Securely Monitor, Access, and Update an Isolated Data Vault

Owl and Dell Technologies have partnered to provide organizations with hardware-enforced cybersecurity to securely monitor, update, and remotely access their Cyber Recovery data vault.

Dell_Technologies_logo

Cyber Recovery Data Vault

Dell EMC’s PowerProtect Cyber Recovery Vault physically isolates data from the attack surface so organizations can quickly identify a clean copy of data and recover critical systems to resume business operations. Cyber Recovery provides an automated air gap with data isolation and governance, CyberSense analytics and machine learning to monitor data integrity, and forensic tools to discover, diagnose, and remediate ongoing attacks.

OWL-Logo-Secondary-Horizonal-OnBlue

Data Diodes

Owl data diodes provide hardware-enforced cybersecurity that enables organizations to securely monitor, remotely access, update software, and synchronize time in a Cyber Recovery data vault. Data diodes enable secure, one-way data transfers to and from the vault without introducing new threats to the air-gapped vault architecture. System health information can be transferred in real-time so log files and SNMP data can reach SIEM platforms without delay.

Why Pair Owl Data Diodes with Dell’s Cyber Recovery Data Vault?

Learn more about the four common use cases below.

Secure Monitoring & Reporting

Monitoring the vault is extremely important to identify suspicious activity and monitor performance and system health information. However, with an air-gapped vault architecture, reporting would typically need to be performed in person at the physical location of the vault for the highest level of security. The OPDS-1000, Owl’s multi-purpose data diode, eliminates the need to be at the vault site and provides hardware-enforced, one-way data transfers of malware detection reports and system health information to security staff. Hardware-enforced data diodes securely transfer data in real-time via SMTP (email), Syslog, SNMP traps, through a one-way only, optical connection to a security operations center for secure remote monitoring. Unlike software-based solutions, hardware-enforced data diodes prevent threats from entering back into the air-gapped security network.

Secure Remote Access

In addition to remotely monitoring the vault, some organizations require remote access into the vault. Software-based, bidirectional solutions, like firewalls, can pose risk to the air-gapped architecture of the vault and introduce new threat vectors to the environment. Software-based solutions can be configured for connections and protocols of any type, initiated from either side of the vault, increasing the risk of being hacked. ReCon, Owl’s bidirectional data diode, is comprised of two, one-way data diodes pointed in opposite directions, all in a 1U rack-mountable device. No routable information crosses the security boundary and configuration is separated for the source and destination sides, providing an additional level of administrative segmentation. Connections can only be initiated from the source side and both sides need to agree on the configuration for a TCP session to work end-to-end.

Secure Software Updates

For organizations that need a reliable and secure method to verify and transfer software patches into the vault, Owl’s SSUS solution provides hardware-enforced one-way transfers for files. SSUS uses Owl’s data diode technology to transfer the file(s) across the security boundary into the Cyber Recovery vault. An administrator maintaining the vault would request a hash code from the software vendors which are then independently entered into a manifest on SSUS. When a file is copied onto the SSUS solution for transfer, SSUS calculates the hash of the file, compares it to the hash in the manifest, and if it matches, transfers the file to the vault through the hardware-enforced SSUS data diode.

Time Synchronization in the Vault (NTP)

Time is critical in a data vault. You may need to perform a recovery and collect historical data from a certain time period. Or in the event of an attack, you will need to analyze logs to identify and eradicate that attack, making time synchronization in the vault critical to those scenarios. Owl’s Network Time Protocol (NTP) solution is a hardware-enforced data diode that points one-way into the vault, takes a trusted source of time from the production network (SOC, GPS device), and relays that time to a node sitting on the vault side. That node inside of the vault then becomes the NTP server and can be used as a source of time within the vault.

Interested in including data diodes in a Cyber Recovery opportunity?

Fill out the form and a member of our team will be in touch with a quote.