Security Basics mailing list archives
RE: F5 and Load Balancing
From: "Hayden Searle" <hayden.searle () safecom co nz>
Date: Wed, 17 Jan 2007 15:16:25 +1300
Hi Ethan We use F5's throughout our network and we always have a pair at each point for redundancy. We do use the same physical F5's and use VLANS to separate tiers of equipment like ISA/Exchange FE servers. If you think of them like a load balancing switch and think of how VLANs work within Cisco, and how you probably have multiple devices from different VLANs hooked into those, then you can probably see that it isn't that big of an issue. We also ensure that all traffic going to or coming from the F5 must pass through a firewall as well to lock down traffic to specific ports. Hayden -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Ethan_Steiger () Polk com Sent: Wednesday, 17 January 2007 7:10 a.m. To: security-basics () securityfocus com Subject: F5 and Load Balancing My Network group would like to leverage F5's bigIP products to do load balancing in both the Web tier as well as the application tier of our networks. While I take no issue with that approach, I do have a level of paranoia regarding them using the same physical device. Am I justified in my concern? Should I require them to purchase two additional F5s for this implementation (HA configuration) or should I allow them to use the same F5 and use VLANS to separate them? What is the threat of using the same device? Does the costs justify the added expense? Lots of questions. Thanks, Ethan ______________________________ Ethan Steiger, CISSP=20 Chief Security Officer Polk Global Automotive=20 ethan_steiger () polk com ##################################################################################### Important: This electronic message and attachments (if any) are confidential and may be legally privileged. If you are not the intended recipient do not copy, disclose or use the contents in any way. Please let us know by return e-mail immediately and then destroy this message. #####################################################################################
Current thread:
- F5 and Load Balancing Ethan_Steiger (Jan 16)
- RE: F5 and Load Balancing Stachowicz, Mark (Jan 17)
- RE: F5 and Load Balancing Hayden Searle (Jan 17)
- AW: F5 and Load Balancing Raimar Melchior (Jan 17)
- RE: F5 and Load Balancing Andre Christian (Jan 17)
- AW: F5 and Load Balancing Raimar Melchior (Jan 19)
- RE: F5 and Load Balancing Andre Christian (Jan 17)
- Re: F5 and Load Balancing Bryan Andrews (Jan 17)