An architectural approach using best practice guidelines from NCSC
As part of our specialisation in addressing secure information exchange (or cross-domain) challenges, we have developed our own architecture. It consists of a number of configurable building blocks that follow best practice design patterns from the National Cyber Security Centre (NCSC), the UK National Technical Authority, for the import and export of data across security domain boundaries.
This architecture forms the technical basis of our secure information exchange solutions and, whilst not all organisations we deal with are within the assurance jurisdiction of the NCSC (formally known as CESG), the use of a such a modular architecture provides numerous benefits to all stakeholders.
A Modular Architecture
Modify the content or protocol for interoperability or security purposes. Sometimes referred to as a gateway.
Ensure data only flows in the direction required to support the business process. Often delivered by a firewall (two-way data flow) or a data diode (one-way data flow).
Ensure the content (and in some cases protocol) conform to the security policy. Sometimes referred to as a guard.
Receive or collect the data from the sending network. Make the data available for using in the recipient network. Often a filestore or a network proxy.
SIXA benefits for end users
Using a foundation of configurable components with a track record of assurance throughout the world, allows end users to bring highly robust, low risk technical solutions to bear quickly and affordably. The solutions address specific operational and security concerns in an optimal manner with the agility to evolve over time as the threat changes.
Our solutions facilitate transparent and convenient transfer of files, messages and information streams between networks of interest whilst maintaining the highest levels of security. This allows users to think less about the mechanics of discovering, accessing and sharing information, and more on the mission in hand.
SIXA benefits for systems integrators
A clearly defined and well tested architecture, together with risk sharing responsibility for design, delivery and support, allows system integrators to address specific information exchange and cross-domain challenges.
Our solutions are configurable to deliver the minimal viable capability with a roadmap to system enhancement and added value over time. This offers reduced delivery and assurance risk, quicker delivery timescales and lowers the total cost of ownership.
SIXA benefits for assurance authorities
The mechanics of securing information flows in to and out of secure networks are of critical importance, not just to the performance of the eventual system but also its ability to be assured.
By using an architectural approach that follows best practice design patterns from the National Cyber Security Centre (NCSC), the UK National Technical Authority, this facilitates the accreditation process for assurance authorities, both in the UK and world-wide.
We also understand that success is more than just developing the right technical solution. Therefore, we will ensure that the solutions support your organisation and your personnel through seamless integration with your business processes and wider enterprise architecture. To achieve this, we will make use of CyberShield Secure, Nexor’s consultative delivery methodology.
FEATURED WHITE PAPER
Secure Information Exchange: Reference Architecture - In today’s world, information sharing is key to improved productivity, efficient and accurate decision making and effective collaboration. MORE DETAILS
FEATURED CASE STUDY
Connecting Multiple Networks Securely (European-based Programme) - Seamlessly moving data between networks is a key requirement for many large organisations to meet their operational needs. A cross-domain gateway and technology integration specialist can help your organisation adopt more modern ways of working in a secure manner. MORE DETAILS
Be the first to know about developments in secure information exchange