Departments and Ministries of Defense have always been leaders in network security, requiring the highest level of innovation and product reliability to achieve network security goals. Network integrity is integral to mission success since a breech can put both property and lives at risk.
As greater volumes of information is transmitted to and from the tactical edge, and command elements must analyze and respond to increasing amounts of data, requirements continue to evolve. Consequently, network security products must adapt in two directions; greater processing capacity and higher bandwidth to support the increasing data volumes and while simultaneously they need to be smaller and lighter to support the mobile paradigm. Solutions must scale up to support large enterprise environments while scaling down in size to support vehicles and dismounted soldiers.
Defense networks are continually under attack with increasingly sophisticated cyber-weapons. Long-standing security practices have effectively dealt with viruses and unauthorized access, however a new threat known as APTs (Advanced Persistent Threats) is presenting new challenges to network security. The bad actors behind APTs have the patience and persistence to wait days and months to analyze network vulnerabilities and formulate and execute attacks. This new threat could unleash a coordinated attack to hit multiple assets simultaneously and defeat a mission objective. This patience displayed by the attackers, coupled with the fact that the data moving across the networks is becoming more sophisticated and includes full motion video, high speed sensor data and a large variety of message and file types, points to solutions that need to be continuous and powerful enough to meet the variety and volume of data being processed.
Owl has created a portfolio of products specifically designed to isolate secure networks and eliminate all outside threats including APTs. Utilizing the hardware enforced security of Owl’s DualDiode® Technology, enhanced with embedded filtering capability, a hardened operating system, and rigidly controlled administrative access, Owl’s Cross Domain Solutions have protected defense system networks for over 15 years. Achieving unsurpassed performance and reliability, Owl’s product portfolio includes enterprise transfer capacity of tens of thousands of inspected files per hour, point-to-point solutions transferring command center files and images, and tactical products supporting mobile expeditionary missions with low SWaP requirements.
The mission of the U.S. Intelligence Community(IC) is the collection, analysis, and production of sensitive information to provide timely intelligence to customers at all levels – from the war-fighter on the ground to the President in the oval office. Historically, collection of SIGINT, HUMINT, GEOINT, IMINT, and MASINT was conducted by separate agencies within the IC. Interagency information sharing was limited out of privacy and security concerns.
The events of September 11, 2001 highlighted the need to exchange information between elements within the IC, as well as to collaborate and share information with domestic law enforcement and international coalition partners; especially information focused on trans-national issues such as terrorism, drugs, counterintelligence, and weapons of mass destruction. Currently the volume of data being harvested exceeds existing capabilities to analyze, interpret, and distribute raw information into actionable intelligence. Owl's Enterprise Cross Domain Solutions helps alleviate the big data problem by facilitating the transfer of information to the appropriate security classification level.
The US Congress, through the Homeland Security Act of 2002 and the Intelligence Reform and Terrorism Prevention Act of 2004, mandated the cooperation and exchange of information between elements of the US Intelligence Community and law enforcement related to international terrorist threats. In addition, domestic information sharing requirements and global conflicts have increased the need to exchange information with allies and coalition partners. As the number of networks exchanging information has increased, so to have the volume and sources of data increased. Whether distributing information from centralized, highly secure IT centers or bringing in information from unsecure sources, the need to move data securely from one domain to another is central to the sharing of information between analysts within the IC, and other entities. The challenge faced by the I.C. is how to cost effectively transfer large volumes of data from a wide variety of disparate sources and classifications to the appropriate networks.
Department of Energy
US Federal Agencies
Government agencies that serve the public are in the unique situation of having to provide public access to information related to the operation of the agency while simultaneously protecting the very same information from unauthorized modification, manipulation or exposure. Owl has a solution that meets these seemingly contradictory objectives. Complying with the stringent NIST 800-53 guidance and accredited for use by both the DOD and Government Intelligence agencies, the Owl DualDiode provides a multi-tiered “Defense In Depth” cybersecurity solution. Solving problems as simple as securely transferring files from one security domain to another, or as important as a portal interface for information requests and database replication, Owl solutions bring simple elegance to blocking all unauthorized users while simultaneously presenting end-users with the critical data they need.
Government Agencies and Organizations are tasked with protecting the private information of US Citizens along with proprietary and classified information related to the performance of their stated mission. However, they must simultaneously remain transparent in their activities and safely and securely provide information as needed. Simply put, how do they prevent intruders from accessing the data they are charged with protecting while providing it to authorized users?
Currently deployed with a number of different government agencies (DOE, DOJ, Treasury, National Labs, etc.), Owl’s DualDiode products are based on the concept of data diodes. Data diodes only allow data to flow in one direction, thereby preventing access to a secure network while allowing data to be transferred out. Owl’s products transfer files, packet streams, databases, event logs, alarms, streaming surveillance video and many other types of data.
We offer hardware platforms in different form factors, including an “all in one” 1U rackmount solution. Supporting a range of bandwidths (10Mbps to 10Gbps), the hardware platform is paired with one or more of our software applications to create a complete cybersecurity solution to meet the varying needs of our customers.
Food & Agriculture
The impact of cyber threats to general industry and commercial operations is different than the impact to critical infrastructure providers but certainly not any less important. Attacks against critical infrastructure providers can result in disruption to the power grid, contaminated drinking water, etc., however, commercial companies face threats to their intellectual property, release of healthcare information, exposure of customer and guest information (financial, tax, legal, travel, medical), interruptions to production and breaches of digital assets (books, videos, databases, system backups, customer lists, product announcements), as well as threats to the safety of employees.
Companies need to protect their facilities, assets and employees from cyber threats while maintaining operational efficiency. Network or device intrusions can shut down processes, cause equipment to operate in an unsafe manner, reveal proprietary methodologies and recipes, permit ransomware to be inserted and exploit a long list of other vulnerabilities. Owl’s DualDiode technology products secure and protect networks from cyberattacks while transferring operational data to managers and support staff without having to make a trade-off between productivity and security.
According to third party analysts and the Dept. Of Homeland Security, data diodes are now seen as the most secure way to protect a network without completely disconnecting it. Owl’s DualDiode technology includes the core hardware-based data diode cited by the analysts and also incorporates multiple layers of technology and operational methodologies to create a Defense-in-Depth solution. We protect network boundaries against cyber attacks while securely transferring data (files, packet streams, databases, event logs, alarms, streaming surveillance video, etc.) to the corporate network.
To create the right cybersecurity and data transfer solution, customers select a DualDiode hardware platform in conjunction with one or more software application(s) to support specific interfaces (GE, OSIsoft®, Rockwell Automation, Schneider Electric) or data types. We offer “all in one” solutions (OPDS-100 series) as well as card kits (EPDS) for off the shelf servers.
Universities & Labs
Cyberattacks continue to exploit vulnerabilities and prove software-based tools (firewalls, RBACs, VPNs, etc.) aren’t able to stop them. Due to their inherent immunity to these vulnerabilities, data diodes have found an initial foothold in securing the networks of industrial and commercial enterprises. Since then, other organizations in the services industry (universities, national labs, financial services, healthcare, etc.) have taken notice of the cybersecurity value proposition and started implementing data diode solutions to protect data centers, research, system backups, intellectual property, financial transactions, personally identifiable information, and other common data types and formats (databases, files, email, images).
Customers have repeatedly said that implementing the data diode is the easy part; the challenge is segmenting the network to limit authorized access and identifying data flows between segments. Network segmentation follows best practices in cybersecurity starting with building a defendable perimeter, reducing your attack surface, managing authentication and the general use of a defense-in-depth strategy. The services industry is becoming more data-driven than ever, and the most distinct challenge is typically accomplishing these cybersecurity best practices and securing high value networks while also preserving the availability of data for authorized users and processes.
The Owl Perimeter Defense product line (OPDS), features a variety of form factors and bandwidth options (including variable bandwidth licensing) to segment and protect networks, and securely transfer data across segment boundaries. The 19” 1U rackmount solutions (OPDS-100, OPDS-1000) are the most popular as they fit in any standard 19” IT rack system and offer speeds from 10 Mbps to 1,000 Mbps. The smaller OPDS-100D is designed for DIN rails or other vertical mounts, operates in environmental extremes, and is ideal for customers with space constraints and/or remote or exposed facilities. Server-based solutions are also available for customers with high-bandwidth data transfer requirements (up to 10 Gbps). The Owl Sales Engineering team works with you to understand your unique security and data transfer requirements (data types, number of data flows, bandwidth, etc.) and can help you find the best solution to meet your needs.
Oil & Gas
Water / Wastewater
Energy & Utilities
Over the last several years, energy and utility providers have started adopting data diodes to defend their OT networks against cyber threats. These hardware-enforced cybersecurity solutions are designed to mitigate both single, low-end cyberattacks, as well as the sophisticated cyber events known as APTs (Advanced Persistent Threats), which heavily concern cybersecurity professionals within government, municipal and privately owned utilities and the energy sector. These organized, coordinated, and often well-funded bad actors have the resources, patience, and persistence to formulate and execute very complex, thoroughly planned, and highly targeted attacks, sometimes striking multiple facilities simultaneously, and disrupting service to tens of thousands of customers.
Safety and reliability are considered to be two of the most important aspects of any production plant. And as SCADA, ICS and PLC technology evolves, facilities are becoming much more dependent on digital cyber assets. These digital assets need to be secured from all cyber threats; if a machine isn’t secure it isn’t safe.
Owl supplies companies with cybersecurity solutions to protect them from cyber threats and thus increase the reliability and safety of the plant, pipeline, grid, transmission system, network, or any other environment with digital controls.
Most operators struggle to adequately protect their facilities from cyberattack while still providing operational data to end-users outside the facility. Owl data diode products secure the network boundary while using proprietary technology to transfer any variety of data types and files (e.g. packet streams, databases, event logs, alarms, streaming surveillance video, and more) to the corporate network, the cloud, a remote monitoring facility, or any other destination. Please see our resource library for a number of different use cases.
Owl offers a range of form factors and bandwidth capabilities across our cybersecurity and data transfer solutions, allowing customers to select a DualDiode hardware platform in conjunction with one or more software application(s). While the Owl “all-in-one” 19” 1U OPDS series appliances are the most popular platform, customers also opt for an OPDS-100D DIN rail model for critical infrastructure applications or use off the shelf servers with our EPDS card kits.
Owl has partnered with a number of industrial control manufacturers (Schneider, Rockwell, OSIsoft, GE, Yokagawa, Mitsubishi Electric) to provide both standards based interfaces and vendor specific transfer applications. Please see our list of applications for the full range of vendor interfaces, data types, standards, protocols and file types supported.