Maurice Snoeren created GUACAMOLE-2044:
------------------------------------------
Summary: Secure remote access for critical networks using
data-diode architecture
Key: GUACAMOLE-2044
URL: https://issues.apache.org/jira/browse/GUACAMOLE-2044
Project: Guacamole
Issue Type: New Feature
Components: guacamole, guacd
Reporter: Maurice Snoeren
Attachments: guacamole_data_diode_design.png
To create remote access for critical networks and systems, it would be nice to
be able to communicate over a data-diode infrastructure. Data-diodes provide a
physical (or hardware enforced) network isolation between networks. The current
design idea is to put the data-diodes between the Guacamole client and the
guacd server.
Currently, I am already busy with a data-diode implementation apart from the
Guacamole. This can be found on
[https://github.com/macsnoeren/guacamole-datadiode.] I am still in testing
phase and will shortly test this out in a production environment. I have added
a global design picture in the attachment. However, it would be nice if the
Guacamole project would natively support the use of a data-diode architecture.
This new feature can be implemented due to the great work of the Guacamole
protocol. A text-based streaming protocol that can be easily validated and send
over UDP-channels. How it would work with SSL is not yet thought of. First step
is to get it to work in my proof-of-concept.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
