Due to recent security incidents, there is now a significant debate with regard to what is the best way to protect Industrial Control Systems (ICS).
Generally, the debate focuses on whether networks should be isolated via an Air-Gap, or joined by well-configured Firewall(s) but the debate often misses a third option – Data Diodes.
This great article from Joost Bilj, at Fox-IT provide a background on Data Diodes:
Data Diode Technology Can Help Solve Complex Smart Grid Cyber Security Issues.
Shortly, I will be blogging an article looking at the relative merits of Firewalls, Air-Gaps and Data Diodes in these situations…
An EAL7 Data Diode is available from Nexor.