Overview
The FiberPlex SFX-1DD Data Diode, with 1-gigabit optics, features a data diode functionality which means that the modules transmit data in one direction only without the possibility for a return path. There is only one optical opening to connect a single fiber.
The SFX-1DD modules are high performance, cyber-secure modules supporting a host of data rates and distances.
Patton's FiberPlex Cyber-SFP Modules are compatible with the small form-factor pluggable (SFP) multi-source agreement (MSA). They are RoHS compliant and lead-free.
These optical modules are designed for digital data applications, and are not recommended for digital video applications due to SMPTE encoding that may cause pathological signal errors. For video applications, see our line of
video optimized SFP modules.
SFP MSA Compliance
The SFP multi-source agreement (MSA) is an agreement that was drafted among competing manufacturers of SFP optical modules. The SFF Committee was formed to oversee the creation and maintenance of these agreements including the SFP MSA designated as INF-8074i. This agreement describes a mutually agreed upon standard for the form and function of SFP modules. However, not all SFPs produced are MSA compliant. The MSA provides for a transceiver (TX/RX) pinout. FiberPlex Technologies Data SFPs are fully compliant with SFF-8074i. The pinout for these SFPs can be seen in the table below.
SFP Pinout |
Pin |
Transceiver / BiDi (MSA) |
1 |
VEE |
2 |
TX_FAULT [VEE] |
3 |
TX_DIS |
4 |
MOD_DEF(2)-SDA |
5 |
MOD_DEF(1)-SCL |
6 |
MOD_DEF(0)-PRESENCE [VEE] |
7 |
Rate [NC] |
8 |
LOS |
9 |
VEE |
10 |
VEE |
11 |
VEE |
12 |
RD- |
13 |
RD+ |
14 |
VEE |
15 |
VCC |
16 |
VCC |
17 |
VEE |
18 |
TD+ |
19 |
TD- |
20 |
VEE |
Regulatory Compliance
- ESD to the Electrical Pins: compatible with MIL-STD-883 Method 3015
- ESD to the Duplex LC Receptacle: compatible with IEC 61000-4-2
- EMI compatible with FCC Part 15 Class B EN55022 Class B (CISPR 22B) VCCI Class B
- Immunity compatible with IEC 61000-4-3
- Laser Eye Safety compatible with FDA 21CFR 1040.10 and 1040.11 EN60950, EN (IEC) 60825-1,2
- RoHs compliant with 2002/95/EC 4.1&4.2 2005/747/EC
A Large Selection of Optics
The FiberPlex line of SFP Modules supports a host of data rates, wavelengths (λ) and power configurations providing maximum flexibility. The SFPs simultaneously support various SONET, synchronous digital hierarchy (SDH) and IEEE Ethernet standards. The table below lists many of the popular options and the corresponding Patton SFP part number.
Two Fiber Optical Transceiver Modules |
SFX Modules |
FiberPlex SFP |
TX/RX |
Data
Rate |
SONET/SDH/IEEE |
Fiber Type |
λ (nm) |
Transmitter Power (dBm) |
Receiver Sensitivity (dBm) |
TX Jitter
(JTXp-p) |
Max Distance @
Max Data Rate |
Min |
Max |
SFX-MC24DT-3100-2 |
TX |
1.25 Gbps |
OC24/Fibre Channel/GbE |
Singlemode |
1310 |
-9 |
-3 |
- |
200 ps |
10 km |
SFX-MC24DR-0031-2 |
RX |
SFX-SC24DT-3100-B
|
TX |
- |
- |
-25 |
- |
SFX-SC24DR-0031-B
|
RX |
SFX-MC92DT-8500-0
|
TX |
10 Gbps |
OC192/10G Ethernet |
Singlemode |
1310 |
-8.2 |
+0.5 |
- |
200 ps |
10 km |
SFX-MC92DR-0085-0
|
RX |
SFX-SC92DT-3100-A |
TX |
- |
- |
-14.4 |
- |
SFX-SC92DR-0031-A |
RX |
Applications
Network Security and Segmentation
Determining where data diodes should be deployed depends on the security goals. If the primary goal is to protect the source network, then the data diode is deployed at the edge of the security border of the source network. The data diode prevents any possibility of an external party hacking into the source network while making data available outside of the source network
Data Availability
Many believe that remote monitoring cannot be achieved without remote access to systems. However, as previously stated, if remote access is provided via an external two-way connection, then a threat vector is created. By utilizing data diodes, a high-security network, such as an oil and gas refinery, is secured by one-way transfer hardware, preventing all external access. Meanwhile the data required for remote monitoring, backup, or analysis is sent one-way to another network or the cloud, where end users and applications can access it as needed without compromising the integrity of the refinery controls.
Bilateral/Bidirectional Transfers
Despite all of the security benefits of one-way data diode solutions, in many cases, limited bidirectional communication is still necessary for confirmation or command and control. In these cases, the U.S. Department of Homeland Security’s guidance advocates using “a single open port over a restricted network path” to severely limit the attack surface. A bilateral solution includes two independent data diode one-way paths that permit a single, round trip session between pre-configured IP addresses: a one-way data transfer solution responsible for outgoing traffic, and another responsible for incoming traffic.