2013/10/27 Predrag Punosevac <punoseva...@gmail.com> > > 3. Are there any strong opinions on CARP/pfsync vs RAID 1/altroot for > firewall redundancy for small office use. > > > I really don't see how those two options would be pitted against each other.
Most of the time I don't see the firewall rules as super secrets, the effect of them on a firewall will mostly be detectable anyhow. If someone get to read them offline by stealing your FW and you miss the fact that one of your carped firewalls is missing, you have other problems than "someone read pf.conf on the stolen fw since I didn't encrypt the root fs". -- May the most significant bit of your life be positive.