[
https://issues.apache.org/jira/browse/GUACAMOLE-2044?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17937593#comment-17937593
]
Maurice Snoeren edited comment on GUACAMOLE-2044 at 3/22/25 12:18 PM:
----------------------------------------------------------------------
Started development of the native data-diode support:
[https://github.com/macsnoeren/guacamole-client]
Implemented the first version of:
* Add the new data-diode GuacamoleSocket with the name *DDGuacamoleSocket*
including the development of
** GuacamoleReader for the DDGuacamoleSocket with the name *DDGuacamoleReader*
while UDP does not have stream readers like TCP does.
** GuacamoleWriter for the DDGuacamoleSocket with the name *DDGuacamoleWriter*
while UDP does not have stream readers like TCP does
* Get support via the mailing list on further steps of development on this
point.
was (Author: JIRAUSER309054):
Started development of the native data-diode support:
[https://github.com/macsnoeren/guacamole-client|https://github.com/macsnoeren/guacamole-client.]
Implemented the first version of:
* Add the new data-diode GuacamoleSocket with the name *DDGuacamoleSocket*
including the development of
** GuacamoleReader for the DDGuacamoleSocket with the name *DDGuacamoleReader*
while UDP does not have stream readers like TCP does.
** GuacamoleWriter for the DDGuacamoleSocket with the name *DDGuacamoleWriter*
while UDP does not have stream readers like TCP does
* Get support via the mailing list on further steps of development on this
point.
> Secure remote access for critical networks using data-diode architecture
> ------------------------------------------------------------------------
>
> Key: GUACAMOLE-2044
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-2044
> Project: Guacamole
> Issue Type: New Feature
> Components: guacamole, guacd
> Reporter: Maurice Snoeren
> Priority: Minor
> Labels: security
> Attachments: guacamole_data_diode_design.png,
> guacamole_data_diode_native_design.png
>
>
> To create remote access for critical networks and systems, it would be nice
> to be able to communicate over a data-diode infrastructure. Data-diodes
> provide a physical (or hardware enforced) network isolation between networks.
> The current design idea is to put the data-diodes between the Guacamole
> client and the guacd server.
> Currently, I am already busy with a data-diode implementation apart from the
> Guacamole. This can be found on
> [https://github.com/macsnoeren/guacamole-datadiode.] I am still in testing
> phase and will shortly test this out in a production environment. I have
> added a global design picture in the attachment. However, it would be nice if
> the Guacamole project would natively support the use of a data-diode
> architecture.
> This new feature can be implemented due to the great work of the Guacamole
> protocol. A text-based streaming protocol that can be easily validated and
> send over UDP-channels. How it would work with SSL is not yet thought of.
> First step is to get it to work in my proof-of-concept.
> Today I had a look to the source code of the Guacamole project and build the
> Guacamole client. Got some ideas and created a global design for the native
> support to the Guacamole project concerning data-diodes. I also attached that
> image to this ticket.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
