The Secure Switching Unit (SSU) is an all-optical switch unit. All data flowing through the optical switches will be optical. Each switch has the capability to connect to optical fibers. These optical fibers are typically connected to optical transceivers on a computer or a signal processing/routing board on the other end. There is no requirement that the connection is to a host computer or a network. The SSU provides multiple point to point fiber connections.
\r\n\r\n
The optical switches provide isolation between the output ports of the 1x3 switch block and between separate 1x3 switch blocks. There are 15 duplex pairs of 1x3 switches in the SSU. Two 1x3 switches make up a duplex 1x3 switch, so there are 30 actual switches in the SSU.
\r\n\r\n
One way to think of the SSU is as an automated patch panel. Without the SSU, one would take an optical fiber and patch one optical port to another optical port (like the old telephone switchboards). The SSU provides a convenient way to switch ports with push buttons. However, unlike today’s data/telecommunication routers, the SSU does not provide ANY sort of traffic or data packet management.
\r\n\r\n
The SSU front LED panel provides switch position indicators. The front panel can be used to select the switch configuration modes, define user configurable modes[1], and to manually configure switch states. The console part on the back of the SSU can be used to define the programmable modes.
\r\n","evaluation_configuration":null,"security_evaluation_summary":"The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) processes and procedures. Secure Switching Unit Version D with firmware Version 4.1 was evaluated against the criteria contained in the Common Criteria for Information Technology Security Evaluation, Version 2.3. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 2.3. CygnaCom Solutions has determined that the product meets the security criteria in the Security Target, which specifies an assurance level of EAL4 augmented with AVA_CCA.1 and AVA_VLA.3.
\r\n\r\n
A validator, on behalf of the CCEVS Validation Body, monitored the evaluation. The evaluation was completed in April 2009.
","environmental_strengths":"The following security functions are in the scope of the evaluation:
\r\n\r\n
The SSU provides the ability perform the following management functions on the SSU:
\r\nThe TOE allows for 16 total switch configuration modes, 9 are programmable modes.
\r\nAdministrators control the states of the switches using the front panel either by controlling individual duplex pairs or by recalling stored configuration modes.
\r\nSwitching provides an optical connection between two ports by providing a low-loss path for a light beam to travel between two ports. The TOE provides all-optical switching using MEMS micro-mirrors in which the switching action is controlled by tilting the mirrors to redirect light beams. The mirror tilting mechanism is controlled electronically. This mechanism is proprietary. The signals are purely optical and the SSU does not alter, process, or store any information going through the optical fiber.
\r\nLogical protection of the TOE is required to ensure the TOE security services are not bypassed or tampered with. In addition, the TOE provides a tamper evident seal and the ability to isolate ports from each other.
\r\nThe TOE provides the ability to isolate ports from each other to ensure that the security functions are executed on the correct port. Each of the 1x3 duplex pairs may connect the input port to only one output port (also referred to as channels) at a time.
\r\n\r\n
Each of the 1x3 switches contains one optical On-off switch at each of the output ports. The 1x3 component provides optical isolation between the output ports by physical separation of output fibers. The On-off switch provides additional isolation by turning off (by optically cutting off the signal) the inactive output ports.
\r\nAll removable panels on the device will be protected by a tamper-evident seal. This tamper-evident seal will provide obvious signs of attempts to physically open the device.
","features":[]}