--> Every web server is efficient for processing SSL traffic but how efficiently they can handle is a question.
--> HTTPS requests are more processor intensive compared to HTTP requests, often on the magnitude of at least 10 times slower than normal HTTP requests.
-->The main purpose of Web Servers to serve pages quickly, if they start processing SSL traffic they tend to lose their efficiency.
--> SSL offloading removes the need of a Web server processing burden of encrypting and/or decrypting traffic sent via SSL.
--> In simple terms SSL Offloading converts external HTTPS traffic into normal HTTP traffic so that your web servers don't need to process SSL traffic.
--> A device is placed in between the Client-Server connection processes every SSL request. In this case, F5 Loadbalancer is an example of a device that plays this role.
--> The F5 Load balancer decrypts the client's request before sending it to the web server, then encrypts the server's connection before sending it back to the client.
--> This method is called 'Offload' because SSL processing is done entirely by F5 Load Balancer, which results in a web server resource saving.
--> In this way, the web server can use its resources to process information that is really relevant to your applications.
--> The only prerequisite which is, We need SSL Cert for the domain you are trying to implement SSL offloading
--> Implementing the SSL Offload concept in F5 Load Balancer gives another advantage. In addition to removing the SSL processing load from servers, F5 Load Balancer becomes a certificate manager/centralizer.
--> Since, we can have all the certificates loaded in the balancer, creating a single point for administering them.
--> F5 SSL offload and acceleration removes all the bottlenecks—including concurrent users, bulk throughput, and new transactions per second along with supporting certificates up to 4096-bits—for secure, wire-speed processing.
--> A fully loaded F5 VIPRION® chassis is the most powerful SSL-offloading engine on the market today. Along with the F5 BIG-IP LTM Virtual Edition (VE), these platforms provide a powerful solution to the SSL challenge.
Ref : F5
Md.Kareemoddin
CCIE # 54759
--> HTTPS requests are more processor intensive compared to HTTP requests, often on the magnitude of at least 10 times slower than normal HTTP requests.
-->The main purpose of Web Servers to serve pages quickly, if they start processing SSL traffic they tend to lose their efficiency.
--> SSL offloading removes the need of a Web server processing burden of encrypting and/or decrypting traffic sent via SSL.
--> In simple terms SSL Offloading converts external HTTPS traffic into normal HTTP traffic so that your web servers don't need to process SSL traffic.
--> A device is placed in between the Client-Server connection processes every SSL request. In this case, F5 Loadbalancer is an example of a device that plays this role.
--> The F5 Load balancer decrypts the client's request before sending it to the web server, then encrypts the server's connection before sending it back to the client.
--> This method is called 'Offload' because SSL processing is done entirely by F5 Load Balancer, which results in a web server resource saving.
--> In this way, the web server can use its resources to process information that is really relevant to your applications.
--> The only prerequisite which is, We need SSL Cert for the domain you are trying to implement SSL offloading
--> Implementing the SSL Offload concept in F5 Load Balancer gives another advantage. In addition to removing the SSL processing load from servers, F5 Load Balancer becomes a certificate manager/centralizer.
--> Since, we can have all the certificates loaded in the balancer, creating a single point for administering them.
--> F5 SSL offload and acceleration removes all the bottlenecks—including concurrent users, bulk throughput, and new transactions per second along with supporting certificates up to 4096-bits—for secure, wire-speed processing.
--> A fully loaded F5 VIPRION® chassis is the most powerful SSL-offloading engine on the market today. Along with the F5 BIG-IP LTM Virtual Edition (VE), these platforms provide a powerful solution to the SSL challenge.
Ref : F5
Md.Kareemoddin
CCIE # 54759
0 Comments