The Fox DataDiode works by enforcing the use of a single strand of a fibre optic connection. This lack of full duplex communication breaks the use of TCP/IP. This problem is addressed by using dropbox proxies which transmit data in a connectionless way.
A typical Data Diode setup consists of two proxies. One of the proxies is placed in the Black network (which can be directly connected to the Internet). The other proxy is placed in the Red network. A one-way physical connection is made between the two proxies to prevent data leakage and guarantee the security of the red network. Each proxy has an easy-to-use web interface that allows authorized users to configure what is to be transferred from where (Black side) to where (Red side). A transfer can contain files, streaming video, or incoming email. This greatly increases the possibilities of people working on the red network.
Fox DataDiode solution
The basic Fox DataDiode solution consists of three elements:
- Hardware Data Diode
- Data Diode proxy Servers
- Data Diode Software