Waterfall for IDS


Waterfall for Intrusion Detection Systems (IDS) enables IT networks to safely monitor OT systems to detect intrusion attempts by preventing the risk of anything going back into the OT networks via the IDS.

 Waterfall for IDS is a hardware-enforced, physical barrier that ensures data can only flow in one direction that prevents remote attacks, malware, DOS attacks, ransomware and human errors originating on external networks.

How it works

Group 1117


An OT network safely to IT-resident OT IDS sensors

Group 1117-1


The OT network accurately through the unidirectional hardware

Group 1117-2


OT IDS sensors conveniently on IT network without risk to operations


Safe intrusion detection

Enables monitoring of OT networks without introducing new connectivity risks to the monitored networks

No new hosts

All functions in gate array logic, with no hosts introduced to IT or OT network

Easy management

Network sensors can be deployed on IT networks for easy management by SOC analysts, without risk to OT networks

Eliminates bidirectional mirror port risks

Mirror ports are no longer a risk to OT networks when OT IDS sensors are deployed on IT networks

Seamless integration with SOCs

Supports stand-alone operations
and integration with industry-leading SIEM/SOC solutions

Unbreachable physical barrier

Hardware-enforced technology protects OT networks absolutely from cyber attacks pivoting through OT IDS sensors



Simple hardware-only design with no CPUs to manage


1Gbps copper connectivity


Front panel cabinet connections for clear unidirectionality


Mirror port accurately emulated to IT-resident OT IDS sensors


Optional flow statistics reported to SIEM / SOC / NOC

Technical specifications

Standard Rackmount Dimensions

48.3(W), 52(D), 4.4(H) cm

Din Rail Rackmount Dimensions

11.3(W), 25(D), 21.3(H) cm


110-240vac, 50-60 Hz


2.5 kg (Standard) | 3 kg (Din Rail)

Network Interfaces

4 x 1Gbps

Certification & Compliance


Common Criteria EAL4+, Singapore NITES, Korean KC, Israel NIS


Idaho National Labs, Digital Bond Labs

Enables compliance with

Global ICS Standards & Regulations, NERC CIP, IEC 62443, NRC 5.71, NIST 800-82R2, CFATS, ISO, Industrial Internet Consortium SF, ANSSI ICS Standards, and many more

Product Information

One way for data.
Zero entry for attackers.