FiberPlex SFX-1DD Data Diode SFP Modules are designed for cyber security, with 1-gigabit optics they transmit data in one direction only without the possibility for a return path, making them ideal for applications such as file transfer, real-time data streaming, database replication, and remote monitoring. There is only one optical opening to connect a single fiber.
The SFX-1DD modules are high performance, cyber-secure modules supporting a host of data rates and distances.
Patton's FiberPlex Cyber-SFP Modules are compatible with the small form-factor pluggable (SFP) multi-source agreement (MSA). They are RoHS compliant and lead-free.
These optical modules are designed for digital data applications, and are not recommended for digital video applications due to SMPTE encoding that may cause pathological signal errors.
Applications:
• Network Security and Segmentation
Determining where data diodes should be deployed depends on the security goals. If the primary goal is to protect the source network, then the data diode is deployed at the edge of the security border of the source network. The data diode prevents any possibility of an external party hacking into the source network while making data available outside of the source network.
• Data Availability
Many believe that remote monitoring cannot be achieved without remote access to systems. However, as previously stated, if remote access is provided via an external two-way connection, then a threat vector is created. By utilizing data diodes, a high-security network, such as an oil and gas refinery, is secured by one-way transfer hardware, preventing all external access. Meanwhile the data required for remote monitoring, backup, or analysis is sent one-way to another network or the cloud, where end users and applications can access it as needed without compromising the integrity of the refinery controls.
• Bilateral/Bidirectional Transfers
Despite all of the security benefits of one-way data diode solutions, in many cases, limited bidirectional communication is still necessary for confirmation or command and control. In these cases, the U.S. Department of Homeland Security's guidance advocates using "a single open port over a restricted network path" to severely limit the attack surface. A bilateral solution includes two independent data diode one-way paths that permit a single, round trip session between pre-configured IP addresses: a one-way data transfer solution responsible for outgoing traffic, and another responsible for incoming traffic.