PCI 3.0 Compliance with LTM
Hi people,
I have a mission to deploy a F5 LTM/ASM (in a future GTM) in a PCI 3.0 environment and it kills me because we need to balance external connections and inter-vlan traffic, no problem with that in a simple environment, but PCI requests that every traffic on VLANs is checked by an IPS.
So, my insights until now:
From WAN: Internet -> External (1 Route Domain/ASM/LTM) -> NGFW (FW/IPS) -> Internal partition (4 Route Domains/LTM) -> Servers
Inter-Vlan: VLAN1 Server -> Internal partition (VLAN1 Route Domain) -> NGFW -> Internal partition (VLAN2 Route Domain) -> VLAN2 Server
Please any one already face this situation? Any thoughts about this scenario? Any tip on how improve this? Should i change this deployment based on Partitions and Route Domains to work with isolated Guests?
Thanks for the help!