Patton

Once upon a time, full-duplex transmission was introduced as a groundbreaking network technology. Now, in the age of multiplying cyber attacks, we have good reasons to revert to simplex circuits. Unidirectional connections provide network protection and offer reliable, hardware-based, cyber security.

Data diodes can provide hardware-based simplex communication circuits. Most commonly implemented in high-security environments, including classified government, military intelligence, and national defense,  data diodes provide unidirectional data communication between networks that have different security classifications.
Given the rise of industrial IoT and digitization, this technology can now be found at the industrial control level for such facilities as nuclear power plants, power generation, and safety-critical systems like railway networks. With a data diode installed on the outbound port, the high-security network cannot be penetrated by software bugs or malicious code.

Operational data is securely transferred out of the secure OT network through a data diode to data repositories. Remote users retrieve OT data without exposing the OT network to security attacks.
Data Diodes Combined with NDR. Also known as a unidirectional security gateway, a data diode is a hardware-based, simplex networking solution that can be installed to segment a network and defend it from malicious attacks. When data diodes are combined with a NDR (Network Detection and Response) platform, such as Vectra, the network security solution is extremely effective. An extra-fancy (and much longer!) name for a data diode is a deterministic one-way boundary device. 
Data Diodes: What are they? How are they used?
Patton FibrePlex Data Diode
Available in various shapes and sizes, a data diode is a unidirectional network communication device that enables safe, one-way data transfer data between two networks. One might think of it as a non-return valve. It allows data transmission in only one direction. Because it cannot and will not receive data, any and all data trying to enter the network is blocked. Data diodes are designed to maintain physical and electrical separation between source and destination networks. A data diode allows a high-security network or segment to send data to external systems and users—such as a regulatory body, the cloud, or a remote-monitoring facility—without exposing the secure network to external threats.
Types of Data Diodes. Currently-existing data diode technologies include hardware-only, optical fiber, optical isolation, electrical, and electromagnetic. Most popular in today’s market are hardware and optical, which is essentially a modified optical cable.
Data diodes can be used to protect network segments of all sizes, from a single controller to an entire facility.
Network Diagram with Data Diode

Controlled Data Flow

Data diodes are hardware-enforced data transfer solutions that use the laws of physics to provide a security mechanism that cannot be hacked.
Secure Monitoring and Control Network

What is Network Detection and Response (NDR)?

Network Detection and Response (NDR) is a technology solution that improves cybersecurity. The discipline has evolved from a practice once known as network traffic analysis. Over the years, as the complexity of network traffic has increased, the proportion of potentially malicious traffic has also increased. So, the activities around traffic analysis have become more security-focused. In recent times, human monitoring and simple behavioral analytics have evolved into NDR, which employs machine learning combined with automated threat-discovery and incident-response mechanisms.
NDR focuses on machine learning and analytical techniques—raising the bar compared with rules-based security tools such as firewalls. These intelligent tools model network behavior using continuous real-time traffic analysis while alerting network administrators about anomalous behavior or traffic patterns that indicate system malfunctions or external attacks.
NDR monitors an organization’s network in real-time, 24/7.
IDS. Similar to traditional Intrusion Detection Systems (IDS)—which focus on monitoring the network perimeter for intruders and generating alerts when an attack is detected—NDR solutions focus on analyzing network communications in order to detect and investigate threats. Compared with IDS, a chief differentiator is that NDR provides automated responses, including:

triggering commands to a firewall to drop suspicious traffic
manual responses  — providing threat-hunting and incident response information to dig deeper

NDR solutions move beyond merely detecting threats, actually responding to threats in real-time using native controls while supporting a wide-range of integrations with other cybersecurity tools or solutions:  security orchestration, automation, and response (SOAR) for example.
Security information and event management (SIEM) is a solution that helps organizations detect, analyze, and respond to security threats before they harm business operations.

How does Vectra work together with data diodes?
Vectra supports data diodes on any of its physical appliance Sensor capture ports that provide SFP+ 10 Gbps connections.  As of this writing, Vectra appliances that support Patton data diodes include:

Vectra has validated Patton FiberPlex SFP+ modules that function as data diodes.  These SFP+ modules will always be deployed in pairs:

One RX module in the Vectra Sensor
One TX module in the switch or packet broker, which feeds the Sensor network traffic

Additional information can be found at https://www.patton.com/sfx-10dd/

SecurityThere is really no debate over whether data diodes are more secure than software-only security solutions (firewalls)—they are. Patton data diodes are physically enforced with a hardware-based security mechanism and provide 100% confidentiality and segmentation between networks. Firewalls, in contrast, enforceconfigurable policies implemented in software. Data diodes are not vulnerable to software bugs, zero-day exploits, or misconfiguration—all of which vulnerabilities can afflict a firewall. Data diode hardware also provides protection from the unknown—something which no software-based security system can do.They do not need regular patching or maintenance to stay secure, and the enforcement mechanism never becomes less effective over time.

Glendon is responsible for creating corporate marketing and technical content including press releases, web copy, white papers, case studies, educational and tutorial pieces as well as other publications. He serves as editor-in-chief for Patton’s email newsletter and other outbound communications. He holds a Bachelor of Science in Computer Science from UMUC and a Bachelor of Music in percussion performance from UMCP. Mr. Flowers is a single father with three adult daughters: Lauren, Hannah & Sarah (twins). He plays guitar, bass, keyboards, drums, and percussion and enjoys composing and arranging music and songs.

Once upon a time, full-duplex transmission was introduced as a groundbreaking network technology. Now, in the age of multiplying cyber attacks, we have good reasons to revert to simplex circuits. Unidirectional connections provide network protection and offer reliable, hardware-based, cyber security.

Data diodes can provide hardware-based simplex communication circuits. Most commonly implemented in high-security environments, including classified government, military intelligence, and national defense,  data diodes provide unidirectional data communication between networks that have different security classifications.
Given the rise of industrial IoT and digitization, this technology can now be found at the industrial control level for such facilities as nuclear power plants, power generation, and safety-critical systems like railway networks. With a data diode installed on the outbound port, the high-security network cannot be penetrated by software bugs or malicious code.

Operational data is securely transferred out of the secure OT network through a data diode to data repositories. Remote users retrieve OT data without exposing the OT network to security attacks.
Data Diodes Combined with NDR. Also known as a unidirectional security gateway, a data diode is a hardware-based, simplex networking solution that can be installed to segment a network and defend it from malicious attacks. When data diodes are combined with a NDR (Network Detection and Response) platform, such as Vectra, the network security solution is extremely effective. An extra-fancy (and much longer!) name for a data diode is a deterministic one-way boundary device. 
Data Diodes: What are they? How are they used?
Patton FibrePlex Data Diode
Available in various shapes and sizes, a data diode is a unidirectional network communication device that enables safe, one-way data transfer data between two networks. One might think of it as a non-return valve. It allows data transmission in only one direction. Because it cannot and will not receive data, any and all data trying to enter the network is blocked. Data diodes are designed to maintain physical and electrical separation between source and destination networks. A data diode allows a high-security network or segment to send data to external systems and users—such as a regulatory body, the cloud, or a remote-monitoring facility—without exposing the secure network to external threats.
Types of Data Diodes. Currently-existing data diode technologies include hardware-only, optical fiber, optical isolation, electrical, and electromagnetic. Most popular in today’s market are hardware and optical, which is essentially a modified optical cable.
Data diodes can be used to protect network segments of all sizes, from a single controller to an entire facility.
Network Diagram with Data Diode

Controlled Data Flow

Data diodes are hardware-enforced data transfer solutions that use the laws of physics to provide a security mechanism that cannot be hacked.
Secure Monitoring and Control Network

What is Network Detection and Response (NDR)?

Network Detection and Response (NDR) is a technology solution that improves cybersecurity. The discipline has evolved from a practice once known as network traffic analysis. Over the years, as the complexity of network traffic has increased, the proportion of potentially malicious traffic has also increased. So, the activities around traffic analysis have become more security-focused. In recent times, human monitoring and simple behavioral analytics have evolved into NDR, which employs machine learning combined with automated threat-discovery and incident-response mechanisms.
NDR focuses on machine learning and analytical techniques—raising the bar compared with rules-based security tools such as firewalls. These intelligent tools model network behavior using continuous real-time traffic analysis while alerting network administrators about anomalous behavior or traffic patterns that indicate system malfunctions or external attacks.
NDR monitors an organization’s network in real-time, 24/7.
IDS. Similar to traditional Intrusion Detection Systems (IDS)—which focus on monitoring the network perimeter for intruders and generating alerts when an attack is detected—NDR solutions focus on analyzing network communications in order to detect and investigate threats. Compared with IDS, a chief differentiator is that NDR provides automated responses, including:

triggering commands to a firewall to drop suspicious traffic
manual responses  — providing threat-hunting and incident response information to dig deeper

NDR solutions move beyond merely detecting threats, actually responding to threats in real-time using native controls while supporting a wide-range of integrations with other cybersecurity tools or solutions:  security orchestration, automation, and response (SOAR) for example.
Security information and event management (SIEM) is a solution that helps organizations detect, analyze, and respond to security threats before they harm business operations.

How does Vectra work together with data diodes?
Vectra supports data diodes on any of its physical appliance Sensor capture ports that provide SFP+ 10 Gbps connections.  As of this writing, Vectra appliances that support Patton data diodes include:

Vectra has validated Patton FiberPlex SFP+ modules that function as data diodes.  These SFP+ modules will always be deployed in pairs:

One RX module in the Vectra Sensor
One TX module in the switch or packet broker, which feeds the Sensor network traffic

Additional information can be found at https://www.patton.com/sfx-10dd/

SecurityThere is really no debate over whether data diodes are more secure than software-only security solutions (firewalls)—they are. Patton data diodes are physically enforced with a hardware-based security mechanism and provide 100% confidentiality and segmentation between networks. Firewalls, in contrast, enforceconfigurable policies implemented in software. Data diodes are not vulnerable to software bugs, zero-day exploits, or misconfiguration—all of which vulnerabilities can afflict a firewall. Data diode hardware also provides protection from the unknown—something which no software-based security system can do.They do not need regular patching or maintenance to stay secure, and the enforcement mechanism never becomes less effective over time.

Glendon is responsible for creating corporate marketing and technical content including press releases, web copy, white papers, case studies, educational and tutorial pieces as well as other publications. He serves as editor-in-chief for Patton’s email newsletter and other outbound communications. He holds a Bachelor of Science in Computer Science from UMUC and a Bachelor of Music in percussion performance from UMCP. Mr. Flowers is a single father with three adult daughters: Lauren, Hannah & Sarah (twins). He plays guitar, bass, keyboards, drums, and percussion and enjoys composing and arranging music and songs.

The sound and video system at City Church (Madison Wisconsin) was out of date. The 800-seat auditorium needed an integrated audio-video network that could also serve other parts of the building as well as remotely located people attending services via live streaming multimedia.
Dante AV technology from Audinate brings audio and video together on a single Ethernet-based network. Patton is the first-ever company to implement Dante AV with its FiberPlex 6000 AVoIP Gateway product line. Patton’s AVoIP gateway was a perfect fit for the needs of City Church.
[embedded content]
Employing the Patton gateways, City Church was able to migrate its disparate audio and video systems into a single, centrally managed network that provides live, onsite multi-media, that can be distributed throughout the building, as well as live-streamed audio-video for remotely-located worshippers.
>Read the Press ReleasePatton AVoIP Gateways Transform Real-Time Experience for City Church Congregation 
“We have always believed in using technology to eliminate distractions and deliver our message in a clear, compelling, and engaging way,” said Nathan Rohde, worship pastor, City Church.
“We basically just did a complete overhaul of the entire sanctuary so we can now integrate audio and video seamlessly throughout our church, our education facilities and online,” Mr. Rohde said.
What did you think?

Is your house of worship (HOW) in need of a media-system update?
Does consolidating disparate audio and video networks into a single centrally managed system sound like a good idea to you?

Glendon is responsible for creating corporate marketing and technical content including press releases, web copy, white papers, case studies, educational and tutorial pieces as well as other publications. He serves as editor in chief for Patton’s email newsletter and other outbound communications. He holds a Bachelor of Science in Computer Science from UMUC and a Bachelor of Music in percussion performance from UMCP. Mr. Flowers is a single father with three adult daughters: Lauren, Hannah & Sarah (twins). He plays guitar, bass, keyboards, drums and percussion and enjoys composing and arranging music and songs.

End of Life (EOL) is coming soon for Plain Old Telephone Service (POTS). In August 2019 the FCC issued Order 19-72A1.

Try AVG TuneUp for free to clean up clutter and free up space. If you’ve started up an old computer

The app Hornet, which caters to the gay male community, has seen a 30-percent increase in social feed engagement since

Visual information is crucial in mission-critical control rooms. One or two seconds of delay can make the difference between a

Okay, folks, this post is for bit-heads: network engineers and system administrators. The rest of you can take a coffee

Everybody seems to be worried about the latest computer malware threat, commonly known as Log4j.  The official name for the

And what is it good for? Why is Dante AV so cool? What is Dante, anyway? Read on to learn