Cross-domain document access gateway

On-demand file transfer

PSTdoc allows on-demand access to documents stored on file servers located on other, not connected, networks. Users access the system via HTTPS using a standard browser. They can navigate through the documents on the remote network they have access to, and get a local copy of the ones they are interested in.

Access to documents on the internal network is controlled using standard security labelling.

PSTdoc is one of the products of the PSTgateways family. All PSTgateways products share the same architecture which provides common administration and security infrastructure. Individual products differ in the supported data flows, called services.


Inbound On-demand file transfer


Outbound On-demand file transfer

PSTdoc guarantees the impossibility of any type of traffic between the two networks except the files transferred by the system itself.

The gateway does not substitute the file servers where documents are stored but rather uses them as intermediary elements for retrieving the files. The system is exclusively administered from the securest network.

The gateway always plays the client role of the supported file transfer protocols.

Inbound on-demand file access

Allows users located on the isolated network to access files located on file servers on the external network.

Users must be configured on the gateway in order to be able to use the service. The user accesses the system using the HTTPS protocol from within the isolated network with a standard browser and providing a digital certificate.

Once the user’s certificate has been validated, a list of available locations (file servers on the external network) is displayed. Clicking on a location displays the contents of the location’s base folder. The user can browse the base folder (including subfolders) and can download any file he finds there.

Outbound on-demand file access

It works in a similar way as the inbound on-demand file service, with the available locations (base folder on a file server) being on the isolated network and the users located on the external network. The big difference is that access to documents on the isolated network is controlled using standard security labelling.

Users navigate through the file server on the isolated network and when they request a file, following security checks are performed:

  • A corresponding security labelling file for the content is present, has the supported format and has been signed by an entitled authority.
  • Integrity of the content and the security labelling.
  • Compatible relative classification of the content and destination networks.
  • The user has sufficient security clearance to access the content according to the configured policy.

Security labelling
A labelling file with the same file name must exist in the same folder in order for a file to be transferred. Only those signing authorities with a valid certificate for the service may create these labelling files.
The format must comply with NATO labelling standards. This is an XML file format that meets the XML Signature Syntax and Processing (Second Edition), W3C, specifications.
As well as the security labelling compatible with the configured security policy, it must also contain the strong binding, generated via a digital signature, between the data file and the security labelling.

Main Benefits


  • Inbound and outbound flows work independently
  • Outbound documents must have security labelling
  • Outbound user clearance is checked against the security labelling


  • Real-time browsing of file serves
  • Easy to deploy – Nothing to install on servers or user’s computers

Technical data

  • Handle up to 500 users
  • Supports Internet protocols: HTTPS, FTP, FTPS, SMB
  • Bandwidth: 130 Mbps
  • Maximum file size: 50 MB