SECURE 4 PORT Mini-Matrix KVM SWITCHES

Overview
Features
Specifications
Downloads
How to Order

Mini-Matrix device models addressed in this page:

  • SX42DU-3 - Secure 4P to 2P DVI Video KVM Mini-Matrix w/fUSB, PP 3.0
  • SX42HU-3 - Secure 4P to 2P HDMI Video KVM Mini-Matrix w/fUSB, PP 3.0
  • SX42PU-3 - Secure 4P DP to 2P HDMI Video KVM Mini-Matrix w/fUSB, PP 3.0

-------------------------------------------------------------------------------

MINI-MATRIX HIGHLIGHTS

The Mini-Matrix KVM switch offered by HSL provides increased productivity in challenging multi-computer environments where users are required to view and interact with several computers while maintaining the highest isolation between computers and peripherals.

Obviate the need for purchasing and installing dedicated, per-computer peripheral sets.

NIAP Common Criteria PP3.0 Certification

HSL Mini-Matrix KVM switches qualify to the latest NIAP Common Criteria Protection Profile version 3.0 (PP3.0) certification for peripheral Sharing Switch (PSS) devices.

Securely share peripherals across different security domains

Securely share peripherals between computers that belong to different security classifications levels while keeping the highest possible data separation security.

Prevent information leaks

Obstacle threats derived from sharing and switching of vulnerable, untrusted or unauthorized peripheral devices. Block peripheral exploits, information leaks, eavesdropping, signal transmission, computer malware, hardware and firmware tampering by enforcing multilayered security mechanisms.

The ideal KVM switch for meeting rooms and control centers

Best suites scenarios where one or more computers have to be presented at the same time on multiple displays. For example:
-- In control centers where information from several sources has to be constantly displayed in real-time.
-- In meeting rooms where both visitor and host computers are to be viewed and controlled simultaneously.

Filter USB Peripherals

Block unauthorized USB devices while allowing secure switching of smart card and biometric authentication devices between computers. Whitelist and blacklist specific USB devices based on VID/PID characteristics.

 

System Diagram

  • Optimize user experience when working with multiple computers. View and control two out-of-four computers at the same time whilst securely sharing keyboard, video, mouse, audio and USB devices.
  • Independently switch the Video/USB/Audio/Keyboard & Mouse ports between computers:
    Use the front-panel push buttons to independently switch the Video/USB/Audio/Keyboard & Mouse ports between the primary and secondary computers. Useful for various scenarios, for instance:
    • When a USB smart card reader must remain mapped to a certain computer while the keyboard, video, mouse and audio are switched to another computer.
    • When a user has to listen to audio originating from one computer while
    working on another computer.
  • Smoothly switch between computers (Virtual Display Technology):
    Automatically switch control from one computer to another by dragging the mouse cursor over the computer’s display border. Peripherals switch to the next computer without hav‌ing to press any buttons once the mouse is passing the display border.
  • View applications in Ultra High Definition (UHD) 4K video quality:
    Never compromise on video quality. Run graphic-intensive, ultrahigh definition applications on all Mini-Matrix models.
  • Avoid typing mistakes:
    Since two-way communication is blocked by the Mini-Matrix security, keyboard lock LEDs do not function. Help users avoid typing mistakes by visually indicating the status of keyboard locks (CAPS-LOCK | NUM LOCK | SCROLL LOCK) on the product’s front facing panel.
  • Work simultaneously on two computers, view the screens of four computers:
    Connect up to four computers and two displays to the Mini-Matrix. Select which computer to present on each of the two attached displays.
    Displays can be positioned in various layouts (Horizontal / Vertical / Custom). Duplicate the screen of any computer by presenting it on both Mini-Matrix displays at the same time. Extend the screen of any computer to an additional 3rd and 4th external displays.

 

Keyboard & Mouse Threats Protection

Attack Type Vulnerability Risk
Signal/Virus
  • Programmable components may include malicious code and are vulnerable to manipulation.
  • May include memory chips that can store data
  • Bi-directional keys (Num Lock, Scroll Lock, Cap Lock, Pause Break) can be used to send and decode data between systems
Data leakage from one system to another
Solution Components Solution Highlights 
Unidirectional Optical Data Diodes 
  • Allowing data to flow only in one direction, from the device- to-host computer.
  • Preventing host-to-peripheral data flow eliminates data leakage through the shared peripheral.
  • Preventing host-to-host connectivity isolates all hosts from each other.
Hardware-based Peripheral Isolation per Port
  • Each port is fully isolated from other ports.
Hardcoded HID Filter
  • Accepts only USB HID Devices (Keyboard & Mice) rules out others.
  • Hardcoded ASCII keyboard / mice characters.
  • Incapable of processing any other code than HID-ASCII. 

 

 

Monitor / Display Threats Protection

Attack Type Vulnerability Risk
Signal/Virus
  • Programmable components may include malicious code and are vulnerable to manipulation.
  • Manipulating monitor settings can be used to send and decode data between systems
Data leakage from one system to another
Solution Components Solution Highlights 
Extended Display Identification Data (EDID) Emulation 
  • Prevent direct access to the monitor’s Extended Display Identification Data (EDID).
  • Dedicated, read-only, EDID emulation for each computer provides complete isolation.
No Shared Circuitry
  • Computer video input interfaces are isolated through the use of different electronic components, power and ground domains.
Block Monitor Control Command Set (MCCS)
  • Ignore MCCS commands, so they cannot pass through and exploit the monitor’s internal memory.

 

 

Audio Threats Protection

Attack Type Vulnerability Risk
Signal/Virus/Hot Microphone
  • Programmable components may include malicious code and are vulnerable to manipulation.
  • Manipulated sound card can reprogram a speaker into a microphone to act as an audio reception tool (e.g. microphone).
Data leakage and eavesdropping
Solution Components Solution Highlights 
Unidirectional Diodes 
  • Enforce computer-to-speaker, one-way flow of sound through unidirectional optical data diodes.
  • Prevent re-tasking of the audio line-in (headset/speaker) into a microphone line and thus block eavesdropping attempts by reprograming a speaker to act as an audio reception tool (e.g. microphone).

 

 

USB Threats Protection

Attack Type Vulnerability Risk
Virus
  • Highly popular standard commonly used by computer and mobile users.
  • Provides on-the-fly high speed, bidirectional flow of data to and from the computer.
  • Multifunctional port: numerous device types can connect through the same physical port
  • Programmable components may include malicious code and are vulnerable to manipulation.
  • Can be used to store/inject data.
Data leakage from one system to another
Solution Components Solution Highlights 
Block un-authorized USB
  • Completely block and disable unauthorized USB devices and traffic
Secure & Dedicated Keyboard / Mouse Ports
  • Accepts only USB HID Devices (Keyboard & Mice) rules out others
  • Refer to Keyboard & Mouse threats table for additional information
Biometric/Smart-Card reader support
  • Special secured port (fUSB) for smart-card/biometric reader with patented Freeze function to support user authentication across multiple isolated networks.
Filter USB Peripherals
  • Whitelist and blacklist specific USB devices based on VID/PID characteristics.

 

 

Hardware Tampering Protection

Attack Type Vulnerability Risk
Implant malicious hardware
  • Open product and implant malicious hardware.
Data leakage and eavesdropping
Solution Components Solution Highlights 
Always-ON tamper evident system 
  • Any attempt to open the product enclosure will activate an anti-tamper system making the product inoperable.
Blinking LEDs provide a clear indication of a tampering event.
  • Special holographic tampering evident labels on the product’s enclosure provide a clear visual indication if the product has been opened or compromised.

 

 

Firmware Tampering Protection

Attack Type Vulnerability Risk
Firmware Reprogramming
  • Attempt to reprogram firmware components to include malicious code.
  • Attempt to store/inject data.
Data leakage and eavesdropping
Solution Components Solution Highlights 
Tamper-proof electrical design 
  • There is no access to the product’s firmware or memory through any port.
  • Firmware is permanently stored on a nonreprogrammable Read Only Memory (ROM) to prevent any modification.
  • Firmware integrity is verified through a self-test procedure during power-up. Upon detection of a critical failure the device disables normal operation and provides the user with a clear visual indication of failure.

 

 

SECURE 2/4 PORT KVM COMBINER SWITCHES
Part Number SX42DU-3 SX42PU-3 SX42HU-3
No. of Sources 4 4 4
Console Ports 
Displays 2 x DVI-I, single-link / dual-link 2 x HDMI 1.4 2 x HDMI 1.4
Mouse & Keyboard USB Type A, PS/2 USB Type A, PS/2 USB Type A, PS/2
Audio Jack 3.5 mm Jack 3.5 mm Jack 3.5 mm Jack
fUSB Port USB Type A USB Type A USB Type A
Computer ports
Display Type 1 x DVI-I, single-link/dual-link 1 x DisplayPort 1.2 1 x HDMI 1.4

Max Resolution

(input & output)

UHD 4K - 3840X2160 @ 30 Hz (via DVI to HDMI cable) DVI dual-link - 2560X1600 @ 60 Hz (via DVI cable) Supporting UHD 4K resolutions up to 3840x2160 @ 30 Hz Supporting UHD 4K resolutions up to 3840x2160
Mouse and Keyboard USB Type B USB Type B USB Type B
Audio Jack 3.5 mm Jack 3.5 mm Jack 3.5 mm Jack
fUSB Ports USB Type B USB Type B USB Type B
Power
  • Power input 100 to 240V AC Internal, 35W Max
Environmental
  • Operating Temperature: 32° to 104° F (0° to 40° C)
  • Storage Temperature: -4° to 140° F (-20° to 60° C)
  • Humidity: 0-80% RH, non-condensing
Software
  • Supported OS: Windows, Linux, Mac
Regulatory Compliance
  • CE, RCM, FCC class B, VCCI, TUV US, TUV Canada
Security Accreditations
  • NIAP Common Criteria PP3.0 for Peripheral Sharing Switch (PSS) devices.
Physical Characteristics
  • Dimensions: 342 x 148 x 42 mm / 13.4 x 5.8 x 1.6 inches
  • Device weight: 1.61 kg (3.5 lbs)
Warranty, reliability
  • Product life-cycle 10 years
  • Warranty 2 Years
  Installation Guides File Size Date
Installation Guide - 2/4 Ports High Security Mini-Matrix KVM Switches

This guide includes instructions for installing HSL Mini-Matrix SX22D-3, SX22H-3, SX42DU-3, SX42HU-3, SX42PU-3 devices.

978 KB 28 May, 2017

 
  Quick Setup Guides File Size Date
Quick Setup Guide - Secure 4-Port Mini-Matrix Switches

This guide instructs how to install, configure and operate a Secure HSL 4-Port Mini-Matrix switches.

3 MB 25 May, 2017

 
  Presentations File Size Date
Presentation - HSL Secure Mini-Matrix Switches

This document covers the technical and sales aspects of HSL Mini-Matrix Switches Product Line.

5 MB 17 May, 2017

 
  Data Sheets File Size Date
Data Sheet - Secure 4-Port Mini-Matrix KVM Switches

This document provides the specifications for SX42DU-3, SX42HU-3, SX42PU-3 Secure 4-Port Mini-Matrix KVM Switches.

1 MB 8 May, 2017

Model Description CPN
SX42DU-3 Secure 4P to 2P DVI Video KVM Mini-Matrix w/fUSB, PP 3.0 CPN10308
SX42HU-3 Secure 4P to 2P HDMI Video KVM Mini-Matrix w/fUSB, PP 3.0 CPN10310
SX42PU-3 Secure 4P DP to 2P HDMI Video KVM Mini-Matrix w/fUSB, PP 3.0 CPN10309

 

Related Products