External Data Connections Overview¶
External Data Connections (EDCs) are secure, approved pathways that allow Game Warden-hosted applications to exchange data with systems outside the Game Warden environment.
These connections support machine-to-machine communication and are commonly used for logging, APIs, external authentication services, or integrating with systems hosted outside your Game Warden deployment.
When do you need an EDC?¶
If your application needs to send data to or receive data from external systems—including the Internet, NIPRNet, or other cloud platforms—you’ll need to request an EDC.
Examples:
- Sending logs to a commercial monitoring tool
- Receiving configuration data from an external service
- Calling APIs hosted outside Game Warden
Understanding data flow¶
Clearly defining the direction of data flow is a required part of your request:
- Ingress – Data flows into your application (e.g., user input, webhooks)
- Egress – Data flows out of your application (e.g., API calls, logs)
- Bidirectional – Data flows both in and out (e.g., third-party API syncs)
Understanding this helps Game Warden verify your application's security and compliance posture.
Supported connection scenarios¶
Connection types vary based on the source, target, and the DoD Impact Level (IL) environment your application resides in.
Source | Target Environment | Status / Notes |
---|---|---|
NIPRNet | IL2 | ✅ Supported |
NIPRNet | IL4–IL5 | ⚠️ May require CNAP whitelisting |
P1 IL2 | IL2 | ✅ Supported |
P1 IL4–IL5 | IL4–IL5 | ⚠️ May require CNAP whitelisting |
Internet | IL2 | ✅ Supported |
Internet | IL4–IL5 | 🚫 Not supported (Appgate testing in progress) |
Source Environment | Target | Status / Notes |
---|---|---|
IL2 | NIPRNet | ⚠️ Requires Firewall Exemption Request |
IL4–IL5 | NIPRNet | ⚠️ Requires Firewall Exemption Request |
IL2 | P1 IL2 | ✅ Supported |
IL2 | P1 IL4–IL5 | 🚫 Not supported (Appgate testing in progress) |
IL4–IL5 | P1 IL2 | 🚫 Not allowed (to prevent data spillage) |
IL4–IL5 | P1 IL4–IL5 | ⚠️ May require CNAP whitelisting |
IL2 | Internet | ✅ Supported |
IL4–IL5 | Internet | 🚫 Not allowed (to prevent high → low data spillage) |
For detailed requirements and security expectations, see Securing EDCs.
Need help?¶
External data connections can be complex. If you’re unsure how to configure one or whether your use case is supported, contact your implementation engineer or reach out to supportce@secondfront.com.