View
17
Download
0
Category
Preview:
Citation preview
THE HSLSECURE
KVM COMBINERSSimultaneously interact with multiple computers on the same screen
S E C U R E K V M CO M B I N E R S
1THE NEED
Demanding environments require real-time presentation of information from isolated computers on the same display
Military & Defense
Command & Control
Mobile Command & Control
S E C U R E K V M CO M B I N E R S
2WHAT IS A KVM COMBINER SWITCH?
Combiner is a Secure KVM switch which allows to simultaneously interact with and present multiple computers from different security classifications on a single display while keeping the data of each source completely separate.
Multiple Sources
#4#3
#2#1
Move mouse to switch PCs
Single Keyboard & Mouse
PC #4
PC #3
PC #1
PC #2
SECUREKVM COMBINER
SECUREKVM COMBINER
S E C U R E K V M CO M B I N E R S
3COMBINER VERSATILE VIEW MODES (PRESETS)
What are view modes?
• View modes determine how multiple sources are presented on the combiner’s screen.
• Versatile view modes allow various presentation layouts (Tile, Scale, Custom…etc.).
• Simple switching allow the user to change view setting ‘on-the-fly’ to instantly fit with any work scenario. The user can switch between all presets at all times with a click of a mouse.
• Custom view modes can be saved to preset any layout desired by the user for future work.
S E C U R E K V M CO M B I N E R S
4COMBINER VERSATILE VIEW MODES (PRESETS)
Tile Mode Example:
• In Tile mode all sources are spread equally on the screen, the user can independently interact with each source and enlarge any given source to maximum screen size by clicking on it.
Click to Enlarge
Channel 1Setup Channel 2 Channel 3 Channel 4 1 2 3 ? Scale Tile
3 4
21
Channel 1Setup Channel 2 Channel 3 Channel 4 1 2 3 ? Scale Tile
3 4
21
Demo Video
S E C U R E K V M CO M B I N E R S
5COMBINER VERSATILE VIEW MODES (PRESETS)
Scale Mode Example:
• In Scale mode the user can interact with all sources while one source is enlarged and others are aligned vertically on the right screen side. Switch between the enlarged source by clicking on the aligned source.
Click to Enlarge
Channel 1Setup Channel 2 Channel 3 Channel 4 1 2 3 ? Scale Tile
1234
Channel 1Setup Channel 2 Channel 3 Channel 4 1 2 3 ? Scale Tile
2134
Demo Video
S E C U R E K V M CO M B I N E R S
6COMBINER VERSATILE VIEW MODES (PRESETS)
Custom Mode Example:
• In Custom mode the user can interact with all sources, rearrange screens layout and position according to his need and save the sources preset for future use.
Rearrange and Position screens as you want
Channel 1Setup Channel 2 Channel 3 Channel 4 1 2 3 ? Scale Tile
1 23
4Channel 1Setup Channel 2 Channel 3 Channel 4 1 2 3 ? Scale Tile
213
4
Demo Video
S E C U R E K V M CO M B I N E R S
7CURSOR NAVIGATIONVIRTUAL DISPLAY TECHNOLOGY (VDT)
• Switch from one highly isolated computer system to another by simply moving the mouse cursor across display borders
• No need to push any buttons
• Audio and keyboard follow the mouse as its cursor crosses the display borders
Drag mouse between screen boarders
Screen borderMouse cursor movement path
S E C U R E K V M CO M B I N E R S
8PERIPHERAL PORT (fUSB) FOR SHARING AUTHENTICATION DEVICES AND MORE
What is fUSB?
• Dedicated USB port which is preconfigured to allow only USB authentication devices such as smartcard & biometric readers.
• fUSB functionality can be further enhanced by allowing an administrator to explicitly enable a uniquely identified USB device.
• USB device approval / denial indication LED shows whether the connected device is permitted for use.
• fUSB channel assignment LED indicates which source has current access to the USB device.
• Dynamic fUSB port switching. fUSB is automatically switched between sources together with the keyboard and mouse.
• Freeze fUSB option allows locking the USB device to a specific channel, preventing it from switching automatically. Keyboard
AudioComputers
Mouse
Authentication / Explicitly Approved USB Devices
Smart-CardReader
BiometricReaderApproved
USB Device
1 2 3 4
fUSB?
Primary Display Secondary Display
S E C U R E K V M CO M B I N E R S
9COMBINER HIGHLIGHTS
• Interact with multipule computers simultaneouslyConnect up to six computers and two displays to the KVM Combiner. User can interact with all computers at the same time using a single set of keyboard and mouse.
• Flexible screen layout optionsSplit the screen to display multiple sources on the same display. Resize source scaling and aspect ratio to create Tile, Scale and Custom display layouts that fit user needs.
• Duplicate & Extend view modesProvide flexible presentation options to fit any meeting / control room use case scenario.
• Native touch screen support Touch screen support allows interacting with all connected computers using touch screen gestures.
• Virtual Display Technology (VDT)Seamlessly switch between the selected sources by moving the mouse cursor across screen boarders. Audio is switched automatically once control is switched to another source.
• Combiner cascadingCascade combiners to view and control up to 36 sources on a single display, using one set of keyboard, mouse and audio.Expand any source to full screen. Keep all combiner-features throughout the cascaded chain (View modes, VDT…etc.).
S E C U R E K V M CO M B I N E R S
10COMBINER HIGHLIGHTS - SECURITY
• Highest security by designCommon Criteria EAL 4+ approved, compatible with NIAP security requirements.
• Work freely without compromising securityDisplay and control classified and non-classified computers without compromising security.Computers and peripherals are fully isolated from each other.
• Biometric/Smart-Card reader supportConnect a smartcard/biometric reader to the combiner’s fUSB secure port to support user authentication across multiple isolated computers.
S E C U R E K V M CO M B I N E R S
11COMBINER ADVANTAGES VS. MULTIPLE-DISPLAY SETUP
Feature M u l t i p l e D i s p l a y s C o m b i n e r
Multiple Displays: Information from each source is displayed on a separate screenCombiner: Information from several isolated computers is seamlessly integrated on the same display in real-time ✘ ✔Multiple Displays: The size of each PC screen is limited by the available free space on the user’s deskCombiner: Use one big screen instead of multiple small screens to better watch content on a Big & Wide Screen ✘ ✔Multiple Displays: Requires connecting a dedicated touch screen to each PC. Combiner: Connect a touch enabled screen and get native touch screen support with all connected computers ✘ ✔Multiple Displays: The user is required to push KM Switch buttons (or use multiple sets of keyboards, mouse and speakers) in order to switch the mouse, keyboard and audio between computersCombiner: Switch the mouse, keyboard and audio from one computer to another by simply moving the mouse cursor across display borders on the same screen
✘ ✔
Multiple Displays: No layout options. Screen alignment is derived from the physical monitor size and layoutCombiner: Support of multiple screen layout options (tile/scale/custom) to best fit any use case scenario ✘ ✔
VS
Multiple Displays Combiner
S E C U R E K V M CO M B I N E R S
12COMBINER MODELS
Model K424F K424H K426E K426H
# of sources (inputs) 4 4 6 6
# of projected displays (output) 2 2 2 2
Computers (input) video Up to HD Resolutions (1920 X 1200 pixels)
Console (output) videoUp to HD
Resolutions (1920 X 1200 pixels)
Up to 4K-2K Ultra HD Resolutions
(3840 X 2160 pixels)
Up to HD Resolutions
(1920 X 1200 pixels)
Up to 4K-2K Ultra HD Resolutions
(3840 X 2160 pixels)
Keyboard & mouse ports USB & PS/2
USB Peripheral Port (fUSB) ✓ ✓ ✓ ✓
Touch screen support ✓ ✓ ✓ ✓
Natural Windows Scaling ✓ ✓ ✓ ✓
# of customized presets 4 (including Tile)Unique Features:• Designed for command & control and any other environment requiring real time monitoring of multiple displays• An attractive alternative to Video wall controllers• Touch screen support
• Flexible Windows-like GUI• Cursor navigation between sources
S E C U R E K V M CO M B I N E R S
13SPECIAL COMBINER MODELS
Coming Soon!
Keyboard
AudioRDCComputers
Mouse
1 2
Displays
CAC
1 21
1 1
2 Sources to 6 Displays
Keyboard
AudioRDC
Computers
Mouse
1 2 3 4
Displays
4CAC
2
31
4 Sources to 4 Displays
S E C U R E K V M CO M B I N E R S
14COMBINER CASCADING
• Cascade combiners to view and control up to 36 sources on a single display, using one set of keyboard, mouse and audio.
• Keep all combiner-features throughout the cascaded chain (View modes, VDT…etc.)
• Native touchscreen support across all sources.
• Independently resize and rearrange the screen layouts of each source.
• Expand any source to full screen.
• Support RS232 commands for easy screen layout switching programming.
S E C U R E K V M CO M B I N E R S
15COMBINER CASCADING
Cascade combiners to view and control up to 36 sources on a single display, using one set of keyboard, mouse and audio.
Child Combiner 2
Child Combiner 1
Child Combiner 3
Child Combiner 4
#4#3
#2#1
#4#3
#2#1
#4#3
#2#1
#4#3
#2#1
Single Keyboard & Mouse
Child Combiner 2
Child Combiner 1
Child Combiner 3
Child Combiner 4
Master Combiner
S E C U R E K V M CO M B I N E R S
16COMBINER CASCADING
Independently resize and rearrange the screen layouts of each source.
Single Keyboard & Mouse
Scale View
Custom View
Scale View
Quad View
Child Combiner 2
Child Combiner 1
Child Combiner 3
Child Combiner 4
#4#3
#2#1
#4#3
#2#1
#4#3
#2#1
#4#3
#2#1
Master Combiner
S E C U R E K V M CO M B I N E R S
17
Child Combiner 2
Child Combiner 1
Child Combiner 3
Child Combiner 4
#4#3
#2#1
#4#3
#2#1
#4#3
#2#1
Single Keyboard & Mouse
Child Combiner 2Child
Combiner 3
Child Combiner 4
Master Combiner
Expa
nd source #1 of child combiner #1 to full screen
#1
#4#3
#2
Child Combiner 1
COMBINER CASCADING
Expand any source to full screen.
Expand source #1 of child combiner #1 to full screen.
S E C U R E K V M CO M B I N E R S
18COMBINER CASCADING
Expand any source to full screen.
• Expand source #1 of child combiner #1 to full screen.
• Expand source #1 of master combiner to full screen
Expand source #1 of master
Single Keyboard & Mouse
Master Combiner
Child Combiner 2
Child Combiner 1
Child Combiner 3
Child Combiner 4
#4#3
#2#1
#4#3
#2#1
#4#3
#2#1
com
biner to full screen
Expa
nd so
urce #1 of child combiner #1 to full screen
#1
#4#3
#2
S E C U R E K V M CO M B I N E R S
19FAQs
• What is the difference between KVM and Combiner?KVM’s are designed to switch displays, allowing the user to only see and manage one target device at a time. Combiner allows the user to securely interact with multiple sources simultaneously. The Combiner uses advanced video processing technology to draw a high resolution dynamic “mosaic” of images generated by different sources.
• Is the Combiner as secure as Secure KVM switches?Yes. The Combiner is a derivative of HSL Secure KVM product line, and is equipped with the same high security features: Active Always-On Anti-Tampering, Heavy-Duty Tamper-Resistant Enclosure, Tamper Evident Label, Unidirectional Data Paths, Dedicated Processors for Emulation, USB Port Protection, Non- Reprogrammable Firmware, Tamper-Proof Hardware, and more.
• Can the Combiner scale video input?Yes, The HSL Combiner has an advanced scaling function allowing the user to scale the video source to ensure proper viewing and superb work experience. A user can now fit four full HD sources on a single or dual HD or UHD screen by scaling each source, all in real time with no data loss. In addition, natural Windows scaling and touch screen are supported, so the user can scale freely various sources and also them as one of the predefined Presets.
• Is it possible to use a mouse other than the mouse supplied with the HSL Combiner?It is recommended to use the mouse supplied with the HSL Combiner but if another type of mouse is used, it must be a five-button mouse, with a recommended mouse DPI of 5400 for best performance.
S E C U R E K V M CO M B I N E R S
20
KEYBOARD AND MOUSE THREATS
# Attack Type Vulnerability Risk
Signal/Virus
• Programmable components may include malicious code and are vulnerable to manipulation.
• May include memory chips that can store data • Bi-directional keys (Num Lock, Scroll Lock, Cap Lock, Pause
Break) can be used to send and decode data between systems
Data leakage from one system to another
Solution Components Solution Highlights
Unidirectional Optical Data Diodes
ü Allowing data to flow only in one direction, from the device- to-host computer. ü Preventing host-to-peripheral data flow eliminates data leakage through the shared peripheral.
ü Preventing host-to-host connectivity isolates all hosts from each other.
Hardware-based Peripheral Isolation per Port ü Each port is fully isolated from other ports.
Hardcoded HID Filter ü Accepts only USB HID Devices (Keyboard & Mice) rules out others. ü Hardcoded ASCII keyboard / mice characters. ü Incapable of processing any other code than HID-ASCII.
S E C U R E K V M CO M B I N E R S
21
AUDIO THREATS
# Attack Type Vulnerability Risk
Signal/Virus/Hot Microphone
• Programmable components may include malicious code and are vulnerable to manipulation.
• Manipulated sound card can reprogram a speaker into a microphone to act as an audio reception tool (e.g. microphone).
Data leakage and eavesdropping
Solution Components Solution Highlights
Unidirectional Diodes
ü Allow sound to travel only in one direction from the PC to the speaker. ü Prevent re-tasking of the audio line-in (headset/speaker) into a microphone line and thus block eavesdropping attempts by reprograming a speaker to act as an audio reception tool (e.g. microphone).
S E C U R E K V M CO M B I N E R S
22
USB THREATS
# Attack Type Vulnerability Risk
Virus
• Highly popular standard commonly used by computer and mobile users.
• Provides on-the-fly high speed, bidirectional flow of data to and from the computer.
• Multifunctional port: numerous device types can connect through the same physical port
• Programmable components may include malicious code and are vulnerable to manipulation.
• Can be used to store/inject data.
Data leakage from one system to another
Solution Components Solution Highlights
Block un-authorized USB ü Completely block and disable unauthorized USB devices and traffic
Secure & Dedicated Keyboard / Mouse Ports
ü Accepts only USB HID Devices (Keyboard & Mice) rules out others ü Refer to Keyboard & Mouse threats table for additional information
Biometric/Smart-Card reader support
ü Special secured port (fUSB) for smart-card/biometric reader with patented Freeze function to support user authentication across multiple isolated networks.
S E C U R E K V M CO M B I N E R S
23HARDWARE & FIRMWARE TAMPERING THREATS
# Attack Type Vulnerability Risk
Firmware Reprogramming / Implant malicious hardware
• Open product and implant malicious hardware.• Attempt to reprogram firmware components to include
malicious code.• Attempt to store/inject data.
Data leakage and eavesdropping
Solution Components Solution Highlights
Tamper-proof electrical design
ü Firmware is stored on ROM (Read Only Memory) ü One-Time-Programmable (OTP) Microprocessors preventing firmware tampering/rewrite
No Memory buffers ü Peripheral signals are passed-through, with no data stored inside products
Always-ON tamper evident system
ü Internal: Tampering with product chassis triggers a switch that renders product inoperable. This is indicated to user via a specific LED behavior.
ü External: Serialized holographic labels provide visual indication of any tampering attempt and warning labels are place on product chassis
THANK YOU
For more information, please visit www.highseclabs.com
Recommended