cancel
Showing results for 
Search instead for 
Did you mean: 

APM behind Third Party WAF

Hawary
Nimbostratus
Nimbostratus

hi Folks,

i would like to ask about, if it possible to put the APM behind third party external WAF (L3 WAF)? how will the traffic flow from external users to internal network? is there any guide to explain the needed configuration?

 

thanks all.

3 REPLIES 3

I don't word directly for F5 bt everyone from F5 will tell you to use ASM on the same F5 device if there is enough CPU and memory. There can't be a guide for how F5 APM will work with concurrent vendor, as there as many waf vendors nowadays as there are stars in the sky 🙂

Hawary
Nimbostratus
Nimbostratus

thanks Nikoolayy1,

the idea is that i'm not using F5 WAF, i'm using Sophos WAF and it working, i'm not sure it will work or not.

As I understand you want to use Sophos in L3 mode, right?

You can search (google) for F5 reference architectures. You will find a couple of diagrams that actually recommend to have a L3/4 network firewall, like F5 AFM, in a separate tier in front of APM or ASM/AWAF, in order to protect from flooding attacks for example.

 

This link is a bit dated, but is close to your scenario: The F5 DDoS Reference Architecture - Enterprise Edition.