Many industrial control systems require regular updates of antivirus signatures, batch production orders and other items. Every path for such updates through a firewall though, introduces attack opportunities, since all firewalls are software and all software can be hacked or misconfigured. The Waterfall FLIP is a type of Unidirectional Gateway whose orientation can be reversed, enabling disciplined scheduled updates without the vulnerabilities firewalls always introduce
Many industrial control systems require regular updates of antivirus signatures, batch production orders and other items. Every path for such updates through a firewall though, introduces attack opportunities, since all firewalls are software and all software can be hacked or misconfigured. The Waterfall FLIP is a type of Unidirectional Gateway whose orientation can be reversed, enabling disciplined scheduled updates without the vulnerabilities firewalls always introduce
Disciplined, scheduled, secure updated
to unidirectionally-protected networks
100+ Waterfall software connectors for unidirectional
replication of industrial servers and devices
An evolutionary alternative to firewalls in a strong preventative cybersecurity program for Industrial Control Systems
IT and industrial clients access replica server and
devices normally and interactively
Hardware is modular, flexible, and user-serviceble
1Gbps standard throughput, multi-Gbps with several TX/RX pairs
Front panel cabinet connections for clear system visibility
Wide variety of COTS software connectors, no customization fees
Flexible connector hosting supporting all major operating systems
The FLIP is a combination of hardware and software. The hardware includes a TX Module, containing a fiber-optic transmitter/laser, and an RX Module, containing an optical receiver, but no laser. A short fiber-optic cable connects the two hardware Modules. The FLIP is therefore able to transmit information in only one direction at a time. While the FLIP hardware transmits information from a source network to a destination network, that hardware is physically incapable of transmitting any information back from the destination network into the source network.
Hardware orientation reversals are triggered by dedicated hardware on a schedule, or by manual activation from the front panel of the FLIP Module. The FLIP software replicates servers and emulates devices. Clients and users on each network access the replicas as if they were the originals, making the FLIP a plug and play replacement for software firewalls. Unlike firewalls, the FLIP is not a router and is incapable of forwarding network traffic or network attacks.
Common Criteria EAL 4+, ANSSI CSPN, NITES Singapore, Korean KC Certification and Israel NISA
Idaho National Labs, Digital Bond Labs
Global ICS Standards & Regulations, NERC CIP, IEC 62443, NRC 5.71, NIST 800-82r2, CFATS, ISO, IIC SF, ANSSI, and many more
English
Français
Español
עברית
Deutsch
日本語
한국어
中文
اَلْعَرَبِيَّةُ
