On Fri, 2003-04-04 at 09:35, Jesse Keating wrote: > On Thursday 03 April 2003 15:22, Dennis Gilmore wrote: > > Intresting idea. Its something i've been thinking about as well I think > > something that should help reduce bandwidth costs and the bottleneck of > > the current rhn system would be to deploy rhn servers in all the offices > > not just in the states. so rather than the load comming into one place > > it will be spread out all over the world. for example > > rhn.redhat.com.au is based in Brisbane so users from Australia would > > login to there, which cuts out the need to get onto the international > > backbone which as far as i understand it data transfer costs more using > > international links (please correct me if i am wrong) so now Red Hat > > syncs there servers in all the different countries we login to the > > closest server Red Hat pay less for international data transfers. it > > probably wont save the costs of data transfers with your solution but > > provides mechanisms to ensure the integrity of data. but mostly it > > would spread the load over more systems and data networks providing > > hopefully faster local access and quicker turn around times resulting in > > more users able to get the priority service. > Its just an idea ive had but i guess you would have all the systems identically configured except for dns entries or perhaps when you request rhn.redhat.com it automaticly directs your request to the closest server to you via an ip lookup. and uses a vpn link to apply the updates all controlled from Redmond, as for physical security is why i said they should be in Red Hat offices around the world. > Except this is a security nightmare, to try to maintain so many super secure > sites. RHN servers _have_ to be secured, physically and digitally. Imagine > if you will a non-secure RHN site, where somebody manages to upload a > trojaned update, and sign it w/ RH's key. How many people will then be > infected w/ this trojan? If financial losses are incurred because of this > breakin, is RH responsible for all the companies that lose money due to the > trojan? > > -- > Jesse Keating RHCE MCSE > http://geek.j2solutions.net > Mondo DevTeam (http://www.microwerks.net/~hugo/) > > Was I helpful? Let others know: > http://svcs.affero.net/rm.php?r -- Dennis Gilmore <dennis@xxxxxxxxxxxxxxxxxxxx>
Attachment:
signature.asc
Description: This is a digitally signed message part
