Data Diodes
Federal Solutions
How do I provide guaranteed unidirectional traffic to my security and monitoring tools?
For specific government industries, regulations enforce physical unidirectionality coupled with software that replicates databases and emulates protocol servers to handle bi-directional communication and contains a broad range of cybersecurity features like, secure boot, certificate management, data integrity, forward error correction (FEC), and secure communication via TLS.
In these network deployments, using SPAN simply is not acceptable. SPAN or port mirroring from a network switch are bi-directional, which creates an opportunity for hacking by deploying a device for monitoring or security.
Solution
Data Diode TAPs
Data diode TAPs are a purpose-built network hardware device that allows raw data to travel only in one direction. Data diode TAPs can be used as a traffic enforcer, guaranteeing information security or protection of critical digital systems, such as industrial control systems, from inbound cyber attacks.
A network TAP creates an exact copy of both sides of the traffic flow, continuously 24/7/365 and do not drop packets, introduce delay, or alter the data. They are either passive or “failsafe,” meaning traffic continues to flow between network devices if power is lost or a monitoring tool is removed, ensuring it isn’t a single point of failure.