Government Computer News
Network security’s one-way data street
Digg
De.licio.us
Slashdot
TechnoratiIn this report
Maintaining a highly secure network environment is paramount for the military as well as for civilian agencies working in intelligence or law enforcement. But how does information from less secure sources get into the secure network? And does the fact that a network is completely secure mean that users can’t access nonclassified data from their terminals without opening up a security hole?
The Tenix Datagate Interactive Link Suite from Tenix America can address these questions by preserving separate secure networks while allowing users to access data and the Internet from a single PC.
To test the system we set up two networks in the GCN Lab. The first was modeled after the Secret IP Router Network, which the Defense Department uses to exchange classified information in a totally secure environment. The second network was modeled after DOD’s NIPRnet, the Unclassified but Sensitive Internet Protocol Router Network (formerly the Non-Classified IP Router Network). Our servers ran Microsoft Windows 2003, Red Hat Linux and Sun Solaris, all of which are supported by Tenix software.
Although NIPRnet is not classified, there is still a lot of sensitive data on it. Conceivably, an analyst or other authorized user may want to take some of the data found there and upload it to SIPRnet for inclusion in a report. This can be achieved securely using the Interactive Link Suite, which is a surprisingly low-tech solution to a high-tech problem. The heart of the suite is the $30,000 Interactive Link Data Diode, which sits between the two networks.
The Data Diode is like an air gap network, but allows a one-way fiber connection from the low-security net to the high-security one.
Here’s how it works. If, for example, you’re looking at a satellite map of Iraq over the low-security network and need to use images of various fires around Baghdad, you would open up your photo editing program and cut out the part of the image that you need. Then you copy the image to your clipboard in the normal way by pressing CTRL-C, or selecting Copy from the program menu.
You then select an icon in the system tray that says “Transfer to high security network” and the transfer happens. The data is then placed into a receiving folder on the secure network. The software will not let you initiate a transfer in the other direction.
| |||
| Latest News |  WashingtonTechnology.com |
FCW.com |
|
GCN.com
The latest technology news from GCN.com
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
 |
![1105 Government Information Group [valor]](/images/1105logo_website.gif "Government Computer News [valor]")
© 1996-2008 1105 Media, Inc. All Rights Reserved.
