
Secure access to corporate networks
With the ECOS SecureBootStick CL
The ECOS SecureBootStick CL provides highly secure VPN access to corporate networks as Citrix Virtual Apps & Desktops, Microsoft Terminal Server (RDSH), VMware View/Horizon or web applications in a secure remote access environment.
The stick ensures a strict separation between business and private use of a PC when working from home or implementing BYOD concepts (bring your own device). The specially hardened ECOS Secure Linux operating system boots the PC, whereas the local Windows is not addressed. No viruses or Trojans can therefore be activated.
How to start the Secure Boot Stick CL
The ECOS SecureBootStick CL not only offers the security of a protected and encapsulated environment, it also serves as strong 2-factor authentication. The stick is personalized with a certificate linked to the stick's hardware ID.
Connect SBS to PC or Mac
The ECOS Secure Linux operating system boots automatically. The local hard disk is not activated.
Select destination system, enter user name/passwort and you are all set!
4 good reasons to choose the ECOS SecureBootStick solution
Easy
- Installation- and configuration-free
- All software on one stick
- Works with any Internet connection
- User friendly settings
Privacy-compliant
- 100% separation business / private
- Internal HD inactive
- Ext. data transfer only if authorized
- Instant logout on stick disconnection
Highly secure
- Hardened ECOS Secure Linux
- Strong 2-factor authentication
- Write-protected and digitally signed
- Integrated firewall
Cost-efficient
- Easy integration into IT infrastructure
- Quick roll-out
- Central management
- Low support
- Low investment
Applications
- RDP client, Citrix Workspace app (formerly Citrix Receiver), VMware Horizon via RDP, PCoIP, BLAST, Firefox, Chromium, VNC Viewer, VPN client for IPsec
- Citrix HDX RealTime Media Engine to optimize audio and video transmission for Skype for Business and Microsoft Teams
- Microsoft RemoteFX for optimizing the audio quality with RDP
Supported destination systems
- Microsoft RDSH, WTS 2000 and later, RDS, RD sharing, Citrix Virtual Apps & Desktops, VMware Horizon or web server
VPN
- Connection to default gateway via IPsec, OpenVPN or HTTPS
- Additional VPN clients: Cisco AnyConnect, Juniper, F5 (additional licenses may be required)
Administration
- Profiles for access to different applications/servers on user, group or role level
- Use of local resources after release (external USB storage devices, local printers)
- Rights assignment for external devices bound to manufacturer ID or serial number of the device
- Remote update of all applications and firmware
Compatibility
- Compatible with all popular 64-bit PCs, mostly Intel-based Macs and tablets with x86 architecture
- UEFI Secure Boot support
- Keyboard drivers for more than 90 languages and countries
- Multi-monitor support
- Connection by LAN, WLAN, UMTS, LTE incl. browser for login to hotspot
- Software in German and English (pre-configurable)
Additional features
- Forwarding of external USB and LAN devices, e.g. for the connection of an IP telephone
- Automatic reconnection after disconnection or connection change
Multi-factor authentication
- Software certificate, tied to the stick’s hardware ID
- On-screen password entry
Security
- Signed partitions for bootloader and kernel
- Encryption by software of all security-relevant partitions
- Signed read-only partition for firmware and applications
- Writeable partition for storage of user parameters
- Hardened ECOS Secure Linux operating system
- Digitally signed bootloader, firmware and applications validated in chain of trust
- Integrated firewall protecting against attacks over the same network and blocking ping requests
- Encryption of RAM content except for the executable program code
- VM start detector prevents use in virtual environment
- Fingerprinting of the guest computer incl. peripherals
- Instant logout on stick disconnection
- Secured updating process for firmware and applications with verification of integrity and correct update server
Connection, dimensions and scope of delivery
- USB-A - 12 x 22 x 4 mm, 3 g - ECOS SecureBootStick CL and carrying strap