Learn About Data Diodes
A device with two nodes or circuits—one send only and one receive only—that allows the flow of data in one direction only, from a source to a destination.
It is perhaps simplest to think of data diodes as one-way valves for data, allowing data to flow out, without a way back in.
What are data diodes used for?
Data diodes are used to segment and defend networks, and transfer information in one direction. They allow data to be sent from a secured network/segment to external systems and users (e.g. the cloud, a remote monitoring facility, regulatory bodies), without creating a threat vector back into the secured network.
Data diodes can be used to protect network segments of all sizes, from a single controller to an entire facility.
Why are data diodes superior to firewalls?
What is a
Simple Data Diode?
The simplest example is a modified RS-232 cable.
RS-232 cables only contain three pins: transmit, receive, and ground. If the receive pin is removed, then data can only physically be transmitted and not received.
While secure, the problem is that the protocols used over the connection are expecting responses that are no longer being provided, causing them to malfunction.
How is an Owl Data Diode different?
An Owl data diode goes way beyond a disabled cable; it is a hardware-based electronic device designed with two separate circuits–one send-only, and one receive-only–which physically constrain the transfer of data to one direction only and form an “air gap” between the source and destination networks. Owl provides a multi-layered, patented approach to the design of our data diodes.
Over the last 20 years, Owl has been developing and refining data diode technologies, consistently well ahead of any other competing solution. Owl solutions feature transfer rates at up to an industry-leading 10 gigabits per second, with a packet transfer latency of 2 milliseconds or less. In addition, the reliability, high bandwidth, and low latency of Owl solutions means packets never require retransmission, creating a highly tuned and optimized solutions with zero data loss when operating within the specified bandwidth rate.
One-Way in a Two-Way World
In order to address the expected “handshakes” or acknowledgments of two-way protocols in a one-way system, an Owl data diode employs a proxy computer on both its send and receive sides.
The source communicates with the send side proxy of the data diode. That two-way protocol is then converted to a one-way data transfer across the data diode to the receive side. Then the receive side proxy initiates a new two-way communication with the destination and completes the data transfer.
But what if I need
to send data two-ways?
Some systems cannot operate one-way, so they require a two-way solution. For these use cases, Owl has a unique bidirectional data diode solution – ReCon – that operates on two parallel one-way paths. Get all the security advantages of data diodes with the flexibility of a two-way solution.
What about Cross Domain Solutions?
Owl’s proven, hardware-based data diode technology is an intricate and differentiating part of Owl cross domain solutions (CDS).
The function of a cross domain solution is to move information in one direction from one network domain or enclave to another, most times changing from one security level to another, either to a higher or lower level (unclassified-NIPRNet to Secret-SIPRNet, Secret to Top Secret-JWICs, etc.).
Owl offers a series of data diode cross domain solutions, from high-bandwidth server based solutions, to all-in-one appliance solutions, including highly mobile tactical solutions and even miniaturized solutions.