Versions Compared

Old Version 2

changes.mady.by.user Sarah Leitner

Saved on

compared with

New Version Current

changes.mady.by.user Harald Saller

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Scroll Documents: Update page title prefix

This article describes the communication flow of a secure shadowing session in the IGEL Universal Management Suite (UMS) environment.

...

IGEL OS 12

Shadowing of IGEL OS 12 devices is always secure, i.e. via the Unified Protocol. The communication is always encrypted. 

Direct Connection - UMS Console (Internal / External VNC Viewer)

Before the shadowing communication flow:

...

Drawio
border1
baseUrlhttps://igel-jira.atlassian.net/wiki
diagramNameDirect Connection UMS Console Shadowing
width600
zoom1
linksauto
tbstyletop
pageId71926936
custContentId74813934
lbox0
diagramDisplayNameDirect Connection UMS Console Shadowing
contentVer1


Direct Connection - UMS Web App

Before the shadowing communication flow:

...

Drawio
border1
zoom1
simple1
pageId71926936
custContentId74813940
lbox1
diagramDisplayNameShadowing_OS12_DirectConnection
contentVer1
baseUrlhttps://igel-jira.atlassian.net/wiki
diagramNameShadowing_OS12_DirectConnection
width600
linksauto
tbstyletop


Over ICG - UMS Console (Internal / External VNC Viewer)

Before the shadowing communication flow:

...

Drawio
border1
zoom1
simple1
pageId71926936
custContentId74879493
lbox1
diagramDisplayNameUMSConsole_ICG_Shadowing_OS12_new
contentVer1
baseUrlhttps://igel-jira.atlassian.net/wiki
diagramNameUMSConsole_ICG_Shadowing_OS12_new
width600
linksauto
tbstyletop

Over ICG - UMS Web App

Before the shadowing communication flow:

...

Drawio
border1
zoom1
simple1
pageId71926936
custContentId74912733
lbox1
diagramDisplayNameWebApp_OS12_Shadowing_ICG_new
contentVer1
baseUrlhttps://igel-jira.atlassian.net/wiki
diagramNameWebApp_OS12_Shadowing_ICG_new
width600
linksauto
tbstyletop

IGEL OS 11 or Earlier

Direct Connection - Internal VNC Viewer

The UMS Console requests the device's certificate and the session password from the UMS Server. The UMS Console then establishes an SSL tunnel with the device using the session password. The device sends the certificate to the UMS Console; the UMS Console checks the certificate against the certificate it has received from the UMS Server. In return, the UMS Console sends the session password to the device. After that, the SSL tunnel between the UMS Console and device is established and can be used for exchanging VNC data. 

Drawio
border1
zoom1
simple1
pageId71926936
custContentId74879499
lbox1
diagramDisplayNameSecure shadowing direct
contentVer1
baseUrlhttps://igel-jira.atlassian.net/wiki
diagramNameSecure shadowing direct
width600
linksauto
tbstylehidden

Direct Connection - UMS Web App

The UMS Web App requests the UMS Server to initiate a VNC session for shadowing. The UMS Server establishes an SSL tunnel with the device using a session password and the device's certificate. The UMS Web App and the UMS Server communicate via WebSocket, which also carries the VNC data.

Drawio
border1
zoom1
simple1
pageId71926936
custContentId74912745
lbox1
diagramDisplayNameSecShadowingWebApp
contentVer1
baseUrlhttps://igel-jira.atlassian.net/wiki
diagramNameSecShadowingWebApp
width600
linksauto
tbstylehidden

Over ICG - Internal VNC Viewer

Both the UMS Server and the device have established a WebSocket connection to the ICG; this WebSocket is used for commands from the UMS and messages from the device. 

...

Drawio
border1
zoom1
simple1
pageId71926936
custContentId74912739
lbox1
diagramDisplayNameVNC Viewer over ICG
contentVer1
baseUrlhttps://igel-jira.atlassian.net/wiki
diagramNameVNC Viewer over ICG
width600
linksauto
tbstylehidden

Over ICG - UMS Web App

The UMS Web App requests the UMS Server to initiate a VNC session for shadowing. The UMS Server creates an additional WebSocket connection for exchanging the VNC data. The UMS Web App and the UMS Server communicate via WebSocket, which also carries the VNC data. 

Drawio
border1
zoom1
simple1
pageId71926936
custContentId74781701
lbox1
diagramDisplayNameSecShadowWebAppICG
contentVer1
baseUrlhttps://igel-jira.atlassian.net/wiki
diagramNameSecShadowWebAppICG
width600
linksauto
tbstylehidden

Direct Connection - External VNC Viewer

The external VNC viewer runs on the same machine as the UMS Console. The UMS Console starts the external viewer and then acts as a proxy between the device and the external VNC viewer.

Drawio
border1
zoom1
simple1
pageId71926936
custContentId74879505
lbox1
diagramDisplayNameexternal viewer
contentVer1
baseUrlhttps://igel-jira.atlassian.net/wiki
diagramNameexternal viewer
width600
linksauto
tbstylehidden

Over ICG - External VNC Viewer

The external VNC viewer runs on the same machine as the UMS Console. The UMS Console starts the external viewer and then acts as a proxy between the ICG and the external VNC viewer.

...