Home page logo

firewall-wizards logo Firewall Wizards mailing list archives

Arch questions
From: "Mike LeBlanc" <mlinfosec () comcast net>
Date: Thu, 11 Aug 2005 16:07:50 -0400

I am currently planning a move (bring an oursourced hosting overseas to the
US).  The basics are as follows

inet rtr -->segment-->fw--->BIG IP--->IPS---->web

The questions I have are:
1/ Someone has recently mentioned the idea of using private adressing
bewteen the inet rtr and the firewall, with
public adressing on the web.  What are the pros and cons?

2/ I was under the impression that we used NAT to "hide" the webserver for
protection (obsfucation) as well as
the fw rules to protect it.  Comments?

3/ My research shows I need to have specfic certs (Apache and one other) for
*each* webserver behind the Big IP.
Anyone have any experience with F5 Big ip 1500s?

Thanks in advance,

firewall-wizards mailing list
firewall-wizards () honor icsalabs com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]