Lead Image © denis cristo, 123RF.com
Virtualize Browsers, Apps, and Desktops
Disposable
Isolated remotely controllable browser environments are a good choice for a variety of practical use cases, whether this be secure surfing with a focus on privacy and protection against malware, developing and testing web applications with different browsers, or even collaborating on websites. Almost 20 years ago, the German Federal Office for Information Security (BSI) coined the term "remote-controlled browser system" (ReCoBS). The security experts behind this original approach envisaged specially secured terminal servers surrounded by additional components such as firewalls and security gateways.
Of course, installing and running a terminal server farm with secure access is expensive in terms of both time and resources. The open source Neko project [1] enters the scene at this point, bundling browsers and other Linux applications and desktops into Docker containers in a resource-saving way and streaming their graphical user interfaces by Web Real-Time Communication (WebRTC). The driving force behind the project is developer Miroslav Sediv'y, who also manages the Neko repository on GitHub [2].
Pre-Built Browser Images
Neko, which is sometimes also referred to as n.eko (see the "Neko Is Not Crypto" box), is a good choice for a variety of use cases, but primarily for secure web browsing in isolated environments where admins can give users access to temporary browser sessions without compromising local systems. As a rule, these sessions are not persistent: When the container is closed, the disposable browser does not leave personal data behind. Other scenarios include shared remote access to web applications for training or support, as well as kiosk and terminal operation of secure browsers in public or restricted environments.
...
Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
Related content
-
Supporting WebRTC in the enterprise
WebRTC has the potential to bring high-quality, easily developed, and interoperable real-time voice, video, and data communication to all manner of applications in web browsers. -
Run rootless Podman containers as systemd services
Running rootless containers is easy with Podman. With Podman Quadlet files, these containers are seamlessly integrated into systemd services. -
Simplify your migration from Docker to Podman
Podman has become an attractive alternative to Docker, not least because it does not require a central daemon. In this article, we look at how to set about changing the guard and how you can use Podman Desktop to do so. -
Aggregate alerts from various monitoring systems
The free Alerta fields alerts from several monitoring systems and delivers them in a web GUI or at the command line. -
Dockerizing Legacy Applications
Sooner or later, you'll want to convert your legacy application to a containerized environment. Docker offers the tools for a smooth and efficient transition.