Hi,
This question is addresses to all the security gurus out there :
1. I have 2 front end web servers
2. I am using a cisco ld 430 for load balancing
3. The Two Web Servers are conected to a 6509 switch in conjuction with the LD offers ASLB ( accelerated server Load Balancing )
4. I am using a IDS blade on the 6509
5. The front end web servers are on private address space ( the LD is doing a NAT functionality )
My question is as follows :
1. Since the LD is listening only on port 80 on a valid IP, do I need a firewall in front of my LD ? Can the IDS blade on the 6509 prevent against streaming attacks ?
2. If I dont need a firewall in front of the LD, can a firewall be placed behind the LD ? From the CISCO docs on ASLB, the backend servers and the Vlaid IPs have to be on two VLANS. If I introduce a firewall beind the LD this requirement is violated.
I need to know what is a Best Common Practise when deploying a CISCO LD with a firewall.
Rgds,
Edward
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:31 EDT