{"product_id":10492,"v_id":10492,"product_name":"Stratus CM 4110 and Stratus CM 4120","certification_status":"Not Certified","certification_date":"2013-04-30T00:04:00Z","tech_type":"Peripheral Switch","vendor_id":{"name":"NCS Technologies, Inc.","website":"http://www.ncst.com/"},"vendor_poc":"Dewayne Adams","vendor_phone":"703-743-8536","vendor_email":"dadams@ncst.com","assigned_lab":{"cctl_name":"UL Verification Services"},"product_description":"<p>The NCS Stratus CM 4110 and Stratus CM 4120 is a device that allows the sharing of a single set of peripheral components such as Keyboard, Video Monitor and Mouse (KVM) devices among multiple computers using a standard USB interface.</p>","evaluation_configuration":"<p>NCS Stratus CM 4110, Version: F103540-1</p>\r\n<p>NCS Stratus CM 4120, Version: F103786-1</p>","security_evaluation_summary":"<p>The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the NCS Stratus CM 4110 and CM4120 switch was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 and International Interpretations effective on 18 October, 2012. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1. InfoGard Laboratories determined that the evaluation assurance level (EAL) for the product is the EAL 2 family of assurance requirements. The product consists of a Remote Control and the Control Module. The Control Module includes a KVM and power circuitry. The product requires pairing of the Remote Control and the KVM to satisfy the security functional requirements defined in the NCS Technologies Model Stratus CM 4110 and Stratus CM 4120 Security Target. A Validator, on behalf of the CCEVS Validation Body, monitored the evaluation carried out by InfoGard. The evaluation was completed in April 2013. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report for the NCS Technologies Model Stratus CM 4110 and Stratus CM 4120, prepared by CCEVS.</p>\r\n<p>It is the responsibility of integrators of the switch to assess the risk of information transfer with compliant switches.</p>","environmental_strengths":"<p>The TOE provides the following security features:</p>\r\n<p><strong>User data protection</strong></p>\r\n<p>The TOE protects user data by enforcing the information flow control policy, which assures that the TOE connects the Peripheral Port Group to only a single computer at one time. The design of TOE assures that the keyboard; mouse and video monitor resources can engage only a single computer at a time. This precludes the sharing or transfer of data between computers by the TOE.</p>\r\n<p><strong>Security Management</strong></p>\r\n<p>The TOE supports management of the data flows using a user actuated manual switching mechanism; data can flow to or from the Shared Peripheral Group only if it was received from the same switched computer.</p>\r\n<p><strong>Protection of the TSF</strong></p>\r\n<p>The TOE requires that the remote control portion of the TOE be paired with the KVM portion of the TOE to prevent other users from using a different remote control to access a KVM to which they are not authorized.</p>\r\n<p><strong>Extended requirements</strong></p>\r\n<p>The TOE provides a visual indication of the connected devices, provides detection of invalid USB devices, and protects firmware via a one-time change making ROM code read-only.</p>\r\n<p>The product is intended to be used either in environments in which, at most, sensitive but unclassified information is processed, or the sensitivity level of information in both the internal and external networks is equivalent.</p>","features":[]}