Lightboard Lessons: FireEye Ingress Solutions with BIG-IP

Most websites utilize https:// encryption to secure traffic to/from their webservers.  This is a blessing and a curse...it's a blessing because the traffic is unreadable in its encrypted form.  It's ...
Published Jan 20, 2017
Version 1.0
fireeye
lbl
LTM
security
ssl
Marvin's avatar
Marvin
Icon for Cirrocumulus rankCirrocumulus
Feb 06, 2017

Hi John,

 

Great integration, however I was working on this integration last year and I could never made it to work in layer 2 using the single Big IP solution (using route domains). F5 engineering informed me that the solution works in layer 3, that is using serveral vlans and subnets on the internal side, FireEye segment and external segment, but what if the customer does not want to change their IP addresses?

 

Another thing to take into account is a technology named proxy chaining requiered when the customer wants to maintain their explicit proxy, otherwise the proxy communication will not be decrypted and send to the upwards explicit proxy.

 

What we are looking for is a transparent layer 2 setup without having to change the network infrastructure.

 

As I said I tested the solution in our lab last year but never got it to work properly:

 

https://devcentral.f5.com/questions?pid=41946 (imagine there is a FireEye in between the to logical F5 big IPs)

 

Do you have any update on this integration if it is possible to do the Layer 2 setup and is there an Iapp available to implement it far more easily?

 

Best regards,

 

Marvin