Waterfall Unidirectional Security Gateways replace firewalls in industrial network environments, providing absolute protection to safety critical and control system networks from attacks emanating from external less-trusted networks. Waterfall Gateways contain both hardware and software components. The hardware includes a TX Module, containing a fiber-optic transmitter/laser, and an RX Module, containing an optical receiver, but no laser. The gateway hardware can transmit information from a critical network to an external network, but is physically incapable of propagating any virus, DOS attack, human error or any cyber attack at all back into protected safety-critical and control networks. Unidirectional Gateway software replicates database servers and other systems unidirectionally. The replica databases on the IT networks provide IT users, customers and passengers with the same data as would have been sourced from control-critical databases, without ever sending even one message from IT networks back into control-critical networks. It does not matter how sophisticated attacks become or how clever attackers are – if no information or attacks can enter control-critical networks. Modern rail system operators embrace both increased efficiencies and reduced risk by deploying physical, unidirectional protections from cyber attacks as part of on-going automation improvements. 

Waterfall Unidirectional Security Gateways replace firewalls in industrial network environments, providing absolute protection to control systems and operations networks from attacks originating on external networks. The Gateways enable vendor monitoring, industrial cloud services, and visibility into operations for modern enterprises and customers. Unidirectional Gateways replicate servers, emulate industrial devices and translate industrial data to cloud formats. As a result, Unidirectional Gateway technology represents a plug-andplay replacement for firewalls, without the vulnerabilities and maintenance issues that always accompany firewall deployments. Unidirectional Gateways contain both hardware and software components. The hardware components include a TX Module, containing a fiber-optic transmitter/ laser, and an RX Module, containing an optical receiver, but no laser. The gateway hardware can transmit information from an industrial network to an external network, but is physically incapable of propagating any virus, DOS attack, human error or any cyber attack at all back into the protected network.

Waterfall Unidirectional Security Gateways replace firewalls in pharmaceutical manufacturing network environments, providing absolute protection to manufacturing control systems from attacks emanating from external networks. Unidirectional Gateways contain both hardware and software components. The hardware components include a TX Module, containing a fiber-optic transmitter/laser, and an RX Module, containing an optical receiver, but no laser. The gateway hardware can transmit information from the manufacturing network to the external network, but is physically incapable of propagating any virus, DOS attack, human error or any cyber attack at all back into the protected network. The Gateways enable vendor monitoring, industrial cloud services, and visibility into operations for modern enterprises and manufacturers. Unidirectional Gateways replicate entire servers or selected subsets, emulate industrial devices and translate manufacturing data to cloud formats. As a result, Unidirectional Gateway technology represents a plug-and-play replacement for firewalls, without the vulnerabilities and maintenance issues that accompany firewall deployments.

Waterfall Unidirectional Security Gateways replace firewalls in industrial network environments, providing absolute protection to control systems and industrial control networks from attacks originating from external less-trusted networks. Unidirectional Gateways contain both hardware and software components. The hardware components include a TX Module, containing a fiber-optic transmitter/ laser, and an RX Module, containing an optical receiver, but no laser. The gateway hardware can transmit information from an industrial network to an external network, but is physically incapable of propagating any virus, DOS attack, human error or any cyber attack at all back into the protected industrial network.

This deployment used two Unidirectional Security Gateways to enable safe control-system data exchange, external monitoring, and visibility into operations for the GIPL sites. Unidirectional Gateways replicate servers, emulate industrial devices and translate industrial data to cloud formats. Unidirectional Gateway technology represents a plug-and-play replacement for firewalls, without the vulnerabilities and maintenance issues that accompany firewall deployments.

Waterfall Unidirectional Security Gateway solutions replace firewalls in industrial network environments, providing absolute protection to control systems and operations networks from attacks emanating from external less-trusted networks. Waterfall Gateways contain both hardware and software components. The gateway hardware can transmit information from an industrial network to an external network, but is physically incapable of propagating any virus, DOS attack, human error or any cyber attack at all back into the protected industrial network. Unidirectional Gateway software makes copies of industrial servers, enabling external IT and Internet users to connect the replica servers for access to real-time operational information. At this customer, the Unidirectional Security Gateway copies standard OPC-UA servers, Syslog servers, SMTP servers and file servers from operational networks to the IT network where SOC systems and analysts, as well as other IT business automation systems can access the replicas and their OT data normally. The gateway is also equipped with unidirectional Remote Screen View to enable remote vendor support personnel to see the screen of the Engineering Workstation in order to assist site personnel in diagnosing, adjusting and correcting software and hardware problems.

Waterfall Unidirectional Cloud Gateway solutions replace firewalls in industrial network environments, providing absolute protection to control systems and industrial control networks from attacks emanating from external less-trusted networks. Waterfall Gateways contain both hardware and software components. The hardware components include a TX Module, containing a fiber-optic transmitter/laser, and an RX Module, containing an optical receiver, but no laser. The gateway hardware can transmit information from an industrial network to an external network, but is physically incapable of propagating any virus, DOS attack, human error or any cyber attack at all back into the protected industrial network. Unidirectional Cloud Gateway software makes copies of industrial servers. External IT and Internet users connect normally to the replica servers and access data there normally.

At this customer, the Unidirectional Cloud Gateway was deployed to copy a standard OPC-UA server from the industrial network to the IT network where a RedZone RZLogger was deployed. The logger connected to both the OPC-UA replica server and to RedZone services in the Amazon AWS cloud. The deployment was completely safe, because no attack is able to penetrate the Unidirectional Cloud Gateway hardware to reach into the Industrial Network to put physical operations or any data management systems in that network at risk.