> airgapped except for a bastion host that acts as a gateway First time I've heard of an a...

embedding-shape • today at 2:49 PM • 3 replies • view on HN

> airgapped except for a bastion host that acts as a gateway

First time I've heard of an airgapped system you could access remotely. Doesn't that kind of defeat the label "airgapped"? I think I'd just call that "isolated" at that point instead.

Replies

debarshri • today at 3:32 PM

This concept is related to PAM. You often have to do ops on infra and need some DMZ to do the ops. In regulated industry you have to record every operations done by the person and have to follow principle of least privilege. This what should happen in an ideal world.

➕ show 1 reply

SigmundA • today at 3:09 PM

Logically air gapped :)

https://docs.aws.amazon.com/aws-backup/latest/devguide/logic...

➕ show 1 reply

rzzzt • today at 3:02 PM

The moat!

alt Hacker News

Replies