Appendix D: FAQs
341
Security
Is the KSX II FIPS 140-2 Certified?
The KX II 2.2.0 and later, and the KSX II 2.3.0 and later, provides users
with the option to use an embedded FIPS 140-2-validated cryptographic
module running on a Linux platform per FIPS 140-2 implementation
guidelines. This cryptographic module is used for encryption of KVM
session traffic consisting of video, keyboard, mouse, virtual media and
smart card data.
What kind of encryption does the KSX II use?
The KSX II uses industry-standard (and extremely secure) 128-bit RC4,
128 bit AES or 256bit AES encryption, both in its SSL communications
as well as its own data stream. Literally no data is transmitted between
remote clients and KSX II that is not completely secured by encryption.
Does the KSX II support AES encryption as recommended by the
US Government's NIST and FIPs standards?
The KSX II utilizes the Advanced Encryption Standard (AES) encryption
for added security.
AES is a US government approved cryptographic algorithm that is
recommended by the National Institute of Standards and Technology
(NIST) in the FIPS Standard 197.
Does the KSX II allow encryption of video data? Or does it only
encrypt keyboard and mouse data?
Unlike competing solutions, which only encrypt keyboard and mouse
data, the KSX II does not compromise security; it allows encryption of
keyboard, mouse and video data.
How does the KSX II integrate with external authentication servers
such as Active Directory
®
, RADIUS, or LDAP/S?
Through a very simple configuration, the KSX II can be set to forward all
authentication requests to an external server such as LDAP/S, Active
Directory, or RADIUS. For each authenticated user, the KSX II receives
from the authentication server the user group to which that user belongs.
The KSX II then determines the user's access permissions depending on
the user group to which he or she belongs.
How are usernames and passwords stored?
Should the KSX II's internal authentication capabilities be used, all
sensitive information such as usernames and passwords are stored in an
encrypted format. Literally no one, including Raritan technical support or
Product Engineering departments, can retrieve those usernames and
passwords.
Does the KSX II support strong password?