High Assurance Evaluation for Network Diodes
Diodes ensure secure, one-way data flow between secret and other networks.
Plain language
This control is about ensuring that any special equipment called a 'network diode' used to send information in one direction between highly secure networks and other networks has been thoroughly checked for security. This matters because without these checks, sensitive information could accidentally or maliciously leak into less secure areas, leading to serious security breaches.
Framework
ASD Information Security Manual (ISM)
Control effect
Preventative
Classifications
S, TS
ISM last updated
Feb 2022
Control Stack last updated
19 Mar 2026
E8 maturity levels
N/A
Official control statement
Evaluated diodes used for controlling the data flow of unidirectional gateways between SECRET or TOP SECRET networks and any other networks complete a high assurance evaluation.
Why it matters
If a diode lacks a high assurance evaluation, unidirectional gateways may fail, enabling data leakage from SECRET/TOP SECRET networks to lower domains.
Operational notes
Use only network diodes that have completed high assurance evaluation; confirm model/firmware against evaluated product lists and re-check status after upgrades or replacements.
Implementation tips
- The IT manager should select a secure network diode that meets high assurance security standards. They can do this by reviewing evaluations and certifications from reliable security assessments, such as those recommended by the Australian Cyber Security Centre (ACSC).
- Systems administrators should install the network diode between the secure and less secure network environments. This involves physically connecting the diode and ensuring that it is configured to allow data transfer only in the designated direction, preventing reverse data flow.
- The IT security team should conduct regular checks and tests on the network diode to confirm it is functioning correctly. This can be done by monitoring data transfer logs and ensuring no data flows in the wrong direction.
- Procurement officers should document the acquisition process of the network diode, ensuring that all vendor claims about its security capabilities are verified. This involves retaining certificates, evaluation reports, and references to confirm the product meets the required security standards.
- The management team should organise training sessions for staff to understand the role and importance of the network diode in organisational security. This includes explaining the consequences of data leaks and how the diode helps prevent them.
Audit / evidence tips
-
Askthe diode evaluation report from the vendor: Request to see the document that details the security checks done on the diode
Goodwill include a recent, dated report showing successful evaluations against known standards
-
Askthe installation and configuration records: Request documents detailing how the diode was set up
Goodis a record showing correct installation with diagrams confirming the one-way data flow
-
Askregular test logs: Request records of ongoing tests verifying diode functionality
Goodincludes consistent logging with no failures in data directionality over several test cycles
-
Askthe training materials used for staff: Request to see any presentations or guides on diode function
Goodincludes complete training content with attendance records for staff
-
Askrecords of procurement processes: Request copies of procurement validation checklist
Goodis a checklist signed off by competent authorities verifying compliance
Cross-framework mappings
How ISM-1158 relates to controls across ISO/IEC 27001, Essential Eight, and ASD ISM.
ISO 27001
| Control | Notes | Details |
|---|---|---|
| layers Partially meets (1) expand_less | ||
| Annex A 8.20 | ISM-1158 requires that network diodes used to enforce one-way data flow in unidirectional gateways between SECRET/TOP SECRET networks and... | |
| handshake Supports (1) expand_less | ||
| Annex A 8.22 | ISM-1158 requires high assurance evaluated network diodes for unidirectional gateways separating SECRET/TOP SECRET networks from other ne... | |
These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.