link22 Offline Update
The link22 Offline Update enables greater security when updating software in physically separated environments. The product automates and secures the download flow of software updates. link22 Offline Update automatically retrieves files, through a scheduler, onto a security airlock. In the security airlock, the file is inspected with link22 Guard and customizable filters. One of the filters allows the file to be broken down and reassembled according to the principles of "Content Disarm and Reconstruction (CDR)". The file is then distributed to the correct location in the target system. link22 Offline Update is designed for one-way data flows over data diodes.
UNIDIRECTIONAL DATA FLOWS
link22 Offline Update is specifically developed for physically separated domains, meaning domains where information goes through unidirectional data flows over data diodes. The solution ensures that downloads are inspected and managed in and inbetween domains that receive and/or send data through unidirectional data diodes.
CUSTOM FILTERING
Files are inspected by link22 Data Guard, where a thorough inspection of each file occurs. The file is broken down into components that are examined to detect vulnerabilities. Inspection can be done with traditional antivirus software, but we also support "Content Disarm and Reconstruction" (CDR). link22 Data Guard is built on an open architecture, allowing for the addition of custom filters tailored to your business. Our development kit makes it easy to expand and customize filtering.
ONE INSPECTION – MULTIPLE DESTINATIONS
Our efficient architecture ensures that information that is to be distributed to multiple end domains or target environments only needs to be inspected once. With link22 Offline Update, we increase security without compromising efficiency.
-
”By leading development and implementation of effective system solutions, both in private and public sector, with demand for high security and trust. link22 have always been a good company to have a dialogue with. They are competent and know how to go from idea to solution.”
Anonym kund
-
“The Outpost does the job.”
Anonymous customer
-
“link22 delivered clear and comprehensible manuals.”
Anonymous customer
-
“We continuously get to pick their brains about ideas around new and existing security solutions.”
Anonymous customer
Specifics
Review takes place before distribution to minimize the number of steps and thereby maintain an efficient data flow. The product can be supplemented with CDR in step four for increased security. Through various security mechanisms (firewall, diode, inspection) to the target system, a controlled flow of incoming files is ensured.
For example, we can handle the following files from the Internet today;
- Linux updates (Ubuntu, Rocky, CentOS, Epel, Raspbian, and more)
- Antivirus software updates (Defender ClamAV, and more)
- Docker
- Python repositories
- Emacs Packages
- CRL lists and CA
Access to downloaded files is done either via HTTPS or file sharing. This means that, for example, Linux computers believe they are online and can easily be patched regularly.