Accessible Cross - Domain Environment (ACE)

Accessible Cross- Domain Environment (ACE)  

ACE is the Northrop Grumman Multi-level Zero Client system providing seamless desktop access to applications and data from multiple security domains using a single wire.

There are strict requirements to maintain separation of security domains. Many users requiring access to multiple security domains have to utilize and maintain multiple computer systems. Access to four security domains means that four desktop systems were on each user’s desk.

ACE meets the strict requirements to maintain the separation of security domains. A single ACE Multi-level Zero client provides the same access to multiple security domains using a single disk-less client and a single network.


ACE is based entirely on open source technology to reduce and control costs. The powerful commercially available zero clients utilized by ACE are able to provide thick-client performance while remaining diskless and stateless.

  • Small form factor/footprint on the desktop reduces power requirements
  • Supports critical desktop performance functions using diskless clients
  • High performance, high definition video
  • Isochronous device support (web cameras, scanners, video teleconferencing)
  • Multiple card readers (each at different classification levels)
  • ACE can reuse currently deployed desktops that meet ACE specifications


  • ACE clients network boot from the ACE centralized management server
  • ACE clients support both locally running virtual machines (VM) and remote desktop access
  • Integrates with existing site infrastructure of servers, storage, and VM technologies
  • Single wire to each desktop using secure tunneling of lower networks over the high side network
  • Scales to a high number of security domains which is important to a growing SAP/SAR community
  • Supports multi-monitor configurations allowing for viewing different security domains on each monitor
Accessible Cross-Domain Environment(SABER/ACE)

Increased Security

  • ACE clients use stateless zero client technology
    • No disk drive so no data resides on the client
    • USB ports can be controlled preventing import and export of data from the client
  • Supports two-factor authentification for access to resources
    • Smartcard Token (Something you have)
    • User ID and password (Something you know)
  • Supports the virtualization of windows environments
    • Easier to secure, patch, and maintain
    • Easier to recover from malware infestation than if running a large number of desktop PCs
    • Supports existing sites’ VDI backend infrastructure
    • Supports Thin VMs
  • Supports remote management of ACE Server Software from the thin clients
  • Provides security controls for separation of duties
  • Availability of access
  • Redundancy
  • Integrity of data

More Information