manualshive.com logo in svg

ATEN CS1142D4C, Руководство пользователя

ATEN CS1142D4C - это удобный мультимедийный коммутатор 4K DisplayPort с двумя портами USB. Управляние множеством устройств стало проще благодаря этому продукту. Скачайте бесплатное руководство пользователя на нашем сайте для получения подробной информации об установке и настройке устройства.

Поделиться
Скачать
background image

Security Target 

Version 1.1

 

2022-03-08 

2

 

TOE Description  

2.1

 

Product Overview 

The TOE is the ATEN Secure KVM Switch Series (CAC Models). Each of the sixteen models identified in 
Section 1.1  is a Peripheral Sharing  Device  that  include  console  ports and computer ports. The  console 
ports are used to connect a single set of peripherals, including a mouse, keyboard, user authentication 
device such as smart card or CAC reader, speaker, and one or two video displays (depending on specific 
device type) to the 

TOE. The TOE’s computer ports are 

connected to up to 2, 4, or 8 separate computers 

(again  depending  on  specific  device  type).  The  user  can  then  securely  switch  the  connected  console 
peripherals  between  any  of  the  connected  computers  while  preventing  unauthorized  data  flows  or 
leakage between computers. The TOE supports manual port switching using a press and release a port 
selection push button (on the switch, or on the Remote Port Selector (RPS) if connected and aligned) to 
bring the KVM focus to the computer attached to its corresponding port. 

2.2

 

TOE Overview 

The TOE is the ATEN Secure Switch series of products with CAC. The TOE allows users to connect a single 
set of peripherals to its console ports to interact with multiple computers that are connected to it via its 
computer ports. Controls on the TOE chassis or on the RPS allow the user to select which of the connected 

computers is ‘active’ such that the peripherals connected to the console can be used to interact with the 

selected computer. 

The  TOE’s  console  ports  support  USB  keyboard  and mouse,  analog  audio out  (speakers),  a  USB  smart 

card/CAC port, and depending on model, DisplayPort, HDMI or DVI-I display. 

The  TOE’s  computer  ports  support  USB keyboard  and  mouse,  analog  audio,  USB  smart  card/CAC,  and 

depending on model, DisplayPort, HDMI, or DVI-I display. 

The TOE includes multiple models, all with the same basic functionality. The differences between models 
are: 

 

The type of display interface supported on the console ports (DisplayPort, HDMI or DVI-I) 

 

The type of display interface supported on the computer ports (DisplayPort, HDMI, or DVI-I) 

 

The number of sets of computer ports, which determines how many computers can be connected to 
the TOE at one time (up to 2, 4, or 8) 

2.3

 

TOE Architecture 

The ATEN Secure KVM series are KVM switches with the following characteristics: 

 

2/4/8 port USB DisplayPort single and dual display for DisplayPort (6 devices) 

 

2/4 port USB HDMI single and dual display for HDMI (4 devices) 

 

2/4/8 port USB DVI single and dual display for DVI (6 devices). 

The  Secure  KVM  Switch  products  allow  for  the  connection  of a mouse,  keyboard,  user  authentication 
device (such as smart card or CAC reader), speaker, and one or two video displays (depending on specific 
device  type)  to  the  Secure  KVM  Switch,  which  is  then  connected  to  2,  up  to  4,  or  up  to  8  separate 
computers (again depending on specific device type). The user can then switch the connected peripherals 

Содержание CS1142D4C

Страница 1: ...dels Security Target Version 1 1 2022 03 08 Prepared for ATEN 3F No 125 Section 2 Datung Road Sijhih District New Taipei City 221 Taiwan Prepared by Common Criteria Testing Laboratory 6841 Benjamin Fr...

Страница 2: ...Incorporate vendor review comments 0 3 Leidos Incorporate vendor review comments 0 4 Leidos Updates based on evaluator comments 0 5 Leidos Minor update to add adapters 0 6 Leidos Updates for validato...

Страница 3: ...tives 16 4 1 Security Objectives for the Operational Environment 16 5 IT Security Requirements 17 5 1 Extended Requirements 17 5 2 TOE Security Functional Requirements PSD MOD AO MOD KM MOD_UA_V1 0 18...

Страница 4: ...ual Information Protection Keyboard Data FDP_RIP_EXT 1 Residual Information Protection and FDP_RIP_EXT 2 Purge of Residual Information 39 6 2 10 FDP_SWI_EXT 1 PSD Switching FDP_SWI_EXT 2 PSD Switching...

Страница 5: ...ch Computer Interfaces and TOE Models 9 Table 6 Security Objectives for the Operational Environment 16 Table 7 TOE Security Functional Components 18 Table 8 Audio Filtration Specifications 21 Table 9...

Страница 6: ...1 1 ST Date 2022 03 08 Target of Evaluation TOE Identification ATEN Secure KVM Switch Series CAC Models TOE Versions The following table identifies the model numbers per configuration The firmware ver...

Страница 7: ...0 19 July 2019 MOD_AO_V1 0 PP Module for Keyboard Mouse Devices Version 1 0 19 July 2019 MOD_KM_V1 0 o including the following optional and selection based SFRs FDP_FIL_EXT 1 KM FDP_RIP 1 KM and FDP_S...

Страница 8: ...gnment Assignments within Selections are denoted by italicized bold text Iteration operation is identified with a slash and an identifier e g KM Additional iterations made by the ST author are defined...

Страница 9: ...is powered off non volatile or not volatile Monitoring The ability of a User to receive an indicator of the current Active Interface Non Selected Computer A Connected Computer that has no Active Inter...

Страница 10: ...authenticate to a computer e g smart card reader biometric authentication device proximity card reader User Data Information that the User inputs to the Connected Computer or is output to the User fr...

Страница 11: ...Security Target Version 1 1 2022 03 08 6 Acronym Definition PC Personal Computer PSD Peripheral Sharing Device RPS Remote Port Selector SFP Security Function Policy USB Universal Serial Bus...

Страница 12: ...ich of the connected computers is active such that the peripherals connected to the console can be used to interact with the selected computer The TOE s console ports support USB keyboard and mouse an...

Страница 13: ...e Secure KVM Switch products supporting DisplayPort convert the DisplayPort video signal to HDMI The HDMI signal inside the KVM will be converted again to DisplayPort signal for output to the connecte...

Страница 14: ...4DP4C CS1184H4C CS1144H4C CS1184D4C CS1144D4C CS1188DP4C CS1148DP4C CS1188D4C CS1148D4C The ATEN Secure KVM products implement a secure isolation design for all models to share a single set of periphe...

Страница 15: ...devices Details of the data flow architecture are provided in the proprietary Secure KVM Isolation Document All keyboard and mouse connections are filtered first and only authorized devices will be al...

Страница 16: ...entified in Section 2 5 below An optional KVM cable set not supplied with the TOE is available as a separate purchase The KVM cable sets are built for the KVM connection to the PCs providing better co...

Страница 17: ...Class A digital device pursuant to Part 15 of the Federal Communications Commission rules If not installed and used in accordance with the guidance instructions the device may cause harmful interferen...

Страница 18: ...emove all settings previously configured by the Administrator such as USB device whitelist blacklist Once the Reset to Factory Default function has been completed the Secure KVM will terminate the Adm...

Страница 19: ...ntation ATEN PSD PP v4 0 Secure KVM Switch Series 2 4 8 Port USB DVI HDMI DisplayPort Single Dual Display PP v4 0 Secure KVM Switch Administrator Guide Version 1 03 2021 1 25 ATEN PSD PP v4 0 Secure K...

Страница 20: ...assumptions about the operational environment of the TOE In general the PSD has presented a Security Problem Definition appropriate for peripheral sharing devices The ATEN Secure KVM Switch Series su...

Страница 21: ...at microphones are not plugged into the TOE audio output interfaces OE NO_SPECIAL_ANALOG_CAPABILITIES from MOD_VI_V1 0 The operational environment will not have special analog data collection cards or...

Страница 22: ...he following extended SFRs and since they are not redefined in this ST the PSD and associated modules should be consulted for more information in regard to those CC extensions FDP_AFL_EXT 1 Audio Filt...

Страница 23: ...tional Requirements for the PSD 4 0 and modules MOD_AO_V1 0 MOD_KM_V1 0 MOD_UA_V1 0 Section 5 3 identifies the requirements for the Video Display Device Module Tables 7 9 10 and 11 identify the SFRs t...

Страница 24: ...witching Methods FDP_SWI_EXT 3 Tied Switching FDP_TER_EXT 1 Session Termination FDP_TER_EXT 2 Session Termination or Removed Devices FDP_TER_EXT 3 Session Termination upon Switching FDP_UAI_EXT 1 User...

Страница 25: ...nce and rejections modification of the TOE user authentication device filtering whitelist and blacklist modification of the TOE keyboard mouse filtering blacklist Reset to Factory Default view audit l...

Страница 26: ...tate Application Note This SFR is originally defined in the Base PP but is refined and iterated to apply to the audio output interface per section 5 1 2 of the Audio Output PP Module 5 2 2 3Active PSD...

Страница 27: ...pplication Note This SFR is originally defined in the Base PP but is refined and iterated to apply to the video interface per section 5 1 2 of the Video Display PP Module 5 2 2 6Connected Displays Sup...

Страница 28: ...2 1 AO The TSF shall allow connections with authorized devices as defined in Appendix E of the AO Module and authorized devices and functions as defined in the PP Module for Keyboard Mouse Devices aut...

Страница 29: ...e to a powered on TOE 5 2 2 12 Authorized Devices User Authentication Devices FDP_PDC_EXT 2 UA FDP_PDC_EXT 2 1 UA The TSF shall allow connections with authorized devices as defined in Appendix E of th...

Страница 30: ...authorized interface protocols as defined in the PP Module for Keyboard Mouse Devices authorized devices presenting authorized interface protocols as defined in the PP Module for User Authentication...

Страница 31: ...g can be initiated through automatic port scanning control through a connected computer or control through keyboard shortcuts FDP_SWI_EXT 2 2 The TSF shall ensure that switching can be initiated only...

Страница 32: ...cation and Authentication FIA 5 2 3 1User Authentication Before Any Action FIA_UAU 2 FIA_UAU 2 1 The TSF shall require each administrator to be successfully authenticated before allowing any other TSF...

Страница 33: ...de unambiguous detection of physical tampering that might compromise the TSF FPT_PHP 1 2 The TSF shall provide the capability to determine whether physical tampering with the TSF s devices or TSF s el...

Страница 34: ...hts bright green to indicate that the CAC function is enabled for that corresponding port Each port has its own Port LED and CAC LED FTA_CIN_EXT 1 3 The TSF shall ensure that while the TOE is powered...

Страница 35: ...t the HDMI protocol from inside the TOE to peripheral display interface s as DisplayPort protocol 5 3 1 2Authorized Connection Protocols Video Output DP Models FDP_PDC_EXT 3 VI DP FDP_PDC_EXT 3 1 VI D...

Страница 36: ...P 5 4 1 1Authorized Connection Protocols Video Output H Models FDP_PDC_EXT 3 VI H FDP_PDC_EXT 3 1 VI H The TSF shall have interfaces for the HDMI protocols FDP_PDC_EXT 3 2 VI H The TSF shall apply the...

Страница 37: ...ection FDP 5 5 1 1Authorized Connection Protocols Video Output D Models FDP_PDC_EXT 3 VI D FDP_PDC_EXT 3 1 VI D The TSF shall have interfaces for the DVI I protocols FDP_PDC_EXT 3 2 VI D The TSF shall...

Страница 38: ...ASE_ECD 1 ST Introduction ASE_INT 1 Security Objectives ASE_OBJ 2 Derived Security Requirements ASE_REQ 2 Security Problem Definition ASE_SPD 1 TOE Summary Specification ASE_TSS 1 Development ADV Basi...

Страница 39: ...in the text editor by entering the command LIST The event logs are divided into two types critical and non critical The Log Data Area displays the critical and non critical Log data Each logged event...

Страница 40: ...es in Section 2 2 for details on TOE computer peripherals and connected computer port interfaces for each specific TOE model The TOE ensures that any previous information content of a resource is made...

Страница 41: ...d CS1184H4C each support one connected display While CS1142H4C and CS1144H4C each support two connected displays at a time The DVI models CS1182D4C CS1184D4C and CS1188D4C each support one connected d...

Страница 42: ...or Logon functions After the secure source computer is connected to the TOE and the authorized administrator has authenticated to the utility the administrator uses the utility GUI commands to configu...

Страница 43: ...rt TOE models with HDMI source are capable of embedding digital audio into digital video data transmission DisplayPort interfaced TOEs support digital audio embedded in the video The DisplayPort signa...

Страница 44: ...output interface 6 2 8 FDP_PWR_EXT 1 Powered By Computer The Secure KVM Switch provides power to connected user authentication devices via the USB protocol is isolated from other circuitry and cannot...

Страница 45: ...OE does not allow switching to be initiated through automatic port scanning control through a connected computer or control through keyboard shortcuts Note that the CAC interface can be turned on off...

Страница 46: ...nced PP are blocked by this TOE function as the emulated EEPROM would only support valid EDID read requests from connected computers 6 2 12 1 DP Models The following TOE models support DP 1 2 video in...

Страница 47: ...C CS1144D4C CS1148D4C The TOEs video EDID read procedure is activated once during power on or reboot in order to read the connected display EDID information EDID from display to computer and HPD from...

Страница 48: ...to restore a lost forgotten password 6 4 2 FMT_SMF 1 Specification of Management Functions The TOE provides security management functions to configure the user authentication and keyboard mouse device...

Страница 49: ...TOE s operational code is not upgradeable through any of the TOE external or internal ports The TOE s KVM has two tamper evident labels printed with the TOEs unique product serial number and the vend...

Страница 50: ...o the KVM 6 5 4 FPT_STM 1 Reliable Time Stamps The TOE includes its own time clock to provide reliable time stamps for its auditing functions and for measuring the lockout duration following three fai...

Страница 51: ...results from the following Connecting a tampered RPS to KVM before KVM power up This RPS was already tampered before connecting to KVM and therefore the RPS will not be detected and aligned with the K...

Страница 52: ...ion device for at least one second when the user switches the device from one computer to another 6 6 1 FTA_CIN_EXT 1 Continuous Indications The TOE displays continuous visual indicators of the comput...

Страница 53: ...hen the corresponding port is selected this indicates a non qualified USB smart card CAC reader is connected The TOE has a reset button that resets the switch to the default settings when pressed The...

Страница 54: ...ined in Section 3 the Security Problem Definition of the PSD and modules have been included in this ST by reference As explained in Section 4 Security Objectives the Security Objectives of the PSD and...

Страница 55: ...otection PSD FDP_RIP_EXT 2 Purge of Residual Information PSD FDP_SPR_EXT 1 DP DP Sub Protocol Rules DisplayPort Protocol DP Models MOD_VI_V1 0 FDP_SPR_EXT 1 DVI I D Sub Protocol Rules DVI I Protocol D...

Страница 56: ...urity Roles PSD FPT Protection of the TSF FPT_FLS_EXT 1 Failure with Preservation of Secure State PSD FPT_NTA_EXT 1 No Access to TOE PSD FPT_PHP 1 Passive Detection of Physical Attack PSD FPT_PHP 3 Re...

Страница 57: ...ments are satisfied by aspects of the corresponding security function The set of security functions work together to satisfy all of the security functions and assurance requirements Furthermore all of...

Страница 58: ...3 VI DP X FDP_PDC_EXT 3 VI H X FDP_PDC_EXT 3 VI D X FDP_PDC_EXT 4 X FDP_PUD_EXT 1 X FDP_PWR_EXT 1 X FDP_RIP 1 KM X FDP_RIP_EXT 1 X FDP_RIP_EXT 2 X FDP_SPR_EXT 1 DP DP X FDP_SPR_EXT 1 DVI I D X FDP_SPR...

Страница 59: ...22 03 08 54 Specifications Security Audit User Data Protection Identification and Authentication Security Management Protection of the TSF TOE Access FPT_PHP 1 X FPT_PHP 3 X FPT_STM 1 X FPT_TST 1 X FP...

Страница 60: ...ata 2 Host Controller Device Emulators ATEN SICG8022A Embedded RAM 1 Undisclosed Volatile May contain user data 3 System EEPROM ATMEL AT24C512 EEPROM 2 512K bits Non volatile No user data 4 System Fla...

Страница 61: ...tory Default KVM reset reboot or power cycle 3 The Flash does not contain user data Firmware code is stored in the Flash and cannot be updated or rewritten The firmware code remains unchanged after a...

Отзывы:

Нет отзывов

Похожие инструкции для CS1142D4C

D-Link xStack DGS-3420 Series How To Set Up preview
xStack DGS-3420 Series
Бренд: D-Link Страницы: 2
D-Link DXS-3600-32S Quick Installation Manual preview
DXS-3600-32S
Бренд: D-Link Страницы: 29
D-Link DWS-1008 User Manual preview
DWS-1008
Бренд: D-Link Страницы: 454
D-Link DWS-1008 Product Manual preview
DWS-1008
Бренд: D-Link Страницы: 502
D-Link DGS-3312SR Product Manual preview
DGS-3312SR
Бренд: D-Link Страницы: 244
D-Link GO-SW-5G User Manual preview
GO-SW-5G
Бренд: D-Link Страницы: 20
D-Link DES-1008E Quick Install Manual preview
DES-1008E
Бренд: D-Link Страницы: 2
D-Link KVM-440 User Manual preview
KVM-440
Бренд: D-Link Страницы: 37
D-Link DES-1018DG Quick Installation Manual preview
DES-1018DG
Бренд: D-Link Страницы: 28
D-Link SmartPro DGS-1500-20 Reference Manual preview
SmartPro DGS-1500-20
Бренд: D-Link Страницы: 113
D-Link xStack DGS-3120 Series Cli Reference Manual preview
xStack DGS-3120 Series
Бренд: D-Link Страницы: 1150
D-Link DES-1018P User Manual preview
DES-1018P
Бренд: D-Link Страницы: 14
AAVARA PB5000 User Manual preview
PB5000
Бренд: AAVARA Страницы: 23
Qlogic SANbox 5802V Installation Manual preview
SANbox 5802V
Бренд: Qlogic Страницы: 124
Qlogic SANbox 5800V Series User Manual preview
SANbox 5800V Series
Бренд: Qlogic Страницы: 158
Qlogic SANbox 5602 User Manual preview
SANbox 5602
Бренд: Qlogic Страницы: 324
Qlogic SANbox 5600 Series Quick Start Manual preview
SANbox 5600 Series
Бренд: Qlogic Страницы: 8
Qlogic SANbox 5600 Series Supplementary Manual preview
SANbox 5600 Series
Бренд: Qlogic Страницы: 10

Бренды по названию

Популярные бренды

Загрузить еще бренды