Cross Domain Solution FAQ

Cross Domain Solution FAQ


Cross domain solutions have protected the world’s most sensitive networks and data for more than 20 years. Despite the technology’s widespread use within governmental, military, and intelligence organizations, many security professionals are unfamiliar with cross domain solutions and what sets them apart from other security products.

As the industry leader in cross domain solutions, Owl Cyber Defense has unmatched expertise in designing and implementing this critically important technology. Here, we’ll answer some of the most common questions we hear about cross domain solutions. When you’re ready for a deeper dive, be sure to check out our Learn About Cross Domain Solutions page and our Definitive Guide to Cross Domain Solutions.

What is a cross domain solution?

A cross domain solution (CDS) is an advanced cybersecurity device that controls the flow of data between different network domains. Cross domain solutions are essential for securing the transfer of sensitive information in military and intelligence operations, and in other situations where high-value data must be exchanged across network boundaries.

How do cross domain solutions work?

A cross domain solution consists of trusted software components and a secure operating system, running on a secure hardware platform. Data flowing from a high-security domain to a lower-security domain is filtered to ensure that no data is shared in violation of the organization’s security policies. Data flowing from a lower-security domain to a higher-security domain is sanitized to prevent malicious data from entering the secure network.

Who uses cross domain solutions?

Cross domain solutions were developed specifically for use in United States military and intelligence operations. Today, cross domain solutions are also in use in critical infrastructure, commercial, and international defense and intelligence applications, providing secure data transfers between vital networks.

What types of data do cross domain solutions protect?

Cross domain solutions are used to protect sensitive data in a variety of formats:

  • Fixed format data includes sensor data, weapon system data, and other data types that follow well-defined formats and typically must be transferred at very low latency. Cross domain solutions can also filter and sanitize chat communications across domain boundaries.
  • Streaming data includes streaming video (for example, from a surveillance camera or drone), voice and video telecommunications, and streaming XML data.
  • Complex data consists of MS Office documents, PDFs, email messages, and other forms of unstructured data that often combine multiple components (for example, images embedded in a Word document).

Cross domain solutions are equipped with specialized software components to perform the necessary inspection and remediation for the data types they are used to protect.

How is a cross domain solution different from a firewall?

Cross domain solutions provide much higher levels of protection and assurance than firewalls. Firewalls may provide adequate protection for some commercial applications, but as they’re based on commercial software and operating systems, they are vulnerable to a wide range of flaws and exploits. Cross domain solutions include specialized hardware and software components that deliver the highest possible level of protection for mission-critical data. For a closer look at the differences between cross domain solutions and firewalls, read Cross Domain Solutions vs Firewalls.

How are cross domain solutions tested?

Cross domain solutions used in U.S. military or intelligence operations must pass a rigorous testing process known as a Lab-Based Security Assessment (LBSA). LBSA testing is administered by the National Cross Domain Strategy Management Office (NCDSMO), a unit of the National Security Agency. If a CDS passes LBSA testing, it can be included on the “Baseline List” of solutions certified for U.S. intelligence and defense use.

What is Raise the Bar?

Raise the Bar (RTB) is a strategy defined by the NCDSMO for improving cross domain solution security and capabilities. RTB requirements are being implemented over a period of several years to ensure that U.S. military and intelligence data is protected against emerging cybersecurity threats.

One of the most significant RTB requirements is that all data being sent to or from a high threat network (such as the internet or an unclassified governmental network) must pass across a hardware-enforced one-way transfer mechanism. Every cross domain solution offered by Owl Cyber Defense includes a data diode with a true protocol break, as called for in RTB guidance.

Can cross domain solutions support full motion video?

Yes, cross domain solutions can support streaming full-motion video from UAVs, GoPro-style cameras, and other sources. Owl’s CDFMV is the only cross domain solution that supports full motion video transfer and meets Raise the Bar requirements.

What’s the difference between a high assurance guard and a cross domain solution?

The terms “high assurance guard” and “cross domain solution” are used interchangeably by some organizations. However, some products sold as high assurance guards may be software-only solutions, and may not meet the updated requirements for cross domain solutions under Raise the Bar.

Can other organizations use military cross domain solutions?

Cross domain solutions used by U.S. military and intelligence operations cannot be exported or sold for commercial purposes. There is an exception for governmental use within the Five Eyes countries (U.S., U.K., Canada, Australia, and New Zealand); otherwise, cross domain solutions used for foreign nation or commercial use must use different hardware and software components.

XD Guardian from Owl Cyber Defense is the only RTB-ready cross domain solution available for foreign military and commercial use.

What is the best cross domain solution for my organization?

To see how Owl solutions can help your organization meet its security goals, explore our industry-leading CDS products:

  • XD Bridge: LBSA-tested, RTB-ready cross domain solutions for U.S. military and intelligence operations.
  • XD Guardian: the industry’s only exportable, RTB-compliant cross domain solution.
  • XDE: embeddable technology that puts cross domain security inside industrial controls and military assets.

 

Insights to your Inbox

Stay informed with the latest cybersecurity news and resources.

New Hardware Tech Can Shield Renewable Energy Systems

Renewable Energy, Reliable Protection: Cybersecurity for Green Power Generation The power industry is no stranger to cybersecurity. Given its essential role in every aspect of daily li...
December 2, 2021
Dennis Lanahan VP, Critical Infrastructure

Cybersecurity for Renewable Power Generation

The power industry is no stranger to cybersecurity. Given its essential role in every aspect of daily life, the industry follows strict guidelines for securing networks and devices that c...
November 23, 2021

Elevating the Federal Cybersecurity Discussion

We were thrilled to co-sponsor a compelling event–in person and virtually–with FCW that showcased senior-level cyber leaders from federal defense, civilian and intelligence agencies. ...
November 2, 2021