NIAP: Compliant Product
NIAP/CCEVS
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - Vertiv Secure KVM and Matrix models SC820, SC820D, SC820H, SCM120, SCM120H, SC920H, SC920D, SC920, SC920XD, SC840, SC845, SC945, SC940, SC840D, SC845D, SC940D, SC945D, SC840H, SC845H, SC940H, SC945H, SC945XD, SCM145, SCM145H, SC1045XD, SC885, SC985, and SC8165

Certificate Date:  2019.08.01

Validation Report Number:  CCEVS-VR-VID10987-2019

Product Type:    Peripheral Switch

Conformance Claim:  Protection Profile Compliant

PP Identifier:    Protection Profile for Peripheral Sharing Switch Version 3.0

CC Testing Lab:  DXC.technology


CC Certificate [PDF] Security Target [PDF] Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]

Administrative Guide [PDF]

Administrative Guide [PDF]

Administrative Guide [PDF]

Administrative Guide [PDF]

Administrative Guide [PDF]

Administrative Guide [PDF]

Administrative Guide [PDF]

Administrative Guide [PDF]

Administrative Guide [PDF]

Administrative Guide [PDF]

Administrative Guide [PDF]


Product Description

Vertiv Secure KVM is Third-Generation Peripheral Sharing Switches (PSS) that enables seamless interaction with multiple isolated computers. Vertiv Secure KVM products are using multiple isolated microcontrollers and optical data diodes to protect from data leakages between connected computers. The Vertiv Secure KVM Switch allows the secure sharing of a single set of peripheral components such as keyboard, Video Display and Mouse/Pointing devices among multiple computers through standard USB, PS/2, DVI, HDMI, and DisplayPort interfaces.


Evaluated Configuration

Products are ranging from 2-Port to 16-Ports to support 2 to 16 computers respectively.

Some evaluated KVM and Matrix products also support DPP (Dedicated Peripheral Port) function as shown in the table below. This function enables secure connection of various USB devices based on pre-defined whitelist and blacklist policy.

Analog audio out switching is supported by all evaluated products. Stereo audio signals are passed through audio data diodes to enforce unidirectional flow of audio signals from the selected connected computer to the connected audio peripheral device.

DPP may be switched to a computer other than the one selected for keyboard and mouse through the use of front panel DPP freeze push-buttons.

Single-head products are used to switch video from computers having a single video output (for example 4:1) while dual-head models are used to switch in parallel computers having two video outputs (for example 8:1 + 8:1).

Matrix products enables independent user selection of video source between available computers. This TOE enables separate (non-blocking) selection of video sources for display #1 and for display #2. The matrix configuration may be used to support for example a local display and a projector having 2/4 isolated computer sources.

All evaluated products support a USB / PS/2 keyboard and USB / PS/2 mouse or touchscreen.


 Vertiv Secure KVMs and Matrix support a single user having a single or multiple display/s based on the table below:

Model

Computers supported

Display/s supported

Display I/F  Protocol

Computer video I/F Protocol

Video switching function

DPP

Analog audio out

SC820

2

1

DVI-I

DVI-I

Switch 2:1

No

Yes

SC820D

2

1

HDMI

DisplayPort

Switch 2:1

No

Yes

SC820H

2

1

HDMI

HDMI

Switch 2:1

No

Yes

SCM120

2

2

DVI-I

DVI-I

Matrix 2:2

No

Yes

SCM120H

2

2

HDMI

HDMI

Matrix 2:2

No

Yes

SC920H

2

2

HDMI

HDMI

Switch 2:1 + 2:1

No

Yes

SC920D

2

2

HDMI

DisplayPort

Switch 2:1 + 2:1

No

Yes

SC920

2

2

DVI-I

DVI-I

Switch 2:1 + 2:1

No

Yes

SC920XD

2

2

HDMI + DVI-I

DisplayPort + DVI-I

Switch 2:1 + 2:1

No

Yes

SC840

4

1

DVI-I

DVI-I

Switch 4:1

No

Yes

SC845

4

1

DVI-I

DVI-I

Switch 4:1

Yes

Yes

SC945

4

2

DVI-I

DVI-I

Switch 4:1 + 4:1

Yes

Yes

SC940

4

1

DVI-I

DVI-I

Switch 4:1

No

Yes

SC840D

4

1

HDMI

DisplayPort

Switch 4:1

No

Yes

SC845D

4

1

HDMI

DisplayPort

Switch 4:1

Yes

Yes

SC940D

4

2

HDMI

DisplayPort

Switch 4:1 + 4:1

No

Yes

SC945D

4

2

HDMI

DisplayPort

Switch 4:1 + 4:1

Yes

Yes

SC840H

4

1

HDMI

HDMI

Switch 4:1

No

Yes

SC845H

4

1

HDMI

HDMI

Switch 4:1

Yes

Yes

SC940H

4

2

HDMI

HDMI

Switch 4:1 + 4:1

No

Yes

SC945H

4

2

HDMI

HDMI

Switch 4:1 + 4:1

Yes

Yes

SC945XD

4

2

DVI-I + HDMI

DVI-I + DisplayPort

Switch 4:1 + 4:1

Yes

Yes

SCM145

4

2

DVI-I

DVI-I

Matrix 4:2

Yes

Yes

SCM145H

4

2

HDMI

HDMI

Matrix 4:2

Yes

Yes

SC1045XD

4

3

DVI-I + HDMI + HDMI

DVI-I + DisplayPort + DisplayPort

Switch 4:1 + 4:1 + 4:1

Yes

Yes

SC885

8

1

DVI-I

DVI-I

Switch 8:1

Yes

Yes

SC985

8

2

DVI-I

DVI-I

Switch 8:1 + 8:1

Yes

Yes

SC8165

16

1

DVI-I

DVI-I

Switch 16:1

Yes

Yes


Security Evaluation Summary

The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The evaluation demonstrated that the product meets the security requirements contained in the Security Target. The criteria against which the Vertiv Secure KVM was evaluated are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 4. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1, Revision 4. DXC Technology determined that the product is conformant to requirements for Peripheral Switch Protection Profile version 3.0.  The product satisfies all of the security functional requirements stated in the Security Target. Two validators, on behalf of the CCEVS Validation Body, monitored the evaluation carried out by DXC Technology. The evaluation was completed in June 7, 2019. Results of the evaluation can be found in the Assurance Activity Report for Vertiv Secure KVM prepared by DXC Technology.


Environmental Strengths

Keyboard and mouse security

Isolated keyboard and mouse USB device emulators per connected computer to prevent direct interface between the TOE shared peripheral devices and connected computers.

TOE uses host (computer) emulators to interface with connected keyboard and mouse peripheral devices, thus isolating external peripherals from TOE internal circuitry and from connected computers.

Keyboard user data is not stored on TOE non-volatile memory.  All USB stacks are implemented in the TOE using SRAM (Static Random Access Memory) – a volatile memory that clears data once TOE is powered down.

TOE external interface security

The TOE supports only the following external interfaces protocols:

           USB keyboard and mouse;

           Analog audio output;

           User authentication device or other assigned USB devices (TOE model specific);

           Power (AC or DC); and

           Video (VGA, DVI, HDMI, DisplayPort or MHL video only).

Audio Subsystem security

The TOE audio data flow path is electrically isolated from all other functions and interfaces to prevent signaling data leakages to and from the audio paths.

Video subsystem security

Video input interfaces are isolated from one another. Isolation is achieved through the use of different power and ground planes, different electronic components and different emulated EDID chips per channel.


Vendor Information


Vertiv IT Systems
Stan Slay
256-217-1213
Stan.Slay@vertiv.com

https://www.vertiv.com/en-us/
Site Map              Contact Us              Home