Compliant Product - SK41D-4TR KVM, Firmware Version 44404-E7E7
Certificate Date:
2021.09.15
CC Certificate
Security Target
Validation Report
Validation Report Number: CCEVS-VR-VID11193-2021 Product Type: Peripheral Switch Sharing Switch Conformance Claim: Protection Profile Compliant PP Identifier: PP-Module for Keyboard/Mouse Devices Version 1.0 PP-Module for Video/Display Devices Version 1.0 Protection Profile for Peripheral Sharing Device Version 4.0 CC Testing Lab: Acumen Security Assurance Activity Administrative Guide Administrative Guide Administrative Guide
Product Description
Figure 1 – SK41D-4TR KVM Evaluated Configuration Figure 1 shows a basic evaluated configuration. The TOE is connected to four computers. The video input and output format is DVI-D, and a single display is connected to the KVM. The TOE uses ruggedized 32-pin connectors that support both DVI-D and USB 2.0 protocols. The KVM is used with a wired remote control.
Evaluated Configuration
Security Evaluation Summary
The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the High Sec Labs SK41D-4TR KVM Firmware Version 44404-E7E7 was evaluated are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 5. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 rev 5. Acumen Security determined that the evaluation assurance level (EAL) for the product is EAL 1. The product, when delivered configured as identified in the HSL Quick Installation Guide 4 Ports Secure Ruggedized DVI-D KVM Switch, HDC23220 Rev 1.0, the HSL Administrator Guide, HDC19968, Rev. C and the High Sec Labs SK41D-4TR KVM Firmware Version 44404-E7E7 Common Criteria Guidance Supplement, Version 0.5, satisfies all of the security functional requirements stated in the High Sec Labs SK41D-4TR KVM Firmware Version 44404-E7E7 Security Target. The project underwent CCEVS Validator review. The evaluation was completed in September 2021. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.
Environmental Strengths
The TOE is comprised of several security features. Each of the security features identified above consists of several security functionalities, as identified below: - Security Audit - User Data Protection - Identification and Authentication - Security Management - Protection of the TSF - TOE Access These features are described in more detail in the subsections below. Security Audit Audit entries are generated for security related events. User Data Protection The TOE provides secure switching capabilities for keyboard, video and mouse. The TOE ensures that only authorized peripheral devices may be used. Identification and Authentication Administrators must be identified and authenticated prior to accessing administrative functions. Security Management The TOE provides management capabilities in support of the ‘Restore to factory default’ function. The Administrator role restricts this functionality to authorized administrators. Protection of the TSF The TOE ensures a secure state in the case of failure, provides only restricted access, and performs self-testing. The TOE provides both passive detection of physical attack and resistance to physical attack. TOE Access The TOE provides a continuous indication of which computer is currently selected. Vendor InformationHigh Sec Labs, Inc. Zohar Vered +1 (256) 203-3036 +1 (256) 203-3230 zohar@highseclabs.com www.highseclabs.com |