4Secure deploy a bidirectional cross-domain gateway to enable Web API access and browse down capability via a web browser. 4Secure utilise two high throughput enterprise unidirectional flow control components to provide the physical separation between the high side network and low side network. All communications from the web client take place with the TrustedFilter™ dedicated flow control proxy which can be installed directly onto 4Secure’s unidirectional appliance or the web client itself.
Encrypted connections to the web client flow control proxy are decrypted and routed directly to the verification engine. All requests are subject to outbound query string verification to ensure only valid requests with valid data payloads are allowed to leave the high trust zone. Valid requests are then routed to the egress unidirectional flow control component to a low-side flow control proxy, for encryption or routing to the destination. At this stage further verification can take place if required. All responses on the low-side are routed back via the low-side ingress node to the flow control proxy and back to the verification engine before returning to the client.
Enabling TrustedFilter™ Applications
TrustedFilter™ SECUREcommand
Enables inherently two-way, bi-directional TCP applications which rely on request/response architecture such as HTTPS, to operate via two physically separate unidirectional flow control appliances
TrustedFilter™ SECUREimpex
- Performing syntactic & semantic verification
- Granular HTTP Request Verification
- XML / JSON Schema Validation
- Terminate TLS, verify raw data payload, then re-establish HTTPS
Enabling Components
Data Diodes
A unidirectional flow control component (Data Diode) is utilised to enforce the one-way flow of data and perform a protocol break.
The all-encompassing TrustedFilter™ Appliance
4Secure adopted their TrustedFilter™ Appliance to implement this solution. The all-encompassing extensible appliance consists of a unidirectional gateway, the full TrustedFilter™ software suite and boasts considerable computational power to effectively host the Cogent DataHub software. Bi-directional model is also available.
Contact Us
Want to know more about 4Secure's products, services and cross-domain solutions? Engage with 4Secure's specialists to find a tailored solution. The 4Secure team offer full support through 30-day proof of concept of any solution at cost to 4Secure.
Call for a Quick Consultation
Can't wait for a response? Call us now for a quick consultation with one of our cross domain solution specialists.