For many years, those working on secure networks in high trust environments have looked on enviously at the internet freedoms enjoyed by others in less secure environments. Where the risk of interconnection with other networks has been considered too high, high trust networks have remained siloed, and users have operated within strictly controlled environments without network contact to the outside world.
However, in recent years, thanks to the portfolio of Cross Domain Solutions from BAE Systems, an increasing number of government and high trust networks have transformed their digital operations. Our range of data diodes and Hyper-secure FPGA hardware based Access and Transfer solutions enable secure connectivity between networks of different trust levels, thus removing network and data silos, making operations and missions more efficient, and enabling new ways of working.
Our CDS Reduce Security Risks
Although it is never possible to eradicate risk altogether, BAE Systems’ Cross Domain Solutions (CDS) reduce the attack surface to a level where the benefits far outweigh the risks, and allow organisations to decrease the cyber risks otherwise posed by existing processes or unofficial workarounds.
Tried, Tested and fully operational for over two decades
The BAE Systems portfolio of CDS are tried, tested and fully operational in the UK and overseas for over two decades, and not only help Government and large national organisations to remove operational silos, improve efficiencies and enhance staff morale, but also increase competitiveness and enable organisations to achieve greater success, whatever their mission is. They do this seamlessly. With ultra low latency. Enabling multiple use cases. But most important of all: securely.
A Global Portfolio
We are the only global vendor of Cross Domain Solutions with local research and development teams on three continents, providing sovereign capability to different regions. We work closely with the US National Cross Domain Strategy Management Office, and the UK’s and Australia’s National Cyber Security Centres to ensure compliance with their design patterns and security requirements, and to enable future collaboration between nations.
Our CDS are available globally subject to export restrictions and authorisations being granted. This enables organisations from one geography to select and deploy the CDS that best meet their requirements, and then deploy them across multiple continents, as required.
To support our customers, BAE Systems has a global team delivering operational capability on a daily basis. We have security-cleared 5-eyes teams based in the UK, Australia and US, each with deep expertise in hardware, firmware and software development, as well as in-country manufacturing capabilities. As a leading global cross domain supplier, our teams continue to work closely with the standards agencies and cross domain community across the 5-eyes to understand future requirements for cross domain security.
Our solutions Raise-the-bar for Secure Information Exchanges
Our CDS deliver an entire Raise The Bar compliant solution using software and hardware according to design patterns required by the NSA.
We offer both access and transfer solutions, utilising a combination of software and hardware according to use case.
Transfer CDS: This class of CDS enables the secure transfer of sensitive data between users or machines across network boundaries, often where the networks are of different security classifications. Our transfer solutions can support either One Way Transfer or be bidirectional, as required. Transport CDS support:
machine-to-machine data transfers
secure mobile working and mobile device management
secure email between domains
secure collaboration: organisations need to be able to hold secure voice and video calls both within their organisation and with partner agencies, efficiently, and with no added latency
secure sharing of video and sensor feeds in line with NATO standards.
Access CDS: This class of CDS enables users on sensitive networks to access the internet or view information on networks of a lower trust class (‘secure browse down’).
In response to the need to exchange information and communicate securely between systems of different security classifications or trust levels, our range of data diodes or hardware-based gateways utilise a combination of hardware and software running in tandem. The specific architecture of these solutions depends upon the Cross Domain use case, but in general are made of:
Access Boundary Devices which enforce the security of Access data flows and act as a central component to a wider solution
Transfer Boundary Devices which enforce the security of Transfer data flows and act as a central component to a wider solution
Filter Orchestration Engines which filter and transform the data in preparation for passing between domains
Operating Systems: the software which underpins the operation and integration of the CDS components and performs numerous security functions
Components of a BAE Systems CDS providing both one-way transfer (OWT) solutions and bi-directional capability
Who benefits from Cross Domain Solutions?
CDS support national security and law enforcement agencies by allowing users to securely bring information from other sources, partners, and remote networks into a centralised location to build a unified intelligence picture. Examples include:
Ability to access the internet from a secure network
Sharing classified data with secure partners
Control of operational capability (e.g. video telemetry)
Defence organisations operate across many networks. They need to collaborate with other nations across sensitive networks but control what is shared; they need to communicate quickly while remaining secure and they need to bring data together for monitoring or operational advantage. Examples include:
Full motion video exploitation
Accessing commander briefings
Secure data and voice collaboration with partners
Many aspects of governing a nation require utmost confidentiality. From government classified documents, defence plans, foreign policy documents, all the way down to lists of employees, governments often find themselves needing to share information across security domains. Examples include:
Ability to access the internet from a secure network
Supporting and monitoring secure networks
Full email connectivity to secure networks
CDS provide critical national infrastructure organisations with new ways to enable secure information exchanges between business networks, management systems and the industrial operations they control. Examples include:
Operational Technology equipment monitoring from an IT network
Management of remote capability
Large corporations need to exploit data across networks and geographies, yet remain secure: this need includes sharing IPR, analysing and exploiting data across networks for business efficiency, and protecting digital currencies. Examples include:
Secure operational internet usage
Secure data transfer between networks
Discover more about our experience – hear from our experts
Spotlighting the solutions for Cross Domain Security
While resisting cyber attackers is never easy, Cross Domain Solutions have a key role to play in safeguarding data sharing, explains Richard Byng.
As a global cross domain supplier, our security-cleared 5-eyes teams based in the UK, Australia and US deliver operational capability on a daily basis. If you would like to benefit from the freedom and efficiency provided by our CDS, please contact us to speak with one of our experts.