Is encryption required on shared private networking?

September 2, 2015 2.2k views
Security Load Balancing DigitalOcean Firewall Networking MySQL Ubuntu

So I need to scale out my web application, but I need to ensure the data between my droplets stays private. All the tutorials on Digital Ocean only describe setting iptables to limit who can access you droplets. My question is, shouldn't encryption be used for communication between nodes as well as iptables? So that no third party droplet can eaves drop on the conversation between nodes? I don't see that discussed at all as a best practice. If it isn't needed, can someone fill me in as why this wouldn't be needed. My biggest concern is SSL on MySql kills performance by between 15-25% and if someone can tell me it isn't needed that would be great.

1 Answer

This question was answered by @CrypticDesigns:

I am not sure if its needed, don't know the infrastructure. But an article has been posted earlier about this:

View the original comment

Have another answer? Share your knowledge.