aj11
Aug 03, 2017Nimbostratus
How do I block (packet filtering?) all external IPs?
We have a BIG-IP (F5) unit set up at a backup site. We want to lock this unit down so that no public access is allowed while not in use, and any external scans won't even know there is anything there until it is opened. So far, all the Virtual IPs get disabled, but we want to prevent anything from getting even that far. I suppose high-level packet filtering is what I want, blocking everything but management and internal IPs for the developers to work on the internal systems and within BIG-IP, and allowing access to reopen everything once this backup site becomes active. What is the simplest/best approach to accomplish this?