I decided to finally read about the the F5 Distributed Cloud and I had some questions about using only Site Edge Nodes (Customer Sites) without Regional Edge Nodes.
Is layer 7 DOS/DDOS protection still an option without Regional Edge ? For me this should work as only for Layer 3/4 DOS/DDOS the Regional Edge is needed as a scrubbing center.
Also is it possible to make ipsec/ssl tunnels between Site Edge Nodes full mesh? From I read in https://docs.cloud.f5.com/docs/about-f5-distributed-cloud/mesh this should be correct if I am reading it right "Using an industry-proven network stack with most advanced BGP implementation, we are able to provide full-mesh or hub-and-spoke connectivity across cloud or edge sites. The nodes automatically create secure IPSec/SSL tunnels with each other if they have direct IP reachability or securely connect to multiple nearest global PoPs. Using application or policy-based routing, traffic can be load balanced for optimal performance across this network. In addition, you can enable a network firewall and forward proxy capabilities to control and filter traffic to and from the applications."
Solved! Go to Solution.