AROW Data Diode-Hardware.
AROW has been designed from the ground-up to be highly reliable, easily configurable and requiring very little maintenance, while delivering demonstrable isolation and standard Gigabit Ethernet levels of performance. Some have likened it to a uni-directional router.
This is achieved because AROW includes the TCP protocol natively.
Data Diodes have traditionally used only the UDP protocol to deliver data. This is a connectionless protocol – the sending endpoint does not know about the receiving endpoint ( other than it is there) and so data lost in transmission remains lost. No attempt is made to resend or correct received data. This has the advantage that high speeds can be achieved, but at the cost of data integrity.
Where data is already in TCP form, AROW’s native support for this protocol simplifies setup and maintains data integrity. TCP is a connection-oriented protocol so embeds IP packet collision resends, packet ordering and error correction. The AROW-G variant embodies proprietary flow control mechanisms to guarantee data integrity across the diode without complicated software .
AROW embeds socket servers as its Data transfer ports, consequently in single and dual channel versions, any stream of data, TCP and /or UDP can be connected. Client socket software is used on each side of AROW, in the simplest case this need only consist of the standard Linux netcat command.
A major innovation is the provision of automatic failover for redundant operation. This feature operates both internally and externally.
Internally, if a fault is detected, backup modules are automatically switched in and alarms raised. AROW’s hot swap modular design capability means that the unit can be repaired without interrupting its operation.
Externally, AROW detects network activity. If a network cable is detached, or a network switch becomes faulty such that errored data is received, AROW automatically switches connections, maintaining the existing network IP addresses.
In both these circumstances, TCP data is switched seamlessly, meaning that data loss is avoided. (UDP data transfer is not supported on the HA version since there is no concept of UDP re-transmission).
Two Channel operation – provides 2 independent paths for two data streams
Controlled Data Flow
The AROW-G variant includes a gating mechanism to control TCP data flow across the diode, ensuring no buffer overruns or disruptions to the data. This variant is the best choice where absolute data integrity must be guaranteed, such as file transfers. Use of the AROWBftp open-source file transfer suite is recommended for file transfer applications.
The AROW-S variant is optimised for high-speed streaming, especially where the full bandwidth of Gigabit Ethernet needs to be utilised, and data integrity can afford some losses in the event of network congestion, such as streaming video or other application layer error corrected data.
The versatile modular construction of AROW allows for single, dual and High Avaialbilty redundant diode options to be housed in a common chassis, plus the plug-in connections allow wired ethernet or optical connections to be swapped at will.
The Single Channel version is a good low-cost entry-level product, suitable for most applications.
The Dual-Channel unit can be used to load-share or provide redundant paths for UDP data.
The High Availability unit is for systems requiring the higehts level of data throughput and integrity
Simplification of the principle module and in-field firmware programming reduces the spares count considerably, and the hot-swappable nature of the modules means diagnostic times and down-times are absolutely minimised.
SFP plug-in connections are used to enable Copper RJ-45 data connections, LC optical connections or a combination of each, meaing that one side of the diode can be connected via copper and the other side by optical fiber.
For more detailed information Regarding the AROW’s operations, please
ask for the AROW manual (Chapter 2,3 and 4)