Advantages of the SINA Workstation H R RW11 at a glance
Our IT security concept combines multiple hardware-, software- and firmware-based security components and thus offers the highest possible protection against internal and external influencing factors.
The notebook, specially designed for extreme conditions, enables location-independent work for mobile and rugged use.
Multiple virtual sessions can be strictly separated and allow parallel working in different security domains - up to and including SECRET.
Zone 1 or SDIP 27 Level A meet all requirements for emission protection.
Modern crypto client for mobile and rugged use
The SINA Workstation H R RW11 is a universally applicable crypto client for mobile and extreme operating conditions. It is based on a ruggedized notebook, specially designed for extreme conditions. The housing offers high protection especially against shock, vibration, dust and moisture. In addition, this SINA client can be operated at extreme temperatures without any problems and the moisture protection is also guaranteed with non-sealed covers or connected peripherals. In its entirety, it fulfills all conditions of the MIL-STD 810G and MIL-STD 461F standards and with SDIP 27 Level A also the extremely high requirements for radiation protection.
The workstation was developed in cooperation with the German Federal Office for Information Security (BSI) for location-independent processing of classified information up to and including SECRET. The focus here is on military and official high-security networks with tactically mobile system components as well as particularly high requirements for data security and equipment resilience.
What makes a workplace secure? The requirements profiles of the German Federal Office for Information Security (BSI) provide information on how to work securely with classified information or other sensitive data. This requires a holistic security concept that the SINA Workstation fully implements in a BSI-compliant manner. This means that authorities and companies do not have to assemble the components for a secure workstation and VS-compliant operation themselves, nor do they have to have the configuration approved by the BSI. This maximizes not only security, but also convenience.
A VPN client is considered an indispensable subcomponent of a secure mobile workplace. SINA uses advanced encryption technology to create a secure environment for transmitting sensitive information and classified information over potentially insecure networks such as the Internet. Using an IP-sec secured VPN tunnel, employees can access their administrative network with the SINA Workstation while on the move. The data transmission is encrypted to prevent eavesdropping.
All hard disk accesses and network connections are automatically encrypted by the workstation and thus cannot be read by unauthorized persons. This allows you to ensure data security without having to securely lock away the device after each use.
Access to devices and interfaces is carried out under the control of the SINA security operating system. It has been proven that USB sticks, for example, are a popular gateway for malware. The workstation's interface control regulates the release. This means that, depending on the security policy you have chosen, users must first consciously and deliberately release USB devices before they can be used at all in a working environment such as Windows. In the case of a strict policy, SINA interface control prevents the connection of USB devices altogether.
Two-factor authentication is required to ensure that only authorized users can log on to the computer. The SINA Workstation can only be unlocked if a security token - in the form of a smartcard or USB token - and the corresponding PIN are inserted.
With the SINA Workstation, the operating system substructure is also protected. It is well known that firmware and hardware are increasingly becoming the focus of cyber attacks. The firmware belonging to the hardware plays an important role in the function and security of the overall system - for example, when booting the operating system. Undetected by Windows, malware always reinstalls itself when the firmware is infected by malicious code. This is effectively prevented with SINA technology: The respective operating system, for example Windows, is exclusively virtualized within the SINA security operating system. Thus, neither Windows nor malware gain direct access to the physical hardware. Program code is only executed in a virtualized environment of the SINA workstation. Manipulation of the firmware during physical access to the device is also effectively made more difficult:, Since our special SINA Secure Boot only allows software to be started that is signed by secunet or the German Federal Office for Information Security (BSI), malicious code is not executed in the first place. This also prevents attacks via malware that is booted locally for a short time ("Evil Maid Attack").
Devices, including all security components, can be remotely maintained and administered centrally via the SINA Management Center. If all employees have to be sent to the home office and need mobile hardware quickly, the administration tools are also designed for a mass rollout, regardless of location, large numbers of SINA workstations can be set up simultaneously. In the event of a security incident, you can take the entire IT or individual devices offline.
SINA technology is unique: the user's operating system (such as Windows or Linux) is virtualized and embedded in the SINA security operating system. This means that the working environment is strictly separated from the firmware and hardware - so potential malware cannot spread through it. But the virtualization technology creates even more new possibilities in everyday work: several (different) operating systems with different security levels can be used in parallel on a SINA workstation. For example, classified information can be processed, while a session for a video conference with external parties is running - strictly separated from this. The strict separation of individual sessions means that other business or even private uses can take place on a device in parallel. Windows and Linux can also be used side by side.
SINA – Secure Inter-Network-Architecture
SINA was developed as a holistic security system that protects entire digital infrastructures. At its core, perfectly matched network components and clients ensure effective encryption and separation of differently classified data - locally and when transferred over the internet.
SINA is used worldwide by governments, critical infrastructures and in industry and is the leading security architecture in the Federal Republic of Germany with over 170,000 installed systems.
Multilevel and multionational applicable
With its holistic and modular approach, SINA is an integrated solution for a wide range of requirements in handling classified information and other sensitive data for public authorities and companies. The security philosophy implemented in SINA products includes secure system platforms, multi-level integrated, interlocking IT security modules and strictly separated applications, even with different classifications - built into one device in conformity with VS approval. SINA thus guarantees confidentiality in processing and communication in all national and major international VS classification levels as well as for a wide range of application scenarios.
End-to-end digital document management
SINA Management centrally manages and configures all users and components of the SINA product portfolio. The networks to be protected are set up, configured and administered in a structured manner. With its graphical user interface, SINA Management enables easy configuration of security relationships and access authorizations between SINA components and networks.