Partner Manufacturers - Product Information

HSL-K202E 2 Port Secure DVI-I Dual Lnk & USB PS2 KVM Switch. USB User Authentication port, Audio out, Active anti-tampering Secure KVM Switch, Front Panel Buttons & RDC Port. ( KVM Secure Switch )


Range general picture - this shows the 4 port version with full features

Description:
END OF LIFE - Call us for details of an alternative product

SPECIAL ORDER PRODUCT

HSL-K202E 2 Port High Security DVI-I Dual Link & USB PS2 KVM Switch. USB User Authentication port, Audio out, Active anti-tampering Secure KVM Switch, Front Panel Buttons & RDC Port.

KVMs becoming a target for cyber attacks as they may be the only possible link to bridge between isolated classified networks and networks open to the internet. Many high security organizations adopting secure KVMs as part of their cyber protection strategy, in some cases this effort is not enough. Second-Generation Secure KVMs sold in the market today have documented vulnerabilities that may cause data leakages between connected computers with different security levels.

HSL’s Secure KVM is the industry’s first 3rd Generation Secure KVM. This product offers the highest possible separation between 2 / 4 connected computers. The K20x Secure KVM designed to meet the requirements of organizations that are challenged by the need to provide secret or top-secret network access together with unclassified or internet access.

The K20x series KVM uses uni-directional optical data-diodes to prevent any potential leakage between the highly-isolated peripheral channels. This KVM can also be used to securely filter and lock USB ports preventing data export / import through mass-storage devices by hardware.

RDC (Remote Desktop Controller) port enables simple interface with HSL's RDC440 controller. Using the K20x with RDC440 users can control and monitor the Secure KVM remotely and enjoying color LCD with programmeable network/computer names. For more information see RDC440 page.

The K20x supports legacy VGA computers, single-link DVI or dual-link DVI video switching. The K20x is compatible with USB or PS/2 peripherals providing equal security levels. Patented DDC emulation technology enables secure operation with display Plug and Play support. Product passed extensive security evaluation through all forms of known KVM attacks. Unlike other secure KVMs in the market today HSL KVMs were designed to securely operate with the assumption that two of the connected computers are infected by a hostile code that is constantly trying to attack the KVM.

Note that the K202 series is now divided into two form-factors: the new K202B and K202D are Small-Form-Factor devices (see products page), the K202E is standard size with DVI-I video and user authentication device port and it is covered here.

Features:

  • Highest security by design Designed by an agency to support isolation between national security networks. Common Criteria EAL 4+ approved. Derivative of a TEMPEST product used in NATO nuclear submarines.

  • Hardware Based peripheral protection/isolation Absolutely no dependency on firmware or software. All firmware is in ROM (Read Only Memory). No keyboard buffering or memory. More than 60dB isolation between channels.

  • Unidirectional optical data diodes used to secure USB peripherals isolation. Data can flow from devices to host only. No reverse data flow possible by physics. Can be used between widest security gaps.

  • User authentication device port Special USB port that supports CAC and other user authentication devices including wide range of biometric readers. User can decouple this port from KVM switching to remain authenticated on one channel if needed.

  • Display Plug and Play (DDC) protection Leakage prevention through patented emulated technology. Signaling attacks prevented by design. DDC/EDID is fully functional.

  • Future-proof - supports widest variety of peripherals and computers supports different video formats from VGA to 2560x1600 dual-link DVI and HDMI. Supprots latest keyboards, mice and card readers. Support computers with all Operating Systems.

  • Peripherals security full USB devices filtering to assure support for keyboard and mouse only.

  • Active anti-tampering always-on active anti-tampering with 10 years battery. Special holographic tampering evident labels.

  • Remote Desktop Controller special port to enable remote controller accessory - RDC440 (more information>). Secure KVM can be installed at distant location and connected through a standard ethernet cable

    Range general picture - this shows the 4 port version with 4 computer ports and full features

    Specification:
    Host Computer Input Ports

  • Two input ports from host computers having:
    - 1 x DVI-I Female connectors for video
    - 1 x USB Type-B connectors for keyboard and mouse
    - 1 x USB Type-B connectors for user authentication device [K20xE only]
    - 1 x Audio input 3.5 mm stereo jack
  • Monitor Plug & Play DDC support through emulation to prevent DDC leakage
    Console Ports
  • One set of output ports for display, keyboard, mouse, having:
    - 1 x DVI-I Female connector (DVI-I to VGA adapters can be ordered separately)
    - 1 x USB Type-A jacks for USB keyboard
    - 1 x USB Type-A jacks for USB mouse
    - 1 x USB Type-A jack for user authentication device [K20xE only]
    - 1 x PS/2 legacy keyboard connector (DIN-5)
    - 1 x PS/2 legacy mouse connector (DIN-5)
    - 1 x Audio output 3.5 mm stereo jack
  • RDC (Remote Desktop Controller) port to enable remote user control through cable or optical fiber
    Management
  • Channel select and status LED's
  • Channel select push-buttons
  • Keyboard hotkeys [optional – may be disabled]
  • Remote Desktop Controller [optional]
    Video modes supported
  • All Dual-link DVI resolutions up to 2560 x 1600
  • VGA resolutions supported up to 2048x1536
  • VGA output is usable only if all inputs and output are VGA.


    Security Functions
  • USB ports supporting only keyboard and mouse through host emulation and strong filtering.
  • Optical Data Diode assures unidirectional flow from devices to computers.
  • Firmware change can not cause leakage between channels or data export.
  • Isolated power supplies for each device emulator.
  • Dedicated port for smart-card reader or biometric device. Port is strongly filtered and monitored.
  • Firmware resides on ROM.
  • Display EDID is emulated and highly-isolated to prevent signalling leakages.
  • Battery powered anti-tampering system to disable product in case of mechanical intrusion.
  • Special holographic Temper Evident Labels.
    Power
  • DC input 12V / 1A maximum
  • Wall-mounted power supply included. Power input 90-240V AC
    Peripheral security
  • USB ports supporting only keyboard and mouse through host emulation
  • Data-diode assures USB unidirectional flow from devices to host
  • Firmware change can not cause leakage between channels or data export
    Environmental
  • Temperature range: Operating - 0ºC to 40ºC (32ºF to 104ºF); Storage - -20ºC to 60ºC (-4ºF to
    140ºF)
  • Humidity: Operating - 20 to 80% non condensing; Storage – 10 to 90% non condensing
  • Altitude: 0 to 10,000 ft
    Regulatory Compliance
  • Safety: UL/cUL60950,EN60 950
  • EMI/EMC: FCC Class B, CE Mark, EN55022B, VCCI
    Security Accreditations
  • Common Criteria EAL 4+ ALC_FLR.3 (currently in evaluation)
  • Complies with NIAP Peripheral Sharing Switch (PSS) For Human Interface Devices Ver 2.1
  • K20x products are NISA Approved (Israel)
    Physical Characteristics
  • Dimensions: 135(W) x 320 (D) x 50 (H) mm / 5.3 (W) x 12.6 (D) x 2.0 (H) inch
  • Device weight: 1.5 Kg. (3.3 lbs.)
  • Shipping Weight: 1.8 Kg (4 lbs) without cables
    Warranty, Reliability
  • Two years limited warranty. This limited warranty covers 100% of parts and workmanship on any
    required repairs. For details see HSL web-site: www.highseclabs.com/Warranty.html
  • Optional extended warranty for up to 5 additional years
  • Product design life-cycle 10 years