Good article (along with parts 2 and 3). Are there key differences in secure net... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		gz5 on March 14, 2023 \| parent \| context \| favorite \| on: MQTT vs. Kafka: An IoT Advocate's Perspective Good article (along with parts 2 and 3). Are there key differences in secure networking constructs (TLS, mTLS, VPN, whitelisted IPs, open ports, etc.) in the options described: + inbound to Kafka clusters and Kafka Connect? + inbound to Mosquitto MQTT broker? + inbound to Telegraf? + inbound to influxDB?

physicles on March 15, 2023 [–]

Of those, MQTT should be the only thing you expose to the outside world. Secure it with regular TLS, possibly with mutual auth for your clients if you care about that.

For the others, secure them using the same tech you use to secure your database. Ideally they wouldn't be accessible from the internet at all.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact