Goldilock is a simple yet revolutionary patented technology that physically isolates sensitive data, networks and critical infrastructure from harm or interference, yet retains a layer of convenience for authenticated users.

Unlike existing network segregation techniques, Goldilock is an intelligent hardware appliance that uniquely contains a series of non-ip-controlled electromechanical relays to achieve total network disconnection. Only Goldilock's technology can be remotely controlled using out-of-band non-IP mechanisms, without using the a network or the internet.

This creates an inconvenience layer for attackers and protects potentially disruptive IT procedures, and physically shields digital assets.

Hardware Specification Questions

Does Goldilock provide a true, physical disconnection?

Yes. Goldilock uses Reed Switches, which actually physically connect and disconnect. The data passing through is only able to flow when the contacts are connected. Goldilock is not a 'virtual' or 'logical' (i.e. sofrware governed) process, but rather a complete physical 'un-plugging' of the contact. In its simplest and most common form, it consists of a pair of ferromagnetic flexible metal contacts in a hermetically sealedglass envelope. The contacts are usually normally open, closing when a magnetic field is present, or they may be normally closed and open when a magnetic field is applied. The switch may be actuated by an electromagnetic coil, making a reed relay,[2] or by bringing a permanent magnet near it. When the magnetic field is removed, the contacts in the reed switch return to their original position. The "reed" is the metal part inside the reed switch envelope that is relatively thin and wide to make it flexible.

Is a separate phone number needed for each device port?

No. A single number is all that is required.

The phone number is linked to user profiles, not the port. Users can be assigned to specific port(s), so when they attempt to control the port(s), they are challenged with the keywords attached to the user profile.

As there are 12-ports on the appliance does that mean 12 separate servers (or other network devices) can be protected simultaneously?


Each port is a pair of Layer 1 network interfaces, one in and one out, with no crossover or physical connection to any other port.
Ports are independently controlled and defined as a Layer 1 patch. Each port can be configured to one of two specific operational modes; connected or disconnected. It is possible to utilise a single port individually, or all of them, as required.

What happens in the event of a power failure to the device?

The appliance will automatically power up once power is restored.

There are three configurable states each port defaults to upon power up:
1. Default to connected state: The airgap will physically connect networks


2. Default to disconnected state: The airgap will physically disconnect networks


3. Default to previously set state: Whichever was the last known state.

Which Electromagnetic Compatibility Regulations and Standards (EMC) does the appliance adhere to?

Goldilock complies with the following standards: CE, UKCA, CISPR 22/32, FCC Part 15B Class A.

What is the performance throughput of the appliance ports?

Each of the 12 available ports is capable of up to 10Gbps.

Does the appliance function as a hub or a network switch?

It is neither a Layer 1hub nor a Layer 2 switch, from a networking perspective it is the equivalent of a patch cable

  • Think of it as a Layer 1 ‘cable’ that can be remotely plugged in or removed from a physical network port. Devices and networks can be electronically (and physically) connected or disconnected as and when required
  • Imagine a simple RJ45 patch lead with a connection to your LAN at one end and a server or network at the other. The airgap switch sits in the middle of the patch lead in a similar way as if you were joining two patch leads

Operational Questions

How are User credentials and passphrases managed?

Only the Administrator role is authorised to add Users. Users are added to the list of approved Users with basic detail such as name,, passphrases and phone number. From there, Users can log in, change their password, and send commands.

What commands are available via Goldilock's messaging stack?

A range of intuitive commands are available to users when sending commands to the appliance, these include examples such as;

Input: Enable port [1-12]

  • Example: Enable port 4
  • Outcome: Specific port will be enabled after the appropriate challenge/response.

Input: Disable port [1-12]

  • Example: Disable port 6
  • Outcome: Port 6 will be disabled after the appropriate challenge/response.

Input: Status port [1-12]

  • Example: Status port 8
  • Outcome: Returns status of the port after the appropriate challenge/response.

All commands and challenge response words are case sensitive.

How long does the complete system take to install?

On average, it takes typically 15 to 20 minutes for a first-time user to set up.

The appliance ships in a ready to be used condition, with everything pre-installed. It is simply a matter of racking the equipment if applicable, connecting the cabling, powering on logging in as Administrator via the Management Port and being set up.

Can the device ports timeout after a period of inactivity? For example, if it was left open or closed by accident by a User?

No. The tech admin needs to disconnect (or reconnect) after each use. This is by design.

What roles are defined when using the appliance?

There are two roles, defined as follows;

  • Administrator
    This role exclusively logs in via the Management Port located at the rear of the appliance to provide total physical separation of duties. Administrators can add/remove Administrators, add/edit/configure/remove Users, and general configuration and maintenance duties
  • User
    This role is defined as an approved User who has been authorised to remotely control the TruAirgap™ using SMS. This role has no access to the Management Port, neither physically nor by proxy.

Security Questions

What steps are taken to secure the device trigger mechanism?

By default, the Goldilock device ignores and rejects every incoming message.

To control a port via our secure messaging stack, an administrator would need to add the authorized sender's mobile number to the system's authentication list (whitelist) In addition, the administrator would select which ports this user is able and not able to control.

Finally, an OTP seed key is generated, unique to the newly added user. This seed key can be used with Google Auth, Microsoft Auth, Cisco Duo authentication apps. This will generate a unique one-time-password that is included in every future SMS command.

In total, if the controlling user's number has not been added to the authorization list, or tries to control a port which they are not authorized to control, or does not include the generated one-time-password within the command message, it will get rejected.

How do Administrators authenticate and access the GUI?

The management GUI is accessible by connecting the rear management console port to a network and visiting the device's assigned IP address via your web browser.

Security for the GUI meets the requirements of NIST 800-63 for password security and related functionality. This includes:

  • Two factor authentication
  • Brute force protection
  • Full system logging