Security Target
Version 1.1
2022-03-08
35
when a non-qualified monitor is connected. The Num Lock LED, Caps Lock LED, and Scroll Lock LED on the
keyboard are disabled. The Port LEDs indicate Port selection/connection status. All LEDs are located on
the RPS and on the front panel of the main KVM except the Video LED(s) that are located on the back
panel. The TOE does not allow any other user data transmission to or from external entities.
Non-HID functions of a composite USB device; internal Hub; docking protocols; and analog microphone
or audio line inputs are not supported by the TOE. During KVM operation, non-standard keyboards with
integrated USB hubs and/or other USB-integrated devices may not be fully supported due to the strict
security standards and policy for the IOGEAR Secure KVM Switch. If supported, only basic (HID) keyboard
operations will function.
6.2.6
FDP_PUD_EXT.1
–
Powering Unauthorized Devices
The TOE does not supply power to any device connected to the analog audio output interface.
6.2.7
FDP_RIP.1/KM
–
Residual Information Protection (Keyboard Data), FDP_RIP_EXT.1
–
Residual Information Protection and FDP_RIP_EXT.2
–
Purge of Residual Information
No user data is written to TOE
non‐volatile memory or storage
. User keyboard data is purged and not
available to the next connected TOE computer interface when the TOE is switched to a different computer.
The data input by the authorized keyboard/mouse will be kept in the console authorized keyboard/mouse
buffer (in the microcontroller). Once the TOE is power cycled, reset, or port switching is detected, the data
in the console authorized keyboard/mouse buffer will be deleted immediately, and not processed for
emulation. Please refer to the Proprietary Isolation Document for more detail.
The TOE provides two functions to delete TOE stored configuration and settings.
After logging in, authorized administrators can use the Reset to Factory Default management function
(not to be confused with the front panel reset button). When a successfully authenticated authorized
Administrator performs Reset to Factory Default, all settings previously configured by the Administrator
(such as USB device blacklist) will be cleaned and reset to factory default settings. Once the Reset to
Factory Default function has been completed, the Secure KVM will terminate the Administrator Logon
mode, purge keyboard/mouse buffer, and power cycle the Secure KVM automatically. After a successful
self-test, the KVM port focus will be switched to Port 1. Audit logs are retained and a log is generated for
Reset to Factory Default.
The TOE also provides non-administrative users a front panel Reset button allowing the user to delete
TOE stored configuration and settings. Performing the reset function by pressing the Reset button for
more than 5 seconds, purges the Keyboard/Mouse buffer; and the switch performs a self-test and
switches to Port 1. CDF configured by Administrator, logs, Administrative tasks, or other secure functions
are not affected by the front panel Reset function.
The Letter of Volatility is provided in Appendix A identifies the TOE components that have non-volatile
memory and provides details of the memory and its use.