Forum Discussion
Olayinka-F5LB
Altocumulus
AltocumulusCollapsed DMZ/Internal Infrastructure design
Hello community,
We currently have our F5 setup with both DMZ and internal services and are reviewing security concerns around this setup. I wasn wondering if there was any kind of documentation that 'supports' this model while also keeping these services segregated securely..or if there's a best practice model for implementing something like this..or is it just standard/more secure/recommended to have one F5 for the DMZ and another one for internal services.
I've said a lot and I'm hoping someone out there can point me in the right direction.
Thank you.
Ola
- JRahm
Admin
Hi Olayinka-F5LB, I'm sure others will weigh in as well, but it ultimately comes down to security policy requirements on what isolation means from physical and logical separation. A vcmp-enabled system would allow you to achieve logical isolation within a share physical asset. Otherwise, you could achieve routing isolation within a non-vcmp system using route domains. It comes down to policy, and then design/ownership/roles of responsibility on changes so shared systems don't inadvertently compromise your zones. If the behaviors of your organization concern you on achieving that, I'd recommend keeping dmz/internal cleanly separated. Note this is my opinion, not an official F5 position on that.
- Heath_Parrott
Employee
I have to agree with Jason, this is a policy discussion more than a technical one. As he points out there are many ways to achieve traffic isolation. What a collapsed architecture does not do is provide fault domain isolation and that "line in the sand" of a network cable that seperates external, dmz, internal networks. The other caveat is if you are in a regulated industry you need to account for your auditor and how they will consider a collapsed DMZ architecture.
