Security technical implementation guides stigs dod. Tripp lites secure kvms meet the high standards for security set by the national. Disa has released the oracle linux 7 security technical implementation guide stig, version 1, release 1. Ensure the desktop banners, backgrounds, and screen locks have the proper classification banner. You can only connect an equal or smaller kvm to the master kvm. Secure kvm switches are designed from the ground up as dedicated switching devices with every element conceived to prevent unauthorized access and ensure data isolation. They are commonly found within testing laboratories, server rooms, and with the advent of small inexpensive switches, on desktops to reduce clutter. The cs16421644 dod combine a twoport or fourport kvm switch with a twoport usb hub, providing dualscreen support for two dvi displays. The cs78 kvm switch is a control unit that allows access to 8 computers from a single console keyboard, monitor, and mouse. Thats why federal, military, and intelligence agencies around the world have strict requirements regarding the security of kvms to. Dual input cords if there is a loss of the primary power source, the ats will switch. Non niap approved components used in solutions may be listed on the csfc components list provisionally until a us government approved protection profile for the technology is available. Trusted security solutions for the department of defense.
A proven solution to access these classified systems would be a kvm switch with an approved siprnet card reader. Kvm stands for keyboard video mouse and kvm switches allow you to switch the use of a keyboard, display and mouse between multiple computers. Kvm switches are often found in data centers where multiple servers are placed in a single rack. For example, a 16port master kvm switch can have both 16port and 8port slaves.
Department of defense information network dodin approved. Apco provides process guidance, coordination, information and support to vendors and government sponsors throughout the entire process, from the registration phase to the attainment of dodin apl status. The department of defense information network approved products list dodin apl is established in accordance with the uc requirements document and mandated by the dod instruction dodi. Ensure that the switches are approved before installing. Version 1 b002dv1a2 2port sh secure dvi i kvm waudio, pp 3. Items that are procedural or sitespecific and must be applied by customers. Get the best deals on kvm switches and find everything youll need to improve your home office setup at. Page 1 user manual 2port usb kvm switch with audio gcs632u part no. Changes or modifications to this unit not expressly approved by the party responsible for. The comit server is a sun server running the solaris version 10 os.
The 4k 2 x 1 hdmi switch enables switching between two hdmi sources to a single display. Taa requires that products originate from the united states or another approved country. Ccevs to evaluate and approve kvm switches for security. Secure kvm switches niapcertified prevent unauthorized access and ensure data isolation. Classified wlanenabled peds must use nsaapproved encryption to protect classified dataintransit and dataatrest on peds. Taa requires that products originate from the united states or another approved. These categories are single user kvm switch, multiuser analog kvm switch, and a multiuser network attached kvm switch. Joint dodiiscryptologic sci information systems security standards. Kvm or ab switches must be approved prior to being connected to iss that are at different classification levels.
Defense information systems agency pacific command disa pac hawaii information transfer system hitsjoint hawaii information transfer. The content herein is a representation of the most standard description of servicessupport available from disa. If the console switch gets wet, see the appropriate section in the troubleshooting guide or contact the trained service provider. Use of nsacentral security service css andor defense information systems network security accreditation working group dsawg approved kvm switches is authorized on gccsj with site daa approval. The vsw430 series originally included the vsw431 and the vsw432 products, but are now combined into just the vsw431. By using this is which includes any device attached to this is, you consent to the following conditions. Slideaway lcd kvm switches allow you to choose from a host of optional rack mount kits to meet your needs, including the single person easy installation rack mount kit, which streamlines the rack mounting process.
Classified wlan enabled peds must use nsaapproved encryption to protect classified datain transit and dataatrest on peds. Ensure that the systems are installed correctly and meet all tempest standards. Use of nsacentral security service css andor defense information systems network security accreditation working group dsawg approved kvm switches. Kvm switch installation and quick start 1 product description and inventory overview the kvm switch can connect up to 32 switches to provide direct control of 16 computers or control of up to 512 computers through serial connections, using only one keyboard, monitor, and mouse. Belkin secure dvii kvm switch, 8port dualhead, with cac. The mysql stig is currently under development with the vendor and does not have a release date. The initial modification will be to change group and rule ids vul and subvul ids.
Choose tripp lite niapcertified secure kvm switches. Department of defense, the defense agencies, the dod field activities, and all other organizational entities within the dod referred to collectively in this issuance as the dod. Ensure switches are on the most current approved dsawg list or otherwise comply with dsawg guidance for use for switching between high side and low side devices. If you supply products for gsa schedules and other. To see the selectable requirements, go to the csfc components list and click on the links for ipsec vpn gateways, ipsec vpn clients, wlan clients, wlan access systems, certificate authorities, mdm, sw fde, mobile platforms, sip servers and voip applications. General services administration federal supply service authorized federal supply schedule catalogprice list online access to contract ordering information, terms and conditions, uptodate pricing, and the option to create an electronic delivery order is available through gsa advantage. Niap has implemented the common criteria recognition. Like all kvm switches, an hdmi kvm switch will allow a user to switch between 2 or more computers using a single keyboard, mouse and monitor setupconsole with the added benefit of supporting digital, hidef video. Security technical implementation guides stigs dod cyber.
Multiuser is a capability of a kvm switch that permits more than one user to control different network devices simultaneously but not concurrently. Raritans desktop kvm switches are convenient, economical solutions for smb small and medium business providing remote access and control to multiple computers at the desktop eliminating the clutter of extra keyboards, mice, and monitors. Government usg information system is that is provided for usgauthorized use only. Once the protection profile is available, the company has six months to enter into a memorandum of agreement with nsa to remain listed as a csfc component. It provides pushbuttons and hotkey combinations for convenient computer selection. Received ctta report 14 may 08 approving the switch to process up to secret. The defense information systems agency disa is the preferred uc transport provider for internet and commercial satellite connections used for voice, video, andor data services on dod. Thats why federal, military, and intelligence agencies around the world have strict requirements regarding the security of kvms to safeguard data from accidental transfer or unauthorized access. Dod disa jitc uc apl 20, and tempest sdip 27 level b certification for single chassis, multiclassification computer kvm. Department of defense unified capabilities approved products list. Thinklogical offers the only medium to largescale fiberoptic kvm matrix switches to achieve common criteria eal4, nato niapc evaluation scheme. January 2008 approved ethernet ab switches page of rev. Apl approved products list cs communication server.
The requirements of the stig become effective immediately. To provide increased flexibility for the future, disa is updating the systems that. An ab switch not found on the approved kvm and ab switch lists has not been tested to verify that it does not leak data between systems. A kvm keyboard, video, mouse switch is a hardware device that allows a user to control multiple computers from a single keyboard, video display monitor and mouse. This can lead to the compromise of sensitive data or the. You may use pages from this site for informational, noncommercial purposes only. Introduction to taa compliance for government it suppliers. The belkin advanced secure dvii kvm switch is designed for use in secure defense and intelligence installations. Kvm switch hdmi 2 port box, share 2 computers with one keyboard mouse and one hd monitor, support wireless keyboard and mouse connections, hud 4k 3840x2160 supported. The database srg should be used until the stig is released. Kvm switches may have different ways of handling these data transmissions. Customers must ensure that the products selected will provide the necessary security functionality for their architecture. V6699, medium, kvm or ab switches must be approved prior to being. Simplify your work and increase the productivity of your facility with vertivs it management products, like kvm switches and serial consoles.
Belkin secure displayport kvm switch, 4port, quadhead with cac. An 8port master kvm switch can only have 8port or fewer kvm slaves. The cybex sc800 and sc900 secure switches provide users access to computers with various classification levels from a single desk. Dmcc ordering notice defense information systems agency. This page is dedicated to the command cyber readiness inspection, or ccri.
Ugreen usb kvm switch box 2 port vga video sharing adapter 2 in 1 out manual switcher with usb cables for computer, pc, laptop, desktop, monitor, printer, keyboard, mouse control. Thinklogical, velocity closed video matrix switching. Box 549 fort meade, maryland 207550549 infrastructure directorate in reply refer to. Web server are managed through the local keyboard, video, mouse, and local administrator accounts. The products listed below are evaluated against a niapapproved. Only kvm switches that have been tested and verified to prevent the transfer of data from one is to another will be used when the iss connected to the switch. This kvm solution would not only allow the different divisions in the dod to become. Dod pki, siprnet security and information assurance raritan. Dec 19, 2017 the products on the list meet specific nsa performance requirements for sanitizing, destroying, or disposing of media containing sensitive or classified information. To provide increased flexibility for the future, disa is updating the systems that produce stigs and security requirements guides srgs. It is the users responsibility to request connectivity approval directly from the pm. Department of defense dod unified capabilities uc approved products list apl certification process is the responsibility of the defense information systems agency disa. The switch supports resolutions up to 4k uhd and has a smart auto switching function that enables the device to automatically switch to a source when it becomes active. Tripp lites secure kvms meet the high standards for security set by the national information assurance partnership niap, so data stays safe and in the right hands.
Once connected, the kvm switches will automatically configure themselves as either masters or slaves. The initial modification will be to change group and rule ids. Desktop kvm switches go filter 0 comparison basket 0 go filter 0 comparison basket 0 select other categories. This server hosts the comit application as well as the oracle version 11 database. Product compliant list the products listed below must be considered in the context of the environment of use, including appropriate risk analysis and system accreditation requirements. This strengthens evaluations by focusing on technology specific security requirements. Comments or proposed revisions to this document should be sent via email to the following address. Prevent unauthorized access and ensure data isolation. Kvm switches are used to connect a single keyboard, video monitor, and mouse to multiple iss, saving space and equipment. The apc kvm switch integrates analog and digital keyboard, video and mouse kvm switching technology with advanced cable management, access for two or four simulta neous users and a user interface. The ccri is aimed at improving and verifying afimsc and the.
With thinklogicals velocity kvm extenders, you can centralize. As a kvm switch, it allows users to access two computers. The keyboard video and mouse switch stig must also be applied for each site using kvm switches. Kvm switches also commonly let you switch audio and usb devices between computers. Approved products certification office apco apco acts as the staff element for disa to manage the dodin apl process. Eliminates the need for niap approved kvm switches. The most vulnerable part of any network is the user access point. Connect the keyboard, vga monitor, and mouse to the console port of kvm switch 3. The kvm switch is specially designed to prevent peripherals from leaking.
Ncp checklist keyboard video and mouse switch stig. Disa has compiled a list of approved similar products including all of the associated thinklogical fiber matrix switch frame sizes from the mx48. Kvms and ab switches connecting information systems of differing classification levels must be on the niap products compliance list. Use the console switch only with approved equipment. Superior security and data protection for commercial suppliers. Approved for public release, distribution is unlimited. Dod disa jitc uc apl 20, and tempest sdip 27 level b certification for single chassis, multiclassification computer kvm and video distribution system vds infrastructures. Department of defense dod unified capabilities uc approved products list apl certification process is the responsibility of the defense information systems agency disa unified capabilities certification office ucco. The system is a keyboard video and mouse kvm solution. The system may assume a generic monitor is attached and defaults to safe settings. Two manual test stigs and their associated benchmarks are available for. A single computer to host multiple guest virtual machines vms. Desktop kvm switches are usually 2 or 4port switches.
The kvm switches are considered to be one of three categories demarked by their physical characteristics and intended use. After powering on computers and finishing the bootup process, you can start to go kvm switch. Emersoncybex secure dvi kvm switch, secure km switch and secure windowing kvm security target rev. It offers safe centralized control, which prevents. The content herein is a representation of the most standard description of servicessupport available from disa, and is subject to change as defined in the terms and conditions. Secure kvm switching with a single keyboard, monitor, mouse. Niap has implemented the ccra management committee vision statement for the application of the cc and the ccra and no longer evaluates against evaluation assurance levels eal. The keyboard video and mouse switch kvm stig includes the computing requirements for kvm switches operating to support the dod.
The keyboard video and mouse switch kvm stig includes the computing requirements. Received switch 29 oct 07 from forrest crowson and provided to disa ctta for evaluation on 30 october 2007. Secure kvm switches niapcertified kvm switches online. More information about thinklogical kvm and video distribution systems accredited for use in secure facilities can be found here. Clientcube 2 line of sight separation from the datacenter to the desk. Desktop kvm switches a desktop kvm switch, at its most basic, is simply a hardware device that enables one workstation consisting of a keyboard, video monitor, and mouse to control more than one cpu. A wide variety of automatic kvm switch options are available to you, such as interface type, resolution. The products on the list meet specific nsa performance requirements for sanitizing, destroying, or disposing of media containing sensitive or classified information.
Switch es will refer to both kvm and ab switches unless otherwise noted. However, the system as tested used a keyboard, video, mouse kvm switch to manage these two devices. Us department of defense unified capabilities approved. Belkin secure displayport kvm switch, 4port, dualhead with cac. Storefront overview defense information systems agency. This section will address keyboard, video, and mouse kvm and ab switches.
845 250 863 1095 1257 29 16 685 876 514 1152 851 409 1112 179 463 923 479 1160 1116 1169 794 740 878 1214 253 1085 884 77 1058 493 494 880 1449 167 715 240 1222 51 10 484 1382