ServSwitch Secure VGA USB KVM Switch EAL4+/TEMPEST

Combat security threats with this hard-wired VGA KVM switch featuring CAC support for maximum protection against data leakage.

- Facilitates data separation with high-level electrical isolation between ports.
- Protects against signal snooping using 60-dB crosstalk isolation.
- Prevents access from one CPU or network to others through permanent hard-wired connections.
- Minimizes radiated emissions.
- External tamper-evident seals.
- Robust metal housing with durable switching mechanism.
- USB host controller erases entire RAM—no residual data remain on channel.
- Dedicated DDC bus and EDID emulation at each port.
- Options with CAC (Common Access Card) reader support available.
- Clear, unmistakable channel selection with non-flashable ROM.
- No common power supply to minimize signaling.

- Warranty: 2 Years Double Diamond™ (Standard)

The ServSwitch™ Secure VGA USB KVM Switch with EAL4+/TEMPEST exceeds standard security profiles, certified to EAL4+ (Common Criteria Evaluation Assurance Level 4+) with ALC_FLR.2 and ATE_DPT.2.

The Common Criteria is an international standard for IT security evaluation, supported by the NSA through the NIAP. EAL4+ ensures product security throughout design, manufacturing, and distribution processes.

This KVM switch enables safe control and separation of up to four computers connected to secure and non-secure networks through a single keyboard, monitor, and mouse.

TEMPEST
TEMPEST compliant at USA NSTISSAM Level I and NATO SDIP-27 Level A, ensuring minimal electromagnetic emissions to prevent data vulnerabilities.

CAC (Common Access Card) Support
Models SW2009A-USB-EAL and SW4008A-USB-EAL support CAC card readers for enhanced security functions.

Threat Scenarios and Solutions

1. Prevent data leaks between ports and externally.

Threat 1.1: Unidirectional keyboard and mouse data flow is enforced by hardware “data diodes.” Non-keyboard USB devices are inhibited.

Threat 1.2: Red and black ports are physically separated to improve data isolation.

Threat 1.3: All hotkey and mouse switching functions are locked down, preventing inadvertent channel changes.

Threat 1.4: Each port has independent USB power, avoiding cross-port interference.

Threat 1.5: Minimum 80-dB crosstalk isolation prevents signal snooping.

Threat 1.6: Only one computer is connected to shared circuitry at a time, blocking timing analysis.

Threat 1.7: Shielded cables and filtered power minimize electromagnetic emissions.

2. Prevent data retention in the device.

Solution: Volatile memory is erased with each channel change, preventing residual data transfer.

3. Prevent electronic snooping.

Solution: Double-shielded metal casing blocks eavesdropping.

Technical Specifications:

• Distance (max): Cable length: 1.8 m or 3.6 m
• Resolution (max): Digital: 165 MHz per DVI link; Analog: 1920 x 1280
• Connectors:
- CPU: (2) or (4) HD26 F
- User: (1) VGA F, (2) USB Type A F for keyboard and mouse
- CAC models: (1) USB Type A F for smart card reader or combined reader/keyboard

• Power: Input: 100–240 VAC, 50–60 Hz, external, max 0.5 amps; Output: 5 VDC, max 2.5 amps
• Size: (1U) 4.4H x 23.5W x 15D cm
• Weight: 0.5 kg
• TAA compliant: YES