EdgeADC Build 4.2.10
EdgeADC Administration Guide
×

Example Architecture

WAF using external IP address
In this architecture, only HTTP can be used for your service as the Firewall cannot inspect HTTPS traffic.
The Firewall will need to be configured to send traffic on to the ALB-X VIP.
The ALB-X VIP, in turn, will be configured to load balance traffic to your web cluster.
WAF using internal IP address
In this architecture, you can specify HTTP and HTTPS.
HTTPS can be end-to-end where the connections from the Client to ALB-X are encrypted and from the ALB-X to the Real Servers.
The traffic from the ALB-X to the internal IP address of the firewall needs to be un-encrypted so that it can be inspected.
Once the traffic has passed through the Firewall, it is then forwarded to another VIP which can then either re-encrypt the traffic and load balance to secure servers or simply load balance to insecure servers over HTTP.