Robust information security at network boundaries

Data Diode Optical Assembly

Controlled Interfaces LLC (CI) offers newly patented data diode hardware comprising optical fibers and Commercial Off The Shelf (COTS) network interface electronics that is fully compliant with NIST Security Controls and verifiable by visual inspection. Specialized electronics are no longer required, even at the fastest data link speeds available using COTS optical transceivers, now exceeding 200G.

CI hardware diodes are not media converters. They are all-optical, very fast, and may be packaged in a variety of small form factors.

What is a Data Diode ?

Data Diodes, also known as Unidirectional Gateways, allow information to flow forward but not backward through network interfaces. They have long played beneficial roles in securing network boundaries of critical infrastructures in both military and industrial settings.

Data Diode Concept

Hardware data diodes cannot be breached by any form of software attack; presenting robust security and enabling data transfer across network boundaries while maintaining network isolation. Their use is often recommended by the NSA and they are required by the NRC to protect the critical Industrial Control networks in US nuclear powerplants.

Why Controlled Interfaces ?

Unlike prior art, CI technology uses optical fibers to connect Commercial Off The Shelf (COTS) network interface electronics in a novel way to create a data diode that is fully compliant with NIST Security Controls and verifiable by visual inspection. Rather than developing its own electronics, CI technology relies on “best of breed” COTS electronics from vendors whose technology advancement is driven by the general economy of network communications and does not require additional development to achieve highest levels of performance and reliability.

Data Diode Kit

Advantages

CI data diodes complement a broad variety of cybersecurity technologies from other vendors: including data filters, routers, firewall systems, and Cross Domain Solutions. Tested configurations include 100G links between Arista network switch platforms and 10G links between SABI-accredited SELinux server platforms.

CI optical components are also backward-compatible with most computing or switching platforms that already present optical network interfaces. That means data diodes can be added to legacy IT infrastructures to improve their cyber security posture with few configuration changes and minimal impact to risk assessment/approval certifications already in place.

CI technology is fully functional, non-ITAR, and fast enough to secure hybrid cloud and edge technologies.

Data Diode deployment at enterprise scale now economically feasible.

For more information