Secure Isolators - Preventing Data Leaks Between Networks through Hardware Enforced Unidirectional Data Flow
HSL’s Secure, NIAP PP4.0 Certified/Compliant Isolators ensure that computer video and USB data flow are filtered and flow unidirectionally. This prevents shared peripheral vulnerabilities from compromising network security. The Isolator ensures that only the necessary data is transferred from the source to the destination.
The secure isolator prevents vulnerable peripherals from attacking secure computers by ensuring that video and audio flow in a single direction. By preventing host-toperipheral direct access the secure isolator eliminates data leakage and filtering irrelevant data from reaching sensitive computers. The Isolator is designed to provide the highest possible computer & peripheral isolation as demanded by government agencies, military, financial institutions and similar security sensitive customers.

HSL has a broad portfolio of isolation products suitable for multiple deployment scenarios, ranging from meeting rooms and control rooms to operational technology.
Why Use a Secure Isolator?
- The ultimate solution for securing and presenting sources of different classification level on the same display
- Supports isolation of large KVM Matrices and conference room equipment
Attack Scenario #1 - Meeting Room
The Problem
Several data leakage scenarios, in which different computers are connected at different times, can be demonstrated:
- EDID attacks
- Fake control setting attacks (VESA MCCS)
- Image upgrade attacks
- Asset management attacks
Data can leak between systems even when not connected at the same time by using the display or projector as an intermediary storage device.
The Solution
Problem solved by connecting an Isolator on the cable between the computer and the display, preventing data transfer from the display to the guest computer.
Attack Scenario #2 - Command and Control
The Problem
Possible switched data leakage scenarios:
- Plug & Play attacks (VESA EDID)
- Fake control setting attacks (VESA MCCS)
- Image upgrade attacks
- Signaling attack while switching over (slow leakage)
Information leakage can occur through the non-secure KVM Matrix or the connected peripherals.
The Solution
Problem solved by connecting Isolators between each computer and the non-secure KVM Matrix.









