May 20 2013

Review: Belkin Advanced Secure KVM Switch Holds Down the Fort

This tool can prevent KVM toggling from being a source of network vulnerabilities.

Of all the possible security threats facing businesses, relatively few systems administrators give much thought to those that can occur on unsecured KVM technology.

Too often, KVM switches are seen as turnkey solutions, bought and implemented to give users access to several systems and devices, but without so much as a second thought to the security implications. The ugly truth: KVM technology can introduce a litany of vulnerabilities, creating the risk of data theft, malware attacks and even console redirection. Fortunately, IT departments can prevent most of these security breaches simply by using secure KVM switches for controlling systems that house sensitive data.

Belkin’s newest line of Advanced Secure KVM switches is designed with this need in mind, boasting an array of security enhancements that will benefit companies of any size without busting the IT budget.


The Belkin Advanced Secure KVM complies with the National Security Agency’s Information Assurance Directorate stand­ards, offering physical security features beyond those of traditional KVM switches, including optical data diodes that allow only unidirectional data flow between peripherals and target systems.

Additionally, segregation of data for each connected system is facilitated by separate processors for each channel. Most KVM switches use the same processor for multiple systems. Video displays are segregated using protected video display emulators to prevent Extended Display Identification Data from being compromised, effectively preventing the video signal from being redirected to unsecured systems.

Though equipped with USB ports for keyboard and mouse control, the switch has built-in safeguards to prevent data drive access to the ports. If the device detects anything that isn’t a mouse or keyboard in a drive, it will instantly lock the port down.

Why It Works for IT

Common Access Card switching lets clients toggle between networks without losing their existing sessions (on CAC-enabled networks). This can save time and curb frustration for users who often need to switch between connected machines.

The Belkin switch arrives in tamper-resistant packaging, with tamper-evident holographic tape also holding the casing together at the front seam. Once out of the box, the unit itself is rigged with sensor switches along its chassis that will render the unit inoperable upon detection of physical intrusion. This ensures integrity from point of sale to implementation.

Belkin engineers obviously put careful thought into making the user experience as intuitive as possible, leaving less room for end-user error. Instead of using one button to toggle between multiple clients, the switch has a dedicated button for each channel, making identification simple. Additionally, the buttons feature pop-out color inserts that can be used to change the look of each button bezel. Quick mental associations such as these are often all that is needed to curtail end-user error, especially when switching between secure and unsecure networks.


The Belkin Advanced Secure KVM switch is more expensive than other secure switches on the market. Belkin, however, is an established switch manufacturer, and its devices include a three-year warranty, better than those offered on many competing products. Although features and usability are important in choosing a secure KVM solution, purchasers would be well advised to factor Belkin’s reputation and support into their final decision.


Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.