Prevent intrusion and maintain network integrity with Data Diodes
SecuriCDS Data Diode not only prevents intrusion and maintains network integrity but just as effectively prevents leakage and maintains network confidentiality. This high assurance solution safeguards assets for operators within ICS/SCADA or the defence industry.
Unidirectional information exchange between networks
SecuriCDS Data Diode allow for real time, unidirectional information exchange between networks. Many networks require extra protection against manipulation and data leakage as they contain classified or sensitive information. Sometimes they are kept isolated for safe keeping. However, there are times when certain information has to be sent into, or out of, such networks. In such cases, a data diode can be of help.
Optical hardware separation
SecuriCDS Data Diodes are one-way information transfer devices that connect two networks of the same or different security levels. The data diodes have an optical hardware separation to guarantee a unidirectional separation between the two networks.
Safeguarding network confidentiality
Protected or secret networks have a very high security requirements regarding confidentiality. High assurance data diodes provide the necessary security safe guarding that no information leakage can occur – making sure that information leakage cannot occur. The use cases range from importing software updates or virus definitions to importing e.g. OSINT information to a secret analysis network.
Return of Security Investment
Using a data diode is a highly cost-effective way to protect sensitive information. Read more about our calculation of what the Return of Security Investment (ROSI) can be for a data diode!
Protecting Industrial Control Systems (ICS)
Connecting ICS systems to other networks pose a great security risk and security measures must be taken to prevent intrusion and to maintain the network integrity. SecuriCDS Data Diodes provides the most secure option as the information can only be sent out from the ICS network to e.g. the business network. This effectively mitigates the cybersecurity risks while enabling information transfer.
SecuriCDS Data Diode guarantees unidirectional separation between network interfaces. It contains optical fibre with a transmitter on one side and a receiver on the other side, with no chance of a two-way transfer.
The separation between the two data interfaces on a data diode is vital. In the SecuriCDS Data Diodes, the separation and diode functionality are based on an optical transmitter and receiver. The design guarantees that no data passes in the opposite direction. The SecuriCDS Data Diodes even includes the possibility to use dual power supplies to eliminate potential covert channels in the reverse direction.
Integrated proxy servers
Integrated proxy servers to enable handling of common communication protocols, e.g. data, file or network time transfers, are included in SecuriCDS Data Diode model D1000i. This data diode handles application level protocols and is easily integrated into any system.
High assurance data diodes
Advenica’s data diodes meets the highest demands on both security and assurance. Internal separation of functions, multi-stage unidirectional security and deep security analysis provides trust and high assurance. Special attention has been given to eliminate the risk of covert channels in the reverse direction.
Component assurance level N3
Advenica’s data diodes SecuriCDS DD1000A and SecuriCDS DD1000i are approved by the Swedish Armed Forces with the component assurance level N3 according to Swedish national security requirements. The component assurance level N3 can be used in systems with high impact level (e.g. handling secret information up to SECRET/TOP SECRET) but where the component level of exposure is somewhat limited.
Create your own proxy services
In the SecuriCDS Data Diode, model DD1000i, is the opportunity to use your own staff, consultants or Advenica’s Professional Services. The data diode’s Software Development Kit (SDK) makes it possible to use SecuriCDS Data Diode security platform and develop unique and custom proxy services.
SecuriCDS Data Diode models
SecuriCDS DD1000i Unidirectional Security Gateway
DD1000i includes integrated server hardware for proxies and can be mounted in a 19" rack system (height: 1U). This data diode model takes data protection to a higher level. By offering a powerful solution for efficient, risk-free data transfer between closed and open networks, proxies are designed, developed and tested to meet the requirements for interacting with highly sensitive information. DD1000i comes in two different variants - platform (multiple applications) and appliance (single application).
SecuriCDS DD1000A Unidirectional Data Flow
The DD1000A offers high performance in a small package, measuring only 216 x 167 x 44 mm. One or two DD1000A can be mounted in a 19" rack system using only 1U. DD1000A operates on Ethernet layer 2 and supports unidirectional protocols e.g. UDP.
Data diode DD1G Unidirectional Data Flow
DD1G series offer high performance and secure data transfer for Ethernet Layer 2. The series include stand alone devices as well as DIN rail mounted devices, all in a very compact format (130x20x150/163 mm). By using a proxy service the data diodes can handle common communication protocols and translate them into unidirectional dataflows.
Some security challenges where datadiodes are a good solution
Traceability and security logging
Centralised logging in security-sensitive systems involves an enhanced risk of attacks. To reduce the risks, a solution is needed that protects both log data and all connected systems. Read more about traceability and security logging.
Secure transfer of SCADA information
To transmit critical information, e.g. from a SCADA system to an administrative office network means potential security risks. But there are solutions that take care of security problems and at the same time enables an exchange of information. Read more about secure transfer of SCADA information.
Updates for Windows and Linux systems are an important part of maintaining the security of the digital information in these systems. However, the updates themselves may be a security risk - to avoid these risks and to maintain the integrity and availability of the systems and be able to make secure updates, special solutions are required. Read more about secure updates.
Our data diodes have national approvals in several countries. Please contact your Advenica sales representative for specific country information.
The EU certification/approval system does not apply to non-cryptographic products. Advenica's Data Diodes have been certified in three EU Member States for use up to national security class SECRET. Usually for cryptographic products, the EU requires the opinion of two Member States before granting an approval. If the EU certification/approval program had included non-cryptographic products, Advenica's date diodes would have been approved for use up to and including EU SECRET security class.
Read more about our certifications.