


Este tipo de dispositivo interconecta las redes rompiendo la continuidad de los protocolos de comunicaciones, obligando a que el flujo de información sea en un solo sentido.

Un ejemplo de dispositivo de sentido único sería la interconexión de dos redes mediante un diodo basado en comunicaciones unidireccionales. El acceso a información de Internet, sería el ejemplo más evidente de flujo de información en un solo sentido que podría implicar el uso de este tipo de dispositivos.



A data diode is a "one-way" data communication device. often consisting of a physical-layer unidirectional limitation. Using only 1/2 of a fiber optic "transmit/receive" pair would enforce unidirectional communication at the physical layer. while proper con-figuration of a network firewall could logically enforce unidirectional communication at the network layer. [knapp:2014]


A network gateway device that only allows communication in one direction, such as a Data Diode. [knapp:2014]


A unidirectional network (also referred to as a unidirectional security gateway or data diode) is a network appliance or device allowing data to travel only in one direction, used in guaranteeing information security. They are most commonly found in high security environments such as defense, where they serve as connections between two or more networks of differing security classifications. This technology can now be found at the Industrial Control level for such facilities as nuclear power plants, and electric power generation.



Data Diode security products offer one-way communications, allowing secure transfers from a "low security" network to a "high security" network without allowing a path for information to travel back. The most common form of a data diode (unidirectional network) is a simple modified fiber optic cable, with send and receive transceivers removed for one direction. Most commercial products add other software functionality.

The benefit of this type of network connection is it allows networks with sensitive information stored to have access to the Internet as well. There are some drawbacks to this design, unless the vendor builds in software to overcome the drawbacks. TCP/IP communications that require acknowledgements can't flow successfully over a purely hardware data diode, and there is no way for the "low" network to ensure a successful data transfer occurred. Also, this does not prevent viruses or other malicious programs from travelling to the "high" network through the connection.

These products tend to focus on the defense and infrastructure environments where security is critical.

