That's really not something you should be gambling on. Assume the worst, and architect based on it.
Limit what can be exposed where / how (e.g. as you say, "at least limit allowed IP ranges", but to me that's absolute bare minimum)
That's really not something you should be gambling on. Assume the worst, and architect based on it.
Limit what can be exposed where / how (e.g. as you say, "at least limit allowed IP ranges", but to me that's absolute bare minimum)