Hardware Data Diodes.

Safely enforce one-way traffic flow.

Portable hardware data diode

Hardware Data Diode

Network device engineered to safely connect monitoring and cybersecurity sensors to the network. A Hardware Data Diode protects critical systems from inbound cyber threats by enforcing unidirectional traffic flow through physical hardware separation inside the Diode.

Possible

Hardware Data Diode design enforces traffic to flow in one direction: from input port (1) to output port (2) only.

HARDWARE DATA DIODESPANSENSOR12Fig. 1 / DiodePOSSIBLE

Impossible

Hardware Data Diode prevents traffic flow from output port (2) to input port (1).

HARDWARE DATA DIODESPANSENSOR12Fig. 2 / DiodeIMPOSSIBLE— ALLOWED✕ BLOCKED

1 SPAN to one sensor

  • Hardware Data Diode accepts an input from one (1) SPAN Mirror Port and sends the traffic to the out-of-band sensor
  • Hardware Data Diode ensures traffic cannot flow in the reverse direction from the sensor to the network through the SPAN port
SPANHardware Data DiodeREGENERATIONSENSORFig. 3 / SPANREGEN · 1 → 1— ALLOWED✕ BLOCKED

Regenerate 1 SPAN input to two sensors

  • Hardware Data Diode accepts an input from one (1) SPAN Mirror Port and creates two (2) output copies of the traffic from the SPAN port
  • Hardware Data Diode sends the two (2) copies of the packets to two (2) out-of-band sensors - each sensor receives an identical copy
  • Hardware Data Diode ensures traffic cannot flow in the reverse direction from the sensors to the network through the SPAN port
SPANHardware Data DiodeREGENERATIONSENSOR 2SENSOR 1Fig. 4 / SPANREGEN · 1 → 2— ALLOWED✕ BLOCKED

Aggregate 2 SPAN inputs to 2 sensors

  • Hardware Data Diode aggregates copies of traffic from two (2) SPAN inputs sending to two (2) connected sensors
  • Each sensor receives identical aggregated copies
  • Hardware Data Diode ensures traffic cannot flow in the reverse direction from the sensors to the network through the SPAN ports
SPAN 1SPAN 2AggregatorSENSOR 1SENSOR 2Fig. 5 / SPANAGGREGATE · 2 → 2— ALLOWED✕ BLOCKED

Aggregate 8 SPAN to 2 sensors

  • Hardware Data Diode aggregates copies of traffic from eight (8) SPAN inputs sending to two (2) connected sensors​
  • Each sensor receives identical aggregated copies​
  • Hardware Data Diode ensures traffic cannot flow in the reverse direction from the sensors to the network through the SPAN ports
SPAN 1SPAN 2SPAN 4SPAN 5AggregatorSENSOR 1SENSOR 2SPAN 3SPAN 6SPAN 7SPAN 8Fig. 6 / SPANAGGREGATE · 8 → 2— ALLOWED✕ BLOCKED

Hardware Data Diode Benefits

  • Ensures any ethernet packet flows in one direction out the monitoring ports
  • Maintain network integrity for industrial network monitoring and security without exposing additional risk
  • Protect the source of data streams like switch SPAN ports between network segments that have different security requirements
  • No risk of software failure
  • Keep OT networks compliant with industry regulations
  • Small form factor for space constrained deployments
  • Affordable pricing (when compared to software-based data diodes)
  • Install quickly and easily because it is unmanaged hardware

Accessories

Hardware Data Diodes can be outfitted with a variety of accessories to meet any IT or OT deployment requirements.

  • AC Power
  • DC Power
  • Rack Mount
  • DIN Mount (portables only)

Hardware Data Diodes from Garland Technology

  • No subscription, port, or feature Fees
  • Support MSA-compliant Transceivers
  • Suitable for both IT and OT network environments
  • Ensure any ethernet packet type flows in one direction out the monitoring ports
↓ Free Download ↓

Find the architecture that matches your environment.

Seven complete deployment blueprints, from single-port SPAN setups to remote-site tunneling at 100G. Match yours, copy the design.

↓ Get the guide Maximize Network Visibility: SPAN Access Best Practices for Security Tools — free PDF. Download Now