ECOS SecureBootStick® ZX

Multi-factor authentication via ID card or military ID card

BSI-approved access for VS-NfD, EU and NATO RESTRICTED environments

ECOS SecureBootStick ZX

With the BSI-approved ECOS SecureBootStick® ZX, organizations can, for the first time, access data and applications classified as VS-NfD, EU RESTRICTED or NATO RESTRICTED from virtually any, even private, PC or Mac.

The Secure Boot Stick ZX combines multiple, cascading security layers to deliver an exceptionally high level of protection. Featuring a slot for ID-1 format cards, it supports ID cards, PKI cards and service cards, including the Bundeswehr military ID card, for strong user authentication.

Technically and in terms of design, the ZX corresponds to the SBS SX model – and, like it, is officially approved by the BSI for VS-NfD, EU and NATO RESTRICTED operation.

Whitepapers & Case Studies

Whitepaper: Risks of long-term attacks in the home office

cat81,cat16,cat18,cat71,cat70
Case Study: MTG

cat16,cat52,cat7
No match found!

More products from the SBS family

  • Hardened ECOS Secure Linux operating system
  • All software on the SBS
  • Multi-factor authentication with smartcard
  • Connects to VPN gateway genua genuscreen
  • Integrated…
Lean more
cat77,cat15,cat48

  • Hardened ECOS Secure Linux operating system
  • All software on the SBS
  • MFA w/ PKI card or ID-1 card
  • Connects to all standard VPN gateways
  • Integrated firewall
  • Central…
Lean more
cat15,cat48

  • Hardened ECOS Secure Linux operating system
  • All software on the SBS
  • Multi-factor authentication with smartcard
  • Connects to all standard VPN gateways
  • Integrated…
Lean more
cat15,cat48
No match found!

Learn more about the SBS ZX today!

Phone +49 (6133) 939-200

Get a
consultation
Send a
message

Technical information on the Secure Boot Stick ZX

  • Approved for the processing of data up to classification level VS-NfD, NATO RESTRICTED, EU RESTRICTED
  • RDP client, Citrix Workspace app (previously Citrix Receiver), VMware Horizon via RDP, PCoIP, BLAST, Firefox, Chromium, VPN client for IPsec
  • Citrix HDX RealTime Media Engine to optimize audio and video transmission for Skype for Business and Microsoft Teams
  • Microsoft RemoteFX for optimizing audio quality in conjunction with RDP
  • Microsoft RDSH, WTS from 2000, RDS, RD release, Citrix Virtual Apps & Desktops, VMware Horizon or web server
  • Connection to genua genuscreen via IPsec within a BSI-approved environment
  • Profiles for accessing various applications/servers at user, group or role level
  • Use of local resources after approval (external USB storage devices, local printers)
  • Authorization assignment for external devices linked to manufacturer ID or serial number of the device
  • Remote update of all applications and firmware
  • Integrated smartcard reader for PKI cards with CardOS 5.X in ID-1 format (service ID card, BW troop ID card...)
  • Compatible with all common 64-bit PCs, largely with Intel-based Macs and tablets with x86 architecture
  • UEFI Secure Boot support
  • Keyboard drivers for over 90 languages and countries
  • Multi-monitor support
  • Connection via LAN, WLAN, UMTS, LTE incl. browser for logging into the HotSpot
  • Software in German and English (can be preset)
  • 1 GB, can be used to store documents (not for VS-NfD), (larger storage capacities on request)
  • Hardware encryption with AES-256, secured by smartcard plus PIN
  • Installation-free use as a USB drive under Windows, Linux and macOS
  • Signing, encryption or Windows smartcard logon via PC/SC forwarding
  • Forwarding of external USB and LAN devices, e.g. for connecting an IP telephone
  • Automatic reconnect if the connection is lost or changed
  • Software certificate, linked to the hardware ID of the SBS and smart card
  • Integrated pinpad for PIN entry on the SBS
  • Write-protected and signed partitions for boot loader and kernel
  • Encryption via hardware of all security-relevant partitions
  • Write-protected and signed partition for firmware and applications
  • Writable partition for storing user parameters
  • Hardened ECOS Secure Linux operating system
  • Digitally signed boot loader, firmware and applications with validation in Chain-of-Trust
  • Protection of all processes via smartcard, e.g. Easy Enrollment, logging on to the gateway, updating the SBS
  • Integrated firewall to protect against attacks in the same network and block ping requests
  • Encryption of RAM contents down to the program code to be executed
  • VM Start Detection prevents use in a virtual environment
  • Fingerprinting of the guest computer including peripherals
  • Instant logout when unplugging the SBS
  • Secured update process for firmware and applications with integrity check and correct update server
  • USB-A | C | 28 x 85 x 14 mm - 72 g
  • ECOS SecureBootStick ZX, carrying strap, 2 connection cables for USB-A and C

Get in touch with us!

Our experts are happy to assist you.

Please enter your company email address!

The fields marked with (*) are mandatory and must be filled in.