The data diode wiki: a short history
The data diode, or a unidirectional network to some, has become quite a well-known network security solution. Governmental and military organizations worldwide use data diodes to guarantee a one-way and completely secure connection between two networks. However, these data diodes have not always had their current form. That is why we wanted to give you some more insight into the history of the data diode. Or in other words, offer a data diode wiki.
The first data diodes
The first data diodes were developed by governmental organizations in the eighties and nineties. Because these organizations work with confidential information, making sure their network is secure is of the highest priority. Primary solutions used by these organizations were air gaps, which work perfectly fine if you only have to transfer a handful of data between two networks. And if these two networks aren’t located very far apart. But, as the amount of transferable data increased, and a continuous and real-time data stream became more important, these organizations had to look for an automated solution. Let’s take a military scenario, for example. Tactical information from the battlefield has limited relevancy lifetime – troop locations are likely to change. So any strategic analysis on a larger scale is ideally performed based on data that is as real-time as possible.
So, since connections needed to take place real-time, governments started developing their own ‘home-grown’ solutions, especially in military contexts. These were mostly developed by people in-house and worked fine back then. They are not future-proof, however, especially if you take updates into account. Moreover, data is used differently today and other protocols and interfaces apply. Without updates and maintenance, these home-grown solutions can become useless over time. Still, you would be surprised to know how many of these data diodes are still active today.
Commercial data diode solutions
In the search for more standardization, an increasing number of organizations started to look for a solution that was a better fit for their activities. Preferably a commercial solution created by a stable organization, offering long-term support and regular updates. This was mainly the case for governments, but organizations with critical infrastructures were quick to follow. For nuclear installations, it is now mandatory to implement a data diode, because a hack at such an installation could easily become a matter of life and death on a large scale.
An important driver for the growing awareness about data diodes? Governmental regulations for critical infrastructures. A data diode between product and office environments is a requirement in an increasing number of countries. The United States are very progressive. And Asia and the Middle East are quickly following. In Europe, however, data diode regulations vary per country. Some countries only advise to use a data diode, and others barely even acknowledge data diodes. Cases like the Ukrainian power plant hack prove that taking precautions is necessary. Oftentimes, firewalls are a commonly used network security measure. But they only provide limited protection that can be circumvented by anyone with sufficient patience and knowledge. As demonstrated by recent hacks and malware cases such as Cryptolocker. Firewalls were in place, yet ineffective. Currently, only a true data diode solution provides real peace of mind, by offering proper preventive security combined with functional connectivity.
Due to an increasing demand for a one-way network solution, Fox-IT introduced its first data diode in 2006. Because the first versions proved to be quite successful, Fox-IT decided to expand the product range and proxy servers. By revising the data diode so it would pass the highest level of an EAL certification, for instance.
Today, Fox-IT is working on developing ruggedized data diodes, which are shock and vibration resistant and suitable for operation in the most extreme military and industrial conditions. For high data-throughput demanding customers, the company provides versions that are capable of transferring 10 gigabit of data per second. These are the types of developments that define the future for data diodes in the world.
Want to know more about the 10 gigabit and ruggedized versions of the Fox DataDiode? Visit our download page.