HighSecLabs SC44HU-3, SC26HU-3 User Manual
SC44HU-3 Secure KVM Combiner
User Manual
Products covered by this manual:
SC44HU-3 – Secure Combiner KVM 4-Input 4-HDMI Output Ports w/fUSB, PP 3.0
Document Number HDC10357 Rev. E
1
HSL SC44HU-3 Secure KVM Combiner
TABLE OF CONTENTS
SECTIONS
Table of Contents
1 2 3 4 5 6
Introduction .......................................................... 2
Package Contents .............................................................2
Overview ............................................................. 3
Safety Precautions ............................................................3
Safety Precautions - Précautions de sécurité (French) .........................4
User Guidance & Precautions..................................................5
Main Features .................................................................7
Tamper Evident Labels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
Active Anti-Tampering System ................................................9
Product Enclosure Warning Label .............................................9
Equipment Requirements ....................................................10
Product Specifications .......................................................12
User Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13
System Settings ..............................................................13
Front Panel Features – SC44HU-3 ............................................15
Rear Panel Features – SC44HU-3 .............................................16
Installation........................................................... 17
Before Installation ............................................................17
Installation ...................................................................19
Typical system installation diagram ......................................... 22
System Setup ............................................................... 23
Multiple Display Installation .................................................25
Operation ............................................................26
User mode ..................................................................29
VDT KM Mode............................................................... 30
System Mode ................................................................31
Dragging a Window .........................................................32
Multi-display operation ..................................................... 34
Scaling Function .............................................................35
Scale Mode ..................................................................35
List of Available Actions ......................................................37
Troubleshooting .....................................................39
Information ..........................................................43
2
HSL SC44HU-3 Secure KVM Combiner
INTRODUCTION
SECTIONS
Table of Contents
2 3 4 5 6
1
Thank you for purchasing this High Sec Labs (HSL) secure product designed for
use in defense and intelligence installations. The product provides the highest
security safeguards and features that meet today’s IA (information assurance)
computing requirements as defined in the latest PSS Protection Profile Rev 3.0.
This User Manual provides all the details you’ll need to install and operate your
new product.
Intended Audience
This document is intended for the following professionals:
• System Administrators/IT Managers
• End Users
What is a KVM Combiner?
HSL Secure KVM Combiner enables simple integration of multiple sources into a
combined image presented on single or multiple displays.
It is an essential tool for heavy-duty users interacting with several sources at the
same time.
The combiner is a multi-viewer providing an integrated image with native
Windowing interaction options across isolated networkd. The KVM Combiner
securely presents an integrated image of sources, varying in their security
levels, without exposing the organization to risks of information leakage. Using
advanced video processing technologies, the combiner draws a high resolution
dynamic “mosaic” of images generated by different computer sources. Its builtin video source isolation ensures an unidirectional data flow through USB and
video ports.
Package Contents
Inside product packaging you will find the following:
• HSL Secure KVM Product
• AC Power Cord
• 5-button Mouse
• User Guidance Documentation
Important Security Note:
If you are aware of potential security vulnerability while installing or
operating this product, we encourage you to contact us immediately in one
of the following ways:
• Web form: http://www.highseclabs.com/support/case/
• Email: security@highseclabs.com
• Tel: +972- 4-9591191 or +972-4-9591192
Important:
This product is equipped with always-on active anti-tampering system. Any
attempt to open the product enclosure will activate the anti-tamper triggers
and render the unit inoperable and warranty void.
Revision
A – Initial Release, 24 Feb 2015
B – Corrections, 4 April 2015
C – Corrections, 12 May 2015
D – User Guidance changes, 16 June 2015
E – Correction to Features section, 13 August 2015
3
HSL SC44HU-3 Secure KVM Combiner
OVERVIEW
SECTIONS
Table of Contents
1 3 4 5 6
2
Safety Precautions
Please read the following safety precautions carefully before using the product:
• Before cleaning, disconnect the product from any electrical power supply.
• Do not expose the product to excessive humidity or moisture.
• Do not store or use for extensive period of time in extreme thermal
conditions – it may shorten product lifetime.
• Install the product only on a clean secure surface.
• If the product is not used for a long period of time, disconnect it from
ele ctrical p ower.
• If any of the following situations occurs, have the product checked by an
HSL qualified service technician:
– Liquid penetrates the product’s case.
– The product is exposed to excessive moisture, water or any other liquid.
– The product is not working well even after carefully following the
instructions in this user’s manual.
– The product has been dropped or is physically damaged.
– The product shows obvious signs of breakage or loose internal parts.
– In case of external power supply – If power supply overheats, is broken
or damaged, or has a damaged cable.
• The product should be stored and used only in temperature and humidity
controlled environments as defined in the product’s environmental
specifications.
• Never attempt to open the product enclosure. Any attempt to open the
enclosure will permanently damage the product.
• The product contains a non-replaceable internal battery. Never attempt to
replace the battery or open the enclosure.
• This product is equipped with always-on active anti-tampering system.
Any attempt to open the product enclosure will activate the anti-tamper
triggers and render the unit inoperable and warranty void.
4
HSL SC44HU-3 Secure KVM Combiner
SECTIONS
Table of Contents
1 3 4 5 6
OVERVIEW
2
Safety Precautions - Précautions de sécurité (French)
Veuillez lire attentivement les précautions de sécurité suivantes avant d’utiliser
le produit:
• Avant nettoyage, débranchez l’appareil de l’alimentation DC / AC.
• Assurez-vous de ne pas exposer l’appareil à une humidité excessive.
• Assurez-vous d’installer l’appareil sur une surface sécurisée propre.
• Ne placez pas le cordon d’alimentation DC en travers d’un passage.
• Si l’appareil n’est pas utilisé de longtemps, retirez l’alimentation murale de
la prise électrique.
• L’appareil devra être rangé uniquement dans des environnements à
humidité et température contrôlées comme défini dans les caractéristiques
environnementales du produit.
• L’alimentation murale utilisée avec cet appareil devra être du modèle
fourni par le fabricant ou un équivalent certifié fourni par le fabricant ou
fournisseur de service autorisé.
• Si une des situations suivantes survenait, faites vérifier l’appareil par un
technicien de maintenance qualifié:
– En cas d’alimentation externe - L’alimentation de l’appareil surchauffe,
est endommagée, cassée ou dégage de la fumée
– ou provoque des court circuits de la prise du secteur.
– Un liquide a pénétré dans le boîtier de l’appareil.
– L’appareil est exposé à de l’humidité excessive ou à l’eau.
– L’appareil ne fonctionne pas correctement même après avoir suivi
attentivement les instructions contenues dans ce guide de l’utilisateur.
• L’appareil est tombé ou est physiquement endommagé.
• L’appareil présente des signes évidents de pièce interne cassée ou
desserrée
• L’appareil contient une batterie interne. La batterie n’est pas remplaçable.
N’essayez jamais de remplacer la batterie car toute tentative d’ouvrir le
boîtier de l’appareil entraînerait des dommages permanents à l’appareil.
• Ce produit est équipé d’toujours-sur le système anti-sabotage active.
Toute tentative d’ouvrir le boîtier du produit va activer le déclencheur antisabotage et de rendre l’unité vide inutilisable et garantie.
5
HSL SC44HU-3 Secure KVM Combiner
SECTIONS
Table of Contents
1 3 4 5 6
OVERVIEW
2
User Guidance & Precautions
Please read the following User Guidance & Precautions carefully before using
the product:
1. As product powers-up it per forms a self-test procedure. In case of self- test
failure for any reason, including jammed buttons, the product will be Inoperable.
Self-test failure will be indicated by the following abnormal LED behavior:
a. All channel-select LEDs will be turned ON and then OFF;
b. A specific, predefined LED combination will be turned ON;
c. The predefined LED combination will indicate the problem type (jammed
buttons, firmware integrity).
Try to power cycle product. If problem persists please contact your system
administrator or technical support.
2. Product power-up and RFD behavior:
a. By default, after product power-up, the active channel will be computer #1,
indicated by the applicable front panel push button LED lit.
b. Product Restore-to-Factory-Default (RFD) function is available via a
physical control button on rear panel. Use a sharp object or paper clip to
hold RFD button pressed for several seconds to initiate an RFD action.
c. RFD action will be indicated by front panel LEDs blinking all together.
d. When product boots after RFD, keyboard and mouse will be mapped to
the active channel #1 and default settings will be restored, erasing all user-
set definitions.
3. The appropriate usage of peripherals (e.g. keyboard, mouse, display,
authentication device) is described in detail in this User Manual’s appropriate
sections. Do not connect any authentication device with an external power
source to product.
4. For security reasons products do not support wireless keyboards and mice. In
any case do not connect wireless keyboard/mouse to product.
5. For security reasons products do not support microphone/line-in audio
input. In any case do not connect a microphone to product audio output
port, including headsets.
6. Product is equipped with always-on active anti-tampering system. Any
attempt to open product enclosure will activate the anti-tamper system
indicated by all channel-select LEDs flashing continuously. In this case,
product will be inoperable and warranty void. If product enclosure appears
disrupted or if all channel-select LEDs flash continuously, please remove
product from service immediately and contact technical support.
7. In case a connected device is rejected in the console port group the user will
have the following visual indications:
a. When connecting a non-qualified keyboard, the keyboard will be non-
functional with no visible keyboard strokes on screen when using the
keyboard.
b. When connecting a non-qualified mouse, the mouse will be non-
functional with mouse cursor frozen on screen.
c. When connecting a non-qualified display, the video diagnostic LED will
flash green and video will not work.
d. When connecting a non-qualified USB device, fUSB LED will flash green
and USB device will be inoperable.
6
HSL SC44HU-3 Secure KVM Combiner
SECTIONS
Table of Contents
1 3 4 5 6
OVERVIEW
2
User Guidance & Precautions (Cont.)
8. Do not connect product to computing devices:
a. That are TEMPEST computers;
b. That include telecommunication equipment;
c. That include frame grabber video cards;
d. That include special audio processing cards.
9. Product has a remote control port in the back panel labeled RCU. Do not use
this port - it is inoperable and for future use.
10. Important! Before re-allocating computers to channels, it is mandatory to
power cycle product, keeping it powered OFF for more than 1 minute.
11. Product log access and administrator configuration options are described in
product Administrator Guide.
12. Authentication session will be terminated once product power is down or
user intentionally terminates session.
13. If you are aware of any potential security vulnerability while installing or
operating product, please remove product from service immediately and
contact us in one of the ways listed in this manual.
7
HSL SC44HU-3 Secure KVM Combiner
SECTIONS
Table of Contents
1 3 4 5 6
OVERVIEW
2
Main Features
Product is designed, manufactured and delivered in security-controlled
environments. Below is a summaty of the main advanced features incorporated
in product:
Advanced isolation between computers and shared peripherals
The emulations of keyboard, mouse and display EDID, prevent direct contact
between computers and shared peripherals. Product design achieves maximal
securit y by keeping the video path separate with keyboard and mouse switched
together, purging keyboard buffer when switching channels. All these features
contribute to strong isolation between computer interfaces, maintained even
when product is powered off.
Unidirectional data flow: USB, audio and video
Unique hardware architecture components prevent unauthorized data flow,
including:
• Optical unidirectional data flow diodes in the USB data path that filtrate
and reject unqualified USB devices;
• Secure analog audio diodes that prevent audio eavesdropping with no
support for microphone or any other audio-input device;
• Video path is kept separate from all other traffic, enforcing unidirectional
native video flow. EDID emulation is done at power up and blocks all
EDID/MCCS writes. For DisplayPort video, filtration of AUX channel exists
to reject unauthorized transactions.
Isolation of power domains
Complete isolation of power domains prevents signaling attacks.
Secure administrator access & log functions
Product incorporates secure administrator access and log functions to provide
auditable trail for all product security events, including batter y backup life for
anti-tampering and log functions. Non-reprogrammable firmware prevents the
ability to tamper with product logic.
Always-on, active anti-tamper system
Active anti-tampering system prevents malicious insertion of hardware implant
such as wireless key-logger inside product enclosure. Any anti-tampering
attempt causes isolation of all computers and peripheral devices rendering
product inoperable and showing clear indications of tampering event to user.
Holographic security tamper-evident labels are placed on the enclosure to
provide a clear visual indication if product has been opened or compromised.
Metal enclosure is designed to resist mechanical tampering with all
microcontrollers protected against firmware-read, modification and rewrite.
Video Support
• HDMI1.3 displays and above.
Multi-Display and Resolutions Supported
Products suppor ts multi-display and video resolutions of up to 4K-2K Ultra HD
(3840 X 2160 pixels).
8
HSL SC44HU-3 Secure KVM Combiner
SECTIONS
Table of Contents
1 3 4 5 6
OVERVIEW
2
Main Features (Cont.)
Real-time and real quality video
Pixel-by-pixel video image. No quality loss, latency, reduced colors, dropped
frames or artifacts. Fastest digital video processing technology available in any
KVM today. Less than 30 millisecond latency.
Easy customization
System mode enables easy customization of channels, colors, cursors, taskbar, background etc. User programmable buttons enable quick setting of user
defined screen arrangements.
Audio Support
The HSL Secure KVM Combiner supports audio out switching. Microphone
switching is not supported to prevent analog leakages through audio ports.
Advanced Scaling Function
The HSL Secure KVM Combiner has an advanced scaling function allowing the
user to scale the video source 2x and 4x smaller to assure good view and superb
work experience. User can now fit 4 full HD sources on a single HD screen by
scaling each source and all in real time with no data loss.
Scale and Tile Modes
Allowing users to focus on a main source while viewing the other sources or tile
all of the sources equally
Filtered USB (fUSB) feature f USB feature enables to connect authorized USB devices
to product. Product is designed with complete isolation between fUSB data, such
as user authentication smart card reader data, and all other product traffic.
The fUSB feature can be managed via Configurable Device Filtering (CDF)
mechanism with configuration permissions limited to authenticated
administrators. For more details please refer to the “fUSB Configuration Manual”.
“Freeze fUSB” feature
Dedicated “Freeze fUSB” push button on front panel enables to lock this function
to a specific channel. When locked, switching channels will not affect processes
performed by the USB device connected to the locked channel.
“Freeze Audio” feature
Dedicated “Freeze Audio” push button on front panel enables to lock this
function to a specific channel in a way that switching between channels leaves
the audio function locked to current channel.
9
HSL SC44HU-3 Secure KVM Combiner
SECTIONS
Table of Contents
1 3 4 5 6
OVERVIEW
2
Tamper Evident Labels
Product uses holographic tamper evident labels to provide visual indications
in case of an enclosure intrusion attempt. When opening product packaging
inspect the tampering evident labels.
If for any reason one or more tamper-evident label is missing, appears
disrupted, or looks different than the example shown here, please call
Technical Support and avoid using that product.
Active Anti-Tampering System
Product is equipped with always-on active anti-tampering system. If mechanical
intrusion is detected by this system, the Product will be permanently disabled
and all LEDs will blink continuously.
If product indicates “tampered state” (all LEDs blinking) – please call
Technical Support and avoid using that product.
HSL Tampe r Evident La bel
Product Enclosure Warning Label
Product has the following warning sticker placed in a prominent location on
product enclosure:
WARNING!
Product protected by
Anti-Tamper system.
Do not Attempt to
remove screws, open
enclosure, or tamper with
product in any way.
Any attempt to tamper
with product may cause
permanent damage.
10
HSL SC44HU-3 Secure KVM Combiner
SECTIONS
Table of Contents
1 3 4 5 6
OVERVIEW
2
Equipment Requirements
Cables
It is highly recommended to use HSL Cable Kits for product to ensure optimal
security and performance.
One Cable Kit is required per connected computer.
Operating Systems
Product is compatible with devices running on the following operating systems:
• Microsoft® Windows®
• Red Hat®, Ubuntu® and other Linux® platforms
• Mac OS® X v10.3 and higher.
USB Keyboard console port
The product console USB keyboard port is compatible with Standard USB
keyboards.
Notes:
a. Console USB keyboard and mouse ports are switchable, i.e. you can
connect keyboard to mouse por t and vice versa. However, for optimal
operation it is recommended to connect USB keyboard to console USB
keyboard port and USB mouse to console USB mouse por t.
b. For security reasons products do not support wireless keyboards. In any
case do not connect wireless keyboard to product.
c. Non-standard keyboards, such as keyboards with integrated USB hubs and
other USB-integrated devices, may not be fully supported due to security
policy. If they are supported, only classical keyboard (HID) operation will
be functional. It is recommended to use standard USB keyboards.
USB Mouse console port
The product console USB mouse port is compatible with standard USB mice.
Notes:
a. Console USB keyboard and mouse ports are switchable, i.e. you can
connect keyboard to mouse por t and vice versa. However, for optimal
operation it is recommended to connect USB keyboard to console USB
keyboard port and USB mouse to console USB mouse por t.
b. Console USB mouse port supports Standard KVM Extender composite
device having a keyboard/mouse functions.
c. For security reasons products do not support wireless mice. In any case
do not connect wireless mouse to product.
Video Support
• HDMI 1.3 and above displays
Resolutions Supported
Products suppor t video resolutions of up to 4K-2K Ultra HD (3840 X 2160 pixels).
11
HSL SC44HU-3 Secure KVM Combiner
SECTIONS
Table of Contents
1 3 4 5 6
OVERVIEW
2
User Audio Devices
Product is compatible with the following types of user audio devices:
• Stereo headphones;
• Amplified stereo speakers.
Note: In any case do not connect a microphone to product audio output port
including headsets.
fUSB Port (applicable models)
The product operates with authorized USB devices plugged into the console
fUSB Port, such as USB smart-card reader or Common Access Card (CAC) reader.
By default, authentication devices such as smart card readers and CACs are
authorized for use.
12
HSL SC44HU-3 Secure KVM Combiner
SECTIONS
Table of Contents
1 3 4 5 6
OVERVIEW
2
Product Specifications
Input connected computer Up to 3840x2160
Input Windows Size
1024x768 (4:3)
1280x800 (8:5)
128 0x1024 (4: 3)
1680x1050 (8:5)
1920x10 80 (16:9 )
1920x1200 (8:5)
2560 x1440
2560x1600
38 40 x2160
Console Keyboard Input
USB Type-A female connector or PS/2 Mini-DIN 6
pin female connector
Console Mouse Input
USB Type-A female connector or PS/2 Mini-DIN 6
pin female connector
Console fUSB Input USB Type A
Console Display Port 4 HDMI female connectors
Console Audio Out 1/8" (3.5mm stereo jack
CPU Keyboard/Mouse Ports USB Type-B jack
CPU fUSB Ports USB Type-B jack
CPU Audio Input 1/8" (3.5mm stereo jack
CPU Video Input Port HDMI female connector
Port Selectors push-buttons 4
LED Indicators 4
Operating Temp 32° to 104° F (0° to 40° C)
Storage Temp -4° to 140° F (-20° to 60° C)
Humidity 0-80% RH, non-condensing
Warranty 2 years
Product design life-cycle 10 year s
13
HSL SC44HU-3 Secure KVM Combiner
SECTIONS
Table of Contents
1 3 4 5 6
OVERVIEW
2
User Functions
• Toggling between User mode and system modes by mouse side buttons
click (5-Buttons mouse).
• Windows can be moved and resized.
• Scale but ton to scale (one source as primary and all other to be monitored)
• Tile Mode – monitor all sources and interact with all.
• Help button presents on-screen basic usage guidance.
• Vertical and horizontal scroll bars to enable user control of viewable
window.
• Minimize window to task-bar.
• Colored Task-bar and window border indicating channel.
• Mouse wheel cyclic toggling between active windows in system mode.
• Double click to maximize a window to a full screen.
• Legacy mode – toggling between windows by keyboard Control +
Function keys [Optional].
• 3 User defined preset buttons to save or load user settings.
• Disable channel function.
• Maximize screen to one display
• Change scale ratio using mouse wheel
• Control all function without 5-buttons mouse using keyboard shortcuts
System Settings
• 4 Selectable system cursor pointers.
• 6 Selectable window border widths.
• 16 Selectable window border colors.
• 2 Selectable task-bar sizes.
Loading...