Fox IT DataDiode

Your confidential information needs to stay confidential. Your critical assets need to remain secure and your Intellectual property has to remain safeguarded at all costs. However, high levels of security often hamper productivity. To date, common practice has been to use a firewall or a so-called air gap (i.e. network separation) as a security measure to prevent data leakage or disaster. The results, however, are not satisfactory. Using a firewall means loosening the reins on security measures to achieve a more fluent workflow, which will put your data at risk. Using an air gap is too impractical. With the Fox DataDiode Appliance, you have a cross-domain solution that reconciles the seemingly contradictory requirements of high assurance and free flow of information. Its guaranteed one-way network connectivity makes sure you can securely and smoothly transfer information in real-time, 24x7. Offering the highest certified level of security and preventing unwanted access to business assets and critical systems. Key features of Fox DataDiode Appliance

• Transfer files (using SMB, FTP/FTPS, SFTP/SCP)
• Transfer email (SMTP)
• Synchronize time (NTP)

New capabilities of Fox DataDiode Appliance version 2.0

• Forward UDP and TCP data streams (e.g. SYSLOG, SNMP, video streams, etc.)
• In combination with additional industrial software modules from Fox-IT replicate Modbus, OPC and OSIsoft PI
• Easy customization possible
• Adjusted proxy server specifications
• Extra protocol support
• Integrated content filtering

Additional improvements in Fox DataDiode Appliance version 2.0

• The multilingual, easy-to-use web interface
• Bandwidth increased up to 890 Mbps

Key features of Fox DataDiode hardware

• Guaranteed one-way network connection, enforced in hardware
• Common Criteria certified EAL 7+
• NATO certified for the SECRET level
• Satisfies the requirements of a data diode as set out in NERC-CIP CAN-0024

Benefits The Fox DataDiode Appliance is unique compared to other unidirectional gateways and data diodes for the following reasons:

• Multiplexable: A single Fox DataDiode setup can support as many protocols and data channels as you wish, as long as the bandwidth permits; some alternative solutions require you to buy a separate diode for every single feature.
• 100% hardware solution: some alternative solutions depend on embedded firmware and are essentially low-level software solutions.
• Common Criteria certification at level EAL7+: alternative solutions are only certified to level   EAL4+ at most.
• Independent vendor: Fox-IT is from an independent state. The Fox DataDiode has been independently evaluated by labs from all over the world, including labs linked to the governments of the US, Russian Federation and India.
• Transparent solution: With the Fox DataDiode, you have clarity upfront. There is a clear distinction between the security guarantee and the solution middleware. Some alternative solutions have blurry distinctions such it is unclear how and where the security claim is guaranteed or implemented.