ASIC-based SSL Offloading

ASIC-based SSL Offloading

What is SSL Offloading?

Secure web traffic by SSL/TLS is now the standard for web applications and web sites. SSL handshake is very CPU intensive and thus has a significant negative impact on performance. E-commerce sites are especially prone to SSL bottlenecks, and companies may lose business when customers encounter slow response.

SSL offloading is the method of using dedicated device like load balancer to process initial SSL handshaking and cypher/uncypher traffic from client browser to web server.

The Benefits of SSL Offloading

• Improve web application performance by relieving a Web server of the processing burden of encrypting and/or decrypting traffic
• Enhanced the load balancing features on regular SSL encrypted connections, like content switching, layer 7 persistence, WAF etc.
• Minimize the certificate administration overhead

The Bottleneck of SSL Offloading

SSL processes are resource hungry as each SSL message needs to be decrypted in addition to the initial SSL handshaking. Also the x86 based processors are not designed in efficiently doing SSL decryption.

Now that 2048-bit SSL keys are the de facto minimum key length. The performance overhead increases exponentially when the key lengths increase.

ASIC-Based SSL Offloading Solution

XPoint AppScaler hardware appliance is equipped with specialized ASIC chip SSL accelerator, the multi-chip ASIC card provides exceptional SSL TPS. It can scale well up to 75,000 SSL TPS for 1024-bit key and 35,000 SSL TPS for 2048-bit key.