I'm evaluating a vendor for an agent runtime deployment on my Proxmox cluster. Their public GitHub and docs show a simple architecture: one container, one network interface.
But their completed security questionnaire describes a "multi-layered, micro-segmented architecture" with "inter-container TLS" and "runtime isolation boundaries." No mention of that in the setup guides.
Has anyone run into this? Is this a red flag for a vendor being evasive, or just a case of their security team using different language than their engineering docs?
I need to map their answers to actual configs for my VLAN and firewall rules. Contradictions like this make it hard to plan. How do you usually proceed—ask for a direct architecture diagram, or just go by the public setup?