[fw-wiz] Arch questions

From: Mike LeBlanc (mlinfosec_at_comcast.net)
Date: 08/11/05

  • Next message: Paul Melson: "RE: [fw-wiz] Arch questions"
    To: <firewall-wizards@honor.icsalabs.com>
    Date: Thu, 11 Aug 2005 16:07:50 -0400

    I am currently planning a move (bring an oursourced hosting overseas to the
    US). The basics are as follows

    inet rtr -->segment-->fw--->BIG IP--->IPS---->web

    The questions I have are:
    1/ Someone has recently mentioned the idea of using private adressing
    bewteen the inet rtr and the firewall, with
    public adressing on the web. What are the pros and cons?

    2/ I was under the impression that we used NAT to "hide" the webserver for
    protection (obsfucation) as well as
    the fw rules to protect it. Comments?

    3/ My research shows I need to have specfic certs (Apache and one other) for
    *each* webserver behind the Big IP.
    Anyone have any experience with F5 Big ip 1500s?

    Thanks in advance,

    firewall-wizards mailing list

  • Next message: Paul Melson: "RE: [fw-wiz] Arch questions"