The views expressed in this blog are those of the owner and do not reflect the views or opinions of the owner’s employer. All content provided on this blog is for informational purposes only. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site. The owner will not be liable for any errors or omissions in this information nor for the availability of this information. The owner will not be liable for any losses, injuries, or damages from the display or use of this information. This policy is subject to change at any time. The owner is not an attorney, and nothing posted on this site should be construed as legal advice. Litigation Support Tip of the Night does not provide confirmation that any e-discovery technique or conduct is compliant with legal, regulatory, contractual or ethical requirements.
A cross domain solution is a system which is designed to allow two network domains (a single domain being servers with a common login) to securely exchange data. A CDS will include a content filter to prevent data from being moved which another domain does not have authorization to use.
Domains with different levels of access to secure information need a means to both manually and automatically transfer data. A CDS will offer:
1. Access solutions - the ability to view information from domains with differing security levels.
2. Transfer solutions - the ability to move information between domains with differing security levels.
3. Multi-level solutions - the storage of all data in a single domain.
The SANS Institute has prepared a diagram that shows how cross domain solutions work:
See the SANS Institute guide, Shedding Light on Cross Domain Solutions, posted here.