Data Diodes
FiberPlex FPSW-DDC Data Diode Controller Proxy Software



The FiberPlex Data Diode Controller is purpose-built proxy software for unidirectional cross-domain networking. It enables secure file transfer, data extraction and log export to be proxied over UDP unidirectional Data Diode segments.


Overview

The Data Diode Controller is a proxy software application designed to facilitate efficient and secure data transfer through Ethernet based data diodes.  It offers tailored network segmentation and cross domain cyber security solutions across diverse installation environments.

Persistent cybersecurity requires closing off or isolating networks using air-gap solutions.  Completely closed off networks, present a unique set of challenges in the era of IP Video, Big Data and AI.  It is inconvenient if all interactions with an isolated network must be performed manually and doing so introduces the risk of human error.

These challenges are addressed using Data Diodes, including the Patton SFX Data Diode SFP, which provides for physical layer network isolation, while providing for one-way (uni-directional) transfer of data across network domains.  This approach preserves the protective characteristics of airgap network separation, while enabling persistent unidirectional data flow ensuring access to the secure network is denied. 

The problem is most data transfer protocols rely on bidirectional communication to facilitate data flows, complicating efficient utilization of hardware-based layer 2 data diodes. 
 
Patton’s solution is the FiberPlex DDC Data Diode Controller software.  This software enables the automation of unidirectional data flows.   The controller software proxies or converts between bidirectional and unidirectional data flows, which reduces the complexity of cross domain implementation.
 
The software together with various service packages enable Secure File Transfer Protocol (SFTP), Network File System (NFS), Server Message Block (SMB), Simple Mail Transfer Protocol (SMTP), and other protocols to be emulated over uni-directional links.  The controller software is fully customizable to support unique or proprietary uses cases.
 
When used in conjunction with the Patton SFX Data Diode SFP module, or other Ethernet-based (layer 2) data diodes the solution enables flexible and scalable unidirectional network solutions for a variety of secure cross domain scenarios.
 
The FiberPlex DDC can either be designed into a new system, serve as an additional component in an integrated solution, or extend an existing installation of layer 2 data diodes to deliver enhanced functionality.  With support for a wide variety of hardware platforms, the Data Diode Controller installation can easily be optimized for customer specific requirements.


Applications
The Data Diode Controller acts as a proxy enabling file transfer and other protocols over UDP and across uni-directional data diode links


Features
  • Software Control for Data Diodes - Layer 2 Data Diodes require unidirectional network protocols such as UDP. To support other protocols, Patton’s Diode Controller delivers “proxy services” to support alternative protocols over the uni-directional UDP links.
  • Optimal Ethernet Cross-Domain Transport - The solution is optimized for wire-speed secure data transfer over Ethernet-based Data Diodes, such as the Patton SFX.
  • Multiple Applications Supported - Manage and run a growing library of software services for multiple standard or proprietary use cases.
  • Multiple Services Support - Services to be used in combination with other products. The service software enables the use of other internet protocols.
  • Standard UDP & TCP Services - Forwards unidirectional UDP or TCP data through a Data Diode, from one or more sources to a single destination.
  • File Transfer Services - Moves files from the source domain through a Data Diode to the destination domain proxied over UDP.
  • MQTT Services - Transfer messages from the source domain through a Data Diode to the destination domain.
  • OPC UA Services - OPC UA enables PLC-specific protocols (such as Modbus, DeviceNet, etc.) into a common API allowing HMI/SCADA systems to convert generic OPC read/write requests into device-specific requests. Transfer node value updates and events from the source domain to the destination domain. In the destination domain either binary encoding over TCP, or JSON encoding over MQTT can be used to transport OPC UA data.
  • Standard and Proprietary Protocol Support - The Data Diode Controller can proxy standard file transfer and data extraction communication protocols and can be customized to support special or proprietary protocols.
  • Hardware or Virtualized Servers - Runs on standard servers, clouds or custom appliances with integrated Data Diodes.
  • Source and Destination Proxy Servers - The Controller Software runs on standard or virtualized Servers connected to the Source Network (Upstream) and the Destination Network (Downstream). The Upstream Server encodes bidirectional protocols over unidirectional links for transport across the Data Diode. The Downstream Server receives and decodes the unidirectional data into its original format and protocol.
  • Architected for Simplicity - Designed to facilitate a cross-domain uni-directional system design to simplify deployment with little or impact on existing systems.
  • Highly Secure - Always-on data encryption between up- and downstream software controllers. Developed and maintained according to IEC 62443 4-1 to ensure secure development and maintenance.
  • Easy to Install, Scale and Manage - Light computer resources mean you can easily scale installations. System management and configuration tools are designed to make managing multiple large installations simple and fast. Enabled SNMP allows for centralized monitoring of the System.
  • Runs on Linux - Support for Linux host operating system (Debian and Ubuntu distributions). Support for automated system setup using Ansible.
 
Ordering
# Model # Description Availability
1 FPSW-DDC/10G FiberPlex Data Diode Controller Proxy Software.  A 1-year End User License subscription for 10 Gig Ethernet Physical Layer Data Diodes.  Upstream and Downstream instances.  Standard UPD, TCP, Syslog, and Data Transfer Service Elements are included. Pre-Order Available
2 FPSW-DDC/1G FiberPlex Data Diode Controller Proxy Software.  A 1-year End User License subscription for 1 Gig Ethernet Physical Layer Data Diodes.  Upstream and Downstream instances.  Standard UPD, TCP, Syslog, and Data Transfer Service Elements are included. Pre-Order Available
3 FPSW-DDC/FTS FiberPlex Data Diode Controller Service Element for File Transfer.  Supports SFTP, SMB Protocols.  1-year Subscription with Maintenance and Support included. Pre-Order Available
4 FPSW-DDC/MQTT FiberPlex Data Diode Controller Service Element  for M2M communication over MQTT.   1-year Subscription with Maintenance and Support included. Pre-Order Available
5 FPSW-DDC/OPCUA FiberPlex Data Diode Controller Service Element for OPC UA, includes OPC UA to MQTT protocol conversion. 1-year Subscription with Maintenance and Support included. Pre-Order Available

 


 
 
Sales: sales@patton.com / +1 301 975 1000
Support: support@patton.com / +1 301 975 1007
Join Our Email List
Have Us Contact You
or
Login Connect With Us
X Linkedin Facebook Youtube
 
     Patton LLC Copyright © 2022 All Rights Reserved.

|  Sitemap  |   Legal  |   Privacy Policy  |   Disclaimer  |    X  Facebook  YouTube  LinkedIn  RSS