Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Take advantage of the path control aspect of Gatekeeper #298

Open
AltraMayor opened this issue Jun 20, 2019 · 0 comments
Open

Take advantage of the path control aspect of Gatekeeper #298

AltraMayor opened this issue Jun 20, 2019 · 0 comments
Labels
enhancement
Milestone
Advanced features

Comments

@AltraMayor
Copy link
Owner

Once issue #297 is implemented, policies will be able to define the destination of encapsulated packets. This new flexibility also enables policies to redirect flows. Flow redirection opens Gatekeeper to new possibilities such as path control and integrating with intrusion detection systems such as Suricata, Snort, and Zeek (formerly Bro). Path control can become the key to mitigate Coremetl/Crossfire attacks.

Combined with the fact that policies control when flow redirection is applied, to which flows, and to where redirecting them, flow redirection can also be seen as on-demand tunnels.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
Advanced features
Development

No branches or pull requests
1 participant
@AltraMayor