Computer: Security
Safer network   (0)  [vote for, against]
airlock concept applied to a computer network

The idea if a company to have a network that is completely disconnected from any outside network. Wait, read the rest before you start bad mouthing the idea. So, there would be a mail server in the internal network that would distribute and receive mails internally. Meanwhile there is an external server that receives all mails from the exterior. These two servers are usually disconnected from each other. At every minute or whatever period found appropriate, the external server would be physically disconnected from the external network and then it would be phisically connected to the internal server. Both server would swap mails during whatever time was necessary. During this time none of the computers would be connected to the external network. After swapping all mails, the servers would be physically disconnected again and the external server would be reconnected to the internet. This way it would be impossible for a hacker to perform a direct and live attack to the company's network. The biggest danger would be trojan virus and such.

To connect and disconnect the servers, an electronic switch could be designed that would work under a timer to decide when to connect and disconnect each of the servers. The electronics of the switch wouldn't be in contact with the network itself, so that it couldn't be tampered with via internet.

Off course this does not invalidate "Mission Impossible"-like attacks, but nothing really does, right?
-- PauloSargaco, Aug 08 2003

Does it only work on mail, or would other packets be similarly quarantined? So much simpler than a firewall. No wait, no it's not.
-- angel, Aug 08 2003


Having one or more internal networks entirely unconnected to the outside world is a widely practised safety measure. I completely fail to see the advantage of periodically connecting them for email access.
-- DrCurry, Aug 08 2003


Why hardware when it’s easily done with software?
-- Shz, Aug 08 2003


Wut's email?
-- DeathNinja, Aug 08 2003


very much doable with NAT
-- neilp, Aug 08 2003


See also "Ultimate Corporate Firewall" here in this category.
-- krelnik, Aug 08 2003


<DrCurry>I completely fail to see the advantage of periodically connecting them for email access.</DrCurry>

Huuuu...to get email?

[DeathNinja] That's a trick question, right?

[Shz] Because hardware is safer? The idea was to eliminate completely any physical link to the external network.
-- PauloSargaco, Sep 11 2003



random, halfbakery