SSL Accelerators

From LB Wiki

Jump to: navigation, search

SSL accelerators are stand-alone network devices that terminate SSL connections and forward the traffic to servers in plain-text. Typically used with web servers, they save the server from performing the CPU-intensive cryptographic operations. There's often referenced (but not often cited) statistic that servers running SSL spend 90% of their CPU cycles on just the SSL operations, leaving only 10% of available CPU cycles for actual application serving.

On The Network

An SSL accelerator can be placed in the direct Layer 2 path or the direct Layer 3 path (diagram 1), depending on the vendor. The deployment is often very similar to a web proxy.

Diagram 1: Basic SSL Accelerator Configuration

Today, most SSL acceleration is performed by the load balancers, typically with an add-on SSL accelerator PCI/PCI-X/PCIe board installed in the load balancer.


Retrieved from "http://lbwiki.com/index.php/SSL_Accelerators"
Personal tools
Advertisements