Subj : Re: Privacy is Power: ta
To   : Sean Dennis
From : Arelor
Date : Mon Sep 13 2021 03:20:52

  Re: Re: Privacy is Power: ta
  By: Sean Dennis to Kurt Weiske on Sun Sep 12 2021 03:33 pm

 >  KW> It's old-school, non zero-trust security. They want a monolithic
 >  KW> approach, putting your defenses into a central firewall like they did
 >  KW> in the 2000s, and vendors are more than happy to provide.
 > 
 > That seems like setting up a single point of failure for the network but I a
 > not hip on the latest security procedures
 > anymore.

I think setting a group of proxies with automatic failover is not that hard
nowadays. You can use something like OpenBSD's carp in order to have a group of
proxies share the same IP address and have a failover proxy step in when the
main one fails. Cisco and friends also have their own protocols for the same
effect.

--
gopher://gopher.richardfalken.com/1/richardfalken
--- SBBSecho 3.14-Linux
 * Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (618:250/24)

.