Hi all, I was wondering if we use Nifi site-to-site to transfer logs from a vulnerable network to our secure network what security concerns we need to consider to make sure we are not compromising our Nifi cluster at the destination network. Let's suppose an attacker got access to the source Nifi cluster at the OS level; we want to make sure that person is not able to attack destination Nifi cluster. Is S2S safe in this scenario? Basically, as soon as an attacker has got access Truststore and Keystore of the source Nifi, he/she is able to pass the SSL handshake of Nifi for S2S and start transferring malicious data or for example, apply a deserialization attack on the destination Nifi. I was wondering what additional layer is recommended to block unauthorised access in this scenario?
Regards, Ali
