IDtec Case Study

CSfC Archon Integration

  • Problem

    • Ensuring secure computation and services for a mobile workforce is a daunting challenge for any enterprise
    • Add to that the complications of hardware configuration management, administrative overhead for security updates, user training and acceptance, and the task seems almost impossible
  • Solution

    • Archon ZV is the world’s first turnkey CSfC complete mobility solution


ID Tec is pushing functional innovation within the CSfC area. We’ve created an End User Device called Archon ZV. At 1st glance, it appears to be a standard laptop. However, within the sheet metal, it is a completely different EUD appliance, built on a POSIX 178 Real Time Partitioning Operating System, and designed to function internally with Black/Gray/Red networks within the device.


What Archon Is.

Archon ZV functionally allows separate “guest” environments (Secure Domains) to separately and securely reside on the same endpoint protected by the Secure RTOS. Archon ZV supports native virtualization and multiple operating environments.

How Archon Works.

Within the virtual containers, the virtual machine may run a guest operating system (e.g. Windows, Linux, Android) and several tested and validated thin client operating systems, including Forcepoint TTC. However, because critical security components remain under the control of the trusted RTOS, each of the applications are isolated from the guest operating system. Secure authentication and communication between each are allowed with a high degree of assurance.

Leveraging these secure containers and in compliance with CSfC guidelines, classified network access is delivered through its own security stack without any interference, or threat of data leak to the FOUO side-service. What this means for the customers is that a deployed system is able to function in an environment with, or without connectivity.

Additionally, Archon ZV implements security address space within the RTOS Separation Kernel to provide the orchestration and enforcement of all CSfC-consistent double encryption processes. The Separation Kernel Orchestrator is utilized to enforce all flows for both network security as well as data-at-rest, providing protection for stored information using NSA approved cryptography while the EUD is powered off, or in an unauthenticated state. As a result, a system may be lost or discarded without compromising applications or data.

Finally, key management is included to enable dual encryption of all data-at-rest as well as dual encryption of any wired/wireless communications. This follows the Key Management Algorithm (KMA) implementation of OTA rekeying for EUDs. This dual encryption adheres to the NSA requirements for the Key Management Annex within the CSfC program.

How Archon Is Different.

Archon ZV was built to be able to scale to our customers needs. The system is delivered preconfigured and provisioned straight from the Dell factory so that only certifications need to be added at the site.  Our customers have share that this reduces the time to value from 48+hours per system to a matter of minutes.

Additionally, ID Technologies has developed an Over the Air (OTA) rekey solution which allows individuals to renew certifications or re-provision the systems remotely. Customers can therefore avoid unnecessary downtime required to send systems back on an annual basis for certificate renewals or whenever a new image is required.

Lastly, the Archon ZV interface and CSfC connection is elegant and performant, giving customers more of a commercial experience as was originally intended by the CSfC Program.

For more information, visit

Read More Case Studies.

  • Wireless on the Military Campus – Wi-Fi or Private 5G LTE?
    Wireless on the Military Campus – Wi-Fi or Private 5G LTE?

    Jim Rousseau, ID Technologies Wireless Network Architect; has traveled across the country over this past year visiting Department of Defense bases testing a number of wireless technologies. In his travels he discovered that there seems to be a misunderstanding, in some cases, distrust for Wi-Fi technologies. Jim has sought out to cast a light on different wireless solutions for the DoD and re-introduce Wi-Fi as the predominant network medium.

  • Reliable Wi-Fi and CBRS for DoD Flight Lines, Hangars, Depots and Field Deployments
    Reliable Wi-Fi and CBRS for DoD Flight Lines, Hangars, Depots and Field Deployments

    Unreliable Wi-Fi in hangars, flight lines, and readiness and maintenance operations prevents the DoD aviators from seeing the full mission value from electronic workflow. ID Technologies and CommScope have teamed up to deliver an end-to-end solution for reliable communications for unit level operations, depot maintenance and support for platoon and battalion fixed and rotary wing operations.

  • West Point Army Athletics Case Study
    West Point Army Athletics Case Study

    The Army Athletics team needed help with aged wireless and switch network. ID Technologies was brought in by Ruckus as partner support to Sharp USA for this refresh. Ultimately, the end-user got a rock-solid network that started showing results from day 1 of operation.

Get Connected

Contact us for assistance.