F5 FireEye Ingress with Single BIG-IP
Please--before you link me the existing deployment documents understand that I am asking for help on this because the existing deployment guides do say they are for ingress traffic but the guide just has you walk through an iApp that is using the forward proxy. I feel the guides should have a manual example of the ingress solution that does not involve using the forward proxy for outbound traffic.
I was wondering if anyone here has ever successfully set up a single BIG-IP to inspect inbound traffic (from the internet) using methods similar to the guides? I was curious if you had any details on the setup, in particular the physical connections does your single big-ip (or big-ip ha pair) have connections directly into the FireEye device or do the fireeye and the bigip both just plug into a switch and share the appropriate vlans?
How are you making the solution fail-open?
While this article is not part of the guides, i followed a chain of links from the guides and I Think this set up is what needs to actually be done...though I am confused about part of the setup that is said has to be done because of limitations of the VE.