Internet-exposed devices that give BIOS-level access? What could possibly go wrong?
And this is why you run KVM devices in an isolated network and cut their WAN access completely
That’s not sufficient. If you can access the device, then you can access the remotely managed server. Since it’s remotely managed it must be an important server and the KVM can bypass traditional security measures since the KVM gives the same level of access as physical access. If you get through to the server, then isolating the KVM doesn’t matter.
What I do is I treat physical access as inherently insecure as if anyone could drop by. Encryption keys still need to be presented and the only screen shown when there’s no activity is a login screen. The KVM is treated like any other random access to the server, physical or SSH: You must identify yourself.
You totally misunderstood the comment.
If all the KVM units were on an airgapped system, there is no way to reach those units other than physically sitting down at the C&C workstation that is meant to interface with them and display their output. Because that machine is also on the airgapped network, and is not reachable from the Internet.
It’s no different than a traditional KVM at that point, aside from that C&C machine being anywhere where Ethernet can reach (traditional KVM units being rather distance-constrained).
Now, if you need mobile/off-site access to this system, you put a second NIC into that C&C workstation. First one for the KVM network, the other for world+dog, and then you use a trusted remote-access system to access the C&C workstation, and block it off from anything else on that second Internet-accessible network as best as possible.
I mean, you want secure? Truly secure? Then disassemble all your computers, put each individual part into its own barrel of cement, and then drop each barrel into its own deep-oceanic abyssal trench. THAT is how you get true security.
For everything else, there are reasonable trade-offs that discourage all but nation-state players or people with wrenches.
That just defeats the IP part of the KVM and in that case you’d better stick with a traditional KVM.
Your setup depends entirely on your threat model. In my case in a normal state everything on the network is locked. The KVM is never used for normal ops, only rebooting and entering a disk encryption key in case I’m remote and have a failure. The KVM can only be accessed through a VPN. That limits my threat exposure to be well below my threat model. If I was Edward Snowden this might not be enough, but last I checked I’m not hunted by any state actor, rogue or not, so making sure the KVM is not accessible from the internet is enough.
That just defeats the IP part of the KVM and in that case you’d better stick with a traditional KVM.
Video cables and USB cables were never designed for a 20m run. Most have difficulties beyond a 2-5m distance.
My servers will be in my basement, at the other end of the house. My C&C machine will be in my office. The entire purpose of remote KVM is such that I don’t have to hoof it all the way down into the basement just to do something quick. Or go back-and-forth if there is something in my office I have to reference while doing the work.
In fact, I suspect that network KVM is exceedingly useful for anyone whose machines are more than five steps away. Even across the room makes a hell of a lot of sense.
