The Interactive-link Data Diode provides a solution for organizations that need to move data from one security domain into a higher security domain. The Data Diode strictly enforces a unidirectional flow of data into the higher security domain, with no return path or “back channel” for data to flow in the opposite direction. As a result, confidentiality can never be breached.
The Data Diode is a 100-MB, fiber-optic hardware device that is connected between two servers attached to their respective security domains. BAE Systems’ Data Pump Applications, installed on these servers, provide a unidirectional mechanism for transmitting different data types through the Data Diode. BAE Systems provides the following basic Data Pump Applications that can be adapted for an organization’s specific requirements:
- E-mail Transfer Application – One-way transfer of SMTP Email
- File Transfer Application – One-way transfer of files of any size
- Data Forwarding Application – One-way transfer of IP packets
- Clipboard File Transfer Application – One-way transfer of clipboard data
An organization can choose one or more Data Pump Applications to operate through a single Data Diode. The software provides many additional features, including:
- Quality of service – Allocate bandwidth across the Diode for each Data Pump Application
- SNMP – Generate SNMP data and traps for network management
- Content filter interface – SMTP MIME interface for the seamless integration of 3rd party Content Filters and Virus Scanners
- Audit and trace logs – Generation of extensive audit and trace logs with support for syslog
- Configuration client – Intuitive administration tool for local and remote configuration of the Data Pump Applications
- System tuning – Tunable parameters to optimize the system for the specific environment
The Data Diode is the first and only product in the world to be awarded the highest security certification of EAL 7+ under the NIAP Common Criteria scheme.