solutions for demanding environments - highseclab

solutions for demanding environments

TO

P SECRET NETW

OR

K

CO

NF I D E N T

IA

L

Company pRoFILE

C o m p a n y p R o F I L E

Presentation overview

Company BriefBackground information about HSL company, services and brand. Review target markets and product lines.1 2

The risk in sharing peripheralsExplain the dangers in sharing peripherals between multiple computers. Discuss user challenges derived from network segregation.

TO

P SECRET NETW

OR

K

CO

NF I D E N T

IA

L

Con�dentialNetwork

Internet Connected Network

4

produCTs: seCure swiTChingReview the key features and Product Connection Diagram of HSL’s secure switching products: KVM, KM, Mini-Matrix, Combiner.

Multiple Sources

Speakers

Single Keyboard & Mouse

Single Display

PC #4Top Secret

SECUREKVM SWITCH

SECUREKVM SWITCH

NIAPPP3.0

Certi�ed

3

seCuriTy & produCT highlighTsOverview security certification process. Security & Product highlights explained in detail. Freeze

Audio

Interact Simultaneously with Multiple

Computers

Share Peripherals

across Domains

Smoothly Switch

Computers (VDT)

Support 4K Video

Avoid Typing

Mistakes

Filter USB (fUSB)

Prevent Information

Leaks

KVM <-> KM

Native Touch Screen

Support

NIAP PP3.0 Certi�ed

Freeze USB

Flexible Screen Layout

User Friendly

MultiMonitor Support

USB Security

Video Security

Mouse Security

Keyboard Security

Audio Security

Hardware Anti-

Tampering

Firmware Anti-

Tampering

6

produCTs: non-seCureReview HSL’s non-secure products: Switching solutions, MMC.

KVMKVM

PC #4

5

produCTs: seCure peripherals & auThenTiCaTionReview HSL’s secure peripherals and authentication products: Isolator, Headphone-Diode, USB Filter, USB Plug, MDR.

TO

P SECRET NETW

OR

K

CO

NF I D E N T

IA

L


ComPany Brief

• privately-owned, HQ in Israel

• Founded in 2008

• Focused on cyber-security solutions which allow safely sharing peripherals across different security networks

• Dozens of patents submitted

• Global reach with trusted partners

• nIap/Common Criteria certified

Core Values

• Innovation/out-of-the-box thinking

• High Quality

• Top security

• User-centered design


2-sides to HsL

r&d serViCes – oem

• Resolving customer security/functional pain points

• owning extensive R&D expertise

• providing leading solutions to market leaders

• User-friendly designs

• Complying with harshest security & quality standards

hsl Brand

• secure kVm switches for high security markets, such as government and command & control

• hsl km, Combiner and mini-matrix switches are high-end derivatives of HSL KVms, offering multi-viewing and other unique features

• additional HSL solutions include:

- Secure peripheral data flow & filtering

- Unique authentication solutions


HsL soLutions

ProduCt Lines

• Secure Switching Solutions

• Switching Solutions

• Secure peripherals & authentication


target markets

Government Banking & Trading

Command & Control

any organization witH muLtiPLe networks


2

The risk in sharing peripheralsExplain the dangers in sharing peripherals between multiple computers. Discuss user challenges derived from network segregation.

TO

P SECRET NETW

OR

K

CO

NF I D E N T

IA

L




tHe tHreat


• Computer viruses, worms, fishing attacks, Trojan horses, ransomware and other cyber-attack tools rely on network connectivity and internet access for infection, distribution and extraction of information.

- Computer Viruses

- Worms

- Fishing attacks

- Trojan Horses

- Ransomware

- Cyber-attack Tools

- network Connectivity

- Internet access


network segregation

• To protect valuable data and prevent information leakage it is realized that physical segregation of computer networks effectively prevents malicious attacks and data theft. Isolating computer networks from the internet - increases data security.

• Since the internet has become a necessity for many business processes whereas network segregation has become essential for data security, many organizations use dedicated internet-access networks which are secluded from other internal computer networks.

• Government agencies, military and similar high security organizations further segregate computer networks based on different classification levels (Top Secret / Secret / Confidential / Unclassified).

TO

P SECRET NETW

OR

K

CO

NF I D E N T

IA

L




end user CHaLLenge

• Due to network segregation users are forced to inconveniently interact with multiple computers, observe multiple displays and use multiple sets of peripherals.

muLtiPLe disPLays

muLtiPLe keyBoards

muLtiPLe miCe

one user


PeriPHeraL sHaring via CommerCiaL equiPment

• To simplify user’s work, peripheral sharing devices such as, Keyboard-Video-mouse (KVm) switches which allow sharing a single set of keyboard, video and mouse between multiple computers are used.

TO

P SECRET NETW

OR

K

CO

NF I D E N T

IA

L




tHe risk in sHaring PeriPHeraLs

• Shared peripherals can be used to breach the gap between secluded networks.

• most computer peripherals have no security mechanisms what so ever (anti-virus, firewall, user permissions...etc.) and are therefore vulnerable to malicious attacks.

• peripherals and peripheral sharing devices which are shared between multiple computers impose a security threat as hackers target them in attempt to abuse and penetrate secluded computer environments.

TO

P SECRET NETW

OR

K

CO

NF I D E N T

IA

L




3

seCuriTy & produCT highlighTsOverview security certification process. Security & Product highlights explained in detail. Freeze

Audio


Computers

Share Peripherals

across Domains

Smoothly Switch

Computers (VDT)

Support 4K Video

Avoid Typing

Mistakes

Filter USB (fUSB)

Prevent Information

Leaks

KVM <-> KM

Native Touch Screen

Support


Freeze USB


User Friendly


USB Security

Video Security

Mouse Security

Keyboard Security

Audio Security

Hardware Anti-

Tampering

Firmware Anti-

Tampering


TO

P SECRET NETW

OR

K

CO

NF I D E N T

IA

L

HsL’s seCure segregation soLutions

• HSL’s patented secure segregation solutions include a variety of peripheral sharing switch devices that enhance user productivity in challenging multi-computer environments while maintaining the highest isolation between computers and peripherals.

• The products are qualified with the latest nIap Common Criteria protection profile version 3.0 (pp3.0) certification for peripheral Sharing Switch (pSS) devices.

• HSL products are designed to obstacle threats derived from sharing and switching of peripheral devices. Block peripheral exploits, information leaks, eavesdropping, signal transmission, computer malware, hardware and firmware tampering by enforcing multilayered security mechanisms.

NIA

P PP PSS 3.0 CERTIFIED

C O M M O N C R I T E R I A


seCurity CertifiCation terms

• Common CriTeriaThe Common Criteria (CC) for Information Technology Security Evaluation is an international standard (ISo/IEC 15408) for computer security certification. Common Criteria is used as the basis for a Government driven certification scheme. Evaluations are typically conducted for the use of Federal Government agencies and critical infrastructure. Common Criteria specifies Information Technology product security, functional and assurance requirements through the use of protection profiles (pps).

• proTeCTion profileprotection profile (pp) is a document which identifies threats and their corresponding security measures for a class of security devices (for example, Keyboard-Video-mouse (KVm) switching devices).

• niapThe national Information assurance partnership (nIap) is responsible for U.S. implementation of the Common Criteria. nIap manages a national program for developing protection profiles, evaluation methodologies, and policies that ensure achievable, repeatable, and testable requirements. In partnership with nIST, nIap also approves Common Criteria Testing Laboratories to conduct these security evaluations in private sector operations across the U.S.

• ealThe Evaluation assurance Level (EaL1 through EaL7) is the grade assigned to a product or system after completing a Common Criteria security evaluation which is based on a self-defined Target of Evaluation (ToE). nIap transitioned away from EaL and moved to protection profiles as it ensures that vendors who achieve the pp certification are all evaluated against a well-defined and standardized criteria (rather than self-defined evaluations in EaL).

TO

P SECRET NETW

OR

K

CO

NF I D E N T

IA

L

Testing Products

Manufacturing Products

De�ne Protection Pro�les

NSAUSERSINDUSTRY

INDUSTRY

CCTL

Publish Test Report

3

4

5

Published List of Products with CC PP

Certi�cation

Customers looking for Secure Products

1

2 CC. ORG

NIAP


wHat’s new in PeriPHeraL sHaring switCH PP 3.0?

Legacy PP2.1

• Did not fully apprehend peripherals as a security threat.

• Focused mainly on the prevention of errors that originated from improper peripheral Sharing Switch (pSS) device installation and operator mistakes.

• pSS device vendors could apply minor modifications to their existing non-secure commercial products, in order to comply with the pp2.1 requirements.

newest PP3.0

• Brings an updated view that peripherals are vulnerable and can be used for abusing and penetrating secure environments.

• acknowledges that peripherals and peripheral sharing is unsafe unless achieved through a highly secure peripheral sharing device.

• To comply with the latest pp3.0 security requirements pSS device vendors must design the products as entirely secure.

major differences between the previous PP2.1 profile to the newest PP3.0

PP3.0 certified products are much more secure than PP2.1 products. the security accreditation of PP2.1 peripheral sharing switch devices is obsolete.


TO

P SECRET NETW

OR

K

CO

NF I D E N T

IA

L

ProduCt seCurity HigHLigHts

USB Security

Video Security

Mouse Security

Keyboard Security

Audio Security

Hardware Anti-

Tampering

Firmware Anti-

Tampering


TO

P SECRET NETW

OR

K

CO

NF I D E N T

IA

L

Common PeriPHeraL vuLneraBiLities keyBoard and mouse

Keyboard and Mouse Threats Vulnerability Risk

Signal/Virus

• Programmable components may include malicious code and are vulnerable to manipulation.

• May include memory chips that can store data • Bi-directional keys (Num Lock, Scroll Lock, Cap Lock, Pause Break)

can be used to send and decode data between systems

Data leakage from one system to another

Keyboard and Mouse Security Solution Highlights

Unidirectional Optical Data Diodes

ü Allowing data to flow only in one direction, from the device- to-host computer. ü Preventing host-to-peripheral data flow eliminates data leakage through the shared peripheral.

ü Preventing host-to-host connectivity isolates all hosts from each other.

Hardware-based Peripheral Isolation per Port ü Each port is fully isolated from other ports.

Hardcoded HID Filter ü Accepts only USB HID Devices (Keyboard & Mice) rules out others. ü Hardcoded ASCII keyboard / mice characters. ü Incapable of processing any other code than HID-ASCII.


TO

P SECRET NETW

OR

K

CO

NF I D E N T

IA

L

Common PeriPHeraL vuLneraBiLities video

Video Threat Vulnerability Risk

Signal/Virus


• Manipulating monitor settings can be used to send and decode data between systems


Video Security Solution Highlights

Extended Display Identification Data (EDID) Emulation

ü Prevent direct access to the monitor’s Extended Display Identification Data (EDID). ü Dedicated, read-only, EDID emulation for each computer provides complete isolation.

No Shared Circuitry ü Computer video input interfaces are isolated through the use of different electronic components, power and ground domains.

Block Monitor Control Command Set (MCCS)

ü Ignore MCCS commands, so they cannot pass through and exploit the monitor’s internal memory.


TO

P SECRET NETW

OR

K

CO

NF I D E N T

IA

L

Audio Threats Vulnerability Risk

Signal/Virus/Hot Microphone


• Manipulated sound card can reprogram a speaker into a microphone to act as an audio reception tool (e.g. microphone).

Data leakage and eavesdropping

Audio Security Solution Highlights

Unidirectional Diodes

ü Enforce computer-to-speaker, one-way flow of sound through unidirectional optical data diodes.

ü Prevent re-tasking of the audio line-in (headset/speaker) into a microphone line and thus block eavesdropping attempts by reprograming a speaker to act as an audio reception tool (e.g. microphone).

Common PeriPHeraL vuLneraBiLities audio


TO

P SECRET NETW

OR

K

CO

NF I D E N T

IA

L

USB Threats Vulnerability Risk

Virus

• Highly popular standard commonly used by computer and mobile users.• Provides on-the-fly high speed, bidirectional flow of data to and

from the computer.• Multifunctional port: numerous device types can connect through

the same physical port• Programmable components may include malicious code and are vulnerable to

manipulation.• Can be used to store/inject data.


USB Security Solution Highlights

Block un-authorized USB ü Completely block and disable unauthorized USB devices and traffic

Secure & Dedicated Keyboard / Mouse Ports

ü Accepts only USB HID Devices (Keyboard & Mice) rules out others ü Refer to Keyboard & Mouse threats table for additional information

Biometric/Smart-Card reader support

ü Special secured port (fUSB) for smart-card/biometric reader with patented Freeze function to support user authentication across multiple isolated networks.

Filter USB Peripherals ü Whitelist and blacklist specific USB devices based on VID/PID characteristics.

Common PeriPHeraL vuLneraBiLities usB


TO

P SECRET NETW

OR

K

CO

NF I D E N T

IA

L

Hardware Tampering Threats Vulnerability Risk

Implant malicious hardware • Open product and implant malicious hardware.


Hardware Anti-Tampering Solution Highlights

Always-ON tamper evident system

ü Any attempt to open the product enclosure will activate an anti-tamper system making the product inoperable.

ü Blinking LEDs provide a clear indication of a tampering event. ü Special holographic tampering evident labels on the product’s enclosure provide a clear visual indication if the product has been opened or compromised.

Common PeriPHeraL vuLneraBiLities Hardware tamPering


TO

P SECRET NETW

OR

K

CO

NF I D E N T

IA

L

Firmware Tampering Threats Vulnerability Risk

Firmware Reprogramming

• Attempt to reprogram firmware components to include malicious code.

• Attempt to store/inject data.


Firmware Anti-Tampering Solution Highlights

Tamper-proof electrical design

ü There is no access to the product’s firmware or memory through any port. ü Firmware is permanently stored on a nonreprogrammable Read Only Memory (ROM) to prevent any modification.

ü Firmware integrity is verified through a self-test procedure during power-up. Upon detection of a critical failure the device disables normal operation and provides the user with a clear visual indication of failure.

Common PeriPHeraL vuLneraBiLities firmware tamPering


ProduCt HigHLigHts

FreezeAudio


Computers

Share Peripherals

across Domains

Smoothly Switch

Computers (VDT)

Support 4K Video

Avoid Typing

Mistakes

Filter USB (fUSB)

Prevent Information

Leaks

KVM <-> KM

Native Touch Screen

Support


Freeze USB


User Friendly



ProduCt HigHLigHts

Product Highlights

NIAP Common Criteria PP3.0 Certification

ü HSL Secure KVM/KM/Mini-Matrix products qualify to the latest NIAP Common Criteria Protection Profile version 3.0 (PP3.0) certification for peripheral Sharing Switch (PSS) devices.

Safely share peripherals across different security domains

ü Safely share peripherals between computers that belong to different security classifications levels while keeping the highest possible data separation security.

Prevent information leaks

ü Obstacle threats derived from sharing and switching of vulnerable, untrusted or unauthorized peripheral devices. Block peripheral exploits, information leaks, eavesdropping, signal transmission, computer malware, hardware and firmware tampering by enforcing multilayered security mechanisms.

Filter USB Peripherals ü Block unauthorized USB devices while allowing secure switching of smart card and biometric authentication devices between computers. Whitelist and blacklist specific USB devices based on VID/PID characteristics.


ProduCt HigHLigHts

Product Highlights

Multi Monitor Support

ü KM - Support multi-monitor computers with up to 4 displays per computer in duplicate or extended modes. (Requires driver installation, currently available only for Windows.).

ü KVM/KVM Combiner/Mini-Matrix - Dual-head models, provide flexible presentation options by supporting duplicate and extend view modes to fit any use case scenario.

View applications in Ultra High Definition (UHD) 4K video quality.

User friendly ü Simplify user’s work in multi-computer environments.

Freeze USB ü Assign the USB port to a specific computer while switching the keyboard, video, mouse and audio between other computers. Useful for various scenarios, for instance, when a USB smart card reader must remain mapped to a certain computer.

Freeze Audio ü Assign the audio port to a specific computer while switching the keyboard, video, mouse and USB between other computers. Useful for scenarios where a user has to listen to audio originating from one computer while working on another computer.


ProduCt HigHLigHts

Product Highlights

Keep up with future requirements through interchangeable KVM / KM functionality (KVM)

ü Adjust with versatile setup scenarios. The device can be configured in two modes, KVM and KM. In KVM mode (default) one display, keyboard and mouse set is shared between all computers. In KM mode each computer is connected to a separate display while keyboard and mouse are shared, thus allowing simultaneous work on multiple computers.

Avoid typing mistakes

ü Since two-way communication is blocked by the KVM security, keyboard lock LEDs do not function. Help users avoid typing mistakes by visually indicating the status of keyboard locks (CAPS-LOCK | NUM LOCK | SCROLL LOCK) on the product’s front facing panel.

Smoothly switch between computers (Virtual Display Technology)

ü Automatically switch control from one computer to another by dragging the mouse cursor over the computer’s display border. Peripherals switch to the next computer without having to press any buttons once the mouse is passing the display border.

Native touch screen support (KVM Combiner)

ü Interact with all the computers that are connected to the KVM Combiner using touch screen gestures. No need to install any driver or software.


ProduCt HigHLigHts

Product Highlights

Flexible screen layout

ü KVM Combiner - Resize source scaling and aspect ratio to create Tile, Scale and Custom display layouts that fit user needs.

ü KVM Combiner - Present and work with up to 6 computers at the same time. Cascade combiners to view and control up to 36 (6x6) computers on a single or dual displays.

ü KM/Mini-Matrix - Support various display layouts (Align displays vertically (on top) / Horizontally (along side)...etc). Associate the mouse cursor with each computer based on its respective display position.

Work simultaneously on two computers, view the screens of four computers

ü Mini-matrix - Connect up to four computers and two displays to the Mini Matrix. Select which computer to present on each of the two attached displays. Displays can be positioned in various layouts (Horizontal / Vertical / Custom). Duplicate the screen of any computer by presenting it on both Mini-Matrix displays at the same time. Extend the screen of any computer to an additional 3rd and 4th external displays.

ü KM - Work simultaneously with multiple computers connected to multiple displays using one set of audio, keyboard and mouse peripherals (KM)


4

produCTs: seCure swiTChingReview the key features and Product Connection Diagram of HSL’s secure switching products: KVM, KM, Mini-Matrix, Combiner.

Multiple Sources

Speakers


Single Display

PC #4Top Secret

SECUREKVM SWITCH

SECUREKVM SWITCH

NIAPPP3.0

Certi�ed


HsL kvm switCHes

Multiple Sources

Speakers


Single Display

PC #4Top Secret

SECUREKVM SWITCH

SECUREKVM SWITCH

NIAPPP3.0

Certi�ed

• Safely share keyboard, video, mouse, audio and USB devices to simplify user experience when working with multiple computers while maintaining the highest isolation between computers and peripherals.

FreezeAudio


Computers

Share Peripherals

across Domains

Smoothly Switch

Computers (VDT)

Support 4K Video

Avoid Typing

Mistakes

Filter USB (fUSB)

Prevent Information

Leaks

KVM <-> KM

Native Touch Screen

Support


Freeze USB


User Friendly


USB Security

Video Security

Mouse Security

Keyboard Security

Audio Security

Hardware Anti-

Tampering

Firmware Anti-

Tampering


kvm setuP diagram

Smart-CardReader Computers

CONSOLE PORTS COMPUTER/SOURCE PORTS

fUSB CableAudio CableMouse CableDisplay CableKeyboard Cable

Audio Keyboard Mouse

Display


kvm ProduCts taBLe

modelsk21d-3sk21H-3sk21P-3

dk22d-3dk22H-3dk22P-3dk22Pd-3

sk41d-3/du-3sk41H-3/Hu-3sk41P-3/Pu-3

dk42d-3/du-3dk42H-3/Hu-3dk42P-3/Pu-3

sk81du-3sk81Hu-3sk81Pu-3

dk82Hu-3dk82du-3dk82Pu-3

# of sources (inputs) 2 2 4 4 8 8

# of projected displays (outputs) 1 2 1 2 1 2

Keyboard & mouse ports USB USB & PS/2 USB & PS/2

USB Peripheral Port (fUSB) ✘ ✔ (U) ✔

Video SourceDVI-I HDMI DisplayPort

DVI-I HDMI DisplayPort


Computers (inputs) video Up to 4K-2K Ultra HD Resolutions (3840 X 2160 pixels)

Console (outputs) video Up to 4K-2K Ultra HD Resolutions (3840 X 2160 pixels)


HsL km switCHes

PC #4Top Secret

PC #3Con�dential

PC #1Internet

PC #2Restricted

SECUREKM SWITCH

SECUREKM SWITCH

Move mouse to switch PCs

Multiple Sources

Speakers


NIAPPP3.0

Certi�ed

• Work simultaneously with multiple computers connected to multiple displays using one set of audio, keyboard and mouse peripherals.

• Interact with multiple computers in real-time while maintaining the highest isolation between computers and peripherals.

• Directly connect separate display(s) to each computer and securely share keyboard, mouse, audio and USB devices.

FreezeAudio


Computers

Share Peripherals

across Domains

Smoothly Switch

Computers (VDT)

Support 4K Video

Avoid Typing

Mistakes

Filter USB (fUSB)

Prevent Information

Leaks

KVM <-> KM

Native Touch Screen

Support


Freeze USB


User Friendly


USB Security

Video Security

Mouse Security

Keyboard Security

Audio Security

Hardware Anti-

Tampering

Firmware Anti-

Tampering


km setuP diagram

Smart-CardReader

Computers



Displays



km ProduCts taBLe

model sm20n-3sm40n-3sm40nu-3

sm80n-3sm80nu-3

# of sources (inputs) 2 4 8

Max # of displays supported (Windows OS Only) 8 16 32


USB Peripheral Port (fUSB) ✘ ✔ (U) ✔ (U)


HsL mini-matrix switCHes

PC #4Top Secret

PC #1Internet

SECUREMINI-MATRIX

SECUREMINI-MATRIX


Multiple Sources

Speakers


NIAPPP3.0

Certi�ed

• optimize user experience when working with multiple computers. View and control two out-of-four computers at the same time whilst securely sharing keyboard, video, mouse, audio and USB devices.

• provides increased productivity in challenging multi-computer environments where users are required to view and interact with several computers while maintaining the highest isolation between computers and peripherals.

FreezeAudio


Computers

Share Peripherals

across Domains

Smoothly Switch

Computers (VDT)

Support 4K Video

Avoid Typing

Mistakes

Filter USB (fUSB)

Prevent Information

Leaks

KVM <-> KM

Native Touch Screen

Support


Freeze USB


User Friendly


USB Security

Video Security

Mouse Security

Keyboard Security

Audio Security

Hardware Anti-

Tampering

Firmware Anti-

Tampering


mini-matrix setuP diagram




Secondary Display Primary Display



mini-matrix ProduCts taBLe

modelsx22d-3sx22H-3

sx42du-3sx42Hu-3sx42Pu-3

# of sources (inputs) 2 4

# of projected displays (outputs) 2 2

Keyboard & mouse ports USB USB & PS/2

USB Peripheral Port (fUSB) ✘ ✔

Video Source DVI-I HDMI





HsL kvm ComBiner

PC #4

PC #3

PC #1

PC #2

SECUREKVM COMBINER

SECUREKVM COMBINER


Multiple Sources

Speakers


• Interact with multiple computers presented on the same display at the same time using a single set of audio, keyboard, video and mouse peripherals.

• provides increased productivity in challenging multi-computer environments where users are required to view and interact with several computers at the same time.

• optimize user experience while maintaining the highest isolation between computers and peripherals.

FreezeAudio


Computers

Share Peripherals

across Domains

Smoothly Switch

Computers (VDT)

Support 4K Video

Avoid Typing

Mistakes

Filter USB (fUSB)

Prevent Information

Leaks

KVM <-> KM

Native Touch Screen

Support


Freeze USB


User Friendly


USB Security

Video Security

Mouse Security

Keyboard Security

Audio Security

Hardware Anti-

Tampering

Firmware Anti-

Tampering


kvm ComBiner setuP diagram




Display



kvm ComBiner ProduCts taBLe

model sC21H-3sC42du-3sC42Hu-3

sC62Hu-3

# of sources (inputs) 2 4 6

# of projected displays (outputs) 1 2 2


USB Peripheral Port (fUSB) ✘ ✔ ✔

Video Source HDMIDVI-I HDMI

HDMI



Touch screen support ✘ ✔ ✔


5

produCTs: seCure peripherals & auThenTiCaTionReview HSL’s secure peripherals and authentication products: Isolator, Headphone-Diode, USB Filter, USB Plug, MDR.

TO

P SECRET NETW

OR

K

CO

NF I D E N T

IA

L


seCure HeadPHone diode

• Enforce computer-to-speaker, one-way flow of sound through unidirectional optical data diodes.

• prevent eavesdropping and line-in re-tasking by blocking speaker-to-computer communication.

Computer or Matrix

Audio

USB for Power

Secure Headphone Diode Speakers /

Headphone

Audio


HsL isoLator

• prevent compromised peripherals from infecting computers.

• Isolator ensures that video, audio and USB data flows in a single direction thus preventing shared-peripheral-threats from compromising the computer.

• protect against leakage and malicious attacks through shared Keyboard, Video, mouse, USB and audio devices.

• Isolate computers in meeting/control/trade rooms from vulnerable peripherals that are shared between multiple computers.

• Isolate computers from display solutions that share a single display between multiple sources.

• protect classified computers in matrix-environments from shared-peripheral-threats originating from guest laptops or internet-access computers that connect to the same matrix.

Display or ProjectorComputer or Matrix HSL KVMA

Security IsolatorVideo

USB KB & Mouse

Audio out

Video

USB KB & Mouse

(HKS100I only)

(HKS100I only)

Audio outMOUSE KB AUDIO OUT VIDEO OUT


seCure usB PLug

usB plug - elock• Electronically tagged mechanical USB plug

that physically locks individual USB ports with internal strong authentication chip. Forced removal triggers an alert and permanently damages the USB port.

steel plate extension • Blocks multiple USB ports with only one

eLockUSB plug. mount the metal plate together with the USB eLock plug to block a group of USB ports with a single plug.


seCure usB Hid fiLter

hardcoded hid filter• accepts only USB HID Devices (Keyboard/mice) and rules out others

• passes only standard keyboard and mouse reports

• Blocks all other traffic

• Highly secure, read only non-programmable chip

Configurable filter• USB-ID based filter

• accept USB devices based on unique identifiers such as Serial/HID/VID/Class ID, etc.

• Configurable identifiers to fit with specific customer peripherals


seCure muLti-domain smart Card reader (mdr)

• Unique: one-to-many approach. allowing 1x smartcard for simultaneous work on multiple pCs.

• Reduce overall smartcard operational costs, buy less cards and less readers.

• minimize smartcard administrative overhead.

• Increased security, easily enforce smartcard authentication on all pCs.

• Increased security, card removal resets all pC sessions, no pC is left unsecure.

• minimize user learning curve and overhead.

• auto-association, dynamically map the smartcard to the pC that requires access to it.

Computers

Smart Card

User

Multi DomainSmart Card Reader


6

produCTs: non-seCureReview HSL’s non-secure products: Switching solutions, MMC.

KVMKVM

PC #4


switCHing ProduCt HigHLigHts

• Copy & Paste Copy and paste text and files between all the computers that are connected through the Km/KVm/mini-matrix/Combiner.

• super speed usB 3.0 Port Share the newest peripherals between computers through the KVm’s USB 3.0 peripheral ports and benefit from super-speed data transfer rates.

• High Power for express Charging Enjoy express mobile device charging times through a high-power USB port.

THanK yoU

For more information, please visit www.highseclabs.com

solutions for demanding environments - highseclab

Documents