Connectathon Using the Gazelle Proxy

From IHE Wiki
Revision as of 10:37, 9 February 2020 by Smoore (Talk | contribs) (Created page with "=Proxy Overview= The Gazelle Proxy (Proxy) is a separate software application that is deployed in parallel with Gazelle Test Management. The Proxy routes TCP traffic between s...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Proxy Overview

The Gazelle Proxy (Proxy) is a separate software application that is deployed in parallel with Gazelle Test Management. The Proxy routes TCP traffic between systems and maintains a copy of that data for later analysis. The Proxy software allocates one TCP port for each Connectathon participant endpoint (web server, DICOM server, HL7 server) and use that port to accept and then forward TCP traffic to the specific endpoint. Because each participant endpoint is allocated a unique Proxy port, the Proxy knows where to forward the traffic without having to analyze the data content.

The Proxy is coupled to an instance of Gazelle Test Management. The Gazelle Test Management software captures configuration information for each participant including server endpoints (host name, port number, protocol). Participants own and are responsible for the correct values of the endpoint configuration. The Gazelle Test Management system allocates one TCP port in the proxy for each endpoint that is defined by a participant. That information is visible in Gazelle Test Management to all participants. A participant application that wants to initiate a TCP connection (invoke a web service, store a DICOM file) can choose to send directly to the peer system (host name, port number, protocol) or to the Proxy (proxy host, relevant proxy port, protocol). Because the Proxy is coupled to Gazelle Test Management, the Proxy software knows that TCP traffic that is received on a specific port will be sent to the proper participant endpoint. As mentioned above, the binary data is not altered.

TLS Consideration

The Proxy does not support TLS traffic. There are issues of digital certificates and encryption that would need to be addressed. That would also require a review of one aspect of the Proxy in that it does not alter any digital traffic. It might be possible to consider monitoring TLS traffic using a packet sniffer as we can manage digital certificates in a testing environment. This is not an active area of work for the Kereval team.