GCN LAB REVIEW
A switch to security
Avocent's SwitchView KVM lets Common Access Cards in, keeps other devices out
The government tries hard to maintain security — which, if you think about it, is an almost impossible task. When you have a huge organization with millions of employees who range from mail carriers and astronauts to scientists and soldiers, you will have a few security holes. To compensate, the government assigns access based on employees’ security classifications, so a top CIA agent can see more information than a data-entry clerk at the Social Security Administration.
At least, that’s how it’s supposed to work. The problem with security is that it sometimes runs counter to efficiency. For example, if you force everyone who needs to access a building to go through several security checkpoints, even your valid users will be late to work from time to time. Such bottlenecks also occur with network security.
Consider what can happen when several networks meet at the same desktop. One of the most efficient setups for users with multiple computers is to run them all through a keyboard-video-mouse (KVM) switch, so all the devices can share one monitor and keyboard. Otherwise, those standard-size government desks will get crowded fast with several monitors and input devices for each computer.
The problem with KVM switches in terms of security is that they bring together several systems at one point. If some of those computers are connected to a secure network such as the Defense Department’s Secret IP Router Network and others are connected to the Sensitive but Unclassified IP Router Network, you have a potential problem. And even if all the computers are connected to the same network, the KVM could still act as a means of access for malicious users.
Avocent’s SwitchView SC540 can solve the security problems associated with connecting computers via a KVM switch. When we unpacked the test unit for the lab, it looked similar to many other nonsecure KVM devices we have tested in the past, save for some green security tape at the top and sides of the unit. The message on the tape warns users that if the switch is opened, it will stop working. In addition, the LEDs on the front of the unit will flash if the box has been tampered with.
Of course, we wanted to open it right up to test this feature but decided to go green and avoid creating unnecessary waste.
The self-destruct mechanism is a somewhat over-the-top security program to prevent James Bond-style tampering or bugging of the device. But the switch also incorporates more mundane security methods that are more likely to prevent a breach.
One security feature revolves around the way the SwitchView SC540 handles its four USB ports. Given that most PCs have dropped PS/2 ports in favor of USB, it makes sense that a device designed to link computers to a single monitor and keyboard would allow USB access.
But in some switches, that approach created a problem: A USB key drive inserted into the switch could pass credentials to connected computers. If the operating system viewed the removable device as an authorized part of the KVM switch, it could circumvent the computer’s or network’s security policy. Essentially, it let the KVM act like a USB hub, thereby overriding agency policies that only allowed the use of approved USB devices or none at all. Most home users probably welcomed the extra USB ports, but it meant that government adoption was problematic at best.
In contrast, the SwitchView SC540 does nothing when you insert a camera cable, key drive or other storage device into one of the USB ports. It doesn’t pass any information to connected computers. It only allows keyboards and mice to connect, and they worked fine in our testing.
However, one type of USB device does work with the SwitchView SC540: Common Access Card readers. That exception was added to help agencies comply with Homeland Security Presidential Directive 12, which requires a system of common access for government networks. When you plug a reader into the USB port, you can use a CAC with connected computers. We had several CAC readers in the lab, and all of them worked fine with the SC540 on all connected PCs.
The switch has a couple of other features that help agencies comply with security demands. For example, all keyboard data buffers are cleared after commands are sent. That way, you could put computers linked to secure and nonsecure networks on the same switch, and no data from the keyboard could be accidentally or purposely passed between them. And of course, the computers on the network attached to the SC540 don’t actually touch other than through the keyboard and mouse, so no data can be transferred between them.
The SC540 model is a bit expensive, with a government price of $908. There are less expensive four-port switches out there, though most don’t have the robust security of the SC540. One reason for the high price is the switch’s support for dual Digital Visual Interface inputs for each of the four computers that can be connected. So you have eight DVI ports, though only four selectable inputs. The feature is designed to accommodate users who have multiple monitors for each PC on their desktops, but that’s a small percentage of the government population.
There are other models in the SwitchView line that offer more traditional inputs while retaining the security features we tested. Most users will probably want to choose one of them. However, if you use multiple monitors, the SC540 is the perfect choice.
Avocent, 866-277-1924, www.avocent.com