Using F5 as a reverse proxy hosting internet accessible to hosts on inside.
Hi All
Can someone advise,
We have a requirement to host a web service on the internet, the F5 has an VIP to the internet, the server hosts sit on the inside of our network, these are routed via a VLAN straight off the F5, so this would be insecure in my eyes as normally internet accessible servers should be on the DMZ.
Would it be a secure method doing it this way if the F5 was configured as a full proxy? if so what would we need to make it secure?
Would we need ASM or other modules? OR would you always need the servers in a DMZ ?
Could you get it to route to the servers internally via the firewall and just add routes to the F5? to me I still cannot see how this would be secure unless the F5 is doing security checking?
The modules we are licenced for are below?
- Local Traffic Manager, i2800(Perpetual)
- APM, Limited
- Max SSL, i2800
- Max Compression, i2800
- Anti-Virus Checks
- Base Endpoint Security Checks
- Firewall Checks
- Network Access
- Secure Virtual Keyboard
- APM, Web Application
- Machine Certificate Checks
- Protected Workspace
- Remote Desktop
- App Tunnel