Partly in response to recent security scandals, Guntermann & Drunck has decided to intensify fundamental security functions of their ControlCenter-Digital.
As the most comprehensive device in Guntermann & Drunck’s KVM portfolio, the ControlCenter-Digital provides a large range of features and functions. Wherever a variety of functions, computers and users is combined, security always plays a crucial role. That’s why G&D’s team of developers decided to make the KVM matrix even more secure by adding sophisticated security features.
Exposed and blocked
Boot loader, operating system and firmware of the ControlCenter-Digital form a trusted computing platform to protect the system against third-party manipulations.
An integrated Trusted Platform Module (TPM) protects any access and configuration data against exposure with a RSA encryption process and with 2048 bit key length. Sensitive information such as login data and passwords are stored permanently with encryption. Potential firmware modifications can be detected at an early stage and lead to a cancellation of the booting process. This prevents manipulations like, for example, the installation of keyboard sniffers.
Targeted redundancies, security through RAID
Rights management and configuration data are sophisticated, functional structures requiring intensive brain-work. Often, these systems had to grow with time. To protect them, the ControlCenter-Digital mirrors their content on two independent, internal SSD storage media which are redundant by a RAID1 array system. If necessary, they can be effortlessly replaced by the responsible IT administrator. Of course, all information of the rights and configuration management are also encoded by unique cryptographic keys.
Looking ahead with comprehensive monitoring
Especially for mission-critical applications, Guntermann & Drunck provides its devices with proactive monitoring functions that can be easily integrated into the global network management. These functions include the monitoring of device statuses as well as the possibility to send messages via SNMP and Syslog.
Whenever thresholds are exceeded, for example when they deviate from the defined value, or if a status changes, the system sends a message or even a warning. Instead of actively querying any monitoring values, network-capable G&D devices can automatically send those values as SNMP traps. At the same time, the values can be queried at the device via SNMP-Get.
Users can view critical values in the web interface as well. Through permanent detecting, measuring, documenting and alerting, KVM devices are in constant contact with each other, the network and, therefore, the administrator. This enables the devices to transport management information, status messages, and thus generate statistics for long-term evaluation.
When it matters most
To prevent critical failures, all existing IT installations must not only be available but also reliable at all times. Short response times and intuitive operation via ergonomic and clear interfaces have proven to make humans and IT more efficient. Therefore, it is no coincidence that G&D hardware is applied in public authorities, at energy suppliers, airports, and traffic control centers – basically in any sector that requires reliable IT equipment.