Crowdsec is a new project to protect against brute force Crowdsec's architecture allows distributed setups, as most components communicate via HTTP API.
When doing such, a few considerations must be kept in mind to understand the role of each component:
The agent is in charge of processing the logs, matching them against scenarios, and sending the resulting alerts to the local API (container)
The local API (LAPI from now on) receives the alerts and converts them into decisions based on your profile (container)
The bouncer(s) query the LAPI to receive the decisions to be applied (can be installed by .deb .rpm and openwrt package)