Compliant Product - Vertiv CYBEX™ SCMV2160DPH, SC840DVIE, SC940DVIE, SC840HE, SC940HE, SC840DPE, SC940DPE Firmware Version 44404-E7E7 Peripheral Sharing Devices
Certificate Date: 2021.08.27CC Certificate Security Target Validation Report
Validation Report Number: CCEVS-VR-VID11122-2021
Product Type: Peripheral Switch
Conformance Claim: Protection Profile Compliant
PP Identifier: PP-Module for Keyboard/Mouse Devices Version 1.0
PP-Module for Video/Display Devices Version 1.0
Protection Profile for Peripheral Sharing Device Version 4.0
CC Testing Lab: Acumen Security
The Vertiv Secure Keyboard, Video, Mouse (KVM) Switches allow users to share keyboard, video, and mouse peripherals between a number of connected computers. Security features ensure isolation between computers and peripherals to prevent data leakage between connected systems.
The following security features are provided by the Vertiv Peripheral Sharing Devices:
· Computer video input interfaces are isolated through the use of separate electronic components, power and ground domains
· The display is isolated by dedicated, read-only, Extended Display Identification Data (EDID) emulation for each computer
· Access to the monitor’s EDID is blocked
· Access to the Monitor Control Command Set (MCCS commands) is blocked
· Both DisplayPort and High-Definition Multimedia Interface (HDMI) video peripherals are supported on the SCMV2160DPH, SC840DPE and SC940DPE models. HDMI peripherals are supported on the SC840HE and SC940HE models, and DVI peripherals are supported on the SC840DVIE and SC940DVIE models
· Video input is accepted as DisplayPort or HDMI on the SCMV2160DPH, SC840DPE and SC940DPE models. HDMI video input is supported on the SC840HE and SC940HE models, and DVI video input is supported on the SC840DVIE and SC940DVIE models
Keyboard and Mouse Security
· The keyboard and mouse are isolated by dedicated, Universal Serial Bus (USB) device emulation for each computer
· One-way, peripheral-to-computer data flow is enforced through unidirectional optical data diodes
· Communication from computer-to-keyboard/mouse is blocked
· Non-HID (Human Interface Device) data transactions are blocked
· Hardware Anti-Tampering
· Special holographic tampering evident labels on the product’s enclosure provide a clear visual indication if the product has been opened or compromised
In the KVM Switch evaluated configuration, the TOE is connected to four, eight or sixteen computers. The video input is DisplayPort, HDMI or DVI-D, and one or two displays are connected.
In the KVM Multiviewer evaluated configuration, the TOE is connected to up to sixteen computers. The video input is DisplayPort or HDMI and two displays are connected. The device is used with two AFP008 remote control units, and an AFPSPLITTER.
Security Evaluation Summary
The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Vertiv CYBEX™ SCMV2160DPH, SC840DVIE, SC940DVIE, SC840HE, SC940HE, SC840DPE, SC940DPE Firmware Version 44404-E7E7 Peripheral Sharing Devices were evaluated are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 5. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 rev 5. The product, when delivered was configured as identified in:
· CYBEX™ SC SERIES SECURE SWITCHES SCMV200DPH MULTIVIEWER Quick Installation Guide, 590-2307-501B
· CYBEX™ SC SERIES SECURE SWITCHES SC800E/SC900E Quick Installation Guide, 590-2283-501B
· Vertiv CYBEX™ SCMV2160DPH, SC840DVIE, SC940DVIE, SC840HE, SC940HE, SC840DPE, SC940DPE Firmware Version 44404-E7E7 Peripheral Sharing Devices Common Criteria Guidance Supplement, Version 1.2
When configured following the guidance above, the device satisfies all of the security functional requirements stated in the Vertiv CYBEX™ SCMV2160DPH, SC840DVIE, SC940DVIE, SC840HE, SC940HE, SC840DPE, SC940DPE Firmware Version 44404-E7E7 Peripheral Sharing Devices Security Target. The project underwent CCEVS Validator review. The evaluation was completed in August 2021. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.
The TOE is comprised of several security features. Each of the security features consists of several security functionalities, as identified below:
User Data Protection
The TOE provides secure switching capabilities for video, keyboard and mouse, display. The TOE ensures that only authorized peripheral devices may be used.
Protection of the TSF
The TOE ensures a secure state in the case of failure, provides only restricted access, and performs self-testing. The TOE provides passive detection of physical attack.
The TOE provides a continuous indication of which computer is currently selected.
Vertiv IT Systems