Cross Domain Security for Critical Infrastructure 

Cross Domain Security for Critical Infrastructure 


Cybersecurity has always been a key concern in the critical infrastructure sector. But in 2021, security is taking on even greater importance, due to the convergence of two factors: the growing need to share operational technology data, and the growing risk of attack by sophisticated threat actors. 

To help critical infrastructure organizations meet these challenges, Owl Cyber Defense is introducing a new class of cybersecurity technology: a cross domain solution for critical infrastructure. 

What’s a cross domain solution? 

A cross domain solution (CDS) is the strongest, most capable security technology available–much more secure and powerful than industrial firewalls or other software-based solutions. A CDS is an integrated solution consisting of a secure operating system and software running on a secure hardware platform. Cross domain solutions are widely used by military commands and intelligence organizations to control the flow of data between networks or devices in different security domains. 

Unlike software-based firewalls, cross domain solutions provide hardware enforced security (using data diode technology) to ensure that data can flow only in the intended direction. Cross domain solutions also provide advanced data filtering and validation capabilities to enforce security policies and neutralize malicious data.  

Until now, the use of cross domain solutions has been limited to military and intelligence operations–in fact, the solutions used by the U.S. government cannot be exported or sold commercially. But to meet the evolving needs of critical infrastructure organizations, Owl has developed a commercially available cross domain solution that provides the same level of control and assurance as a government-only solution. 

IXD—Industrial Cross Domain Solution  

Owl’s new industrial cross domain solution, IXD, takes security to the next level for energy providers, oil and gas companies, transmission and distribution organizations, and other critical infrastructure organizations. IXD provides multiple, simultaneous, one-way or bidirectional data transfers between trusted and untrusted networks, systems, and devices, with support for a wide range of protocols and data types.  

 

Owl developed IXD in response to requests from customers who required a combination of high performance and advanced security capabilities that were not previously available outside the military and intelligence sectors. And IXD is on the job today–a leading U.S. energy provider recently deployed Owl’s IXD solution to provide assured simultaneous transfers of FTP/SFTP, HTTPS, and PI System historian data flows as part of a large-scale cybersecurity enhancement to improve their NERC CIP security posture.  

Learn more about IXD and how Owl is transforming cybersecurity for the critical infrastructure sector.

Air-Gapped Networks and Data Diodes

An air gap is the ultimate cybersecurity measure: a physical separation between a secure  network and any other computer or network. The purpose of an air gap is to eliminate any poss...
June 7, 2021
Dan Crum

Common Criteria Evaluation Assurance Level and Data Diodes

As the world’s #1 provider of data diode technology, we field a lot of questions about Common Criteria (CC) and its “Evaluation Assurance Levels” (EAL) of certification, from EAL1 t...
May 19, 2021

Cross Domain Solution FAQ

Cross domain solutions have protected the world's most sensitive networks and data for more than 20 years. Despite the technology's widespread use within governmental, military, and intel...
April 20, 2021