Pure Hardware Data Diode
| Unidirectional Network Separation | ►Unidirectional Separation of networks on OSI level 2 ►Impassable physical barrier through galvanic or electrical separation ►Hardware only – no possibility of human error ►Any unidirectional protocols available: UDP support (Syslog, NTP, SNMP traps) |
| Multiple Uses | ►Media streaming or CCTV monitoring. ►Data transfer from ICS/SCADA networks to IT networks. ►File transfer for data storage replication or software updates ►Secure log collection to administrative or audit network ►Sensor data transfer from lower classified network to higher classified network |
| Compliance | ►Enables compliance with NERC CIP, IEC 62443, NRC 5.71, NIST 800-82r2, CFATS, ISO 19790 levels 1-4, ISO/IEC 15408 EALs 1-7, others |
| V Two separate power supplies (to mitigate against side-channel attacks) | V 1Gbit ,10Gbit or 100Gbit throughput | |
| V Ultra low latency | V Ruggedized options (Airborne, Tactical certified) | |
| V High Availability (Optional redundancy) | V Fiber optical or Copper interface |
ES Data Diode Use Case
Our customer had powerplant-level cyber security compliance requirements, yet wanted to securely access the OT environment remotely to leverage big data advantages:
◊ Scada Historian Server is located in the operational network
◊ Historian server collects all telemetry from PLCs
◊ The SCADA telemetry data is transported in real time using one-way protocols (e.g. Syslog over UDP) via ES Data Diode to the replication Server
◊ Telemetry from safety-critical networks captured in real-time and sent across the globe for monitoring and analysis
