One of the time-consuming daily routines for your admin is for sure updating anti-virus software. If you have different engines installed it makes the work even more difficult.

The Arbit Data Diode and Metadefender from OPSWAT should be an integrated part of your network protection – both in the process of importing files but here also in transferring the update files to your Metadefender installed on your separated network. As a standard process the updates will be scanned but the Metadefender update is also signed by OPSWAT and therefore it cannot be manipulated. Now the download is automated you might consider doing it more often than ones a day? We recommend doing so because it is more safe and the Arbit Data Diode just do the job – without extra workload to your tech people.

The directory structure on one network can be mirrored 1:1 on another network in read only mode. This mirroring includes that all changes on the master network like changing file structure, adding or deleting folders, adding-, changing-, or deleting files will be mirrored – and only the change is mirrored!

The MFS is an eminent tool if you have complex structured information on the low side which should be available on the high side. This includes software repositories (Linux), WSUS or simply large directory structures containing multiple documents or reports.

Log data/files together with backup is your way “back to normal” if the unlucky situation should happen.

Take a mirror or move these data to a separate network. This process is supported by the Arbit Data Diode almost out of the box.

More separated networks in your organization normally means several printer pools.

More printer pools is an unnecessary cost in your organization as it is possible to transfer all prints to one network using the Arbit Data Diode. Arbit do have more solutions for this matter both for standard print solutions but also follow the print solutions can be implemented. Follow the print features will be necessary to implement if you have different classifications to be printed using the same printer pool.

Log files are an essential part of your network security profile. Therefore, measures must be taken to do whatever possible to protect them.

Network attacks often leave traces in the logs on the systems. However, these traces can be removed by the attackers as long as the logs are available. Moving the logs off the servers is the first step. However, the log storage system is also “just” a server on the network and might get compromised as well. In order to prevent modification of the logs, they might be encrypted, but this still leaves them vulnerable to deletion.

Moving the log data to secure location not directly connected to the company network ensures that the logs can’t be modified or deleted by the attackers. Thus, giving the administrator a clear advantage on detecting, monitoring and stopping the attackers.

The Arbit Data Diode supports a number of brands, among them SYSLOG and Splunk.

A lot of energy is wasted on setting up and maintaining separated surveillance networks.

If your organization has a video protected perimeter many organizations do have a separated network for this as security regulations do not allow “perimeter” devices to be directly connected to the internal network. The Arbit Data Diode in this use case maintain a physical separated internal network during streaming.

The Arbit Data Diode offers two protocols for streaming UDP/IP and TCP/IP with UDP supported out of the hardware box. This means the for UDP streaming you can use the Arbit Data Diode as a network device. Why not take advantage of Diode technology and save one network structure – we are sure that the admins can be of better use elsewhere?

If you have your daily work in a highly classified or separated network, you know the trouble about getting pictures, diagrams, graphs or other info from the internet, moved to your high side.

The Arbit Data Diode offers several ways of easing this transfer and at the same time lift the security bar.

Depending on if your network is a Windows- or Linux network we can support different ways like “mail yourself on high side”, “drag and drop” or “right click move”. In all cases it is a simple and a very user-friendly procedure as the files pups up on the high side network within seconds. No more USB floating around in the organization for this purpose. Using a Arbit Data Diode for this is faster and more safe/secure as ALL organizational security procedures for transfer can be assured.

Arbit Security partners with OPSWAT and OPSWAT Meta Defender is offered and can be added as an integrated part of your transfer – both using multiple scanning engines and data sanitization. All together it ensures a safe and reliable data transfer between your networks.

Having separated networks always provides the challenge of keeping systems updated.

The Arbit Data Diode is able to move updates from a WSUS server connected to the internet to a WSUS server on the isolated network. This ensures that the Microsoft environment on the isolated network is constantly updated and patched.

Normally only a limited number of employees in the organization will be appointed and authorized to release data.

When you are appointed as releaser you will be authenticated and administrated in a Microsoft AD or by signing data – or as a combination. The gateway will then check this authentication and allow the release process to start or reject.

This function can be placed on the high side or in the VOID network – or even both.

If a strict release procedure is required a two-factor release can be ensured.

In some specific use cases automated release is required – mostly for structured data like tracking data or other automatically generated data.

In this case the server function will have a dedicated certificate to release and data will be checked via several dedicated filters to ensure validity.

Before releasing data, it is essential to ensure that the released data has no malware.

The Arbit TRUST Gateway functions can be combined with OPSWAT Metadefender for one last check on high side or even in VOID. Normally one OPSWAT install serves both import and release of data on the high side serving both a Arbit Data diode and the Gateway installation.

FFT is just an example of a filter. This filter will analyze the content of the file and by the determine the type.

The filter function in this case will also have a white or black list function added.

The open API allows the organization to add filters – Arbit -, 3rd part – or own developed filters.

This feature ensures that only a few internal people will get to know the full extent of the implemented security profile for release of data.

Only authenticated information can pass through the Arbit Trust Gateway. This is done using digital signatures.

The releaser signs the information to be released using a private key. The gateway is then able to determine whether the information originates from an approved source or not and also ensures that the information cannot be modified during transport through the netwok.

Deliberately we focused on building a gateway platform allowing you to tailor and customize the release procedure and by this a vital part of the organization security profile.

The number of possible solutions that can be added is endless. In most cases we can support special requirements like the same Gateway to support a combined Windows and Unix network, notifications from the release process, special options for the clearing officer etc. – or you can program and add them yourself.

Log’s can be generated on high side as a partial log or in the VOID network as a full log.

The full log can include all data elements for the release.

In designing the Arbit Trust Gateway (ATG) it was essential to us to build a platform according to “security by design” principles – and we succeeded.

In this effort we also realized that a solution that would fit different organizations needs for different build in filters would be impossible, and therefore we added a strong open API feature to the ATG.

The API allows organizations to use Arbit standard filters, develop own filters or even add third party filters in order to create a security profile, you as organization, is the only to know and admin. Filters can be installed on network “high side”, in the VOID zone or both. If you decide to build own filters our Arbit Security training program will be able to quality your programmers.