September 13, 2010
With the release of the U.S. federal government’s HSPD-12 directive a few years ago, many CIO’s and IT managers found themselves with a key issue to address: how to authenticate both local and remote IT personnel as they access government servers and networks. HSPD-12 mandates secure, authenticated access to all federal information systems and buildings. While smart cards were already in use in several industries worldwide, their use really exploded when the U.S. Department of Defense responded to HSPD-12 by utilizing smart card technology as the basis for implementing its Common Access Card program (CAC). More recently, the DoD introduced a new type of smart card known as a Personal Identity Verification card (PIV), which must conform to the FIPS-201 standard.
Using a smart card to access a PC or server that’s within arm’s reach is easy. However, a major challenge is to support this directive in the data center or any application in which users must access multiple servers or PCs that are often located in a separate room, let alone several feet away. It’s inefficient to connect a smart card reader to each device and insert the card each time access is needed. In fact, it’s usually not possible to do so. In many cases, users need to access servers in inaccessible rooms – and with different security levels.
To meet this need, several smart card-enabled KVM solutions have been introduced by the industry’s primary vendors. Of course, no two are exactly alike, so what do you need to look for? It’s important to choose not only a solution that fulfills the basic requirement of supporting smart card authentication to multiple servers from a single location, but also one that makes the necessary feature adjustments that meet and exceed the highly secure operation requirements inherent of a smart card environment.