SIXA ARCHITECTURE

An architectural approach using best practice guidelines from NCSC

As part of our specialisation in addressing secure information exchange (or cross-domain) challenges, we have developed our own architecture. It consists of a number of configurable building blocks that follow best practice design patterns from the National Cyber Security Centre (NCSC), the UK National Technical Authority, for the import and export of data across security domain boundaries.

This architecture forms the technical basis of our secure information exchange solutions and, whilst not all organisations we deal with are within the assurance jurisdiction of the NCSC (formally known as CESG), the use of a such a modular architecture provides numerous benefits to all stakeholders.

A Modular Architecture

Transform
Modify the content or protocol for interoperability or security purposes. Sometimes referred to as a gateway.

Flow Control
Ensure data only flows in the direction required to support the business process. Often delivered by a firewall (two-way data flow) or a data diode (one-way data flow).

Validate
Ensure the content (and in some cases protocol) conform to the security policy. Sometimes referred to as a guard.

SIXA benefits for end users

Using a foundation of configurable components with a track record of assurance throughout the world, allows end users to bring highly robust, low risk technical solutions to bear quickly and affordably. The solutions address specific operational and security concerns in an optimal manner with the agility to evolve over time as the threat changes.

Our solutions facilitate transparent and convenient transfer of files, messages and information streams between networks of interest whilst maintaining the highest levels of security. This allows users to think less about the mechanics of discovering, accessing and sharing information, and more on the mission in hand.

SIXA benefits for systems integrators

A clearly defined and well tested architecture, together with risk sharing responsibility for design, delivery and support, allows system integrators to address specific information exchange and cross-domain challenges.

Our solutions are configurable to deliver the minimal viable capability with a roadmap to system enhancement and added value over time. This offers reduced delivery and assurance risk, quicker delivery timescales and lowers the total cost of ownership.

SIXA benefits for assurance authorities

The mechanics of securing information flows in to and out of secure networks are of critical importance, not just to the performance of the eventual system but also its ability to be assured.

By using an architectural approach that follows best practice design patterns from the National Cyber Security Centre (NCSC), the UK National Technical Authority, this facilitates the accreditation process for assurance authorities, both in the UK and world-wide.

We also understand that success is more than just developing the right technical solution. Therefore, we will ensure that the solutions support your organisation and your personnel through seamless integration with your business processes and wider enterprise architecture. To achieve this, we will make use of CyberShield Secure, Nexor’s consultative delivery methodology.