A page in your DokuWiki was added or changed. Here are the details: Date : 2013/11/20 09:47 Browser : Mozilla/5.0 (Windows NT 6.1; rv:25.0) Gecko/20100101 Firefox/25.0 IP-Address : 149.172.200.27 Hostname : HSI-KBW-149-172-200-27.hsi13.kabel-badenwuerttemberg.de Old Revision: http://wiki.x2go.org/doku.php/doc:deployment-stories:electronic-glovebox?rev... New Revision: http://wiki.x2go.org/doku.php/doc:deployment-stories:electronic-glovebox Edit Summary: User : stefanbaur @@ -1,11 +1,11 @@ ====== X2Go at the Doctor's office: The Electronic Glovebox ====== //Shared by Stefan Baur, [[http://www.baur-itcs.de|BAUR-ITCS UG (Germany)]]// - The Electronic Glovebox is our implementation of a ''Re''mote ''Co''ntrolled ''B''rowsers ''S''ystem, ReCoBS. + The Electronic Glovebox is our implementation of a __Re__mote __Co__ntrolled __B__rowsers __S__ystem, ReCoBS. - ReCoBS is a security concept designed by the German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, BSI). + ReCoBS is a security concept designed by the German Federal Office for Information Security ([[https://www.bsi.bund.de/EN/Home/home_node.html|Bundesamt für Sicherheit in der Informationstechnik]], BSI). It places a Terminal Server (in our case, a Linux box running X2Go) in a demilitarized zone (DMZ) between two Firewalls. This Terminal Server may freely surf the net, but it cannot initiate "downstream" connections towards the LAN. From the LAN side, it is possible to connect to the Terminal Server (in our case, via SSH), but direct outbound connections to the Internet are blocked by default. Where we're diverting from the standard ReCoBS approach is that we're using a single firewall with a third ethernet port for the DMZ, and we're running both the firewall and the X2Go Terminal Server as virtual machines on a stripped down Debian Linux with KVM. -- This mail was generated by DokuWiki at http://wiki.x2go.org/