Diode Applications: Secure Network Monitoring

For the third article in the Data Diode blog series, I explore Audit and Monitoring between Domains.

Continue reading “Diode Applications: Secure Network Monitoring” →

Diode Applications: Secure Windows Updates

In this blog series, I have been exploring applications for Data Diodes. This week, I look at the issue of getting Windows Updates into a segregated network — securely.
Continue reading “Diode Applications: Secure Windows Updates” →

What is the difference between a Guard and a Gateway?

Guards and gateways are full application layer proxies that connect to two or more networks. They accept data passed on an inbound network interface, ‘process it’, and then pass data to the outbound network interface. The difference between the two is in the ‘process it’ step.
Continue reading “What is the difference between a Guard and a Gateway?” →

Nexor in Touch

An article about a Nexor solution deployment in the FCO Services has been published in the Microsoft Technology in the Public Sector Magazine – Touch.

Continue reading “Nexor in Touch” →

Diode Applications: Secure Remote Camera Control

In this blog series, I will explore applications for Data Diodes. In the first of the series, we’ll look at providing secure access to remote CCTV cameras, in unsecured location.
Continue reading “Diode Applications: Secure Remote Camera Control” →

Yet Another Stuxnet Article

A lot has been written about Stuxnet, one of the big revelations was the malware had jumped an air-gap. The on-going debate is whether air-gaps work, or would joining the networks in a controlled way REDUCE the vulnerability.

Continue reading “Yet Another Stuxnet Article” →

The Need for Network Segregation in Critical Infrastructure Systems

A recent article in the NY Times claims:

The vast majority of targeted computer attacks now start with a malicious e-mail sent to a company employee. Now evidence suggests that the same technique could be used to attack watersheds, power grids, oil refineries and nuclear plants.

This cannot be allowed to happen, here I explore the issue in a little more detail.

Continue reading “The Need for Network Segregation in Critical Infrastructure Systems” →

Air Gaps, Firewalls and Data Diodes in Industrial Control Systems

Nexor have just released a briefing paper Air-Gaps, Firewalls and Data Diodes in Industrial Control Systems looking the issues around segregating industrial control system networks. What works best: Air Gaps, Firewalls or Data Diodes?

Continue reading “Air Gaps, Firewalls and Data Diodes in Industrial Control Systems” →

Can you trust a $1612 Data Diode?

The Data Diode technical model to achieve a one way network connection is relatively simple. However when you start to consider trust and assurance, it gets more complex.

Continue reading “Can you trust a $1612 Data Diode?” →

DIY Data Diode for $1612

Is it viable to build a Data Diode for $1612?

Continue reading “DIY Data Diode for $1612” →