F5 BIG-IP and Imperva Integration.

Question

Hi,
Design requirements: F5 LTM VE (13.x) takes traffic to VIP (sends to Imperva for inspection) Imperva sends back to LTM, LTM sends to SERVER. Traffic between F5/Imperva/Server must be SSL encrypted. &nbsp;
KEY design requirements/notes: 
1) F5 must send to Imperva ENCRYPTED (Imperva will do the decrypt/encrypt). 
2) LTM has BEST license (BUT only LTM is enabled)&nbsp;
Questions I have - can this be done on LTM only (not using SSL Orchastrator)? And will there be any issues keeping it ALL SSL between the 2 boxes? &nbsp;
Thanks for your feedback!&nbsp;

chris_grant · Answer

A lot depends on exactly what you want the BigIP and Imperva to do.  If you just want to inspect the traffic with Imperva with no expectation that the traffic stream will be modified, I would suggest using clone pools.  The BigIP will mirror all the traffic it receives up to the Imperva, including responses if desired, but will otherwise go about it's normal role.  I would check this out for more information:&nbsp;
K13392: Configuring the BIG-IP system to send traffic to an intrusion detection system (11.x - 13.x)&nbsp;
If you want a more interactive conversation you might try this:&nbsp;
https://devcentral.f5.com/articles/divert-unencrypted-traffic-through-an-ips-with-local-traffic-manager&nbsp;
It might not play nice with end to end encryption, though.&nbsp;

Forum Discussion

F5 BIG-IP and Imperva Integration.

1 Reply

AppWorld Berlin iRules Contest!

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

Recent Discussions

Related Content

VMware VKS integration with F5 BIG-IP and CIS

Integrating Security Solutions with F5 BIG-IP SSL Orchestrator

Access Troubleshooting: BIG-IP APM OIDC integration

F5 BIG-IP SSL Orchestrator and ReversingLabs Integration Guide

F5 BIG-IP AFM and FireMon Integration Guide

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS