One Way Network Connection

I have a very paranoid client who runs two separate networks (one offline, one online) with separate PCs etc.

I have a challenge in that I have written an application for them that will run on the offline network however the network needs to be able to send emails to clients. My idea is to have a one way network connection (like a diode) from the offline server to an online PC that would send the emails.

What is the most effective way to go about this that is semi cost effective? Can I get a one way network card?

Windows Server 2008 Network, Windows PC.


Solution 1:

Basically you just need a firewall between the two with really tight rules, basically something called a 'Deny all' rule and then just allow a single one way point to point single port outgoing rule for what you need. This is easy for a security/network guy and should be satisfactory for your client.

Solution 2:

I wouldn't exactly call them paranoid, and I applaud their attitude to security.

If they've gone to the trouble of separate networks, they've probably also gone to the trouble of installing a firewall. A small hole in the firewall which only allows traffic on port 25 to pass from a specific IP address in your offline network to a specific IP address in your online network should do the trick perfectly.