3	Secure 2-Port 4K HDMI Video KVM Switch, PP 3.0	CPN10284
SK21P-3	Secure 2-Port DP to HDMI Video KVM Switch, PP 3.0	CPN10283