Does Cloudstack VPC support TLS for Inter VM Communications

[btzq]

In a typical deployment all traffic transmitted over public networks is secured, but security best practice dictates that internal traffic must also be secured. It is insufficient to rely on security domain separation for protection. (Eg. Dedicated VPC for differenc sutomers).

If an attacker gains access to the hypervisor or host resources, compromises an API endpoint, or any other service, they must not be able to easily inject or capture messages, commands, or otherwise affect the management capabilities of the cloud.

I cant seem to find any documentation from Cloudstack supporting TLS within its VPC. Is this possible?

[DaanHoogland]

@btzq traffic in the VPC is mostly the responcibility of the customer/user. They should make sure they secure their traffic. VPCs have their traffic secured by using specific vlan or other virtual network mechs, vxlan or in tungsten or NSX. Depending of what virtual network mech you use you might have more or less protection.