Reverse Proxy Functionality when WSS is used
Hi,
As a part of our solutions proposal we are including F5 to be placed in the DMZ to act as a reverse proxy for the server residing in the customers internal network. Our server application Implementation includes HTTPS and WSS between client and the server. Here is the setup
Client-->External Firewall-->F5 Reverse Proxy-->Internal Firewall-->Server
Now, the customer has raised the concern that since WSS is being leveraged, F5 can only act as a LTM and not APM and would not provide a true reverse proxy functionality. This could exposes risk to the server application located inside the internal network to attacks.The LTM does not also provide true termination of the incoming HTTP requests.
Can you please let me know if leveraging WSS will enable F5 to be just a load balancer and does not provide true reverse proxy functionality?
Wouldn't F5 be able to terminate HTTP traffic and act as proxy on behalf of the client in our scenario?
Do you see any security risks with this option?
thanks