Wondering where most folks put the LOM port for an appliance - private network, publicly reachable but post firewall, or directly on the public network, flat to the firewall?
For years i've been putting mine on the private side, but i can see a ton of value placing them flat to the firewall on the public side. For instance, at every location the ISP provides me a /29 for the handoff of which i immediately use 4 or the 6 public IPs - their gw, VIP, real-1, real-2. So i have just enough IPs to place the LOM ports there. But....are they hardened enough to be in a free fire zone? Assume i'm using a complex password - any options to harden even more?
Appreciate your feedback.