Learn About Cross Domain Solutions

Cross domain solutions (CDSs) are secure data transfer devices designed to assure the integrity and data confidentiality of sensitive networks. They are used to secure connections between domains of differing security levels or classification, using sophisticated content inspection and filtering mechanisms that go far beyond those of standard network security tools, such as firewalls.

What is a “Cross Domain Solution” (CDS)?

icon

The U.S. National Institute of Standards and Technology (NIST) defines cross domain solutions as:

“A form of controlled interface (a boundary with a set of mechanisms that enforces the security policies and controls the flow of information between interconnected information systems) that provides the ability to manually and/or automatically access and/or transfer information between different security domains.”

Do I Need a CDS?

Are you transferring data between domains that do not trust each other (two - or more - parties)?

Cross domain transfer of information helps make otherwise siloed data persistently available regardless of security level or geographic location. However, data transfers between networks of differing security levels requires complex control mechanisms. This is why CDSs were created.

Do you require content filtering?

Content filtering is one of the key differentiators of cross domain solutions from other network security solutions. It enables the removal, redaction, destruction, logging, and/or quarantine of unauthorized or malicious data from the data flow. There are both standard data filters that have been developed by government agencies and standards bodies, and custom filters which can be designed for fit-for-purpose applications.

Who uses a CDS?

Today, certified CDSs are in use across the U.S. Government, Intelligence Community (IC), and DOD to transfer data both high-to-low and low-to-high. There are also derivative CDS technologies in use in critical infrastructure, commercial, and international defense and intelligence applications, providing secure data transfers between vital networks.

How are CDSs Different?

What distinguishes CDSs from other network security devices, such as firewalls and data diodes, is the combination of security technologies, including bidirectional network- and application-layer traffic and data filtering, trusted operating systems, logging and auditing, and typically a hardware-enforced domain separation (with a data diode), to provide layers of assurance rather than a single checkpoint on network access.

Context-appropriate Security enforcing Mechanisms

Leverage industry-leading expertise to enable unmatched security in your sensitive networks. Discover more about our Custom Data Filtering Services

  • Policy enforcement
  • Known-good / whitelisting
  • Content filtering & quarantine
  • Data transformation & normalization
  • DLP
  • Data provenance
  • Protocol break
  • Flow control

Security Architecture and Design

Comprehensive security assessment of system architecture and configuration for all aspects of operating systems and platform security. Discover more about our Security Architecture Assessments

  • Defense in depth
  • Secure by design
  • Redundant
  • Always-Invoked
  • Non-bypassable

System Assurance and Secure Operation

Custom security assessments of integrated systems and applications to inform actionable decisions. Learn more about the Owl System Evaluation, Exploitation, and Research (SEER) Laboratory.

  • Independent assessments and LBSA
  • Trusted platforms (OS) & components
  • Secure administration
  • Self-protection
  • Secure failure
  • Opaque operation
  • Regular maintenance, training & support

Defense in Depth

As a cybersecurity best practice for all systems, it’s vital to implement multiple layers of diverse defenses to prevent compromise from a single point of failure. This includes everything from the OS and hardware to the applications and data filters.
“RAIN”
Redundancy
Redundancy, especially within an air-gapped data transfer system, prevents a single side failure from impacting the security controls on the other side of the device.
Always-Invoking
By always-invoking security, there is no chance that a threat could sneak through under the guise of a trusted file or data stream.
Independent

Each function within the transfer and filtering must be created and implemented independently, reducing or eliminating a single point of failure by compromising a single component or programming code.

Non-Bypassable

CDS security measures must be non-bypassable, including within the data stream, the device hardware, and the physical environment, or a threat could find and exploit “backdoors” and other circumvention methods.

What are Cross Domain Solutions used for?

Cross domain solutions transfer data between a secure/trusted network (including classified networks) and other domains of differing security level or policy. They can transfer any data type, from unstructured files to structured data, to streaming media. CDSs were developed specifically for use in critical and national security networks where reactive security measures, such as firewalls, SIEM, and IDS, are not sufficient to proactively ensure the security of a trusted domain.

Structured Content Filtering

Uniform content or “fixed format” messages, including text or schema-based XML, is filtered using a process known as linear pipeline. This straightforward approach applies a series of filters and checks in order, each separated into isolated, independent tasks, with handoffs from one to the next.

Unstructured Content Filtering

Complex content or unstructured data, e.g., MS Office, PDF, or imagery, is broken down into more basic elements and filtered using a process known as recursive decomposition. This divide and conquer approach involves decomposing data so that it can be inspected using standard content filters. In some cases, custom filters may still be required for specific data formats.

Streaming Content Filtering

Streaming content including FMV and UDP-based video, sensor data, and other real-time data types with or without metadata. Provides data inspection and sanitization using validated data schemas to ensure data is “clean” prior to transfer.

Products: