Firewalls vs. Data Diodes

To see is to believe

When talking about data Diodes, a question that people often ask is, “So, what’s the difference between firewalls and Data Diodes?” 

We say that the two are complementary, as Data Diodes provide additional security measures for especially vulnerable network segments. Looking into more detail, however, it is clear that firewalls and Data Diodes have totally different concepts.

Firewalls separate two networks or systems, but permit restricted bi-directional data flow between them. Based on the pre-established routing rules, they determine whether the data can move between your IT and OT. All firewalls achieve this function by software. Although some may run on dedicated hardware, they are still driven by software—the software and hardware are just separated. Firewalls allow data to flow in both directions, and therefore allow potential interference from the open network to enter the operational, or critical, one. We never know what’s happening inside them. When poorly configured or containing  intrinsic vulnerabilities, firewalls can become risk factors. 

In contrast to firewalls, Data Diodes use a different approach to separate two networks—by isolating them at the physical layer. Data flows only in one direction, from secure sites to open networks, and there is no way for data to be transferred in the reverse direction, as there is no door for this route. Proxy servers in the OT and the IT run independently of each other to send OT data to the IT side. Obviously, this mechanism reduces system flexibility, but it also increases security levels. Even in the worst case scenario, where an IT proxy server is compromised, important assets or systems on the OT side are still under protection. Data Diodes are quite similar to the air-gap approach, but permit real-time data transmission.

Ready to change? Talk to us about your plan

Our team will be happy to answer any of your queries

CONTACT US

Your best partner for
OT Cyber Security

If you have any questions regarding our
products, services, or the website,
please let us know by completing and
sending us a form.

By submitting this form, you agree to our
Privacy Policy.

CONTACT US

Your best partner for
OT Cyber Security

If you have any questions regarding our products, services, or the website, please let us know by completing and sending us a form.

Your Security is Our Duty

Contact Info

Phone: +886-3-5501898
Address: No. 146, Sec. 1, Dongxing Rd., Zhubei City, Hsinchu County , Taiwan (R.O.C.)
Email:  sales@blackbear.tw

CONTACT

BlackBear(Taiwan) Industrial Networking Security Ltd. © Copyright 2021

Scroll to Top