Secure access to data & applications
High security with smartcard
The ECOS SecureBootStick FX allows companies to admit the use of private and third-party PCs in compliance with the highest security requirements. Compared to conventional solutions, administration effort and costs are significantly reduced while user satisfaction is increased.
The Secure Boot Stick FX offers numerous security features cast in hardware. It also features an integrated smartcard and an integrated keypad allowing direct PIN entry on the stick. All encryptions and processes are secured by smartcard. Hhis ensures highly secure remote access for your applications.
Our recommendation for highly secure remote access:
Secure Boot Stick CL
Hardened ECOS Secure Linux OS
All software on one stick
2-factor authentication w/
software certificate
Integrated firewall
Central management
Secure Boot Stick HE
Hardened ECOS Secure Linux OS
All software on one stick
2-factor authentication w/
software certificate
Integrated firewall
Central management
Hardware-encrypted security
2-factor authentication w/
hardware anchor
BSI-approved
Secure Boot Stick SX
BSI-approved for VS-NfD,
EU and NATO RESTRICTED
Highly secure VS-NfD access w/
genua genuscreen
Sealed stick environment
Extra hardened ECOS Secure Linux
Multi-factor authentication w/
smartcard
Keypad for PIN entry
Central management and remote
updating
Technical data of the ECOS SecureBootStick FX
Applications
- RDP client, Citrix Workspace app (formerly Citrix Receiver), VMware Horizon via RDP, PCoIP, BLAST, Firefox, Chromium, VNC Viewer, VPN client for IPsec
- Citrix HDX RealTime Media Engine to optimize audio and video transmission for Skype for Business and Microsoft Teams
- Microsoft RemoteFX for optimizing audio quality with RDP
Supported destination systems
- Microsoft RDSH, WTS 2000 and later, RDS, RD sharing, Citrix Virtual Apps & Desktops, VMware Horizon or web server
VPN
- Connection to default gateway via IPsec, OpenVPN or HTTPS
- Additional VPN clients: Cisco AnyConnect, Juniper, F5 (additional licenses may be required)
Administration
- Profiles for access to different applications/servers on user, group or role level
- Use of local resources after release (external USB storage devices, local printers)
- Rights assignment for external devices bound to manufacturer ID or serial number of the device
- Remote update of all applications and firmware
Compatibility
- Integrated smartcard reader for cards in ID-000 format
- Drivers for all popular 64-bit PCs, Macs and tablets with x86 architecture
- UEFI Secure Boot support
- Keyboard drivers for more than 90 languages and countries
- Multi-monitor support
- Connection by LAN, WLAN, UMTS, LTE incl. browser for login to hotspot
- Software in German and English (pre-configurable)
Data safe
- 2 GB, usable for storing documents (not for VS-NfD), (larger storage capacities on request)
- Hardware encryption with AES-256, secured by smartcard plus PIN
- Installation-free use as USB drive in Windows, Linux and macOS
Additional features
- Signing, encryption or Windows smartcard logon with PC/SC forwarding
- Forwarding of external USB and LAN devices, e.g. for the connection of an IP telephone
- Automatic reconnection after disconnection or connection change
Multi-factor authentication
- Software certificate, tied to stick’s hardware ID and smartcard
- Integrated numeric keypad for PIN entry on the stick
Security
- Write-protected and signed partitions for bootloader and kernel
- Encryption by hardware of all security-relevant partitions
- Signed read-only partition for firmware and applications
- Writeable partition for storage of user parameters
- Hardened ECOS Secure Linux operating system
- Digitally signed bootloader, firmware and applications validated in chain of trust
- All processes secured by smartcard, e.g. Easy Enrollment, sign-on to gateway, stick update
- Integrated firewall protecting against attacks over the same network and blocking ping requests
- Encryption of RAM content except for the executable program code
- VM start detection to prevent use in virtual environment
- Fingerprinting of the guest computer incl. peripherals
- Instant logout on stick disconnection
- Secured updating process for firmware and applications with verification of integrity and correct update server
Connection, dimensions and scope of delivery
- USB-A | C | micro - 28 x 85 x 13 mm – 68 g
- ECOS SecureBootStick FX and carrying strap, 2 connection cables for USB A and C