fox data diode
DESCRIPTION
Product DescriptionTRANSCRIPT
Home Solutions Company Partners Support Resources Contact
Secure “One-Way” Communication
Privileged User Management and Access
Control
Enterprise Intelligence
Digital Forensics for Detectives
Information Security Awareness Training
Phishing Mitigation
Home >> Solutions >> Secure One-Way Communication
Secure “One-Way” Communication
THE HIGHEST SECURITY EVALUATED PRODUCT IN THE WORLD (Common CriteriaEAL 7+)
Fox DataDiode for Government High SecurityNetworks
The Fox DataDiode is an elegant solution for the high security transfer for data between networks.
Central to the Fox DataDiode solution is the Fox Hardware DataDiode, a unique hardware-based,
communication device, which operates in a unidirectional mode and makes use of a gigabit optical
data link to transfer data in a single direction (hence the term 'diode'), between a low-security
network and a network with a high-security level. Needless to say, this solution can also be used
where both networks have the same level of security. The Fox Hardware DataDiode can deployed in
combination with two Intel-based Proxy Servers where one is connected to the low-security (black)
network and the other to the high-security (red) network.
The Fox DataDiode offers security and data integrity, enhanced through the use of event logging,
and error detection and correction. It also boasts an easy transfer procedure and user-friendly
interface. Furthermore, users of the receiving (red) network are able to receive e-mail from outside
their network, print locally or access frequently used websites or databases, all without exposing
their high-security network to outside risks or threats.
Features and Benefits
In a nutshell, the Fox DataDiode offers the following features and benefits:
Unique hardware-based, one-way data link.
Global Security Network http://www.gsn.ae/catalog/detail/Secure-One-Way-Communication/53.html
1 of 3 06/22/2014 04:18 PM
Error detection and correction for data integrity.
Time synchonisation for the high-security network.
Event logging and SNMP traps on both sides of the data transfer.
Easy to use web interface for users, administrators and auditors.
Approved by the NL-NCSA, BSI, Common Criteria EAL 7+, and up to and incl. NATO SECRET.
No need for time-consuming, risky and expensive manual transportation of data e.g.
USB-stick.
To place things in perspective, it is useful to review the current alternative: the manual air-gap data
transfer procedure. In addition to the effort, time and cost involved, this form of data transfer also
introduces security risks through possible loss of portable storage media, or their incorrect disposal.
Moreover, this type of transfer is neither continuous, nor is it conducted online nor in real-time.
Fox DataDiode solution
The Fox DataDiode basic solution consists of three elements:
Hardware Data Diode
Data Diode proxy Servers
Data Diode Software
The basic solution can be augmented with additional application servers to add specific
functionality to one-way transfer.
Fox DataDiode for Critical Process Control Systems
Continuity is essential to Critical Process Control Systems such as power plants, water treatment
facilities, gas and oil refineries and public transport. Improving IT-security measures can raise the
continuity level further. An effective improvement to IT security is to physically disconnect the
Process Control Systems (PCS) from other networks. Unfortunately a contradictory requirement is
faced: the need for information sharing from PCS networks.
By implementing the Fox DataDiode automation application you can disconnect the critical part of
your infrastructure from other networks while still having access to the information from that critical
part. This is an effective way to enhance the security level of your network and securely share more
information. Your PCS network is disconnected from cyber threats!
The need for sharing information in PCS
Global Security Network http://www.gsn.ae/catalog/detail/Secure-One-Way-Communication/53.html
2 of 3 06/22/2014 04:18 PM
Information from sensors, monitoring systems and logging is necessary to share from the PCS
network with other systems. Some scenarios in which this information may be needed are; alerting,
providing customers with up-to-date information, remote vendor support and backing up of
systems. Undeniably the need for sharing information is there and its requirements will only
continue to increase.
How to resolve the contradictory requirements
A solution to the two aforementioned trends is to connect a PCS network to other networks using a
one-way network connection. This enforces the air gap from the perspective of the intruder and
allows for information sharing from a business perspective. This can be done by using the Fox
DataDiode.
For more information about the Fox DataDiode solution, please contact us at
Global Security Network http://www.gsn.ae/catalog/detail/Secure-One-Way-Communication/53.html
3 of 3 06/22/2014 04:18 PM