Physical network segregation is apprehended as one of the safest ways for obtaining the highest level of security. By creating secluded network ‘islands’ it is possible to achieve real security and effectively segregate classified and non-classified computer environments.
Yet with the security befits of network segregation comes a usability issue. Users are forced to distribute their work between multiple computers that belong to multiple security level networks. Working with multiple computers obstructs the convenience of the common single-computer work scenario. For that reason various peripheral sharing switch devices such as keyboard-mouse (KM) and keyboard-video-mouse (KVM) devices which allow the user to share a single mouse, keyboard, video and audio peripherals between multiple computers are commonly used in such environments.
Not all switching devices are secure. Unsecure KM/KVM systems are vulnerable and thus oppose a security threat to all computers and networks that are shared through them. The most effective way to mitigate any data leakage is to ensure that all data coming into and out of the KM/KVM switch is completely isolated.
HSL’s secure segregation solutions for cyber defense include versatile peripheral sharing switch devices such as KMs, KVMs and Matrix devices that protect against data leakage and malicious attacks through shared USB, keyboard, mouse, video and audio peripherals.
HSL’s secure peripheral sharing switch devices prevent vulnerable peripherals from mediating between computers by isolating all hosts from each other and from the peripherals that are being shared through them, thus keeping the data of each computer completely separate.
HSL products are designed to provide the highest possible computer & peripheral isolation as demanded by government agencies, military, financial institutions and similar security sensitive customers. They are built to comply with EAL4+ security requirements and with the latest requirements of the National Information Assurance Partnership (NIAP) Protection Profile PSS Ver 3.0 for peripheral sharing switch devices.
- Interact with multiple isolated computers using a single set of keyboard, video*, mouse and audio peripherals. (*The number of displays may vary depending on the model).
- Work freely without compromising security:
Display and control classified and non-classified computers without compromising security.
- Protect against leakage and malicious attacks through USB, keyboard, mouse, video and audio peripherals:
Prevent vulnerable peripherals from mediating between computers by ensuring that video, audio and USB data flows in a single direction.
- Protect against unauthorized peripheral device threats:
Threats imposed by peripheral devices that should not be connected to a specific peripheral sharing switch port (e.g., a USB mass storage device mistakenly connected to the keyboard port).
- Protect against authorized but untrusted peripheral device threats:
Threats imposed by legitimate and authorized peripheral devices (such as a standard USB keyboard) that may be vulnerable to malicious attacks and cause data leakage when switched between sources.
- Biometric/Smart-Card reader support:
Connect a smartcard/biometric reader to the KVM's DPP secure port to support user authentication across multiple isolated computers (model dependent).
- Virtual Display Technology (VDT):
Seamless keyboard, mouse and audio switching between computers once mouse cursor crosses display borders (model dependent).
- Control multi-monitor PCs:
Support multi-monitor PCs with up to 4 displays per PC in duplicate or extended modes. Multi-monitor support requires driver installation, currently available only for Windows (model dependent).
- Highest security by design:
Common Criteria EAL 4+ approved, compatible with NIAP security requirements.