For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

sm18_366599's avatar
sm18_366599
Icon for Nimbostratus rankNimbostratus
Jul 10, 2018

First time setup

Hi Team-   Need your advice/assistance as Im new to F5 and have very limited knowledge on setting up the appliance. We recently purchased licenses for F5BIG-VE BT 200 and was able to setup on VMw...
BIG-IP
devops
LTM
security
youssef1's avatar
youssef1
Icon for Cumulonimbus rankCumulonimbus
Jul 11, 2018

Hi,

 

your approach is correct regarding your architecture.

 

My question is the following, your web app that you will expose to internet is public? if not you can use APM to implement a security policy (authentication, endpoint inspection, ...).

 

Second point, if you site is public and you dont set APM (authentificaiton), you can increase security by implementing an ASM security policy to avoid attack, ...

 

Regarding ssl Offload I advise you to set this settings. It will allow you to secure ssl/tls part (HSTS, Disable Renegotiation, use secure cypher, ...).

 

let me know if I can help you on some points.

 

Regards