You did a great job to implement a full scaleable integration solution (clustering and proxy).
But you solution lacks a Web Application Firewall, like: https://shadowd.zecure.org/overview/introduction/
But there are more.
Is it an idea to at this in you distribution?
I’m not familiar with Shadow Daemon but while in principle I can feel that this is an interesting idea, I’m not 100% sure how it would operate in practice?
Are you thinking of a security proxy geared more towards business applications? E.g. it could contain a SAP or PeopleSoft-specific module or other modules for most commonly used enterprise applications?