U

Home » FAQ

How much do you know about cybersecurity?

Cybersecurity and its different aspects can be difficult to grasp – especially when you have just started to work with it. There is a lot that needs to be learned – here are some things you might not know about cybersecurity!

Do you have questions about cybersecurity? See what others have asked in our FAQ!

Not only is there a lot to learn about cybersecurity itself – it can also be difficult to know what products you might need or how they work. Here are some frequently asked questions!

Do you have more questions? Do not hesitate to contact us

We need a POC – how is this handled by Advenica?

We see the advantages with a POC and it is something that we offer, but how it is done is totally customised. Please contact us and tell us about your case and let’s see what we can offer!

Do you provide on-site support?

Advenica has limited possibilities to provide direct on-site support. However, partners of Advenica can provide on-site support. SLAs can vary based on the partner capabilities and location.

How do we receive help after implementation/installation?

First of all: make sure you have a valid MSA. If you have an MSA, you can contact Advenica Customer Services through web form, e-mail, or phone.

What does your roadmap look like?

We offer solutions for cybersecurity that meet the very highest security requirement and we constantly develop our products and services to meet future threats. The product development at Advenica differs from traditional development work as our customers demand that we with high assurance can vouch for and can demonstrate that our solutions are secure, today as well as in the future. Read more about high assurance products and how we develop them!

Which certifications do you have?

We have many different certifications for our products. You can read more about this here!

Which protocols do you support?

We support many different protocols with our products. Read more about this here! If there is a protocol you do not find in the list, we can always develop a solution for that protocol together with you.

What is the delivery time?

We generally have very short delivery times and can usually deliver your products within a week. The time from the point of delivery of the products until they are functioning is also very short, given that other relevant infrastructure is in place.

Where do you produce your own products?

We produce our products at our site in Malmö, Sweden.

Which industries have a need for your products?

All organisations that have a need for protection of valuable information can benefit from using our products. Countries, authorities, and companies within critical infrastructure are our main customers as they all have digital information and systems that are sensitive and worth protecting, and where the information also is critical to the whole society.

I can’t find my use case, can you customise a solution for me?

Yes we can! Our Customer Solutions team is a dedicated team that develops customised solutions based on our products. Contact us to discuss your use case and we’ll decide together how to proceed!
Read more about how such a project is done!

Data Diodes

Here are some frequently asked questions about our Data Diodes!

Data diodes are expensive, right?

The word “expensive” is a relative term if a data diode is viewed solely as an expense. Actually, a data diode is an investment that can be cheaper than not having bought it in the first place. It is all about the alternative cost and risk apetite of not having sufficient security. If the use case is right for a data diode, it is not only more secure but also lower in TCO(Total Cost of Ownership) to alternative technologies as it demands less in maintenance, administration, and support. Read more about it here!

How do we calculate the ROSI?

To calculate the ROSI (Return on Security Investment) is about calculating what the lack of security can cost and what the most cost-effective solutions are – this to be able to know what you should spend on security. Read more about how to do it here!

How much does it cost?

We offer a selection of data diodes with different perks and conditions. The price starts at around €3000 CAPEX but depends on what product you purchase and how complex the solution you need is. The base products do not come with any need for MSA (Maintenance and Support Agreement).

What are the alternatives?

For unidirectional data communication flow, a data diode is the most secure alternative. But, if you require data communication in two directions, there are other solutions you could choose – for example, a Security Gateway. (In some cases a network design with data diodes in opposite directions can be a solution.) A Security Gateway only forwards received information when it complies with a certain policy which is derived from your organisation’s information security policy. Read more about Security Gateways!

What is the difference between a configured firewall and a data diode?

A data diode contains special hardware designed in such a way that there are no known physical methods or properties that can be used to transmit information in the reverse direction, i.e. in the wrong direction through the data diode. A firewall configured for unidirectional traffic ensures this with software that may contain backdoors, bugs, and exploitable vulnerabilities. It is also difficult to guarantee the correctness of the configuration during the entire time the firewall is in operation. In addition, there are examples of firewalls which, despite being configured for unidirectional traffic, still allowed some data traffic in the wrong direction.

Can a data diode function in both directions?

That depends on how the question is meant. One data diode cannot function in both ways as a data diode guarantees unidirectional separation between network interfaces. It contains optical fiber with a transmitter on one side and a receiver on the other side, with no chance of a two-way transfer. But you can of course make a two-way secure communication design with a data diode in each direction. Another option when you need a secure two-way communication is to use Security Gateways, e.g. Advenicas ZoneGuard. ZoneGuard, allows for a strictly controlled two-way filtered information flow supporting third party controls for enforcing a digitally signed information policy. Read more about ZoneGuard.

Are your data diodes approved according to Common Criteria?

Advenica solutions have been awarded several prestigious approvals by the European Union, national certification bodies and international IT security certification bodies. Currently, our data diodes do not have the common criteria certification, but they are available with approval on assurance level N3 by the Swedish Armed Forces.  It means that you can use Advenica’s approved data diodes to let secure networks receive information from open or lower classified networks. Important to know is that a Common Criteria approval does not guarantee that you will not discover vulnerabilities. Most, if not all, products with Common Criteria-certifications need to be updated when vulnerabilities are identified. The core of an Advenica data diode is based on physical separation and is immutably secure without updates. Read more about our certifications.

Do you control all your production, including all components?

Advenica offers solutions for cybersecurity that meet the highest security requirements. Our product development differs in many ways from traditional development as our customers require us to demonstrate that our solutions offer high assurance security. This can only be achieved if all work is possible to evaluate. We develop and manufacture the vital parts of our solutions in-house to ensure the highest level of security (high assurance). We ensure IT security, protection of development and production environments, perimeter security of the premises and the availability of a reliable, security conscious workforce. We design the products with as few components as possible that are vital from a security perspective, and that vital parts can be assembled or supplied under our own control. We perform final configuration and control ourselves on our premises with our own personnel and under strict security control. Read more about our high assurance product development in our White Paper.

What is the delivery time?

We generally have very short delivery times and can usually deliver your products within a week. The time from the point of delivery of the products until they are functioning is also very short, provided that other relevant infrastructure is in place.

What is the difference between the different data diodes?

All our data diodes have high performance and provides physical separation in the forbidden backward direction. DD1000i includes integrated server hardware and software for the proxies. It can solve two-way network protocols and is available in a military approved version. The DD1000A offers in a small form factor, measuring only 216 x 167 x 44 mm, the same military approved high assurance. The DD1G series offer secure data transfer in a very compact format (130x20x150/163 mm) and can be delivered as DIN-mountable or stand-alone. Read more about the different models and what protocols they support.

Security Gateways

Here are some frequently asked questions about our Security Gateways!

What is a Security Gateway?

A Security Gateway, also sometimes called Data Guard or Information Exchange Gateway, is a device that controls the information exchange that takes place between different security domains. Advenica's Security Gateway is called ZoneGuard. Read more about Security Gateways

What is the difference between a Security Gateway and a firewall?

A bidirectional Security Gateway can be compared to a firewall because it regulates what traffic can enter and exit a network. A comparison to explain the difference between a Security Gateway and a firewall is to visualise an airport. The firewall would be the check-in counter where a simple check is performed, for example identity and ticket check. A Security Gateway would be the security checkpoint where you are scrutinised more, your bags are searched, you go through a body search and so on. Another way to describe it is that a firewall focuses on the traffic between two domains while a Security Gateway focuses on the information itself that is to pass.

What is the difference between a Security Gateway and a data diode?

A data diode is the most obvious and most simple option with high security if you need a unidirectional information flow, while a Security Gateway can handle two-way data communication in a secure manner. Another difference is that a data diode handles traffic while a Security Gateway handles information flows. Read more about Data diodes!

What is the difference between a Security Gateway and a proxy solution?

Our Security Gateway, ZoneGuard, has a unique internal segmentation feature that moves information between segments in a controlled manner. A proxy solution sits between one or more clients and one or more servers where it presents itself to the clients as if it were the server and vice versa. This feature allows you to decide which server will receive the traffic, but also protects the servers against various types of attacks. A Security Gateway is more focused on the information content and information control

Security Gateways are expensive, aren't they?

The word "expensive" is a relative term if a Security Gateway is only seen as a cost. Actually, a Security Gateway is an investment that can be cheaper in the long run than if you choose not to buy it. It's all about the alternative cost in case you get breached and have insufficient security. Determine your risk appetite (and perhaps do a ROSI calculation – see below) and then decide to invest or not.

How to calculate ROSI (Return on Security Investment)?

Calculating ROSI is about calculating what the lack of security can cost and what the most cost-effective solutions are - this is to be able to know what to spend on security. Read more about how to do it (in an article about another security product) here!

What is the delivery time?

We generally have very short delivery times and can usually deliver your products within a week.

What are the options?

If you need data communication in two directions, a Security Gateway is a secure solution as a Security Gateway only forwards received information when it follows a certain policy derived from your organisation's information security policy. If, on the other hand, you need a unidirectional data communication flow, a data diode is the most secure option. A data diode guarantees unidirectional separation between the networks. It consists of optical fiber with a transmitter on one side and a receiver on the other, with absolutely no risk of two-way transmission. Read more about Data diodes!

Do you control your production, including all components?

Advenica offers cybersecurity solutions that meet the highest security requirements. Our product development differs in many ways from traditional development as our customers demand that we can show that our solutions offer security with a high level of assurance. This can only be achieved if all work can be reviewed and evaluated. We therefore develop and manufacture the vital parts of our solutions in-house to ensure the highest level of security (high assurance). For our Security Gateway, this means that we use hardware that we have checked and in the case of software, we check and verify it so that we can take full responsibility for it throughout its life cycle. We ensure IT security, protection of development and production environments, perimeter security in the premises and access to a reliable, security-cleared and security-aware workforce. We design the products so that as few components as possible are vital from a security perspective and that these parts can be assembled and delivered under our own control. We carry out the configuration and final inspection ourselves on our premises with our own staff and under strict supervision. Read more about our high security product development in our White Paper.