LAPI location best pratice
Container
Windows
LinuxHello,
Is there a good practice about LAPI location ?
For example for an home lab i read that some people place it directly on their pfsense or opnsense then links the others devices. I make some sense since the firewall is the first needed devices to access the lab and to manage it. That was if needed the LAPI is reachable any time for the first security device.
On another way some people build the LAPI on another server that host the service. It's dedicated resources easily manageable and not exposed on the firewall device, so i guess less subject to any fault of usebug behavior/CVE that may append on crowdsec if any.
So which way is the one that you think that work better from the product view and usage ?
Is there a good practice about LAPI location ?
For example for an home lab i read that some people place it directly on their pfsense or opnsense then links the others devices. I make some sense since the firewall is the first needed devices to access the lab and to manage it. That was if needed the LAPI is reachable any time for the first security device.
On another way some people build the LAPI on another server that host the service. It's dedicated resources easily manageable and not exposed on the firewall device, so i guess less subject to any fault of usebug behavior/CVE that may append on crowdsec if any.
So which way is the one that you think that work better from the product view and usage ?
