What is network isolation technology

What is network isolation technology? Network isolation refers to two or more computers or networks that are not connected, connected, or disconnected from each other. There is no need to isolate the same network as the information exchange, only need to be completely disconnected, no communication and no network. If you want to isolate and exchange data,
It requires specific technology to achieve. Generally speaking, the network isolation technology refers to the technology that realizes network isolation when information exchange is required.
On the surface, network isolation contradicts people's common sense. This is a very big obstacle to understanding network isolation. Manual copying of disks enables file exchange under network isolation. Manual copying is the earliest known network isolation technology. The earliest computers were stand-alone, with no Internet connection. When manually copying the disk, the two computers are completely disconnected, and the network is isolated. From this we know that in the case of network isolation, the two hosts can exchange static and portable file data through non-network methods.
Network isolation has also undergone a concept clarification process in China. In the early days, people did not know the technical architecture of network isolation,
But the requirements for network security are clear-to eliminate all potential network security threats. The strategy adopted in the first stage was strict, and the term "physical isolation" was born. Since it is impossible to give an accurate definition of technical isolation, some ambiguities have appeared in the technical definition of physical isolation. One view is that anything with physical contact is not physical isolation.
Isolation cards are now defined as physical isolation cards. According to the above point of view, the two network ports of the isolation card are on the same circuit board, and they should not be physically isolated, but in fact the isolation has been considered to be physically isolated. In turn, is it physically isolated without a physical connection? Nor is it, now the Internet in space has begun to develop. Wireless networking can be done in a vacuum. Therefore, it is possible to connect to the Internet even if there is no physical connection between the existing objects. It is difficult to define "physical isolation:" in technical terms,
Not even feasible.
The strategy adopted in the second stage was leniency, and the term "security isolation" was born. This view advocates moving from pastor isolation to security isolation, and advocates replacing physical isolation with security isolation. Security isolation mainly performs some checks on the protocol or realizes the conversion of the private protocol, but the network is not disconnected. In order to reduce the risk brought by the lenient strategy, the safety isolation is limited to certain occasions. For security isolation, the direct connection method is mostly used. Inside the chassis, two hosts are connected by a network cable, and networking is performed through protocol conversion. Security isolation is a method of direct network connection. The two networks are networked, which is contradictory to not allowing network connection or networking.
The current domestic and foreign trend is to use the term "network isolation". There are good reasons to use network isolation instead of physical isolation or security isolation. First, the concept of isolation is based on the network. Without networking, there is no need for isolation. Secondly, there is no concept of information exchange or resource sharing, nor can we talk about isolation. The essence of isolation is that it only needs to exchange information or even share resources. The third is that physical isolation and security isolation cannot give a technical definition, and network isolation can give a complete and accurate technical definition.
Network isolation is currently the best network security technology, eliminating network-based and protocol-based security threats. However, network isolation technology also has limitations. The threat to non-networks and content security cannot be ruled out in theory. Like manual copying, the data exchanged may carry viruses, even if the virus is killed. Can be cleaned. But it is not a network security issue, and there are no threats such as attacks and intrusions. If the user determines that the content exchanged is completely trustworthy and controllable, network isolation is the best choice for the user to solve network security problems.

