Please Note:
UserGuard has been discontinued and replaced with SIPRGuard.
If you are not redirected automatically,
please follow this

UserGuard User Authentication

Secured Access for Your Classified Network

UserGuard Desktop User Access Control System

UserGuard Desktop User Access Control System


Desktop User Access Control System Secures the Last 6 feet to the Desktop

UserGuard was designed from the ground up for streamlined network access from the desktop, without compromising security or network performance.  It incorporates locally controlled two factor authentication (CAC & PIN) to connect the desktop KVM and Ethernet devices to the network. Once authorized, normal network logon proceeds with no interference with network traffic.

UserGuard is comprised of two integrated modules:

  1. Desktop Access Control Module – Includes a Common Access Card (CAC) reader, PIN pad, kill button and a motion sensor activated disconnect.
  2. Intelligent Gateway (mounted inside an IPS Container) – Includes:
    •   I/O gateway controller module (HDMI/USB/Cat6)
    •  8” tablet PC
    •  USB/power control module
    •  and rack-mount tray with “whale tail” cable restraint

UserGuard satisfies the needs of both the IA/COMSEC teams, as well as,  the users.  The users are no longer required to open the safe or access the hardware, which simplifies their responsibilities, and the IA/COMSEC teams know that because the users are securely withheld from access to the network devices, they can rest easy with the understanding that hardware tampering and malicious data acquisition is a thing of the past.

Sensitive Compartmented Information Facilities (SCIFs) and Controlled Access Areas (CAAs) only protect physical spaces.  IT/cyber security only protects the network.  These methods of security are primarily reactive.

By comparison, UserGuard, when integrated with an IPS Container, proactively defends the network equipment and the access point, minimizes human intervention, and  simplifies security.  Additional benefits are the rapid integration of advancing technology and a nimble response to emerging threats, all with the objective of keeping the insider out.


Security That is Focused on the Network Equipment

  • Devices housed in GSA Approved Class 5 IPS Container
  • Network devices remain in IPS Container and on-line 24/7
  • Physical access to IPS Container and network devices restricted to admin/security personnel only

User Access Restricted to Desktop Peripherals

  • User authorized for network access, not network devices
  • Two-factor authentication on desktop (CAC + PIN) connects user to network via KVM and Ethernet devices
  • Local enrollment & admin from inside IPS Container
  • USB hardware HID filters prevent USB port corruption
  • Precedes & augments security of normal network logon

Instant SIPRNet Access

  • No boot up delays for anti-viral patch updates during logon
  • Productivity & convenience enhanced with time savings

Improved Performance

  • Simple, convenient security protocol encourages compliance, reduces OPSEC errors, neglect & avoidance
  • Minimizes power cycling and rebooting, improving network stability and long term hardware reliability

Simplified Connectivity & Operation

  • Eliminates need for in-room PDS, conduit or drop boxes
  • No off-line storage of hard drives, laptops or crypto keys
  • No plugging or unplugging of devices for connectivity
  • MultiGuard expansion flexibility for multiple users or single users access to multiple networks with one authentication

In the absence of Government standards covering the last six feet to the desktop, approvals have used the waiver process or through local DAA acceptance. Some
progress has been made:

  • JITC – Exemption – a physical security device with no DISN interaction
  • DSS – Internal IA/COMSEC approval and accreditation
  • DISA STIG – Group ID: V-31132, Rule ID: SV-41289r2 Version IA-12.01.01

Model Number:  TSMSV1UGD-PC

Dimensions:  Intelligent Gateway: 1Ux11.75”D
             Desktop Unit: 2”Hx6.8”Wx10.3”D

Input Power:   100-240V, 50/60 Hz
             Gateway: 1.0A Desktop: 0.3A

CAC: Dedicated DoD approved or User Badge, HID RFID DoD approved reader

Authentication Software: 2FA

Processor: Dell 8” Tablet PC, Win 8.1, WiFi, Bluetooth, Camera deactivated

Standard Cable Sets:  Input: 6ft HDMI/USB/Cat6
                      Output: 15ft HDMI/USB/Cat6, USB hub

  • 30ft & 50ft output cable sets
  • 2 or 4 Port KVM Switch with cables for SIPR, NIPR and/or other networks
  • MultiGuard expansion module for multiple users or single user with multiple networks with single access


Quote Request

Performance is the Result of Commitment Meeting Preparation

At Trusted Systems, we understand that unique security-risk variables and environments exist for each location and application. This is why we work so closely with you to assess your requirements, and tailor solutions specific to your needs. If you would like to speak to a representative, please submit a Quote Request form, or call toll free 800-414-4203.
Quote Request