Security Target
Version 1.1
2022-03-08
33
All Keyboard and Mouse connections are filtered first, and only the authorized devices pre-defined in the
TOE’s whitelist
will be allowed. The data input by the authorized USB Keyboard and Mouse will be
emulated by TOE to USB data for computer sources.
No data or electrical signals flow between connected computers at any time. Each connected computer
has its own independent Device Controller, power circuit, and EEPROM.
No data transits the TOE when the TOE is powered off or when the TOE is in a failure state.
6.2.3
FDP_CDS_EXT.1
–
Connected Displays Supported
The TOE supports connected displays from a single source video feed (either single-head or multi-head).
Because of this, the single selected source video feed is always the same channel and indication of the
selected channel is through the channel selection LEDs on the TOE chassis.
The DisplayPort models GCS1412TAA4, GCS1414TAA4, and GCS1418TAA4 each support one connected
display. While GCS1422TAA4, GCS1424TAA4, and GCS1428TAA4 each support two connected displays at
a time.
The HDMI models GCS1312TAA4 and GCS1314TAA4 each support one connected display. While
GCS1322TAA4 and GCS1324TAA4 each support two connected displays at a time.
The DVI models GCS1212TAA4, GCS1214TAA4, and GCS1218TAA4 each support one connected display.
While GCS1222TAA4, GCS1224TAA4, and GCS1228TAA4 each support two connected displays at a time.
6.2.4
FDP_FIL_EXT.1/KM
–
Device Filtering (Keyboard/Mouse); FDP_PDC_EXT.3/KM
–
Authorized Connection Protocols (Keyboard/Mouse)
The TOE supports authorized USB keyboard and mouse peripherals as defined in
below. Keyboard/mouse peripherals are filtered and emulated. Device filtering for
keyboard/mouse interfaces is configurable. Keyboard/mouse blacklisted devices are unauthorized
devices. Whitelisted devices are authorized devices for the keyboard/mouse interfaces in peripheral
device connections. The TOE does not define any whitelisted devices that are also blacklisted devices. The
KVM includes a built in allowed list (whitelist) for the USB Keyboard/ Mouse Ports. Only the default-
authorized devices can be blacklisted by the administrator for the USB Keyboard/Mouse Ports. The USB
Keyboard/Mouse Ports do not
support a “whitelist” function.
The configurable HID device function enables authorized administrators to assign a blacklist for HID
devices. To blacklist a keyboard/mouse device, the admin connects the HID device that they want
blacklisted directly to the Mouse Port (do not connect it to the KVM via a USB hub), and performs the
configuration via administrator functions. After configuration, the blacklisted HID device will be rejected
by both Keyboard/ Mouse Ports. The Reset KVM to Default function will clear the blacklist created by the
Secure KVM administrator functions.
The TOE emulates data from authorized USB Keyboard and Mouse protocol interfaces to USB connected
computers.