Home Domain separation

Domain separation with Technolution datadiode

Domain separation

using data diodes

Contact us

If you want to connect networks at different security levels, the protection of the ‘higher-level’ network, the network that must not be compromised, is crucial. Sometimes the security of the network is at stake, for instance if it contains business secrets or state secrets that must never leak. Or it may be more about integrity, for example if the network must never be infiltrated by malware or spyware. In both cases, domain separation using data diodes offers a secure and feasible solution.

Data diode: a unidirectional connection

A data diode works like a valve on a data connection. Data traffic is completely (physically) blocked in one direction, but remains possible in the other direction. Because of the way a data diode is built, this unidirectional connection is as good as unhackable.

A unidirectional connection does require supporting measures for bidirectional communication protocols, because most applications cannot function if there is one-way traffic only. So-called software proxies on either side of the data diode ensure that bidirectional protocols can continue to function with a unidirectional connection. Software proxies also offer support in the form of virus control, data conversion and other functions.

When do you need domain separation?

There are many situations in which domain separation with data diodes can be useful. To give a few examples:

  • Secret or confidential information on the network must not leak …
    … but smooth reception of email and other data is essential for your processes.
  • The local network must be closed off hermetically against intruders …
    … but you still want to be able to send data flows to your other locations.
  • The risk of incoming viruses or other malware must be eliminated …
    … but you still want to be able to release software updates to your clients.
  • You want to be able to read out data from critical infrastructures (tunnels, bridges, locks, etc.) …
    … but the infrastructure must be protected against intruders.
  • A highly secure network must be able to receive data from a less secure network …
    … but data on the highly secure network must never end up on the less secure network.

Solutions for domain separation

Technolution Prime delivers high-grade solutions for domain separations. These solutions are based on our ‘separation of concerns’ philosophy: they are developed entirely to perform one specific security task only. In addition, we believe in keeping our solutions as generic and exchangeable as possible. This prevents unnecessary risk, keeps costs under control and gives us the flexibility to continue to develop our products and adapt them to our clients’ new requirements.

Our portfolio

PrimeDiode 3010

Data diode
NLD Secret (NBV-cleared)

PrimeDiode 5001/5010

Compact data diode
NLD Top Secret

PrimeDocks

Development and management platform of software proxies

Let’s talk about your cross domain challenge

and find out how we can help you

Tim de Wolf, business developer at Technolution Prime
Tim de Wolf – Business Developer

  • We use the information you entered to reply to your message. We also register your message, your interests in our products and services and your contact data in our CRM system. We might contact you in the context of commercial activities. Please consult our privacy statement for further details.
  • This field is for validation purposes and should be left unchanged.