Home --- Finished Product Sales Agency --- Finished Product Sales Agency --- One-way Isolation Gatekeeper CPC-UNG0201
One-way Isolation Gatekeeper CPC-UNG0201

  • One-way Isolation Gatekeeper CPC-UNG0201

One-way Isolation Gatekeeper CPC-UNG0201

● Security Isolation

● One-way transmission

● Cross-network copy and paste

Inquire Now + Next Product +

PRODUCT DESCRIPTION

The one-way isolation network gate (CPC-UNG0201) is a key component in the Bangyan Cloud PC system, designed to provide secure data transmission between business data networks with different security levels. Its core function is to ensure that data can flow from a low-security network to a high-security network in one direction, effectively preventing reverse data transmission, thereby ensuring the security of high-security business data networks. This product has the characteristics of secure isolation, one-way transmission, and cross-network copy and paste, which can meet the needs of one-way data security transmission between different business data networks in the Cloud PC system.


Product Features

Security Isolation

The security isolation feature of the one-way isolation firewall is mainly achieved by combining software and hardware, which is reflected in the following three aspects:

1) The design of the "2+1" system architecture is adopted, and the internal hardware path of the dedicated security isolation module is disconnected by default to achieve hardware layer isolation;

2) The external network access unit blocks the TCP/IP connection, prohibits network messages from penetrating the device, and filters the messages according to the access control policy (based on the five-tuple [protocol type, source IP address, destination IP address, source port, destination port] strategy) to achieve protocol layer isolation;

3) The external network access unit completes content-based filtering according to content filtering rules (based on file type, content keyword retrieval filtering, keywords: such as trade secrets), virus detection and user binding mechanisms to achieve data layer isolation.


One-way transmission

The one-way isolation firewall adopts technologies such as FPGA, data security island and ferry control system to achieve one-way transmission from the external network to the internal network, ensuring that data can only flow from the low-security level network to the high-security level network in one direction, effectively preventing the reverse transmission of data.


The one-way transmission process of the one-way isolation firewall is divided into the following three steps:

1) Stripping network protocol

The external network access unit sends the payload data stripped of the TCP/IP protocol to the external network isolation module and stores it in the external network data security island at the same time. During this process, the ferry control system disconnects from the external network access unit and switches to communicate with the internal network isolation module.


2) One-way ferry data

After the ferry control system switches, the external network isolation module transmits the payload data to the internal network isolation module in one direction through a dedicated private protocol. After the data is transmitted to the internal network isolation module, it is also stored in the internal network data security island.


3) Encapsulation network protocol

The ferry control system switches the connection again, and the internal network isolation module establishes a connection with the internal network access unit. At this time, the internal network isolation module transfers the previously stored data payload to the internal network access unit, completing the entire one-way data transmission process, ensuring that the data is safely transmitted from a low-security level network to a high-security level network.


Cross-network copy and paste

Cross-network copy and paste is a technology designed for cloud PC users. It supports cloud PC users to copy and paste data from a low-security network (Internet) to a high-security network (office intranet) in one direction under the same account. The data transmission delay is small and users are unaware of it. While ensuring data security, it provides an efficient and smooth cross-network collaborative office experience.


Its working principle is as follows:

1) Copy data from the external network

After the cloud PC user logs in to the client software of the terminal (such as the Internet), he executes the operation of copying text, images or files;


2) Intelligent clipboard recognition

The client software monitors the content of the terminal clipboard in real time and intelligently identifies qualified content (such as text content, image data and files with a capacity of less than 10MB);


3) One-way transmission of clipboard data

The clipboard data is transmitted to the terminal of the target business data network (such as the office intranet) through a one-way isolation network gate;


4) Paste data in the intranet

The user logs in with the corresponding account at the target terminal (such as the office intranet), receives the transmitted content unaware of it, executes the paste action, and completes the cross-network copy and paste of data.

Product catalog

Contact Us

  • Tel.: +86 137 1417 1276
  • E-mail: qjdz2021@126.com
  • Add.: Apollo Industrial Park, Yuanshan Street, Longgang District, Shenzhen

Navigation

Request a Quote

Copyright © Shenzhen Qingjian Electronic Technology Co., Ltd. All Rights Reserved | Sitemap