Part of the Network security glossary:

Air gapping is a security measure that involves removing a computer or network from any externally connected network physically and ensuring there is no wireless connection.

Conventionally, physical isolation and a lack of external connectivity have been considered adequate to ensure the security of air-gapped systems. However, proof-of-concept (POC)attacks have demonstrated acoustical infection enabled by exploiting electromagnetic emanations from sound cards. Another POC demonstrated how continuous wave irradiation can be used to reflect and gather information from screens, keyboards and other computer components. 

The NSA TEMPEST project provides recommendations for air-gapping security measures. For a system with extremely sensitive data, a Faraday cage can be used to prevent electromagnetic radiation (EMR) escaping from the air-gapped equipment. The computer in question should also have a specified amount of space between it and outside walls and between its wires and the wires for any computers or equipment on an unsecured network. 

Although these measures seem extreme, van Eck phreaking can be used to intercept data such as key strokes or screen images from demodulated EMR waves, using special equipment from some distance away.

Air-gapping is used in the military, government and financial systems like stock exchanges. The measures are also used by reporters, activists and human rights organizations working with sensitive information. Air gapping can also be used to maintain a stable software environment for sensitive application development.

Some very simple computerised control mechanisms are air gapped because they do not require outside control, which means that it’s not necessary to risk external communication affecting them. Examples include computerised thermostats that regulate heating and cooling, sprinkler systems, nuclear equipment and engine control units.

Even with measures as extreme as air gapping, vulnerabilities exist. The attack vector could be an external storage device. Furthermore, the microphones of mobile phones and motion sensors can be used to record keystrokes on keyboards on the same desk. A proof of concept exploit that has been called an acoustical infection has been demonstrated to transmit data via ultrasonic frequencies to computers outside the air gap. However, this exploit requires that the machine be infected first.

The software-defined perimeter (SDP) framework is sometimes referred to as a method of virtual air gapping. SDP requires authentication of all external endpoints attempting to access internal infrastructure and ensures that only authenticated systems can see internal IP addresses. 

This was last updated in July 2014
Contributor(s): Matthew Haughn
Posted by: Margaret Rouse

Related Terms

Definitions

  • virtual honeypot

    - A virtual honeypot is software that emulates a vulnerable system or network to attract intruders and study their behavior. Virtual honeypots contrast with hardware-based honeypots, which are dedica... (WhatIs.com)

  • Google Hack Honeypot (GHH)

    - A Google hack honeypot is a system designed to be vulnerable to sophisticated search engine queries for the purpose of attracting hackers and studying their behavior. Google hacking (sometimes call... (WhatIs.com)

  • vulnerability management planning

    - Vulnerability management planning is a comprehensive approach to the development of a continuous and repetitive system of practices and processes designed to identify, analyze and address flaws in ... (WhatIs.com)

Glossaries

  • Network security

    - Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question. Find an Answer.Powered by ITKnowledgeExchange.com

Ask An IT Question

Get answers from your peers on your most technical challenges

Ask Question

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.