The Sauce Labs Cookbook

Sauce Headless

Front End Performance Testing


External Resources

More Info

Page tree
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Though it may take a few seconds to start up a Sauce Connect tunnel, once it's up you have the highest possible security for communications between the machine where it's running and the Sauce Labs API and browser cloud. In addition to the security of the tunnel itself, each tunnel connection spins up a fresh virtual machine that is used only for your tests, and which is destroyed when the tunnel is closed. This is why one of the recommended best practices for Sauce Connect is to always create a new tunnel for each test suite or build, and then tear it down at the end of your test. 

Data transmitted by Sauce Connect is encrypted through the TLS protocol, using the AES-256 cipher. Sauce Connect also uses a caching web proxy to minimize data transfer. You can disable this with the command line option -B, --no-ssl-bump-domains, which is described further in the Sauce Connect Command Line Reference.

Sauce Connect in the DMZ

 Within your infrastructure, Sauce Connect must be on the same network as the application or network you want to test, but can be firewalled from the rest of your internal network. We recommend running Sauce Connect in a firewall DMZ, on a dedicated machine, and setting up firewall rules to restrict access from that DMZ to your internal network. However, you must be careful about how to locate Sauce Connect in a DMZ. The topics in Sauce Connect Network Configurations include examples of various ways to set up Sauce Connect, including a dysfunctional DMZ architecture.



  • No labels