The OPDS products use a patented, hardware design that, based on the laws of physics, won’t allow anything to enter the network. This design is based on the principles of data diodes which only allow data to flow in one direction, so data can be distributed to users outside the plant for things like maintenance monitoring, support, backups and production planning but there is no way for a hacker to enter the plant through the OPDS product. And the second mission? Using our proprietary DualDiode Technology, all of the OPDS products are able to transfer data out of the facility. This includes files, alarms, logs, events, streaming video, database data, and historian information, all from a number of sources including both proprietary (i.e. GE, OSIsoft, Rockwell Automation, Schneider Electric) and standards based (SQL, OPC, MODBUS) sources. This data can be single events, small files, extremely large files, streams of packets, a directory of files, the replication of a whole directory structure, a subset of a database or the replication of a whole database/historian.
Owl offers a range of products that support speeds from 10Mbps to 10Gbps, different form factors (card sets, 1U rackmount enclosures and DIN Rail models), along with a library of different software interfaces that support various interfaces. Please see below for information of the different solutions we offer.
Imagery taken during ATM transactions is transferred from the remote ATM locations to a central repository for archiving. Using the DualDiode allows the information to flow into the archive but prevents access into the archive by other parties and or the removal of any material. Watermarks are used on the data and content inspection is performed. This is very similar to many of the DoD and Intelligence agency deployments we have were information is gathered in the field and secured at a central location.
A highly secured data center was “air-gapped” for security reasons. This required on-site or close proximity support personnel. With the use of a data diode, monitoring data (error messages, alarms, syslog msgs, etc.) can be transferred out of the secured enclave without incurring any cybersecurity threats. Support personnel can now monitor the data center remotely and do not have to be on-site 24x7. This is an example of a data diode securing a facility while transferring data externally for remote monitoring purposes.
This institution maintained accounts with high-profile government officials and wanted to ensure those accounts were well protected. A DualDiode was deployed to transfer the account information into a highly secured repository. This is an example of a data diode securely transferring data into a secured facility to prevent access.
The DualDiode 10Gbps solution is capable of quickly transferring very large files or large data flows at full line rate. Customers can use this capability to either move files like “captured” images of laptops or replicate full network flows for further analysis and threat detection.
For security purposes, many organizations have disconnected or “air gapped” their OT networks from their IT networks. This prevents threats in the IT network from infecting OT systems. However, as data-driven organizations begin to merge OT and IT, business users require access to OT data. In most cases, this access can be achieved through the use of a one-way data diode to transfer the data from OT to IT. However, in some cases, users have a periodic need for remote access, including remote help desk or remote command and control, which require bi-directional communication. The Owl ReCon is a hardware-based cybersecurity device, designed to restrict and secure bi-directional communications, enabling secure remote command and control with greatly reduced risk to connected OT systems.