Waterfall Unidirectional Security Gateways replace firewalls in industrial network environments, providing absolute protection to control systems and operations networks from attacks originating on external networks. Unidirectional Gateway solutions come in pairs: the TX appliance contains a laser, and the RX appliance contains an optical receiver. The Gateway pair can transmit information out of an operations network, but is incapable of propagating any virus, DOS attack, human error or any information at all back into the protected network.
The technology has been verified by Idaho National Labs, who concluded that “the physics of the system prevent any data transmission from the low security enclave to the high security enclave.”
Waterfall agent software gathers data in real time from operations servers inside the protected network. The software transmits that data to the external network, and populates replica servers with the data.
Waterfall provides out of the box replication capabilities for dozens of industrial applications, including process historians, process databases, control system servers, OPC servers, and low-level devices
Replication solutions are also available for file servers, mail servers, print servers, SIEM servers and other components essential to the integration of modern operations networks with business networks.
The server-replication process is transparent to external users, and has no effect on the original operations servers. External users access and use the replica servers in the same way they accessed and used the original operations servers, without changing working procedures.
Waterfall’s customers report substantial savings over conventional firewalls. Gateways reduce firewall configuration, auditing, training, and real-time monitoring / logging costs. In addition, customers in regulated industries report dramatic reductions in regulatory documentation costs associated with firewalls and the use of routable protocols.