Using .NET Core in a “Disconnected” Environment

Security is a very important consideration when running your custom middleware applications.  The internet can be an unfriendly place.

Sometimes middleware users have a requirement for their software to run in a “‘disconnected” environment, which is one where the network is not routed to addresses outside the one the local node is on—in other words, no internet.

 

.NET Core applications, such as Java applications built using Maven or Node applications built with npm, often require access to external sources for the libraries they need. With .NET Core, this is often the public NuGet repository.

So what does this mean to .NET Core users in a disconnected environment? It means they cannot build their applications! The requested libraries will not be accessible, so the build will not succeed (at least not in the default configuration).

What about running the application?  Luckily, running the application is possible. Once your application is built, you can move the generated binaries to a machine in a disconnected environment where they will properly run. (The same is true of “published” applications, which are explicitly meant to be portable.)

Security-conscious users can build applications in an “exposed” environment, examine the artifacts to ensure they contain only verified libraries, and then can confidently move them to the disconnected environment.

Happy coding!

Share