How much do you know about cybersecurity?
Cybersecurity and its different aspects can be difficult to grasp – especially when you have just started to work with it.
There is a lot that needs to be learned – here are some things you might not know about cybersecurity!
Not only is there a lot to learn about cybersecurity itself – it can also be difficult to know what products you might need or how they work.
Here are some frequently asked questions about our Data Diodes!
Do you have more questions? Do not hesitate to contact us!
Data diodes are expensive, right?
The word “expensive” is a relative term if a data diode is viewed solely as an expense. Actually, a data diode is an investment that can be cheaper than not having bought it in the first place. It is all about the alternative cost and risk apetite of not having sufficient security. If the use case is right for a data diode, it is not only more secure but also lower in TCO(Total Cost of Ownership) to alternative technologies as it demands less in maintenance, administration, and support. Read more about it here!
How do we calculate the ROSI?
To calculate the ROSI (Return on Security Investment) is about calculating what the lack of security can cost and what the most cost-effective solutions are – this to be able to know what you should spend on security. Read more about how to do it here!
How much does it cost?
We offer a selection of data diodes with different perks and conditions. The price starts at around €3000 CAPEX but depends on what product you purchase and how complex the solution you need is. The base products do not come with any need for MSA (Maintenance and Support Agreement).
What are the alternatives?
For unidirectional data communication flow, a data diode is the most secure alternative. But, if you require data communication in two directions, there are other solutions you could choose – for example, a Security Gateway. (In some cases a network design with data diodes in opposite directions can be a solution.) A Security Gateway only forwards received information when it complies with a certain policy which is derived from your organisation's information security policy. Read more about Security Gateways!
What is the difference between a configured firewall and a data diode?
A data diode contains special hardware designed in such a way that there are no known physical methods or properties that can be used to transmit information in the reverse direction, i.e. in the wrong direction through the data diode. A firewall configured for unidirectional traffic ensures this with software that may contain backdoors, bugs, and exploitable vulnerabilities. It is also difficult to guarantee the correctness of the configuration during the entire time the firewall is in operation. In addition, there are examples of firewalls which, despite being configured for unidirectional traffic, still allowed some data traffic in the wrong direction.
Can a data diode function function in both directions?
That depends on how the question is meant. One data diode cannot function in both ways as a data diode guarantees unidirectional separation between network interfaces. It contains optical fiber with a transmitter on one side and a receiver on the other side, with no chance of a two-way transfer. But you can of course make a two-way secure communication design with a data diode in each direction. Another option when you need a secure two-way communication is to use Security Gateways, e.g. Advenicas ZoneGuard. ZoneGuard, allows for a strictly controlled two-way filtered information flow supporting third party controls for enforcing a digitally signed information policy. Read more about ZoneGuard.
Are your data diodes approved according to Common Criteria?
Advenica solutions have been awarded several prestigious approvals by the European Union, national certification bodies and international IT security certification bodies. At this time, our data diodes do not have the common criteria certification, but they do have the N3 approval from the Swedish Armed Forces. This means they have been approved at a higher level than any competitor. Read more about our certifications.
Do you control all your production, including all components?
Advenica offers solutions for cybersecurity that meet the highest security requirements. Our product development differs in many ways from traditional development as our customers require us to demonstrate that our solutions offer high assurance security. This can only be achieved if all work is possible to evaluate. We develop and manufacture the vital parts of our solutions in-house to ensure the highest level of security (high assurance). We ensure IT security, protection of development and production environments, perimeter security of the premises and the availability of a reliable, security conscious workforce. We design the products with as few components as possible that are vital from a security perspective, and that vital parts can be assembled or supplied under our own control. We perform final configuration and control ourselves on our premises with our own personnel and under strict security control. Read more about our high assurance product development in our White Paper.
What is the delivery time?
We generally have very short delivery times and can usually deliver your products within a week. The time from the point of delivery of the products until they are functioning is also very short, provided that other relevant infrastructure is in place.
What is the difference between the different data diodes?
All our data diodes have high performance and provides physical separation in the forbidden backward direction. DD1000i includes integrated server hardware and software for the proxies. It can solve two-way network protocols and is available in a military approved version. The DD1000A offers in a small form factor, measuring only 216 x 167 x 44 mm, the same military approved high assurance. The DD1G series offer secure data transfer in a very compact format (130x20x150/163 mm) and can be delivered as DIN-mountable or stand-alone. Read more about the different models and what protocols they support.