Information security products
IT security solutions in UAE
Home >> Solutions >> Secure One-Way Communication

Secure “One-Way” Communication


Fox DataDiode for Government High Security Networks

The Fox DataDiode is an elegant solution for the high security transfer for data between networks. Central to the Fox DataDiode solution is the Fox Hardware DataDiode, a unique hardware-based, communication device, which operates in a unidirectional mode and makes use of a gigabit optical data link to transfer data in a single direction (hence the term 'diode'), between a low-security network and a network with a high-security level. Needless to say, this solution can also be used where both networks have the same level of security. The Fox Hardware DataDiode can deployed in combination with two Intel-based Proxy Servers where one is connected to the low-security (black) network and the other to the high-security (red) network.

The Fox DataDiode offers security and data integrity, enhanced through the use of event logging, and error detection and correction. It also boasts an easy transfer procedure and user-friendly interface. Furthermore, users of the receiving (red) network are able to receive e-mail from outside their network, print locally or access frequently used websites or databases, all without exposing their high-security network to outside risks or threats.

Features and Benefits

In a nutshell, the Fox DataDiode offers the following features and benefits:

  • Unique hardware-based, one-way data link.
  • Error detection and correction for data integrity.
  • Time synchonisation for the high-security network.
  • Event logging and SNMP traps on both sides of the data transfer.
  • Easy to use web interface for users, administrators and auditors.
  • Approved by the NL-NCSA, BSI, Common Criteria EAL 7+, and up to and incl. NATO SECRET.
  • No need for time-consuming, risky and expensive manual transportation of data e.g. USB-stick.

To place things in perspective, it is useful to review the current alternative: the manual air-gap data transfer procedure. In addition to the effort, time and cost involved, this form of data transfer also introduces security risks through possible loss of portable storage media, or their incorrect disposal. Moreover, this type of transfer is neither continuous, nor is it conducted online nor in real-time.

Fox DataDiode solution

The Fox DataDiode basic solution consists of three elements:

  • Hardware Data Diode
  • Data Diode proxy Servers
  • Data Diode Software

The basic solution can be augmented with additional application servers to add specific functionality to one-way transfer.

Fox DataDiode for Critical Process Control Systems

Continuity is essential to Critical Process Control Systems such as power plants, water treatment facilities, gas and oil refineries and public transport. Improving IT-security measures can raise the continuity level further. An effective improvement to IT security is to physically disconnect the Process Control Systems (PCS) from other networks. Unfortunately a contradictory requirement is faced: the need for information sharing from PCS networks.

By implementing the Fox DataDiode automation application you can disconnect the critical part of your infrastructure from other networks while still having access to the information from that critical part. This is an effective way to enhance the security level of your network and securely share more information. Your PCS network is disconnected from cyber threats!

The need for sharing information in PCS

Information from sensors, monitoring systems and logging is necessary to share from the PCS network with other systems. Some scenarios in which this information may be needed are; alerting, providing customers with up-to-date information, remote vendor support and backing up of systems. Undeniably the need for sharing information is there and its requirements will only continue to increase.

How to resolve the contradictory requirements

A solution to the two aforementioned trends is to connect a PCS network to other networks using a one-way network connection. This enforces the air gap from the perspective of the intruder and allows for information sharing from a business perspective. This can be done by using the Fox DataDiode.

For more information about the Fox DataDiode solution, please contact us at