![]() Because the server-side proxy happens at the TCP level, the VNC session is end-to-end encrypted between the web client and the VNC server within your network. Since we already have exactly this with cloudflared + Cloudflare Tunnel, we can connect to existing TCP tunnels and provide an entirely in-browser VNC experience. ![]() websockify since TCP connections are not natively supported in browsers today). Something like this would normally require running a server-side TCP → WebSocket proxy (eg. ![]() To do this we built a full VNC viewer implementation that runs in a web browser. Using Cloudflare Tunnel, we can deliver the VNC connection at our edge, meaning we’re less than <50 ms away from 99% of Internet users. One major challenge of rendering a GUI is latency - if a user’s mouse or keystrokes are slow, the experience is almost unusable. We wanted to fix this! It was time for Browser VNC Unlike SSH, where the majority of servers and clients predominantly use OpenSSH, there are numerous commercial and free VNC servers / clients in various states of quality and cost. On top of the security concerns, software installed on a user’s machine, like a VNC viewer, is generally difficult to manage - think compatibility issues with operating systems, security updates, and many other problems. However, it can be very difficult to monitor when a user makes a connection to a VNC server and then what they do during their session, without significant network configuration. VNC is often used to create an environment for a user to interact with sensitive data. This is further complicated by contractors and external users requiring access via VNC. Managing software like a VNC viewer typically requires Mobile Device Management (MDM) software or users making individual changes to their machines. This comes with challenges of operating system compatibility (remember how VNC was supposed to be platform independent?), security, and management overhead. This software allows a user to establish a VNC connection and render the VNC server’s GUI. Typically, VNC deployments require software to be installed onto a user’s machine. VNC can be beneficial to create a “clean room” style environment for users to interact with secure information that cannot be moved to their personal machine. In most business use cases, VNC isn’t used to play games, it’s driven by security or IT management requirements. Using a virtual machine to run a Windows Server was much cheaper than buying a new laptop. In my case, the most frequent reason I use VNC is to play games that have compatibility issues. Or to complete work better suited for a visual interface. It is built to be platform-independent and provides an easy way for administrators to make interfaces available to users that are less comfortable with a command-line to work with a remote machine. VNC is a desktop sharing platform built on top of the Remote Frame Buffer protocol that allows for a GUI on any server. In the future we will support full auditability of user actions in their VNC and SSH sessions. We also built the experience using Cloudflare Workers, to offer nearly instant start times. The feature runs in every one of our data centers in over 200 cities around the world, bringing the experience closer to your end users. Like the SSH flow, this allows users to connect from any browser on any device, with no client software needed. Teams can now provide their users with a Virtual Network Computing (VNC) client fully rendered in the browser with built-in Zero Trust controls. Starting today, we’re excited to share that you can now shift another traditional client-driven use case to a browser. ![]()
0 Comments
Leave a Reply. |