SECURE 2/4/8 PORT KM SWITCHES

Overview
Features
Specifications
Downloads
How to Order

KM device models addressed in this page:

  • SM20N-3 - Secure 2-Port KM Switch, PP 3.0
  • SM40N-3 - Secure 4-Port KM Switch, PP 3.0
  • SM40NU-3 - Secure 4-Port KM Switch w/fUSB, PP 3.0
  • SM80N-3 - Secure 8-port KM Switch, PP 3.0
  • SM80NU-3 - Secure 8-port KM Switch w/fUSB, PP 3.0

-------------------------------------------------------------------------------

KM HIGHLIGHTS

Keyboard Mouse (KM) switch offered by HSL allows interacting with multiple computers in real-time while maintaining the highest isolation between computers and peripherals. Directly connect separate display(s) to each computer and securely share keyboard, mouse, audio and USB devices through the KM.

Obviate the need for purchasing and installing dedicated, per-computer peripheral sets.

NIAP Common Criteria PP3.0 Certification

HSL KMs qualify to the latest NIAP Common Criteria Protection Profile version 3.0 (PP3.0) certification for peripheral Sharing Switch (PSS) devices.

Securely share peripherals across different security domains

Securely share peripherals between computers that belong to different security classifications levels while keeping the highest possible data separation security.

Prevent information leaks

Obstacle threats derived from sharing and switching of vulnerable, untrusted or unauthorized peripheral devices. Block peripheral exploits, information leaks, eavesdropping, signal transmission, computer malware, hardware and firmware tampering by enforcing multilayered security mechanisms.

Control multi-monitor computers

Support multi-monitor computers with up to 4 displays per computer in duplicate or extended modes (Requires driver installation, currently available only for Windows).

Filter USB Peripherals

Block unauthorized USB devices while allowing secure switching of smart card and biometric authentication devices between computers. Whitelist and blacklist specific USB devices based on VID/PID characteristics.

 

2-Port System Diagram

 

4-Port System Diagram

 

8-Port System Diagram

  • Interact with multiple isolated computers using a single set of keyboard, mouse, audio and USB peripherals.
  • Freeze USB (SM40NU-3, SM80NU-3):
    Assign the USB port to a specific computer while switching the keyboard, video, mouse and audio between other computers. Useful for various scenarios, for instance, when a USB smart card reader  must remain mapped to a certain computer.
  • Smoothly switch between computers (Virtual Display Technology):
    Automatically switch control from one computer to another by dragging the mouse cursor over the computer’s display border. Peripherals switch to the next computer without hav‌ing to press any buttons once the mouse is passing the display border.
  • Avoid typing mistakes:
    Since two-way communication is blocked by the KM security, keyboard lock LEDs do not function. Help users avoid typing mistakes by visually indicating the status of keyboard locks (CAPS-LOCK | NUM LOCK | SCROLL LOCK) on the product’s front facing panel.
  • Support various display layouts: 
    Align displays vertically (on top) / Horizontally (along side)...etc. Associate the mouse cursor with each computer based on its respective display position.

 

Keyboard & Mouse Threats Protection

Attack Type Vulnerability Risk
Signal/Virus
  • Programmable components may include malicious code and are vulnerable to manipulation.
  • May include memory chips that can store data
  • Bi-directional keys (Num Lock, Scroll Lock, Cap Lock, Pause Break) can be used to send and decode data between systems
Data leakage from one system to another
Solution Components Solution Highlights 
Unidirectional Optical Data Diodes 
  • Allowing data to flow only in one direction, from the device- to-host computer.
  • Preventing host-to-peripheral data flow eliminates data leakage through the shared peripheral.
  • Preventing host-to-host connectivity isolates all hosts from each other.
Hardware-based Peripheral Isolation per Port
  • Each port is fully isolated from other ports.
Hardcoded HID Filter
  • Accepts only USB HID Devices (Keyboard & Mice) rules out others.
  • Hardcoded ASCII keyboard / mice characters.
  • Incapable of processing any other code than HID-ASCII. 

 

 

Audio Threats Protection

Attack Type Vulnerability Risk
Signal/Virus/Hot Microphone
  • Programmable components may include malicious code and are vulnerable to manipulation.
  • Manipulated sound card can reprogram a speaker into a microphone to act as an audio reception tool (e.g. microphone).
Data leakage and eavesdropping
Solution Components Solution Highlights 
Unidirectional Diodes 
  • Enforce computer-to-speaker, one-way flow of sound through unidirectional optical data diodes.
  • Prevent re-tasking of the audio line-in (headset/speaker) into a microphone line and thus block eavesdropping attempts by reprograming a speaker to act as an audio reception tool (e.g. microphone).

 

 

USB Threats Protection

Attack Type Vulnerability Risk
Virus
  • Highly popular standard commonly used by computer and mobile users.
  • Provides on-the-fly high speed, bidirectional flow of data to and from the computer.
  • Multifunctional port: numerous device types can connect through the same physical port
  • Programmable components may include malicious code and are vulnerable to manipulation.
  • Can be used to store/inject data.
Data leakage from one system to another
Solution Components Solution Highlights 
Block un-authorized USB
  • Completely block and disable unauthorized USB devices and traffic
Secure & Dedicated Keyboard / Mouse Ports
  • Accepts only USB HID Devices (Keyboard & Mice) rules out others
  • Refer to Keyboard & Mouse threats table for additional information
Biometric/Smart-Card reader support
  • Special secured port (fUSB) for smart-card/biometric reader with patented Freeze function to support user authentication across multiple isolated networks.
Filter USB Peripherals
  • Whitelist and blacklist specific USB devices based on VID/PID characteristics.

 

 

Hardware Tampering Protection

Attack Type Vulnerability Risk
Implant malicious hardware
  • Open product and implant malicious hardware.
Data leakage and eavesdropping
Solution Components Solution Highlights 
Always-ON tamper evident system 
  • Any attempt to open the product enclosure will activate an anti-tamper system making the product inoperable.
Blinking LEDs provide a clear indication of a tampering event.
  • Special holographic tampering evident labels on the product’s enclosure provide a clear visual indication if the product has been opened or compromised.

 

 

Firmware Tampering Protection

Attack Type Vulnerability Risk
Firmware Reprogramming
  • Attempt to reprogram firmware components to include malicious code.
  • Attempt to store/inject data.
Data leakage and eavesdropping
Solution Components Solution Highlights 
Tamper-proof electrical design 
  • There is no access to the product’s firmware or memory through any port.
  • Firmware is permanently stored on a nonreprogrammable Read Only Memory (ROM) to prevent any modification.
  • Firmware integrity is verified through a self-test procedure during power-up. Upon detection of a critical failure the device disables normal operation and provides the user with a clear visual indication of failure.

 

 

SECURE 2/4/8 PORT KM SWITCHES
Part Number SM20N-3 SM40N/NU-3 SM80N/NU-3
No. of Sources 2 4 8
Console Ports 
Mouse & Keyboard USB Type A USB Type A, PS/2 USB Type A, PS/2
Audio Jack 3.5 mm Jack 3.5 mm Jack 3.5 mm Jack
fUSB Port N/A USB Type A
(SM40NU-3)
USB Type A
(SM80NU-3)
Computer ports
Mouse and Keyboard USB Type B USB Type B USB Type B
Audio Jack 3.5 mm Jack 3.5 mm Jack 3.5 mm Jack
fUSB Ports N/A USB Type B
(SM40NU-3)
USB Type B
(SM80NU-3)
Power
  • Power input 100 to 240V AC External, 12V DC, 1.5A
  • Power input 100 to 240V AC Internal, 35W Max
Environmental
  • Operating Temperature: 32° to 104° F (0° to 40° C)
  • Storage Temperature: -4° to 140° F (-20° to 60° C)
  • Humidity: 0-80% RH, non-condensing
Software
  • Supported OS: Windows, Linux, Mac
Regulatory Compliance
  • CE, RCM, FCC class B, VCCI, TUV US, TUV Canada
Security Accreditations
  • NIAP Common Criteria PP3.0 for Peripheral Sharing Switch (PSS) devices
Physical Characteristics
  • Dimensions: 177 x 82 x 35 mm /
    7 x 3.2 x 1.4 inches
  • Device weight: 0.52 kg (1.1 lbs)
  • Dimensions: 342 x 148 x 42 mm / 13.7 x 5.8 x 1.7 inches
  • Device weight: 1.3 kg (2.8 lbs)
  • Dimensions: 440 x 192 x 48 mm / 17.3 x 7.5 x 1.9 inches
  • Device weight: 2.4 kg (5.3 lbs)
Warranty, reliability
  • Product life-cycle 10 years
  • Warranty 2 Years
Model Description CPN
SM20N-3 Secure 2-Port KM Switch, PP 3.0 CPN10281
SM40N-3 Secure 4-Port KM Switch, PP 3.0 CPN10306
SM40NU-3 Secure 4-Port KM Switch w/fUSB, PP 3.0 CPN10307
SM80N-3 Secure 8-port KM Switch, PP 3.0 CPN10317
SM80NU-3 Secure 8-port KM Switch w/fUSB, PP 3.0 CPN10318

 

Related Products