TayF5un
Jan 11, 2017Nimbostratus
F5 AFM behind the internet router
Hi,
I want to deploy F5 between internet and firewall with ASM and AFM. could you please say important points and configuration.
Router --> F5 --> Firewall --> servers
@TayF5un
AFM controls inbound/outbound. You set the direction of the traffic flow based on source vlan and destination IP's/VLAN
I would recommend using the AFM firewall as long as it can do all the NAT's you require. I have found some difficulty in using AFM to duplicate advancing NAT's that my other firewall vendor can do more easily.
Consider using TPS anomaly DoS protection for any websites that are potential targets. Make sure you tune the AFM DoS vectors.
HSL High Speed Logging is a recommendation since logging with ASM/AFM can get quite cumbersome on the standard MGT interface