Network isolation solution
This solution is suitable for companies that decide to isolate their users’ work environments for security purposes;
In other words, they intend to completely separate the internal activities of their personnel from their public and internet activities.
This separation is desirable in the following steps:
Physically (VLAN cannot be isolated in terms of security): complete network isolation includes Cabling, Switching, Routing, Servers, Services.
This separation of users’ work environments can be done in the following ways:
Placing two PCs or thin clients (mini PCs) for each user
Inserting two hard disks and two network cards for each PC (using an isolator card (switch) for hard disks and network cards and booting with one of them each time)
Using S-CATIN isolators (Rahaco’s product, patented and having Iran Code, having various technical and security approvals)
In the following, we will examine all three cases and compare them with each other:
Network virtualization and isolation
Disadvantages:
- High cost of equipment (putting two devices for each user)
- High energy consumption
- Great occupied space (physically)
- Cost-effective support
- Low information security
Advantages:
This solution has no advantage compared to other solutions!
Disadvantages:
The user must restart his computer to switch between working environments.
High depreciation of the user’s computer (launches several times a day)
Cost-effective support
The user may forget that his external memory is connected to the computer and the external memory connection is active for the user in both environments, here the security of information and practical isolation are called into question, therefore, in this solution, network administrators are forced to restrict user access in one or both environments!
The inability to connect to more than two isolated networks (hard disk switches are two-state)
For users who have thin client or zero client, it is not possible to use this solution.
Advantages:
This solution only has the advantage of being a single computer compared to the first solution and has no other advantages! (The price of each isolator card is equal to one zero client, so it has no economic justification)
Disadvantages:
For the companies whose users have good computers (suitable hardware), it is expensive at the time of equipping (but the economic benefit is high in a period of more than 2 years – refer to the economic justification)
This solution was created with the aim of eliminating the disadvantages of other solutions. And no other fault has been reported for it!
Advantages:
This solution only has the advantage of being a single computer compared to the first solution and has no other advantages! (The price of each isolator card is equal to one zero client, so it has no economic justification)