Waterfall One-Way

Waterfall’s™ Unidirectional Security Gateways and data diodes core is shared by all of its products and solutions. The Waterfall core, a unique non routable system, is coupled with software agents that mediate its integration into the surrounding environments, while providing added functionalities and flexibility.

The Waterfall product consists of a multiple layered architecture, providing high-speed, real-time and reliable data transfer using a proprietary unidirectional protocol, content filtering, data assurance mechanisms and application layer connectors for third party applications and standard protocols integration

Waterfall One-Way Customer Benefits

The unique Waterfall architecture and its attributes provide two basic benefits for all Waterfall One-Way installations and deployments:

• Complete protection against external cyber attacks – hacking sessions are an interactive process in which a hacker initiates a working session with his target node, elicits a response, and accordingly makes his next move. When trying to hack across a Waterfall One-Way, the hacker will be unable to initiate a successful session.
• No data backflow – The hardware based appliance core of the Waterfall One-Way enforces unidirectional data flow at the physical layer (Layer 1 of the OSI model), which in turn ensures unidirectional communication will be totally preserved at all higher layers of the protocol stack, regardless of the communication protocol chosen and the applications being used. Thus, regardless of networks and applications used, there will be no data backflow across a Waterfall One-Way.
• Non Routable Protocols – Waterfall One-Way is a Non-routable communication system, as referred to in the relevant NERC-CIP definitions. This means that the communication path cannot be exploited to route messages or information to undesired or unplanned destinations.
• Integral Application White listing – Waterfall One-Way, using the unique “Waterfall connectors framework”, enables only allowed application’s data and protocols to pass via the unidirectional gateway. Any other protocol, not set up at the gateway, is not supported and shall not pass

Waterfall One-Way provides customers with the most powerful electronic security perimeter available, enforced by hardware, software and the very basic laws of physics. This unique technology and  architecture helps ensure that compliance with NERC-CIP-005 requirements is  fully reached, while providing true cyber-security to all critical assets and cyber assets residing within the Waterfall defined electronic security perimeter.

Waterfall installations provide a hassle-free and zero-maintenance implementation of an electronic security perimeter, requiring a one-time configuration with no need for follow-up configurations, patches o