Remote access with hardware encryption

Any PC or Mac can boot the specially hardened ECOS Secure Linux operating system on the ECOS SecureBootStick HE. The internal hard disk is disconnected, so no malware on the hard disk will ever get a chance.
Switching off the internal hard disk ensures 100% separation between professional and private use of the PC.

The ECOS SecureBootStick HE not only provides the security of a protected and encapsulated environment, it also serves as a strong multi-factor authentication. The stick is coupled with a cryptographic key in the hardware.

Order free demo-stick

Applications

• RDP client, Citrix Workspace app (formerly Citrix Receiver), VMware Horizon via RDP, PCoIP, BLAST, Firefox, Chromium, VNC Viewer, VPN client for IPsec
• Citrix HDX RealTime Media Engine to optimize audio and video transmission for Skype for Business and Microsoft Teams
• Microsoft RemoteFX for optimizing audio quality with RDP

Supported destination systems

• Microsoft RDSH, WTS 2000 and later, RDS, RD sharing, Citrix Virtual Apps & Desktops, VMware Horizon or web server

VPN

• Connection to default gateway via IPsec, OpenVPN or HTTPS
• Additional VPN clients: Cisco AnyConnect, Juniper, F5 (additional licenses may be required)

Administration

• Profiles for access to different applications/servers on user, group or role level
• Use of local resources after release (external USB storage devices, local printers)
• Rights assignment for external devices bound to manufacturer ID or serial number of the device
• Remote update of all applications and firmware

Compatibility

• Compatible with all popular 64-bit PCs, mostly Intel-based Macs and tablets with x86 architecture
• UEFI Secure Boot support
• Keyboard drivers for more than 90 languages and countries
• Multi-monitor support
• Connection by LAN, WLAN, UMTS, LTE incl. browser for login to hotspot
• Software in German and English (pre-configurable)

Additional features

• Forwarding of external USB and LAN devices, e.g. for the connection of an IP telephone
• Automatic reconnection after disconnection or connection change

Multi-factor authentication

• Software certificate, tied to the stick’s hardware ID and hardware anchor
• On-screen password entry

Security

• Signed read-only partitions for bootloader and kernel
• Encryption by hardware of all security-relevant partitions
• Signed read-only partition for firmware and applications
• Writeable partition for storage of user parameters
• Hardened ECOS Secure Linux operating system
• Digitally signed bootloader, firmware and applications validated in chain of trust
• Integrated firewall protecting against attacks over the same network and blocking ping requests
• Encryption of RAM content except for the executable program code
• VM start detection prevents use in virtual environment
• Fingerprinting of the guest computer incl. peripherals
• Instant logout on stick disconnection
• Secured updating process for firmware and applications with verification of integrity and correct update server

Connection, dimensions and scope of delivery

• USB-A - 12 x 41 x 4 mm, 6 g - ECOS SecureBootStick HE and carrying strap