Testing applications with different browsers, browser versions and mobile devices is essential. To build (and maintain) the required infrastructure yourself however is very time consuming and expensive.
The common solution
That’s why there are plenty of well-known SaaS solutions in the market. They provide a rich experience and a big selection of browsers and mobiles without the hassle of you having to build and maintain the infrastructure yourself.
The common flaw
Let’s be clear. SaaS solutions are great products. But they all have one common flaw. They are outside of your firewall and your corporate network. In order to run a test however, the SaaS provider’s browser requires access to your application under test.
The simple case
Let’s have a closer look at how this works.
It is fairly simple when the application under test is outside of your firewall (e.g. if you want to test your production system). You are inside your corporate firewall. The SaaS solution is outside of your firewall. You send a request, the SaaS provider starts a browser in their data center and the browser will access your application under test.
The common case in enterprises
If you work in an larger enterprise it gets more tricky. In that case the application under test is typically behind a corporate firewall.
You send the request to the SaaS provider. The browser from the SaaS provider tries to access your application, but that request will be blocked at the firewall level.
So with this setup it is not possible to execute the test.
A possible solution?
How can you resolve that? Well, you could open up your firewall to the SaaS provider. But that’s typically not approved by security as they don’t want a third party to access the corporate network.
So, what other option is out there?
All SaaS providers provide a so called secure tunneling software.
You need to install the software on your machine. Then you establish the tunnel between your machine and the SaaS provider.
Through that tunnel the SaaS provider can access your local machine and also the application under test – which is what you wanted to do in the first place.
So everything seems to be good. But is it?
The big security issue
Let’s have another look at this setup.
The SaaS provider now also has access to EVERYTHING that your machine has access to. And if your machine has access to other internal systems – which is very likely – the SaaS provider now also has FULL access to that.
With the tunnel you have essentially removed the firewall between your corporate network and the SaaS provider. The SaaS provider has full access to everything that you have access to.
If you are looking for a secure cross browser testing and mobile execution platform , talk to us. Element34’s Selenium Box enterprise grid runs inside your corporate network. No tunnels, VPNs or other external access is required.
Visit us at https://seleniumbox.com