SDoT Diode

The fastest software based Data Diode in the World with a German, EU and NATO SECRET accreditation

The SDoT Diode is developed and manufactured in Germany following the Security by Design principle.

As an unidirectional security gateway the SDoT Diode allows government, defense and critical infrastructure clients to maintain their confidentiality and integrity requirements for data provision or receipt in digitization and Industry 4.0 projects.

Contrary to firewalls or bi-directional security gateways, data diodes don’t filter data according to policies that require continuous maintenance. Instead a high degree of security is achieved by segmenting systems according to protection levels and enforcing unidiretional data flow.

Features

9.1 Gbit/s
Multi Protocol
Secure Architecture

Since the 1980s data diode design follows the same hardware level separation principle. A fiber optic cable is used to enforce a physical separation between domains and enforce unidirectional data flow. In electronics a diode is a component that only allows current to flow in one direction. A data diode could also be created by cutting copper-leaders in a cable but that could still present a risk as they are not galvanically separated.

Although the old approach to data diodes ensures physical separation of networks without a return channel, it doesn’t meet today’s requirements for bandwidth, reliability, space, project implementation speed or bi-directional protocols.

In contrast, the SDoT Diode, as a next generation data diode, ensures logical separation of networks without a return channel due to its unique and evaluated security architecture. Side channel attacks are prevented through the minimized kernel. The SDoT diode allows fast and high-performance unidirectional data transfer via numerous protocols in a compact form factor between two security domains. It also offers additional functions such as HTTP response status codes.

In the field of critical infrastructures (e.g. factories, oil platforms, power stations, water treatment plants), the opposite is the case. Data from the isolated area with the industrial control systems (OT) are supposed to be made available for unclassified systems or the cloud.

 

  SDoT Diode
Housing
Type1 U, 19" Rack Mount
Materialstainless steel (non-magentic optional), powder coated
Size438 x 573 x 43.6 mm incl. power supply
Weightapprox. 9.5 kg / 20,9 lbs
Performance
SpeedUp to 9.1 Gbit/s
ProtocolsTCP, UDP, SMTP/S, HTTP/S (more via proxy server)
LANFiber or RJ45
Power supplyRedundant, 100-240 VAC, 50-60 Hz, 5-3 A
CoolingActive fan
Power input95 W
Other
TemperatureOptimized for complex missions
HumidityOptimized for complex missions
VibrationYes
ShockYes
StandardsCE, ROHS, REACH, ISO 9001, EAL4+
NATO MCM #BSI-VSA-10340
BSIBSI-VSA-10340
AccreditationsGerman SECRET, NATO SECRET, EU SECRET

Use-cases

In the public sector especially in defense, intelligence and homeland security, data diodes are generally used to provide data from sensors or unclassified systems (LOW) to a classified system (HIGH). The top priority is to protect classified data in HIGH and prevent it from leaking to LOW under all circumstances.

The reverse is the case in critical infrastructure (e.g. factories, oil & gas platforms, power plants, water treatment plants). Data residing in the mission critical industrial control systems (HIGH) must be made available for IT systmens or the cloud (LOW) through a data diode.  This could be machine data for monitoring in a remote supervisory command center or predictive maintenance in a big data analytics solution. The top priority is prevent access from LOW to the industrial control systems (HIGH) under all circumstances.

  • Database replication / updates
  • Transfer of sensor data (e.g. Radar, ELINT, Satellite)
  • Lawful interception
  • Video / Audio streaming
  • Remote Screen View / Website mirror
  • Patchmanagement and malware signatures
  • Logging and backup
  • Secure printing
  • Database / Server replication (e.g. OPC, Modbus, Historian)
  • Transfer of OT data
  • IT service management
  • Managed security services (SIEM to SOC)
  • Video / Audio streaming
  • Remote Screen View
  • Patchmanagement and malware signatures
  • Logging and backup
  • Secure printing

Test the SdoT Diode now

Schedule POC

Request a proposal

Contact Sales

Discuss use-case

Contact a Solution Architect

 

Relevant products

SDoT Security Gateway

Bi-directional data exchange and filtering of structured and unstructured data objects with security labels.

Learn more

PATCH.works

Automatic and secure patch management of isolated domains

Learn more