Build an Open Source SSL Accelerator

Amin Zelfani writes "SSL accelerators like Big-IP 6900 from F5 Networks typically carry a $50k or more price tag. An article over at o3magazine.com shows you how to build an SSL accelerator that's on par with the commercial solutions, using Open Source projects. SSL Accelerators offload the encryption / decryption process from web servers, reducing load and reducing the number of certificates needed."

Huh?

[TheRaven64]

A miniPCI card with an OpenSSL-supported crypto engine that can handle saturate the bus costs around $50. What do you get by spending three orders of magnitude more? Something that can handle multiple, 10GigE connections?

Re:

[jd]

You forgot to mention the fancy box with the plush anti-static bag for the card. What, did you think you were just giving the companies those $5,000? It costs a lot to make something that's both plush AND anti-static, you know!

Re:

[Nethead]

Looks like some guys on Elliot Bay have mod points today.

Re:Huh?

[Trepidity]

Partly the article is quoting prices on a whole box, not just the SSL acceleration. The Big-IP 6900 mentioned in the summary, for example, is a dual-core rackmount server with 10GigE, and hardware SSL and compression. Presumably much of that money you're paying is going for the actual server, not just the SSL-accelerating coprocessor. Of course, you're probably also paying a markup for buying a specialty server of that sort, rather than slapping an SSL accelerator in a server from a commodity vendor.

Re:

[Anonymous Coward]

you combine nginx, haproxy, varnish-cache and you've got 80% of what Big-IP does!

Re:

[Otterley]

The other 20%, and your time, is what makes it worth $25k.

Re: Features...all on the same 6900

[jgruber]

Discloser: I work for F5... You're discounting the real time OS which provides all the integrated SSL offload, compression, caching, etc inline... TMOS. Even a comment on our own Dev Central was asking where they could download our proxy source, just because we use CentOS as a bootstrap and platform for our control plane (GUI). It would be a major technology misunderstanding to believe that we process our real time integrated proxy code in standard SMP interrupt driven I/O ways on the hardware. We don't.

Re:

[Cylix]

Still wrong...

It's support... plain and simple...

It is rather simple to get an over night RMA if a unit behaves strangely or begins to fail sporadically. At the same time, there is a support channel available to assist with configuration or other types of soft issues.

I'm not arguing for or against this type of solution, but rather pointing out why it is so high.

There are multiple components to consider when determining what type of purchase to make.

Re:

[Idiomatick]

How is this offtopic?

Re:

[Anonymous Coward]

Actually you forgot to mention that most licensing systems require multiple licenses per 'machine'. One of the advantages of using one of these SSL accelerators, besides offloading the work, is being able to consolidate certs onto one machine for many front-edge machines.

Re:

[jgruber]

Actually BIG-IP has no problems decrypting... working with app data...load balancing...tcp multi-plexing...etc... then re-encrypting. You can get offloading for caching and compression and at the same time be SSLed on both the client and server side of the proxy.

Re:

[BigBuckHunter]

A miniPCI card with an OpenSSL-supported crypto engine that can handle saturate the bus costs around $50.

You would pay $50.. for a ssl crypto PCI card, and you're implying that 'other' people are being suckered?

BBH

Re:

[TheRaven64]

I've not bought one, but I know a couple of people who use them in little embedded firewall boxes. These typically have something like a 266MHz Geode CPU which can't handle SSL or IPSEC at line speed without the accelerator, but can with the (mini)PCI card installed.

Re:

[Bert64]

Dont the geode processors have some sort of AES capability built in? At least the 500mhz Geode-LX does, i have one and it has a kernel driver for the loop-aes device...
Is there any way to have OpenSSL use this hardware on linux? One of the soekris net5501 boxes would make a good little vpn box if i could do that.

Re:

[TheRaven64]

I think the newer Geodes do, but the older ones have been around for a long while and are still cheap. No idea about Linux - I've no idea why you'd run anything other than OpenBSD on a machine like that.

Re:Huh?

[upside]

The BIGIP does load balancing, active-active clustering, routing, packet manipulation using scripts etc. It's extortionately priced but is very powerful and very user friendly.

Re:

[jgtg32a]

For 10% of the price

Re:

[Anonymous Coward]

And an order of magnitude less user-friendliness.

Re:

[binarylarry]

Fortunately, this is a complex area anyway and the person installing it should really know what they're doing.

I wouldn't want some moron from geeksquad configuring my company's SSL stuff.

Re:

[afidel]

Not when you include the man months to do all the configuration and tweaking needed to get it working perfectly. Plus it's not like you can really simulate the real world load these types of boxes experience so you would have to put your homebrew solution in front of a webfarm where downtime is many multiples the cost of the BigIP solution. The fact is only a cash poor startup is likely to use such a solution because it's about the only situation where you would have sufficient traffic without the revenue t

Re:Huh?

[Anonymous Coward]

nginx, haproxy, varnish-cache

Ok. Lets say your geek is $65k+stuff a year. It takes your geek 6 months to fully ascend the nginx/haproxy/varnish-cache learning curve and get the stack working properly. A geek making only $65k WILL take that long trying to achieve some semblance of parity with a commercial quality, regression tested appliance. That's around $50k in labor (remember, employers pay hidden costs) + hardware (still not free, that.) Meanwhile, you've lost some number of eyeballs to glitches and poor performance and disappointed whomever wanted it 12 weeks ago.

You could use a better geek, but those cost more and you overrun your $50k budget faster, so that's a wash. Might lose fewer eyeballs that way...

Now you rely on a "one off" mystery that your geek, and only your geek, can possibly manage without learning the hard way WHY he's the only one. On the upside you also have the beginnings of a network appliance you might try to productize... if you can get your geek to document it.

Or you could drop $50k now and put your geek on something that doesn't come in a box.

I know, I know. "SIX MONTHS!!!111 What kind of idiot..." I've been involved with this stuff a long time. It isn't done when the light comes on. It takes lots of effort to go from "oh look, it lit up!" to a finished product. In the end you'll spend every damn minute of that 6 months whether you do it up front or amortize it over half a decade. If you take the long view you realize that there is a reason BigIP has customers.

Re:

[Anonymous Coward]

You're confusing 'the time it takes to solve the problem' (i.e., accelerate SSL performance by offloading) against 'the time it takes to produce a a shrink wrapped product that I can sell.'

See, the 50K big-iron will solve the problem; yes. But the goal isn't to replicate what that big-iron never-ever-fail comes-with-a-cherry-on-top can do, the goal is to accelerate *this web server*. Not your web server, not everyone's web servers, but THIS one.

And on THIS web server, we might not *care* about 90% of the

Re:

[BiggerIsBetter]

Mini-PCI card? How about doing it on the GPU [manavski.com] instead?

an OPen sourse

[geekoid]

particle accelerator I can build? cool..oh wait. damn.

Re:

[jd]

We did the particle accelerator some time back. Do a search for "scotch tape" and "x-rays".

Tangental question...

[Richard_at_work]

At the moment I have two OpenBSD servers acting as a single firewall infront of two IIS6 Windows 2003 R2 servers - the OpenBSD servers are acting as an Apache2 reverse proxy for IIS. Only one of the IIS6 servers is 'live' at any one time, the second is the spare.

Currently, the setup has an automatic failover for the OpenBSD servers via CARP, which works great. However, the IIS servers are currently limited to manual failover, they cant use MS Network Load Balancing because I need session based balancin

Re:

[jd]

One thing to consider is whether you need session-based fail-over. If you're going to only treat one as live at a time, then send the spare computer the same packets you are sending the live computer, but drop the responses. If the live computer stops responding, allow the responses from the spare to go through.

The problem will be getting the machines back in sync once the first machine is rebooted. If you assume that the time between the two machines failing is going to be great enough, forward new connect

Re:

[Richard_at_work]

Well, that is one option, but ideally because the IIS servers will be running .Net apps, it would be nice to actually load balance them, so they would both be 'live' in that situation. At the moment, I have to physically repoint the Apache2 proxy at the other server to fail over (or change IP addresses on the IIS box).

Re:

[awpoopy]

What I think you're looking for is "carp" and all flavors of bsd do it. You may want to check out pfsense: http://www.pfsense.org/ [pfsense.org]. I've used it for years. Depending on requirements, just throw the appropriate amount of hardware together. You can fail-over ipsec tunnels with it. Suitable for all enterprise uses.

Re:

[nacturation]

What I think you're looking for is "carp" and all flavors of bsd do it.

Here is the third sentence of the post you replied to:

"Currently, the setup has an automatic failover for the OpenBSD servers via CARP, which works great."

Given that, he's most likely talking about .NET Session state.

Re:

[awpoopy]

Oops. Carp does session failover - at least ipsec tunnel sessions.
If it's .nut - well I'll pass that over to the nuts that use it.

Re:

[mat]

Just use mod_proxy_balancer (included in Apache) either to load-balance sessions between the two servers using session tracking, or to to use a server as a backup with the parameter "status=+H" (only available for the latests Apache versions).
http://httpd.apache.org/docs/2.3/mod/mod_proxy_balancer.html [apache.org]

uh

[anthonyclark]

you *do* know that an F5 Big-IP is more than an SSL accelerator? Like, a load balancer with lots of cool features.

I guess you could duplicate the features of an f5 with nginx and more, but I guess it'd take a developer more than 50k worth of time to do it.

Re:

[Puzzleer]

50k? Are you insane? I worked at a company that built similar products, and we had six developers working on it for five years.

Don't trivialize how hard it can be do build a piece of high performance equipment (especially where you are doing crypto in hardware).

Re:uh

[deraj123]

but I guess it'd take a developer more than 50k worth of time to do it.

He wasn't trivializing. He was, in a somewhat roundabout way, saying that 50k is a lot cheaper than what it would cost to implement the same solution yourself. The summary (don't know about the article, didn't read it) was trivializing the difficulty, the GP was refuting the summary.

Re:

[hackstraw]

you *do* know that an F5 Big-IP is more than an SSL accelerator? Like, a load balancer with lots of cool features.

Yes, that is true. What this also means is that after spending the big bucks for the front end like this, you will save money in the long run because you now have the ability to throw as many boxes behind the SSL switch/load balancer box up until all of its links are used. You don't have to buy new certificates or wildcard certificates for any of the backend devices and/or worry about name mismatches, or any of the common issues with SSL certs.

I didn't see it on their website, and couldn't really read the

Re:

[bugs2squash]

Sure, But what if you don't need all the cool features ?
And what if you want several of them (multiple locations, redundancy etc) ? High-end boxes hunt in packs.
The $50k a pop adds up quickly and I quite like the idea of factoring out each feature into a separate cheap box.
The argument is also cited that building something in house means that there is only one person who understands it. That may be true, but I've seen bought-in systems deployed where no-one in house understands fully what it does or

Ideally...

[jd]

...you'd offload the entire TCP/IP stack (Linux' networking isn't the fastest) as well as the SSL. Preferably get the IPSEC in there as well. It shouldn't be too hard to build a card that does the lot. You could then use VCHAN or some other kernel bypass method to forward the data as though Linux had just processed the packets within its own networking stack. The software doesn't need to know where the operation is taking place, so long as the API is the same.

However, just getting the SSL onto a card is a definite advantage, as SSL is a heavy processor consumer and is used frequently-enough that it's a drag on systems.

There are many encryption chips out there (Freescale's S1, for example) and there are projects on OpenCores that you can download right into a low-cost FPGA, so you can get pretty much whatever speed you want at whatever budget you're prepared to set aside.

Why a card?

[dj245]

Why have an addin card? The acceleration hardware isn't all that complicated. Hell, VIA put it into their proccessors- look at the huge [mini-itx.com] difference it makes. Even if the graph is best-case scenario, that x86 compatable processor is dynamite with encryption.

Re:Why a card?

[raddan]

The problem with wiring the accelerator into the CPU is that, although the CPU can perform the calculation faster, it does not actually free the CPU from having to do the packet processing. In addition to CPU time spent, you also need to consider interrupt overhead, which for high-speed networks (like 10GbE) is pretty significant. A separate TCP offload engine, with hardware encryption support, and access to memory via DMA, can significantly reduce the amount of time a CPU spends processing packets. It just interrupts the CPU when a decrypted TCP payload is ready and waiting in memory. And since your add-in card doesn't need a large instruction set, you can make it very, very fast.

Re:

[jd]

In order to maintain parallelism, you could put the acceleration hardware on the ethernet card. If it's in the CPU, unless it's a parallel core (in the same way that the IBM Cell operates), you don't gain any offload advantage.

It can't be that good

[Anonymous Coward]

If their solution was really worthwhile, wouldn't the link to the article have been https:/// instead of just http:// ?

It'd be nice to see SSL on all web sites

[Matt Perry]

It'd be nice to see SSL used on all web sites. Apache can now handle SSL virtual hosts so that obstacle is gone.

Re:

[fuzzyfuzzyfungus]

Y'know who else thinks that it would be nice to see SSL used on all web sites?

Verisign.

Re:

[Darby]

Y'know who else thinks that it would be nice to see SSL used on all web sites?

Verisign.

You know who is missing (part of) the point of an SSL accelerator? You are!

One wildcard cert + one pair of SSL accelerating Load Balancers = All of your sites can now be SSL.

Re:

[TheRaven64]

Further, regular SSL requires a dedicated IP address for each certificate

Yes you can. The standard was published almost a decade ago, and I think it's pretty well-supported now. It requires connecting and then doing the SSL handshake once you've identified the server (just as STARTTLS extensions on most other protocols do).

Re:

[Matt Perry]

Further, regular SSL requires a dedicated IP address for each certificate.

No they don't.

You can't have multiple SSL websites on the same IP address.

Yes you can. Read. [wikipedia.org]

Re:

[Mr. Slippery]

Yes you can.

...as soon as you get old OSes and browsers off the net. Read the article to which you link, the scheme doesn't work with Win XP running IE 6 or 7.

So even if you were silly enough to run experimental code in your server, a large percentage of your clients can't use the extension anyway.

The GP is correct: regular SSL requires a dedicated IP address for each certificate. The fact that an experimental extension to SSL gets around this requirement does not alter that fact.

Re:

[DavidTC]

Actually, strictly speaking, you can run it on a single IP and different ports.

But no one likes that solution.

Re:

[Matt Perry]

Win XP running IE 6 or 7.

Those clients represent an ever decreasing share of the browser market. By the time SSL virtual hosts are deployed on a wide scale, those browsers may be a tiny fraction of the ones in use. A service provider may also decide that the ability to support SSL virtual hosts outweighs the loss of those clients and instead encourage them to upgrade to a different browser such as Firefox.

So even if you were silly enough to run experimental code in your server, a large percentage of your cl

Re:

[rootofevil]

if you dig into that a little youll realize that the necessary TLS extension isnt officially part of apache yet, and even IE7 on XP doesnt support it.

effectively, at this point, for the vast majority if the internet it is not supported. which is a shame, because id love to use it right now on a project im working on.

Re:

[jd]

Better yet, it'd be nice to see SSL used on all pages on all web sites. One of the first rules of security is that context can tell you a lot about what is being encrypted and can potentially weaken that encryption. It also allows attackers to distinguish packets of interest from context.

Using SSL for only critical stuff is like using encryption for only shell passwords. It's better than nothing, but exposes far far too much.

(One might argue that there's so much valuable data placed on computers in corporat

Re:

[Goyuix]

Apache is only half the problem at best, the real issue is the lack of compliant clients at a significant level. Server Name Identifcation (the extension to allow for virtual hosts behind SSL/TLS connections) has been supported in Firefox since v2 I believe, and Internet Explorer 7 - though I think that is only on Vista for some reason. I have no idea what Safari, Opera and other browsers and platforms might support.

Re:

[Matt Perry]

Apache is only half the problem at best, the real issue is the lack of compliant clients at a significant level.

What do you mean by significant? All of the major browsers currently support SNI [wikipedia.org].

Re:

[DavidTC]

Yeah, except for that whole 'XP running IE6 or IE7', which is something like 60% of all web browsers.

Re:

[Matt Perry]

Yeah, except for that whole 'XP running IE6 or IE7', which is something like 60% of all web browsers.

And steadily declining. It's also only relevant if you care about being accessible to everyone. Do you think Amazon.com or Ebay is going to fret over hosting multiple sites behind a single IP address? Of course not. SSL virtual hosts are most important to home users like you and me. That's where the value it. Not all of those sites care about being accessible by every browser. If people can't access my sit

Re:

[DavidTC]

It's also only relevant if you care about being accessible to everyone.

Except that you started off this conversation talking about 'all websites', you loon.

But from now on you feel free to pretend 'all websites' are run by hobbyists who can afford to ignore 60% or more of the people out there, and everyone else can freely ignore you.

Re:

[Matt Perry]

Except that you started off this conversation talking about 'all websites', you loon.

Please do not use personal attacks. I will be glad to engage you in conversation but only if you can be civil.

Re:

[Matt Perry]

Except that you started off this conversation talking about 'all websites'

Yes, I did. Specifically, I said that I'd like to see SSL used on all web sites. Here's the exact quote:

It'd be nice to see SSL used on all web sites. Apache can now handle SSL virtual hosts so that obstacle is gone. [slashdot.org]

One obstacle to all sites using SSL is the lack of support for SSL virtual hosts. That obstacle is now gone thanks to SNI.

Many sites have dedicated IP addresses and can use SSL just fine. But there are many other web sit

Re:

[Mr. Slippery]

You don't consider IE 6, or 7 on XP, to be "major" browsers? What odd traffic patterns you must get. I see over 30% IE 6 on my personal server.

Summary: use nginx.

[mystik]

Nginx has been getting a lot of press lately, much of which is well deserved.

This article is simply that -- use a front-end reverse proxy (like nginx) to your backend server, and let nginx handle the ssl transaction and pass the body of the HTTP request to your backend server where it handles the important stuff.

This is not an uncommon strategy, and lets you have a lot of flexability.

Did anyone else read the headline and think

[rford]

that they were building an open source Synchrotron Light Source accelerator.

Re:

[compro01]

I somehow read it as SSC [wikipedia.org].

I did.

[Kludge]

I did

UltraSparc T2 server as competitor?

[owlstead]

It doesn't cost 50K to buy a T2 based server from Sun (more like 15K at entry-level prices). This would give you 8 crypto-accelerated cores with 2x 10GBit ports straight into the processor. They are also not that power hungry. You could use this to both accelerate your web server as well as your SSL. Wouldn't this be a better solution than building two servers?

Just thinking out loud, maybe I've overlooked something as I'm not a network engineer or anything.

Re:

[bajan_on_ice]

Done and done... $50k and equivalent performance of the high end BIGIP stuff
http://www.zeus.com/news/press_articles/zeus-price-performance-press-release.html [zeus.com]

Re:

[owlstead]

Yes, but then you are back to the 50K pricepoint. OK, that's INCLUDING the application server, but it might still be a bit steep for many applications. And you'd have to port/reconfigure the applications to run on the T2 server.

One of the advantages of an SSL-offloader is that you only have to remove the SSL from the port running SSL. Hmm, maybe the T2 is not such a good idea if you're having other deadlines pending. System admin time and knowledge is a costly thing.

Re:

[bajan_on_ice]

$50k for something that performs at $150k? And that's for a LB that saturates a 10GB line with full SSL acceleration. That's not trivial to do, and most sites wouldn't even come close to using that. In that case, I'd recommend Intel/AMD gear.

I've used the Zeus software. Never got trained on it, and had it up and running in less that 2 hours. Its really well designed.

Re:

[owlstead]

Interesting stuff indeed, and the 50K/150K is of course interesting. But still only if you need the performance of that 150K server, otherwise other project may be less expensive.

My X2 Phenom CPU may also not beat many others in price/performance, but it does what I need using not too much power. I probably could buy a 150$ CPU instead, but I would loose 75$ dollars doing it...

Re:

[pyite]

Done and done... $50k and equivalent performance of the high end BIGIP stuff

Zeus is not a valid competitor for a lot of markets until they add Route Health Injection. It's a glaring feature-set hole for site-to-site failover (via routing) that both Citrix NetScaler and F5 BIGIP support as a bread-and-butter function.

Otherwise, their features like TrafficScript aren't half bad.

Re:

[owlstead]

32 cores at 300 MHz? Only if you really don't understand the difference. And it seems you don't.

I am self-educated in basic processor design, and that's just plain wrong if you look at the hardware. If you look at it from the OS, you will indeed see 32 cores, but if you are using 8 threads you will get higher speeds than a single core running at 300 MHz. The reason Sun uses 4 threads per core is to optimize the use of the ALU's of the core.

That's the theory, but I was wondering if you could buy a T2 and eas

Re:

[otis wildflower]

You mean how a 1.6ghz Atom CPU's hyperthreading means it has 2 800mhz threads?

Care to share your crack pipe with the rest of the class?

Re:

[Anonymous Coward]

What Sun DOESN'T tell you is that each of those eight 1.2 GHZ "cores" are actually 4 threads (read: cores)... running at 300mhz each.

So what you REALLY get is.... 32 cores, each running 1 thread (total of 32 threads) at a speed of 300mhz. They just group four of them together and market them as a core.

No, you're wrong.

On a T2, you can have 8 or 4 cores, each with a floating point pipeline and two integer pipelines (T1 had one int per core, and one float per chip). Each (real, 1.2GHz) int pipeline is fed by four hardware threads. The hardware threads allow the processor to quickly service the next process if anything stalls. The OS can't do anything about these stalls, and only sees them as busy time, as if the processor was really doing something. The 4 to 1 ratio gives the system pretty good odds of

Re:

[BobSixtyFour]

My company has a T2000, and it is slow. 1/4 as slow as the 1.2ghz box it replaced.

Everything is slower. From the tarring of files to the rsync of directories.

In order us to even return to the same performance as our old box, we had to make multi-threaded processes kick off approx 4 worker threads to handle the work.

It's not an oracle myth when your single-threaded shellscript takes 4x as long as before.

It's the equivalent of that cashier taking smoke breaks 3/4ths of the time instead of scanning my food!

Sur

stunnel

[KillerBob]

It's already been done. It's called stunnel. Among other things it lets you do, you can specify a different host to connect to.

In other words, host A accepts connections on port 443 and can automatically encrypt the traffic and route it through to host B on port 80. It allows you to accept connections on multiple ports, each with its own mapping.

It also works with name virtual hosts, forwarding the name request through to the other host.

Re:

[buchner.johannes]

Or squid as reverse proxy.

Re:

[Bert64]

You don't want to use multiple ports, most proxies will only permit https connections on port 443 so a lot of users behind corporate proxies would be screwed.

Re:

[dirtyhippie]

Surely you're joking? stunnel costs an exec() per connection.

Re:

[Otterley]

It doesn't if you're merely using it to unwrap the SSL from the connection and proxy it to another TCP port.

Offloading Proxy

[tronicum]

Well if you RTFA it says in first paragraph that its NOT a accelerator but off-loader. Beside that it is proxying the connection so you have to change your logging to adept to the Real-IP being inside the http headers. The argument that it is equal secure as true https as it transfers http in the "local subnet only": that vanishes if a machine in this subnet gets compromised. As others mentioned, comparing such (nice) reverse proxy hack with a BIG-IP load balancer is a joke.

Reduce the number of certs?

[Sentry21]

How does this reduce the number of certificates required? It might reduce the number of copies of the certificate, but you still need either one certificate per subdomain, or one wildcard certificate per domain.

I'll grant that it makes certificate management simpler, but not significantly so â" it really only saves two minutes every year.

Re:

[owlstead]

"How does this reduce the number of certificates required? It might reduce the number of copies of the certificate, but you still need either one certificate per subdomain, or one wildcard certificate per domain."

I think that would be because in some instances you could serve multiple applications from the same server (with the same certificate). This does of course not work for internet store applications and such, but for many business communications, it might well work. The proxy can then create a connec

Re:

[profplump]

Verisgn says SSL accelerators don't count anyway -- you still need to license for each connected server.

Or you could buy from a more reasonable authority that doesn't impose such restrictions.

Re:

[DavidTC]

Um, I've never seen a 'license' on SSL certs at all. Where are you people buying these things from?

Lame fanboy piece - no threading

[Anonymous Coward]

Hmm, why no mention of nginx's thread limitations? By design, nginx does not use threads and as a result has performance issues scaling beyond one CPU or core. Those limitations will become apparent on certain real world workloads and with realistic tests. Those are important issues and this piece, like many nginx discussions, glosses over them. It also disingenuously tries to compare nginx to commercial solutions.

I like nginx a *lot* and have tested and deployed it in many different situations. But it

Idiotic

[scubamage]

Big-IP products are not just SSL accelerators. If you want an SSL accelerator go on ebay and pick up an ncipher card for cheap.

Big-IP products are used for their load balancing abilities, and can be used to build content delivery networks based on pools of application resources/servers. They're for sites that simply cannot go down, because downtime would be tremendously costly. Think military. Think medical. Think ebay or amazon. That's a pretty big farking far cry from a simple SSL accelerator. The only

Re:

[pyite]

The only comparable device is a module from Cisco that currently slips my mind.

The Cisco product is pretty sucky. The only comparable product is really Citrix NetScaler.

Re:

[scubamage]

Ok, now who in all of these open source packages will support me on the phone at 3am when a major hospital customer goes down, hmm? Oh wait, they won't. I'll have to go on a forum. For each package. And I have to pray that whoever I speak to is capable of speaking proper English. And be familiar with connecting all of these packages together. While I'm dodging angry users, and praying to god there's no trauma calls. I'm not an idiot, I'm realistic. If our servers go down, people die. So I'll trust the x86 w

HTTPS versus HTTP Cacheing

[shentino]

Any negative interactions?

I hope that HTTPS can cache like HTTP does.

Running end-to-end encryption would certainly prevent proxies from stashing away frequently accessed objects.

Re:

[Jeremy Visser]

Any negative interactions?

I hope that HTTPS can cache like HTTP does.

Running end-to-end encryption would certainly prevent proxies from stashing away frequently accessed objects.

Your web browser can cache the data in its own cache, but you are correct in guessing that a proxy cannot transparently cache the data.

However, recently, I was looking at Riverbed Steelhead [riverbed.com], which claims to be able to cache SSL-encrypted data. I'm guessing it would work similar to a replay attack -- you don't know what the data means, but you still know what its encrypted form looks like, so you can still cache it. Might be worth a look.

That's bloatware

[bytesex]

Why do people bother with ssl accelerators ? It's somewhere else, so you're always talking to it via a stream. Doing a round of AES ECB isn't so expensive as to weigh up to all that network traffic, right ? Better to equip your hardware with crypto-coprocessors, crypto-PCI hardware, or run it all on VIA C-7's. They have on-board crypto, accessible via special instructions.

Buy a decent CPU

[zdzichu]

Nehalem family CPUs have AES encryption commands in assembler (supported by Linux). UltraSPARC T2 have 8 cryptographic accelerators onboard. By buying modern CPU you have SSL acceleration.

Re:

[pyite]

Nehalem family CPUs have AES encryption commands in assembler (supported by Linux).

Except that AES isn't processor intensive to begin with; it's a bunch of XORs and table lookups for GF(8) exponentiation. The processor intensive part of SSL is the public key work.

More of a security risk with this scheme

[0x537461746943]

"The SSL accelerator in front of the servers takes the incoming SSL transactions, decrypts them, and then forwards them on to the servers as HTTP. This is still secure as the connection between the SSL accelerator and the servers is a private local network, there is no unsecured transaction going over the public Internet."

The problem with that statement is private does not always stay private when web servers are involved. If any one of the web servers on the lan between the webservers and the SSL decryp

Compile OpenSSL with -O3?

[wsanders]

I guess if you're BofA or Wellsfargo and you have 10gb of traffic and just an army of contractors for your IT staff, this might make sense, but - Seriously! It's been a while since I played with accelerators, and I also hate anything F5 with a passion, but with commodity hardware as cheap as it is (PowerEdge 1950 or Sun X4000-something equivalent), why bother with an expensive magic box which has some cheapo Supermicro-class PC on the inside? Especially if you have an app, like a web app or some random VPN

what about offloading encryption / decryption?

[silverhalidepgh]

Anyone have any success offloading encryption / decryption functionality using these cards? Not so much for SSL acceleration but for securing database rows?

Re:

[Zaurus]

The problem with that is that you still have the performance hit of calling the ROT-13 function times four (twice for encryption, twice for decryption).

I'll sell you my ROT-52 accelerator card for $50,000 which will do it all in one function call, and hardware accelerated to boot! Did I mention it supports unicode?

Re:

[fuzzyfuzzyfungus]

Double rot-13 is, perhaps, the only algorith that can be optimised using only the delete key...

Re:

[DavidTC]

Yes, all content in SSL pages is encrypted, because otherwise MitM attacks are easy..an attacker simply replaces part of the loaded unencrypted content with Javascript to pass them a copy of the page and all submitted data.

This is why web browsers warn about unencrypted content.

Re:

[afidel]

Mixed content is BAD, it allows for easy man in the middle and cross site scripting attacks. That's why every modern browser warns you about it and EV certs don't work with mixed content.