Half a croissant, on a plate, with a sign in front of it saying '50c'
h a l f b a k e r y
Naturally, seismology provides the answer.

idea: add, search, annotate, link, view, overview, recent, by name, random

meta: news, help, about, links, report a problem

account: browse anonymously, or get an account and write.

user:
pass:
register,


               

Safer network

airlock concept applied to a computer network
 
(0)
  [vote for,
against]

The idea if a company to have a network that is completely disconnected from any outside network. Wait, read the rest before you start bad mouthing the idea. So, there would be a mail server in the internal network that would distribute and receive mails internally. Meanwhile there is an external server that receives all mails from the exterior. These two servers are usually disconnected from each other. At every minute or whatever period found appropriate, the external server would be physically disconnected from the external network and then it would be phisically connected to the internal server. Both server would swap mails during whatever time was necessary. During this time none of the computers would be connected to the external network. After swapping all mails, the servers would be physically disconnected again and the external server would be reconnected to the internet. This way it would be impossible for a hacker to perform a direct and live attack to the company's network. The biggest danger would be trojan virus and such.

To connect and disconnect the servers, an electronic switch could be designed that would work under a timer to decide when to connect and disconnect each of the servers. The electronics of the switch wouldn't be in contact with the network itself, so that it couldn't be tampered with via internet.

Off course this does not invalidate "Mission Impossible"-like attacks, but nothing really does, right?

PauloSargaco, Aug 08 2003

[link]






       Does it only work on mail, or would other packets be similarly quarantined? So much simpler than a firewall. No wait, no it's not.
angel, Aug 08 2003
  

       Having one or more internal networks entirely unconnected to the outside world is a widely practised safety measure. I completely fail to see the advantage of periodically connecting them for email access.
DrCurry, Aug 08 2003
  

       Why hardware when it’s easily done with software?
Shz, Aug 08 2003
  

       Wut's email?
DeathNinja, Aug 08 2003
  

       very much doable with NAT
neilp, Aug 08 2003
  

       See also "Ultimate Corporate Firewall" here in this category.
krelnik, Aug 08 2003
  

       <DrCurry>I completely fail to see the advantage of periodically connecting them for email access.</DrCurry>   

       Huuuu...to get email?   

       [DeathNinja] That's a trick question, right?   

       [Shz] Because hardware is safer? The idea was to eliminate completely any physical link to the external network.
PauloSargaco, Sep 11 2003
  
      
[annotate]
  


 

back: main index

business  computer  culture  fashion  food  halfbakery  home  other  product  public  science  sport  vehicle