From Traditional Security
Part of Information Assurance - KVM Switch (Port Separation)
Associated with IA controls: DCSP-1
The back plate of some 4 or 8 port CYBEX/AVOCENT KVM devices provides a physical connection between adjacent ports. Therefore failure to provide for physical port separation between SIPRNet (classified devices) and NIPRNet (unclassified devices) when using CYBEX/AVOCENT KVM devices can result in the loss or compromise of classified information.
Validate the correct configuration of CYBEX/Avocent 4 or 8 port KVMs IAW DSAWG guidance. This includes physical port separation between SIPRNet and NIPRNet (high & low) connections. Because of the internal physical configuration of the CYBEX boxes, only like classification levels may be connected to adjacent ports. TACTICAL ENVIRONMENT: The check is applicable where KVM devices are in use.
1. CYBEX/Avocent 4 or 8 port KVMs used for switching devices between the SIPRNet and NIPRNet (or any switching between SIPRNet and any other unclassified network devices) must be correctly configured IAW DSAWG guidance. 2. Correct configuration must include physical port separation between SIPRNet and NIPRNet (high & low) (or any switching between SIPRNet and any other unclassified network devices) connections. 3. Because of the internal physical configuration of the CYBEX/Avocent box back plates, only like classification levels may be connected to adjacent ports.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer