MXI Stealth Zone

MXI Security M200

Many MXI devices can be enabled with MXI Stealth Zone, an innovative platform for deployment of a Secure USB Desktop (SUD) environment on a high-security device.  With MXI Stealth Zone any computer ― including shared systems, home computers or other untrusted computers ― can be instantly transformed into a standard IT-managed system while maintaining both performance and security.

Users simply plug in their MXI Stealth Key M500, M550 or M700 Bio into any computer, then reboot and authenticate their identity. They then have access to their full operating system and desktop applications. When they leave, their desktop leaves with them, and no trace of their presence remains behind on the host.

Deployments are fully manageable with MXI’s ACCESS Enterprise device management system, allowing control of device security policies and usage.  The MXI Stealth Zone appliance, based on MXI’s own proven device manufacturing systems, allows quick, secure and reliable creation of hundreds or thousands of MXI Stealth Zone devices in a short period of time. Administrators and systems integrators have full freedom to configure user environments without having to involve MXI, which removes logistical and security barriers.

Leveraging MXI’s industry-leading strong authentication technologies and hardware-based encryption, MXI Stealth Zone guarantees protection of applications, operating system and data. The on-board MXI Stealth Processor (FIPS 140-2 Level 3 validated) brings advanced features to the MXI Stealth Zone platform:

 Download Product Sheet PDF

Features

  • Encrypted Storage

    Cryptographically secure lockdown of content shields the desktop from even the worst environments, preventing tampering, intrusion and piracy.

  • Secure Preboot Authentication

    Access to the hardware-encrypted desktop requires up to 3-factor authentication, including password, optional biometric, and CAC/PIV in Q1 2011.

  • Host Isolation

    Insert your MXI USB drive into the host computer, then reboot and authenticate. The computing environment is now fully isolated from both malware and data leakage.

  • Optional Secure Portable Storage

    A separate, secure partition allows exchange of data between the MXI Stealth Zone environment and other computing environments.

  • Optional PKI Token Operation

    Secure key and certificate stores, hardware key generation, digital signing, and a range of other user PKI operations are possible within the USB desktop.

  • Traceless Departure

    When the user leaves, they take their environment with them and no trace of their presence remains on the host.

MXI Stealth Zone offers many benefits, including

  • Teleworking

    Users can work remotely, whether it’s from home, on the road, or the extended offsite of in-theatre soldiers.

  • Disaster Recovery

    When normal systems are inaccessible or potentially destroyed as the result of terrorism, weather conditions or health quarantines, preconfigured portable environments can be distributed as easily as a USB device.

  • Temporary Personnel

    Temporary workers, such as contractors, can be given an environment to use on their own hardware.

  • Separation of Desktop Environments

    When regulatory or security issues demand that users separate work environments for different projects or tasks, MXI Stealth Zone enables deploying of these environments using a single computer.

  • Secure Transactions and Online Banking

    Users can combine a portable web browser with a full-featured PKI token for anywhere, anytime certificate-based authentication.

Capacities available

8

16

32

64

GB

 

Frequently Asked Questions

Why is strong authentication so important?

Encrypting data is not enough to ensure that your information is secure. If the authentication to access the data is weak then the strength of the encryption or the size of the encryption key is irrelevant. To ensure that your data stays encrypted and does not fall into the wrong hands, strong authentication is necessary to protect the encryption key and thus the overall data. By combining password, biometric, and/or smart card authentication with hardware that automatically locks down if too many authentications fail, significant levels of security are added to protect your encrypted information. Furthermore, with authentication performed in hardware, software attacks are ineffective.

Why is a truly portable device so important?

True portability means the device can be used on any machine regardless of operating system, including unsecured public or shared systems. As long as USB mass storage is supported on the host machine, then the device will operate like any USB storage device. The hardware implementation of authentication and transparent encryption means that no locally installed software is needed and the device has the same mobility as a regular flash drive.

Why is hardware-based encryption so important?

Hardware encryption offers more security and portability than software-based encryption. With software encryption, the data is processed on the host computer where it can be exposed to malicious software. By contrast, hardware encryption occurs within the trusted environment of the device. Because hardware-based encryption happens on the device transparently, no software needs to be installed and the flash drive is as fully portable as a regular, unencrypted USB device.

Why is AES-256 encryption so important?

AES-256 encryption with 256-bit keys offers the strongest data protection available in a FIPS-approved symmetric encryption algorithm. The National Security Agency (NSA) considers the design of AES-256 and the strength of its key sizes sufficient for protecting its classified information. CNSS Policy No. 15 states that key sizes of 128, 192, and 256 bits are sufficient for SECRET classification, while only 192 and 256 bits are sufficient for TOP SECRET. See CNSS Policy No. 15, Fact Sheet No. 1