Connecting Software's CB Exchange Server Sync now has a special solution to synchronize Microsoft Exchange Servers in separate secure zones. This solution, CB Exchange Server Secure Sync with Data Diodes, can enable bi-directional communication exclusively over data diodes, ensuring the secure transfer of data between isolated network zones.
Achieving Exchange Server Synchronization over Isolated Network Zones
CB Exchange Server Secure Sync with Data Diodes allows bi-directional communication (full duplex) between two or more network zones exclusively over data diodes. The data diode sender and receiver enable data transfer in one direction. No other way of communication is allowed.
Known for its unparalleled synchronization capabilities in regular scenarios, CB Exchange Server Sync supports bidirectional sync of calendars, contacts, tasks, folders, and emails. Any updates, additions, or deletions made in one location will automatically reflect in the other.
The new integration with data diodes means all these CB Exchange Server Sync features are also available for high-security environments. Not only does it ensure the necessary synchronization, but it also aligns with the high-security standards of large enterprises and critical infrastructure environments.
How This Integration Works
The following diagram presents how the Exchange Server synchronization would occur between two separate secure zones over data diodes. Zone 01 is a secure zone and Zone 02 is a super secure zone, adequate for the most critical infrastructure.
Assuming Zone 02 is the sender:
- A pair of data diodes is responsible for the communication from Zone 02 to Zone 01: a data diode sender in Zone 02 and a data diode receiver in Zone 01.
- An instance of Connect Bridge is installed in Zone 02. Connect Bridge connects to the relevant Exchange Server in the same zone.
- CB Exchange Server Sync is installed in this zone, too. It provides the mechanism of item extraction and sync between two Exchange Servers and a local database of all synchronized items. The items are mapped in the source system to items in the target systems by their ID (which is different in each system) and maintain data consistency when syncing in both directions.
- Connect Bridge and Exchange Server Sync communicate via simple RPC (Remote Procedure Call) for the best performance and throughput.
- Connect Bridge generates a binary file to transfer to the data diode sender for transmission over HTTPS.
- Although HTTPS is the preferred way to communicate through the data diode, the SFTP protocol will be used as a failover if any unpredictable issue occurs.
At the same time, Zone 01 is the receiver:
- The data file generated by Connect Bridge at a configurable frequency is transferred over HTTPS from the data diode sender in Zone 02 to the data diode receiver in Zone 01.
- A second instance of Connect Bridge, installed in secure Zone 01, reads the file.
- Connect Bridge syncs the data items with the Exchange Server in Zone 01.
- Acknowledgment of work completed, or any error messages, are returned to CB Exchange Server Sync over the inverse mechanism from Zone 01 to Zone 02 over HTTPS.
This solution meets the requirement to sync the Microsoft Exchange Servers in each isolated network zone.
Please note, the above diagram has been proven in a real-life military implementation. We can discuss further details when you contact us.
But for now, let’s imagine a hypothetical scenario in which a mission plan prepared by the strategic department needs to be communicated to the operations team located in a different facility. With CB Exchange Server Sync’s data diodes compatibility, this plan can be transmitted without any fear of backflow or unauthorized access.
Not only will the plan arrive at the destination facility quickly, but also the transmission is reliable (thanks to the failovers), and secure (thanks to the data diodes and the secure zones).
If you additionally wish to filter what is available to users in a second Exchange Server, you can use the Exchange/ Outlook Data Filter add-on solution. You can tailor it precisely for your unique requirements:
- Include only mailbox items (events, tasks, contacts, messages) that meet certain criteria using exclusion or inclusion filters.
- Additionally, for calendar items only:
- Hide part of the item, like the attachments or meeting participants
- Add a suffix to show the item came from the other server.
All this is optional but can be of great added value. With Exchange/ Outlook Data Filter, you can control which specific data should not leave the highly secured environment.
You can use it to remove sensitive information from calendar items, for example, you can black out the subject in meetings, remove meeting participants' names or attachments.
You can also use exclusion or inclusion filters to completely remove any kind of mailbox item from the synchronization. These filters can be based on keywords, domains or email addresses, according to your needs.
Closing Thoughts
Using Connecting Software's CB Exchange Server Secure Sync with Data Diodes with data diodes marks a significant leap forward in allowing the synchronization of Microsoft Exchange Servers across isolated network zones. This visionary solution not only guarantees seamless bidirectional communication but also upholds the stringent security standards required by large organizations and critical infrastructure environments.
As depicted in real-life military implementations, the reliability and security of this solution are unparalleled. Using CB Exchange Server Secure Sync with Data Diodes, such transmissions become not only swift and reliable but also fortified against unauthorized access or data backflow.
Furthermore, the added layer of customization offered by the Exchange/Outlook Data Filter provides organizations with another level of control over the information flow. Whether it's excluding certain mailbox items or masking sensitive details within calendar events, this additional solution empowers organizations to tailor their data transmission precisely to their unique security requirements.
For organizations that require the highest levels of security, investing in robust mechanisms like CB Exchange Server Secure Sync with Data Diodes is not just prudent but imperative.
It is now time for you to discover how CB Exchange Server Sync with its add-ons can benefit your organization. Get in touch with us today to explore how this can work in your high-security environment.