Forum Discussion

shahjee_264673's avatar
shahjee_264673
Icon for Nimbostratus rankNimbostratus
May 19, 2016

Big-IP GTM Location

Dears, We have two Data Centers one PRoduction in HQ and one DR, and we have two GTM needs to be installed in both locations. My Question is What is the best practice and recommended location (Physical and Logical) for these GTM devices? Overview of network design. - In HQ we will be using this GTM for many applications and services which already has LTM for each service. - LTM devices are in HQ Server Farm and DMZ and some other DMZs.

 

So what is the best practice to install this GTM device? in ServerFarm or in DMZ. if we install it in ServerFarm what are the pros and cons.

 

Thanks.

 

1 Reply

  • If talking about internet facing GTM, we try to install the GTM device outside the network (before firewall) as it can help you with :

     

    • handling DDOS attack on DNS service with DNS express feature, in this case Firewall could be a bottleneck
    • testing the whole chain to know if the app is available : fw - network - rp -app

    Of course most of the time, this is not allowed and GTM is positionned in public DMZ as it will received internet requests.