A data diode provides a flexible device for collecting data from a data source and transmitting the data to a data destination using one-way data transmission. On-board processing elements allow the data diode to identify automatically the type of connectivity provided to the data diode and configur
A data diode provides a flexible device for collecting data from a data source and transmitting the data to a data destination using one-way data transmission. On-board processing elements allow the data diode to identify automatically the type of connectivity provided to the data diode and configure the data diode to handle the identified type of connectivity. A network tap allows monitoring network traffic on the source side of the data diode.
대표청구항▼
1. A data diode, comprising: a first network interface circuitry, comprising: a first processing element;a first network connector, coupled to the first processing element; anda second network interface circuitry, comprising: a second processing element; anda second network connector, coupled to the
1. A data diode, comprising: a first network interface circuitry, comprising: a first processing element;a first network connector, coupled to the first processing element; anda second network interface circuitry, comprising: a second processing element; anda second network connector, coupled to the second processing element;a one-way data bridge coupled between the first processing element and the second processing element that allows data flow from the first processing element to the second processing element and physically prohibits data flow from the second processing element to the first processing element; anda network tap, comprising: a first network port;a second network port; anda network switch, configured to mirror network traffic received from the first network port to both the first processing element and the second network port. 2. The data diode of claim 1, wherein the network tap further comprises: a relay switch, connected between the first network port and the network switch, configured to pass network traffic from the first network port to the second network port upon a power loss by the data diode. 3. The data diode of claim 2, wherein the network tap further comprises: an analog switch, connected to the network switch and the second network port, configured to disconnect the second network port from the network switch upon the power loss by the data diode. 4. The data diode of claim 3, wherein the analog switch is further connected to the relay switch. 5. The data diode of claim 1, wherein the first processing element is programmed to: detect an anomaly in the network traffic; andcontrol the network switch to stop mirroring data flow toward the second network port. 6. The data diode of claim 1, wherein the first processing element is programmed to monitor the network traffic and send information about the network traffic to the second processing element via the one-way data bridge. 7. A network tap, comprising: a one-way data bridge having a first end and a second end that allows data flow from the first end to the second end and physically prohibits data flow from the second end to the first end;a first network port;a second network port; anda network switch, configured to mirror network traffic received from the first network port to both the second network port and the first end of the one-way data bridge. 8. The network tap of claim 7, wherein the first end of the one-way data bridge comprises a first processing element. 9. The network tap of claim 8, wherein the first processing element is programmed to: detect an anomaly in the network traffic; andcontrol the network switch to stop mirroring the network traffic toward the second network port responsive to detecting the anomaly. 10. The network tap of claim 8, further comprising a first network connector, coupled to the first processing element. 11. The network tap of claim 7, wherein the second end of the one-way data bridge comprises a second processing element. 12. The network tap of claim 11, further comprising a second network connector, coupled to the second processing element. 13. The network tap of claim 7, further comprising a relay switch, connected between the first network port and the network switch, configured to pass network traffic from the first network port to the second network port upon a power loss by the network tap. 14. The network tap of claim 7, further comprising an analog switch, connected to the network switch and the second network port, configured to disconnect the second network port from the network switch upon a power loss by the network tap. 15. The network tap of claim 7, wherein the one-way data bridge comprises a photocoupler. 16. A method of tapping a network, comprising: receiving network traffic by a first network port;sending the network traffic from the first network port to a network switch;mirroring the network traffic by the network switch to both a first processing element of a data diode and a second network port; andsending the network traffic or information about the network traffic from the first processing element of the data diode to a second processing element of the data diode via a one-way data bridge that physically prohibits data flow from the second processing element to the first processing element. 17. The method of claim 16, further comprising: disconnecting the network switch from the second network port upon power loss. 18. The method of claim 17, wherein disconnecting the network switch from the second network port upon power loss comprises: switching an analog switch from a first state to a second state upon loss of power;sending the network traffic from the network switch through the analog switch to the second network port in the first state; anddisconnecting the network switch from the second network port in the second state. 19. The method of claim 16, wherein sending the network traffic from the first network port to the network switch comprises: sending the network traffic from the first network port to a relay switch coupled to both the network switch and the second network port;sending the network traffic from the relay switch to the network switch while power is on to the relay switch; andsending the network traffic from the relay switch to the second network port upon loss of power by the relay switch. 20. The method of claim 16, further comprising: detecting by the first processing element an anomaly in the network traffic received from the network switch; andinterrupting data flow from the first network port to the second network port responsive to detecting the anomaly.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.