OPSWAT Announces FileScan.IO Asset Acquisition. Read More

Using Unidirectional Security Gateways with MetaDefender Kiosk and Vault

Unidirectional Security Gateways, also known as Unidirectional Gateways and Security Gateways, are a modern evolution of data diodes. Traditionally relying upon a fiber-optic connection to enforce one-way data transfers, data diodes may encounter transmission reliability issues and data overruns, while modern unidirectional security gateways include assured delivery mechanisms to overcome these challenges. This solution provides secure, one-way data transfer between low- and high-security networks. For safety reasons, high-security networks such as military networks and industrial control systems (ICS) are often disconnected from the internet in so-called air-gapped or isolated networks. This is very effective for security but can hamper efficiency.


To improve productivity while maintaining security, unidirectional gateways can be used to provide one-way traffic into the secure network, ensuring that data can enter the network, but no data can leave.

Most unidirectional security gateways accomplish the one-way limitation using either a fiber-optic network link or non-networked serial connection, with the send and receive transceivers removed or disconnected for one direction. Some products also include software in order to authorize and allow only certain types of trusted communication.

In this Unidirectional Security Gateway comparison, we look at the different security gateway offerings to help you decide which product suits your organization best. For each unidirectional security gateway, we list a number of product attributes to allow for easy comparison.

Support for Antivirus

Since unidirectional security gateway traffic is unfiltered, it is important to add antivirus to ensure that the unidirectional gateway traffic is scanned for malware. For each unidirectional security gateway we specify whether they offer a single antivirus solution, and whether they offer the option of multiscanning with multiple antivirus engines for the highest protection.

Integration with Portable Media Kiosks

In addition, our comparison lists whether the unidirectional security gateway can be used with a portable media malware-scanning kiosk to transfer clean files into the secure area, avoiding the need to bring in removable media. Some unidirectional security gateways offer additional secure file transfer functionality to ensure that only authenticated users and guests can retrieve their files in the secure area.

About MetaDefender Kiosk, MetaDefender Vault and OPSWAT NetWall

OPSWAT's MetaDefender Kiosk is a portable media security solution for high security networks that enables organizations to control the flow of data into and out of the organization. MetaDefender can quickly scan files with up to 30 leading anti-malware engines to detect and block advanced threats, clean potentially malicious files, as well as apply user based security policies. Combined with a unidirectional security gateway and MetaDefender Vault to securely transfer files into a secure area, increasing security and providing important tracking and auditing information.

Now, OPSWAT’s NetWall™ Unidirectional Security Gateway (USG) can be easily integrated with MetaDefender Kiosk and MetaDefender Vault to enable full access to MetaDefender Core Multiscanning, Deep Content Disarm and Reconstruction (CDR), Proactive Data Loss Prevention (DLP), and File-Based Vulnerability Assessment technologies. More about Netwall USG.

Unidirectional Security Gateway and Data Diode Guide