UCF STIG Viewer Logo

A KVM switch must not be used to switch a peripheral other than a keyboard, video monitor, or mouse in an environment where the KVM switch is attached to ISs of different classification levels..


Overview

Finding ID Version Rule ID IA Controls Severity
V-6702 KVM02.008.00 SV-6883r2_rule DCBP-1 High
Description
Peripheral devices, other than keyboards, video monitors, and mice, can contain persistent memory and allow data to move between ISs of differing classification levels creating an unacceptable situation. This includes the ability to switch a smart card reader. If the switch has the ability to switch other peripheral devices and the feature is not disabled it will be assumed it is being used. When the KVM switch is attached to ISs of different classification levels, the ISSO or SA will ensure the KVM switch’s ability to switch peripheral devices other than the keyboard, video, and mouse is disabled.
STIG Date
Keyboard Video and Mouse Switch STIG 2015-12-09

Details

Check Text ( C-2680r2_chk )
The reviewer will, with the assistance of the ISSO or SA, verify the KVM switch is not configured to switch peripherals other than Keyboard, Video, and Mouse.

Note: This includes but is not limited to a smart card reader.

Note: The most likely interface that would be used with this feature would be USB but it may be any legacy I/O interfaces.
Fix Text (F-6272r3_fix)
Disable the feature for automatically toggling between ISs. If the KVM switch can be configured to disable the ability to switch peripherals other than the keyboard, video monitor, and mouse, modify the configuration to disable this feature.

If the KVM switch cannot be configured to disable this feature replace the KVM switch with a KVM switch that is compliant.