Secure KVM for classified, multi-network operations. One operator, many networks, no path between them. NIAP Protection Profile 4.0 certified, from Adder, Raritan and G&D.
eNOVA supplies and integrates NIAP-certified secure KVM in Singapore, so one operator can work across networks of different classifications from a single keyboard, monitor and mouse, with hardware-enforced isolation. Built for government, defence and enterprise.

Secure KVM is certified to the NIAP Protection Profile for Peripheral Sharing Devices v4.0. A model is only certified while listed on NIAP's Product Compliant List.
What is a secure KVM switch?
A secure KVM switch lets one operator drive several computers from a single keyboard, monitor and mouse, where those computers sit on networks of different security classifications, with no data path of any kind between them. The operator switches focus; the switch guarantees that switching never creates a bridge.
An ordinary KVM is unsafe for this. It shares internal memory, buffers keystrokes, and passes USB and display data live between ports, any of which can leak data or be used to bridge an air gap. A secure KVM replaces all of that with hardware-enforced, per-port isolation, so the air gap survives even though one person and one set of peripherals serve every network.
"Red/black" denotes classified versus unclassified networks. Model basis: NIAP Protection Profile for Peripheral Sharing Devices v4.0. Original eNOVA diagram.
It is "NIAP PP 4.0", not "EAL4".
The most common secure-KVM mistake
A frequent request is for an "EAL4 secure KVM". For peripheral sharing devices, that is now out of date. NIAP moved away from numeric EAL ratings to Protection-Profile "exact conformance", so a current secure KVM is certified to the PSD Protection Profile v4.0 and carries no EAL number. Only legacy devices ever carried "EAL2" or "EAL4+".
What matters today is simple: the exact model is listed, against PSD PP v4.0, on NIAP's Product Compliant List. That is what eNOVA specifies to, and what your accreditor will check.
The certifications that actually matter.
Secure KVM lives or dies on certification. Here is who sets the bar, and what each standard means.
The US National Information Assurance Partnership runs the scheme that evaluates secure peripheral devices and publishes the compliant-product list.
niap-ccevs.orgThe Protection Profile for Peripheral Sharing Devices, v4.0 (2019), is the standard secure KVMs are evaluated against, with modules for keyboard/mouse, video, audio and CAC.
PSD PP v4.0A product is only legitimately NIAP-certified while it is listed on the PCL. Lapsed evaluations move to an archived list.
niap-ccevs.org/productsThe international security-evaluation standard and its EAL 1-7 assurance levels. Mutual recognition covers Protection Profiles and up to EAL2.
commoncriteriaportal.orgThe NSA standard and programme protecting against compromising electromagnetic emanations, stray signals that could disclose what a device is processing.
nsa.govValidates the cryptographic module inside encrypted KVM-over-IP. Effective 2019, it supersedes FIPS 140-2 and references ISO/IEC 19790.
csrc.nist.govSources: NIAP/CCEVS, the Common Criteria portal, NSA and NIST. EAL levels apply to legacy Common Criteria evaluations; current PSDs use Protection-Profile conformance, not EAL.
How a secure KVM enforces isolation.
The PSD Protection Profile requires hardware controls, not policy. A compliant switch must do all of this.
Unidirectional data flow
Optical data diodes force signals one way, so data cannot travel back between computers.
No shared memory
Separate isolated processors per port; user data is never buffered or shared between machines.
HID-only USB
Only keyboards and mice are allowed; mass storage is blocked, defeating BadUSB and data theft.
Anti-tamper self-disable
Tamper-evident seals plus active anti-tamper that permanently disables the unit if it is opened.
Fixed firmware
Non-reprogrammable firmware, so the switch cannot be altered in transit or in service.
Secure EDID
Display data is read once and emulated, never passed live between computers.
Isolated CAC port
The smart-card reader channel is isolated, so authentication never bridges the networks.
Secured power
Isolated power so the supply cannot become a covert path between connected computers.
Requirements summarised from the NIAP PSD Protection Profile v4.0.
Isolation or encryption? Both have a place.
"Secure KVM" covers two different architectures. The right one depends on whether your operators sit at the machines or reach them over a network.
For one desk touching multiple classified networks with no path between them. The security is the physical isolation, certified to NIAP PSD PP 4.0.
- Adder Secure and Raritan Secure Switch
- No network and no cryptography involved
- Multiple classifications at the operator desk
- Certified to NIAP PSD Protection Profile 4.0
For secure access over a network, where the signal is protected by validated encryption. The security is the cryptography plus system assurance.
- G&D SecureCert KVM-over-IP
- FIPS 140-3 validated cryptographic module
- Remote and matrix access across sites
- Encrypted in transit, Common Criteria EAL2+
Architectures per Adder, Raritan and G&D. Isolation prevents any path; encryption protects the path.
Secure KVM we supply and integrate.
Three certified platforms, matched to your threat model and the way your operators work.
Adder's current ADDERView Secure range is certified to NIAP Protection Profile 4.0 for Peripheral Sharing Devices, in single, dual and 4K models, with optional CAC via the AS-4CR secure card reader. The legacy analogue range additionally carries Common Criteria EAL4+ and a TEMPEST-qualified design.
- AVS-2114 / 2214: 4-port single and dual-head, DVI
- AVS-4114 / 4214: 4-port 4K, DisplayPort and HDMI
- AVS-1124 secure multi-viewer; AVS-4128 Flexi-Switch (TAA)
- Secure Free-Flow: cursor-glide switching with a Ctrl safeguard





Raritan's Secure Switch 4.0 family is certified to NIAP Protection Profile 4.0 and listed on the Product Compliant List with CAC support. It spans 2, 4 and 8-port models, single or dual-head, with DisplayPort and HDMI up to 4K, and chassis-intrusion detection that disables the unit if it is opened.
- RSS4 in 2, 4 and 8-port, single or dual-head
- HDMI to 4K60, DisplayPort to 4K30; digital only
- Isolated CAC / smart-card reader port
- HID-only USB, chassis-intrusion self-disable
For secure access over a network rather than at the desk, G&D SecureCert brings its KVM-over-IP matrix into compliance with three standards at once. The security here is validated encryption rather than air-gap isolation, so it complements the desktop secure switches above.
- ControlCenter-IP and VisionXS-IP KVM-over-IP
- FIPS 140-3 validated cryptographic module (cert #5005)
- Common Criteria EAL2+ (entry to mid assurance)
- Listed on the US DoDIN Approved Products List

Models and certifications per adder.com, raritan.com and gdsys.com, cross-checked against NIAP and NIST. Current Adder and Raritan secure switches are NIAP PP 4.0 (no EAL number); Adder's EAL4+ and TEMPEST apply only to its legacy analogue range. G&D SecureCert validates a FIPS 140-3 cryptographic module (CMVP cert #5005), with Common Criteria EAL2+ and a DoDIN APL listing.
Where isolation is non-negotiable.
Anywhere one operator must touch multiple classifications without bridging them.
Government & public sector
Multiple classifications handled at one desk, without bridging the networks.
Defence & military
Command posts and operations centres working across segregated networks.
Intelligence & SCIFs
Sensitive compartmented work with hardware-enforced separation.
Critical infrastructure
OT and IT networks kept apart at the operator position.
Finance & trading
Segregated trading and corporate networks on a single operator desk.
Healthcare
Clinical and administrative systems separated at the point of use.
Use cases per Adder, Raritan and G&D and the NIAP PSD Protection Profile threat model.
The acronyms, in one line each.
Specified correctly, supported locally.
Secure KVM is a specify-it-right purchase: the wrong device fails accreditation. eNOVA matches the certified platform to your security model and supports it in Singapore.
We confirm the exact model's NIAP PCL listing and fit it to your classification model.
Local supply of NIAP-certified secure KVM, CAC readers and accessories.
Documentation to support your security accreditation and audit.
Local support and spares for government, defence and enterprise.
Common questions about secure KVM.
Specifying secure KVM in Singapore?
Talk to eNOVA about NIAP-certified secure KVM from Adder, Raritan and G&D, matched to your security model and accreditation.
