Not OP, but some air-gapped servers can be connected to from a private "trusted" network, but are otherwise unable to connect to the internet or elsewhere. Perhaps that's what OP means?
I wish companies would hurry up and move away from "trusted" networks and move onto zero trust.
Bingo. Air-gapped machines, by definition, have no connection to each other. Not so much as an audio cable between them. Everything that goes back and forth is manually transferred, either by eyes-on-one-screen-hands-on-the-other-keyboard, or by sneakernet typically of media which may be inspected at yet a third station en route.
This is a proxy or a bastion host, no more, no less. Calling it an airgap, even in "scare quotes", is clownishly terrible and serves no purpose beyond polluting the language.
Ha. I totally get what you mean, but I wish. I've seen plenty of air-gapped servers, and I'm not even that old. And everytime I've challenged the set up for it to be truly air-gapped, I've been fought for it.
traceroute66|4 years ago
Erm ... mate....
A device is either air-gapped or it isn't. The clue is kinda in the name.
Yes, I know gov/mil networks use data-diodes, but that's a different kettle of very expensive fish which is certified to EAL6/7.
For everyone else, air-gapped means what it says on the tin.
Pseudo air-gapping via firewall rules is not air-gapping, its called writing ACLs.
myself248|4 years ago
This is a proxy or a bastion host, no more, no less. Calling it an airgap, even in "scare quotes", is clownishly terrible and serves no purpose beyond polluting the language.
gizdan|4 years ago
123pie123|4 years ago
_jhqp|4 years ago