|
|
|
|
|
|
by warkdarrior
2672 days ago
|
|
|
From a security perspective, it is better to have the endpoints just share the session secret with a DPI box, instead of running the DPI software on the endpoint. If the endpoint in compromised, in the first scenario, the most the attacker can do it not share the session secret. This is easily detectable. In the second scenario, the attacker can pretend that the endpoint-local DPI software is still being run, while completely going around it. |
|
|