p.l. fabbripula 20 - 22 ottobre 2008c.i.g.s. vnc server client side instrument side vnc viewer...
TRANSCRIPT
P.L. Fabbri Pula 20 - 22 Ottobre 2008C.I.G.S.C.I.G.S.
VNC Server
Client side Instrument side
VNC Viewer
CigsIRC.exeHTTP Client
SEM1_CTRL.exeHTTP Server
AXIS Video Server
P.L. Fabbri Pula 20 - 22 Ottobre 2008C.I.G.S.C.I.G.S.
C.I.G.S. Remote Control – WHO? From WHERE?
XRDP_CTRL.exeHTTP Server
CigsIRC.exeHTTP Client
Client side Instrument side
1 – Connection request
VNC ServerVNC Viewer
2b – Connection accepted
2a – Start VNC Server3a – Start VNC Client
3a – VNC remote session started
From WHERE?• Create policies for limited IP source addresses
LANFireWall
WHO? • Request remote user to proviede credentials ID and Pwd
1b – User credentials accepted
It works BUT :
• Users sensible data must be accessed and managed locally• Users could have multiple sets of credentails for each service at the same Organization
P.L. Fabbri Pula 20 - 22 Ottobre 2008C.I.G.S.
C.I.G.S. Remote Control – WHO? From WHERE?
Test
VPN Access can be granted only after a SSO identication process
P.L. Fabbri Pula 20 - 22 Ottobre 2008C.I.G.S.C.I.G.S.
Instrument side
SPClient side
CigsIRC.exeHTTP Client
XRDP_CTRL.exeHTTP Server
LANFireWallVPN OlnyPolicies
UniMore SSO IdP
1 Request for Remote Control Service
WWW Server
CIGS
2 – User provides his SSO credentials
3b After a SSO login, user public attributes are OK
3a VPN access enabled
6 – VNC remote session started
5 – Connection accepted
VNC Server
4 – Connection request
C.I.G.S. Remote Control – WHO? From WHERE?
VPN
VNC Viewer