Gateway devices can be used to separate trusted and untrusted networks, allowing only authorized devices in an untrusted portion of a network to access data or resources in a trusted portion of a network. Such gateway devices typically validate the identity of systems on the untrusted networks and selectively allow access to the resources in trusted networks.
Replacement of failed computing and/or networking devices, and configuration of the replacement systems, requires substantial time and effort. During the replacement process, a network or data resource in a trusted network may remain inaccessible. In some cases, computing systems are grouped to ensure data availability and prevent resource “downtime”. Typically, such grouped systems are implemented as either redundant, identical systems, or similarly situated systems capable of operating in place of each other to provide similar services.
In the context of gateway devices, redundant systems provide additional locations for data vulnerability, and add a substantial amount of complexity. This is at least in part because redundant gateway devices must coordinate how those devices respond to systems on untrusted networks, and propagate security settings among those devices. Furthermore, to transmit sensitive data (e.g., data from a trusted network) to devices in an untrusted network, point-to-point data protection schemes are typically employed, which are difficult to extend to redundant or similarly situated systems without compromising security.
For these and other reasons, improvements are desirable.