Remote access to data anytime, anywhere
Easy, flexible, highly secure
The ECOS SecureBootStick GX not only provides maximum secure access to a terminal server or virtual desktop infrastructure and web applications from a secured and encapsulated environment, it acts as a strong multi-factor authentication at the same time. Its slot for cards in ID-1 format allows to use PKI cards and company ID cards for user authentication. The ECOS SecureBootStick GX meets the requirements for particularly security-conscious companies perfectly.
ECOS SecureBootStick GX is identical in design and software to the ECOS SecureBootStick FX.
Technical data of the Secure Boot Stick GX
Applications
- RDP Client, Citrix Workspace app (formerly Citrix Receiver), VMware Horizon via RDP, PCoIP, BLAST, Firefox, Chromium, VPN Client for IPsec
- Citrix HDX RealTime Media Engine to optimize audio and video transmission for Skype for Business and Microsoft Teams
- Microsoft RemoteFX for optimizing the audio quality with RDP
Supported destination systems
- Microsoft RDSH, WTS 2000 and later, RDS, RD sharing, Citrix Virtual Apps & Desktops, VMware Horizon or web server
VPN
- Connection to genua genuscreen by IPsec within a BSI-approved environment
Administration
- Profiles for access to different applications/servers on user, group or role level
- Use of local resources after release (external USB storage devices, local printers)
- Rights assignment for external devices bound to manufacturer ID or serial number of the device
- Remote update of all applications and firmware
Compatibility
- Integrated smartcard reader for PKI cards, ID cards in ID-1 format
- Drivers for all popular 64-bit PCs, Macs and tablets with x86 architecture
- UEFI Secure Boot support
- Keyboard drivers for more than 90 languages and countries
- Multi-monitor support
- Connection by LAN, WLAN, UMTS, LTE incl. browser for login to hotspot
- Software in German and English (pre-configurable)
Data safe
- 1 GB, usable for storing documents (not for VS-NfD), (larger storage capacities on request)
- Hardware encryption with AES-256, secured by smartcard plus PIN
- Installation-free use as USB drive in Windows, Linux and macOS
Additional features
- Signing, encryption or Windows smartcard logon with PC/SC forwarding
- Forwarding of external USB and LAN devices, e.g. for the connection of an IP telephone
- Automatic reconnection after disconnection or connection change
Multi-factor authentication
- Software certificate, tied to stick’s hardware ID and smartcard
- Integrated numeric keypad for PIN entry on the stick
Security
- Write-protected and signed partitions for bootloader and kernel
- Encryption by hardware of all security-relevant partitions
- Signed read-only partition for firmware and applications
- Writeable partition for storage of user parameters
- Hardened ECOS Secure Linux operating system
- Digitally signed bootloader, firmware and applications validated in chain of trust
- All processes secured by smartcard, e.g. Easy Enrollment, sign-in to gateway, stick update
- Integrated firewall protecting against attacks over the same network and blocking ping requests
- Encryption of RAM content except for the executable program code
- VM start detection prevents use in virtual environment
- Fingerprinting of the guest computer incl. peripherals
- Instant logout on stick disconnection
- Secured updating process for firmware and applications with verification of integrity and correct update server
Connection, dimensions and scope of delivery
- USB-A | C | micro - 28 x 85 x 14 mm – 72 g
- ECOS SecureBootStick GX, carrying strap, 2 connection cables for USB A and C