Tag Archives: Data Diode

Secure Delivery of a Payload via a Protocol Break

21 Oct

A secure information exchange consists of two distinct elements: the information you need to convey – the payload, and the technical method used to carry the payload – the protocol. Attackers wishing to break into your network can exploit either of these: the protocol or the payload.

In this blog we briefly look at protecting protocol-based attacks. In a future blog we will look at content-based (payload) attacks.

Continue reading

Diodes are Diodes, Guards are Guards

15 Sep

Over the last 3-5 years Data Diodes have grown in popularity as a solution for moving data between isolated networks. With this has come creative marketing to leverage the term ‘Diode’ for solutions that are anything but.

Let’s just take a few moments to revise some of the fundamental modes of secure information exchange.

Continue reading

Diode Applications: Secure Printing

12 Nov

In this blog series, I have been exploring applications for Data Diodes.  This week, I look at the issue of printing between different networks.

Continue reading

Diode Applications: Secure Network Monitoring

10 Oct

For the third article in the Data Diode blog series, I explore Audit and Monitoring between Domains.

Continue reading

Diode Applications: Secure Windows Updates

27 Aug

In this blog series, I have been exploring applications for Data Diodes.  This week, I look at the issue of getting Windows Updates into a segregated network — securely.
Continue reading

What is the difference between a Guard and a Gateway?

13 Aug

Guards and gateways are full application layer proxies that connect to two or more networks.  They accept data passed on an inbound network interface, ‘process it’, and then pass data to the outbound network interface.   The difference between the two is in the ‘process it’ step.
Continue reading

Nexor in Touch

27 Jun

An article about a Nexor solution deployment in the FCO Services has been published in the Microsoft Technology in the Public Sector Magazine – Touch.

Continue reading

Diode Applications: Secure Remote Camera Control

13 Jun

In this blog series, I will explore applications for Data Diodes. In the first of the series, we’ll look at providing secure access to  remote CCTV cameras, in unsecured location.
Continue reading

Yet Another Stuxnet Article

21 May

A lot has been written about Stuxnet, one of the big revelations was the malware had jumped an air-gap.  The on-going debate is whether air-gaps work, or would joining the networks in a controlled way REDUCE the vulnerability.

Continue reading

The Need for Network Segregation in Critical Infrastructure Systems

16 Apr

A recent article in the NY Times claims:

The vast majority of targeted computer attacks now start with a malicious e-mail sent to a company employee. Now evidence suggests that the same technique could be used to attack watersheds, power grids, oil refineries and nuclear plants.

This cannot be allowed to happen, here I explore the issue in a little more detail.

Continue reading


Get every new post delivered to your Inbox.

Join 476 other followers