Status: IN
FTL2 production deployments can follow a security-first lifecycle from bootstrap to runtime: two-phase host registration hardens access before content deployment, and runtime protection layers (such as localhost binding, reverse proxy TLS termination, firewalld drop zone, SELinux booleans, and SSH IP restrictions) provide defense-in-depth at network boundaries, as demonstrated in the Catbeez deployment pattern.