The back plate of some 4 or 8 port CYBEX/AVOCENT KVM devices provides a physical connection between adjacent ports. Therefore failure to provide for physical port separation between SIPRNet (classified devices) and NIPRNet (unclassified devices) when using CYBEX/AVOCENT KVM devices can result in the loss or compromise of classified information. REFERENCES: NIST Special Publication 800-53 (SP 800-53), Rev 4, Controls: SC-3 and SC-4 DISN Connection Process Guide: http://disa.mil/network-services/enterprise-connections/connection-process-guide NIAP Products Compliance List (PCL): https://www.niap-ccevs.org/index.cfm
Validate the correct configuration of CYBEX/Avocent 4 or 8 port KVMs IAW NIAP PCL guidance. This includes physical port separation between SIPRNet and NIPRNet (high and low) connections. Because of the internal physical configuration of the CYBEX boxes, only like classification levels may be connected to adjacent ports. TACTICAL ENVIRONMENT: The check is applicable where KVM devices are in use.
1. Validate the correct configuration of CYBEX/Avocent 4 or 8 port KVMs used for switching devices between the SIPRNet and NIPRNet (or any switching between SIPRNet and any other unclassified network devices) IAW NIAP PCL guidance. 2. Correct configuration must include physical port separation between SIPRNet and NIPRNet (high and low) (or any switching between SIPRNet and any other unclassified network devices) connections. 3. Because of the internal physical configuration of the CYBEX/Avocent box backplates, only like classification levels may be connected to adjacent ports.