In order to connect together a first computer and a second computer, it is known to associate the computers with first and second Ethernet interfaces each comprising a transmit-receive module commonly referred to as a transceiver, provided with external message transmit terminals and external message receive terminals. A connection is established between the two interfaces by means of a cable extending between the external transmit terminals of the transceiver of the first interface and the external receive terminals of the transceiver of the second interface, and by a cable disposed between the external receive terminals of the transceiver of the first interface and the first external transmit terminals of the transceiver of the second interface. Ethernet networks are particularly reliable and enable relatively high data rates to be achieved.
It can happen that it is desired to restrict the passage of information from the second computer to the first computer, e.g. in order to prevent a user of the second computer having access to information on the first computer, causing the first computer to malfunction, or taking control thereof. This applies, for example, when the first computer forms part of a highly secure network, while the second computer forms part of a network having a low level of security.
Filter software exists for the purpose of achieving such a restriction on the passage of information. Nevertheless, it can happen that such software presents weaknesses such as hidden channels or ports that can be exploited in order to corrupt operation thereof.
It is also known to connect the first computer and the second computer to a protection device of the “firewall” type that filters messages passing therethrough between the two computers. Such a device provides only a relative degree of security and there exists a risk of non-authorized messages being able to transit from the second computer to the first computer in spite of the protection device. For example, software exists enabling the functions of the transmit terminals and the receive terminals to be interchanged, and without the protection device being able to detect the interchange. Such devices are also relatively complex to implement.
Document EP-A-1 164 766 discloses a device for connecting a first network to a second network, the device including a switch member arranged to allow transmission from the first network towards the second network or in the opposite direction on a selective basis.
It might be thought that the connection for transmitting messages from the second computer to the first computer in an Ethernet network could be interrupted in the same manner. Unfortunately, in an Ethernet network, Ethernet interfaces check for the presence of a line-integrity signal (or a presence signal) at the external receive terminals of the transceiver, prior to transmitting a message. Eliminating the connection enabling a message to be transmitted from the second computer to the first computer prevents the existence of said signal being verified. The switch member of the above-mentioned document is thus not suitable for use in such a network, without modifying the structure of the Ethernet interface and the software that operates it in order to allow the first computer to transmit its message even though the line-integrity signal has not been detected. Such modifications would be relatively complex and would run the risk of degrading the reliability of the Ethernet connection.