That's pretty much how I'm doing it now - it's just those darned cloud instances that don't have some kind of fancy provider network. I usually end up wither making very tighly scoped firewall rules on the hosts to only allow SNMP from a monitoring node, or I have to do host based VPNs on them all.
↧