Skip to main content

Cross-domain

PSTdiode

PSTdiode transfers information between two isolated security domains with a physical one-way guarantee.

Overview

Features

Solutions

Downloads

Contact

Overview

PSTdiode is composed of two 19” appliances with the corresponding part of the one-way communication hardware mounted in each appliance and all the necessary software installed (firmware).

Based on the one-way communication de- vice PSTdiode ATKDDL®, developed by Autek Ingeniería and Common Criteria EAL 4+ (AVA_VAN.5, ALC_FLR.3) Certified. This device consists of a transmitting card (TX) and a receiving card (RX), connected by an optical fibre cable.

The firmware executes from a read-only partition and a tool to verify its integrity is included. The firmware is easily updated while maintaining the configuration. The firmware is easily upgradable and the configuration is maintained in the process.

The system is configured remotely once PKI and network parameters are set on both appliances through a local interface.

The system integrates with existing infrastructure

There is no need to install additional proxies or dedicated servers.

General characteristics

Topology

Two appliances, one appliance on each security domain, communicating exclusively by an optical fibre cable.

Administration Topology

Separate administration network (optional) for each appliance.

Deployment

Ready to use appliances. The system is configured remotely once PKI and network parameters are set on both appliances through a local interface.

Administration

The system is monitored remotely, with PSTadm, from the destination network. Administration of the source appliance is only needed for configuration changes and troubleshooting.

Administration roles

Four remote administration roles are supported and enforced through PKI:
• Root Administrator
• Security Administrator
• Services Administrator
• Monitoring Administrator

Status and error notification

The system sends operation and security SYSLOG events independently.

Transferred data logging

With PSTaud, all transfers can be logged to a database or saved as XML files. The service PSTaud is installed on a general purpose computer on the destination domain.

Automatic time synchronization

The system allows configuring time synchronisation via NTP servers on both domains.

Transfer rate

The transfer rate provided by the PSTdiode ATKDDL device is 1Gbps.

Security

Topology

Dedicated and independent management interface that allows separating all management traffic from data traffic on both appliances.

Status and error notifications

Security events can be handled separately.

Management communications

Only authorized administrators, using digital certificates, can administer the system. Communications between the software components and the appliances are protected by TLS with remote end authentication. All accesses and operations performed by system administrators are logged.

Management communications

Only authorized administrators, using digital certificates, can administer the system. Communications between the software components and the appliances are protected by TLS with remote end authentication. All accesses and operations performed by system administrators are logged.

Firmware integrity assurance

All software (including the operating system) runs from a read-only partition, the integrity of which can be verified at any time.

Solutions

Active file transfer.

Automatic one-way file transfer with physical guarantee of unidirectional transmission (FTP, SFTP, FTPS, SMB).
Typical use case: File transfer to an isolated network (e.g. periodic software updates).

UDP Payload Transfer

It transfers the content of UDP packets (‘payload’), in real time (UDP unicast, UDP multicast).
Typical use case: Its low latency allows its use in streaming applications.

Join the Autek team

A team that works with the objective of growing together doing what we like and facing the challenge of improving at every step.

Join us

Secure Information Exchange Experts

® 2024 Autek

Cookie Policy

Privacy Policy

Legal Notice