U

Start » Cross Domain Solutions » Data Diode SecuriCDS DD1000A

SecuriCDS DD1000A

Unidirectional protection for Ethernet layer 2

SecuriCDS DD1000A is a data diode with optical unidirectional data flow to ensure physical separation in one direction. DD1000A offers high performance in a small stand-alone package mountable in a single 1U 19” rack system.

Unidirectional data flow

The SecuriCDS DD1000A takes data protection to a higher level, offering a powerful solution for efficient, risk-free and assured single direction data transfer between security domains. Advenica’s DD1000A provides confidentiality for classified networks and systems and integrity for Industrial Control Systems (ICS). Typical use cases include:
• Data transfer from ICS/SCADA networks to IT networks
• File transfer for data storage replication or software updates
• Secure log collection to administrative or audit network
• IoT data transfer from sensor networks to classified networks

Ethernet layer 2 and full Gigabit Ethernet wire speed

The SecuriCDS DD1000A works on Ethernet Layer 2. All network data on the upstream network will be automatically transferred to the downstream network regardless of overlaying network protocol. The data diode postulates unidirectional network protocols, e.g. UDP, to function correctly in a system.

The data diode offers full Gigabit data throughput in a small package. DD1000A can be used as a tabletop device or mounted as a half-width 19” rack system device. Two SecuriCDS DD1000A devices can be mounted next to each other in a 19’’ rack still with a height of 1U.

Hardware only security

Separation of networks often relies on the configuration of a security device, e.g. firewall rules. Human mistakes will affect the security and the assurance of an implementation is very hard to guarantee. The SecuriCDS DD1000A is designed in hardware only and has no software installed. It uses optical separation internally to guarantee the unidirectional security function. There is no configuration to be made and therefore the device cannot be misconfigured, the unidirectional security function is always assured.

Advantages

  • Optical high assurance separation
  • Physical upstream separation
  • Enables digitalisation without compromising security
  • Fulfilment of internal and regulatory requirements
  • National approvals
  • No configuration needed

 

Approvals

SecuriCDS DD1000A is approved in Sweden for data transfer between networks of different security levels up to and including the level of HEMLIG/TOP SECRET.

 

 

Technical data

Supported protocols

Unidirectional protocols, e.g. UDP, RTP, Syslog

 

Performance

Network interface

Gbit Ethernet

Data throughput

Gbit wire speed

 

Ports

Network data (Upstream + Downstream)

2x Gbit Ethernet (RJ45)

 

Supported standards

Network data ports

IEEE 802.3ab,1000Base-T, Auto MDI/MDIX

 

Compliance, test standards

  • CE, EN55024:2010 (A1:2015). EN61000-6-3:2007 (A1:2011)
  • Swedish national approval – Component assurance level N3

 

Dimensions and Weight

Device Size

216×43.4×167 mm (WxHxD)

Device Weight

2,2 kg

 

Physical security

  • Tamper evident casing
  • Inner enclosure to reduce compromising emanations

 

Environmental characteristics

Storage

-20 – +60°C, 5% – 95% RH non-condensing IEC 60721-3-1 (1K3/1B1/1C2/1S2/1M2)

Transport

-20 – +60°C, 5% – 95% RH non-condensing IEC 60721-3-2 (2K2/2B1/2C1/2S1/2M2)

Stationary use

0 – +50°C, 20% – 90% RH non-condensing IEC 60721-3-3 (3K3/3Z1/3B1/3C1/3S1/3M2)

 

Electrical characteristics

Input voltage

1x or 2x 12VDC (Separate power inlets for upstream and downstream interfaces, power bridge cable included)

Power consumption

5W

External power supply (included)

1x 90-260VAC / 12VDC (Power supply rating 15W)

Depending on your requirements, one or two power supplies may be used to power DD1000A.

 

Dimensions and Weight

Device Size

216×43.4×167 mm (WxHxD)

Device Weight

2,2 kg

Some security challenges where datadiodes are a good solution

Traceability and security logging

Centralised logging in security-sensitive systems involves an enhanced risk of attacks. To reduce the risks, a solution is needed that protects both log data and all connected systems. Read more about traceability and security logging.

Secure transfer of SCADA information

To transmit critical information, e.g. from a SCADA system to an administrative office network means potential security risks. But there are solutions that take care of security problems and at the same time enables an exchange of information. Read more about secure transfer of SCADA information.

Secure updates

Updates for Windows and Linux systems are an important part of maintaining the security of the digital information in these systems. However, the updates themselves may be a security risk – to avoid these risks and to maintain the integrity and availability of the systems and be able to make secure updates, special solutions are required. Read more about secure updates.

Certifications and approvals

Advenica solutions have been awarded several prestigious approvals by the European Union, national certification bodies and international IT security certification bodies. We also hold US patent for our VPN technology, Three Domain Separation.

Warranty

Advenica warrants that this product will be free from defects in material and workmanship for one (1) year from the date of purchase.