well, i wouldn't consider myself an expert yet, but here are my 2c..
what kind of traffic are you going to be expecting from the user vlan's to the server vlans? are the server vlans in a windows domain or a linux domain? there are so many things to this. are you going to be having a web proxy? user file share access(smb)? dns traffic, ldap authentication? dhcp on your servers?
also, are you planning to have private vlan's for your servers to further restrict access from user vlans?
edit: wireshark! or just use nmaps to every server to check the open ports and depending on the server roles and make a rule table accordingly
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...