Why do we Still Air-Gap Multi-Domain Systems?
In the C2, NOC, SOC type environments, Operators have a need to access multiple systems, sources, feeds and applications. These are frequently across different classifications, and for Information Assurance, need to be delivered on diversely routed LAN cabling.
In some instances, client devices on the various LANs sit below the desk, attempting to achieve the IA required separation, nestling comfortably either side and in between the legs of the operator.
In other instances, IA requires the air-gap separation, with different systems being delivered to different desks. This requires the operator to move around the different cell positions to be able to access the information and then return to the required position to respond and enact.
Neither completely efficient, but something that we have come to accept, and after all, “it’s the way we have always done it, right?”
It is not unknown for some more Senior Operators to slide the “air-gapped” systems closer together, to make their workstation more comfortable, and when they are tackled by the IA Officer, sign off to say they take responsibility. That’s all fine, assuming they are the owner of that data, and do indeed have full responsibility for cross talk and leaks.
This is difficult enough in the fixed domain.. now consider this in the mobile or deployed environment. Not a happy thought?
Imagine Nirvana, where those systems with different classifications are delivered over a single LAN infrastructure, securely to the desk. Imagine a desk cleared of IT, with a single box providing access to all those systems, and with simultaneous views, enabling a faster decision cycle and enactment. Imagine being able to do this easily in the fixed and the deployed C2, NOC and SOC environments.
This is the solution delivered by Thinklogical, and into a number of those domains across diverse Government and Commercial markets. We are designers and manufacturers of High Performance Video, Audio and KVM signal extension and switching solutions, accredited to Common Criteria EAL4, TEMPEST SDIP 27 Level B. We work with end users, VARs and SI’s to deliver our solutions in to our customer environments.
For more information, go to www.thinklogical.com or contact me.
MIET ITIL ISO27001LA PRINCE 2 Senior Consultant Engineer
8 年Air gapping multi domain sysyems may be an accreditation requirement, solely depending on what domain has the bigger vulnerability should it be hacked.
CIS security and COMSEC expert - Italian Army
8 年Very interesting !