
Remote access with hardware encryption
ECOS SecureBootStick® HE
With its specially designed hardware-encryption and numerous security features, the ECOS SecureBootStick HE takes the proven ECOS SecureBootStick CL to a whole new security level.
The stick provides highly secure access to a terminal server or virtual desktop infrastructure and web applications in a secured, encapsulated environment.
How the ECOS SecureBootStick HE works
Any PC or Mac can boot the specially hardened ECOS Secure Linux operating system on the ECOS SecureBootStick HE. The internal hard disk is disconnected, so no malware on the hard disk will ever get a chance.
Switching off the internal hard disk ensures 100% separation between professional and private use of the PC.
The ECOS SecureBootStick HE not only provides the security of a protected and encapsulated environment, it also serves as a strong multi-factor authentication. The stick is coupled with a cryptographic key in the hardware.
Simply and smart
Connect boot stick to PC or Mac
The ECOS Secure Linux operating system boots automatically. The local hard disk is not activated.
Select destination system, enter user name/passwort and you are all set!
Technical data of the ECOS SecureBootStick HE
Applications
- RDP client, Citrix Workspace app (formerly Citrix Receiver), VMware Horizon via RDP, PCoIP, BLAST, Firefox, Chromium, VNC Viewer, VPN client for IPsec
- Citrix HDX RealTime Media Engine to optimize audio and video transmission for Skype for Business and Microsoft Teams
- Microsoft RemoteFX for optimizing audio quality with RDP
Supported destination systems
- Microsoft RDSH, WTS 2000 and later, RDS, RD sharing, Citrix Virtual Apps & Desktops, VMware Horizon or web server
VPN
- Connection to default gateway via IPsec, OpenVPN or HTTPS
- Additional VPN clients: Cisco AnyConnect, Juniper, F5 (additional licenses may be required)
Administration
- Profiles for access to different applications/servers on user, group or role level
- Use of local resources after release (external USB storage devices, local printers)
- Rights assignment for external devices bound to manufacturer ID or serial number of the device
- Remote update of all applications and firmware
Compatibility
- Compatible with all popular 64-bit PCs, mostly Intel-based Macs and tablets with x86 architecture
- UEFI Secure Boot support
- Keyboard drivers for more than 90 languages and countries
- Multi-monitor support
- Connection by LAN, WLAN, UMTS, LTE incl. browser for login to hotspot
- Software in German and English (pre-configurable)
Additional features
- Forwarding of external USB and LAN devices, e.g. for the connection of an IP telephone
- Automatic reconnection after disconnection or connection change
Multi-factor authentication
- Software certificate, tied to the stick’s hardware ID and hardware anchor
- On-screen password entry
Security
- Signed read-only partitions for bootloader and kernel
- Encryption by hardware of all security-relevant partitions
- Signed read-only partition for firmware and applications
- Writeable partition for storage of user parameters
- Hardened ECOS Secure Linux operating system
- Digitally signed bootloader, firmware and applications validated in chain of trust
- Integrated firewall protecting against attacks over the same network and blocking ping requests
- Encryption of RAM content except for the executable program code
- VM start detection prevents use in virtual environment
- Fingerprinting of the guest computer incl. peripherals
- Instant logout on stick disconnection
- Secured updating process for firmware and applications with verification of integrity and correct update server
Connection, dimensions and scope of delivery
- USB-A - 12 x 41 x 4 mm, 6 g - ECOS SecureBootStick HE and carrying strap