Data diodes are an older and more limited technology than unidirectional gateways. Diodes are used extensively in the military, to send information into classified networks while leaking no national secrets back out. The devices tend to be hardware-intensive, with little or no software support. Unidirectional gateways have one-way hardware as well, with extensive software support for industrial control / OT systems. Unidirectional gateways replicate database servers, OPC servers and others from industrial networks to enterprise networks. Users on enterprise networks access industrial / OT data in the enterprise servers. Download the Waterfall eBook to learn more about these and other differences between military-focused data diodes, and industrial-focused unidirectional gateways.
| Data Diodes | Unidirectional Gateways | |
|---|---|---|
| Focus | Confidentiality of military networks | Safety & reliability of ICS / OT networks |
| What is it? | Hardware able to send information in only one direction (NIST 800-82 r2) | One-way hardware plus software that makes copies of industrial servers. (NIST 800-82r2) |
| Hardware | Low volume, expensive, sold to local military only | Cost-effective, high-volume, sold to industry world-wide |
| Software | Limited software support focused on file transfer | Extensive software support for historians, OPC, cloud services, remote support and industrial protocols |
| Custom Engineering | Most software is custom developed for each customer | Software is off-the-shelf product with standard support |
In This eBook
Data Diodes
Data Diodes
Unidirectional Gateways – Hardware & Software
Unidirectional Gateways – Hardware & Software
Waterfall Unidirectional Security Gateways
Waterfall Unidirectional Security Gateways
About The Author
Andrew Ginter
Andrew Ginter is the VP Industrial Security at Waterfall Security Solutions
At Waterfall, Andrew leads a team of experts who work with the world’s most secure industrial sites. He is author of two books on industrial security, a co-author of the Industrial Internet Consortium’s Security Framework, and the co-host of the Industrial Security Podcast. Andrew spent 35 years designing SCADA system products for Hewlett Packard, IT/OT connectivity products for Agilent Technologies, and OT/ICS security products for Industrial Defender and Waterfall Security Solutions.