Diode Applications: Secure Network Monitoring

October 2013

For the third article in the Data Diode blog series, I explore Audit and Monitoring between Domains.

Monitoring activity in a network is critical to maintain the availability of systems and reduce the likelihood of an attack affecting business operations. Where an organisation has multiple networks, monitoring becomes more difficult and less manageable. Monitoring each network separately is an option, but a single overall view of all networks is not achieved and the cost of monitoring can be higher.

Aggregating, correlating and collating audit and monitoring information into a single, central location provides an overall view of all networks and a single place in which to view and analyse the data. To achieve this single view, all monitored networks are connected via the monitoring system, which introduces the new risk that data may flow between the networks, creating malware and data loss vulnerabilities.

Diode Applications: Secure Network Monitoring

By using a data diode based application, it is possible to ensure that monitoring information is securely passed from the monitored network to the monitoring system, while ensuring that NO data can leak back from the monitoring system to the monitored network. Additionally a careful diode configuration can ensure there is no risk of malware cross infection between the monitored networks.

Interested in finding out more details about securely obtaining monitoring data from your networks?  Contact me, or leave a comment below.

 

This article was originally posted on the Cyber Matters blog – which gives “bite-size insight on cyber security for the not too technical”.

Author Bio - Colin Robbins

COLIN ROBBINSColin Robbins is the Innovation Director at Nexor. He has specific technical experience in Secure Information Exchange & Identity Systems and is credited as the co-inventor of LDAP. His current focus is solving customer security challenges in Cloud and IoT environments.

Subscribe to our RSS feeds

 Archives

Our Accreditations; Investors in people; ISO 9001; Cyber Essentials; ISO 27001; TickIT Plus; HM Government.

Be the first to know about developments in secure information exchange

Share This