From Keyboard, Video, Mouse Switch Security STIG
Part of KVM switch List for ISs differing classification
Associated with IA controls: DCBP-1
Only KVM switches that have been tested and verified to prevent the transfer of data from one IS to another will be used when the ISs connected to the switch are of differing classification levels. The switch will be operated in the approved port configuration only. When the KVM switch is attached to ISs of different classification levels, the IAO will ensure that only approved KVM or A/B switches are used.
The reviewer will verify that the KVM or A/B switch attached to ISs of different classification levels has been evaluated and approved prior to connection. The National Information Assurance Partnership (NIAP) list can be found below: http://www.niap-ccevs.org/cc-scheme/vpl/?tech_name=Peripheral+Switch If the KVM or A/B switch is not found on the NIAP list, this is a finding.
Immediately replace the unapproved KVM switch with an approved KVM switch. If there is not an approved KVM switch available, remove all ISs from the unapproved KVM switch and attach a separate keyboard, video monitor, and mouse to each IS. Alternately the ISs can be segregated by classification level on as many KVM switches, that are compliant with the SPAN STIG, as needed. Verify port configuration complies with guidance for the switch used.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer