SSL Offloading – Relieve SSL Burden & Improve Connection Performance

0
Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Email this to someonePrint this pagePin on PinterestShare on TumblrBuffer this pageShare on RedditShare on StumbleUpon

SSL OffloadingSSL Offloading: With the advent of the cloud computing revolution, businesses are now able to provide secure access to internal systems with ease. When deploying VDI/RDS networks, one of the important challenges administrators face is that of striking a balance between application performance and security. Growing business demands require the creation of high availability networks that can deliver virtual applications seamlessly to remote users. At the same time, data security cannot be compromised.

Performance vs Security

Secure Socket Layer (SSL) is a commonly used protocol for encrypting data transmitted over the network. When browsers request information from a server that uses SSL, an initial handshake is required before data can be accessed. This process involves at least four TCP round trips to create a connection between the server and the browser before the actual data are transmitted, therefore this process-intensive SSL handshake can significantly affect performance. In today’s fast-paced world, a delay of few seconds can make a difference in converting an opportunity into a sale, but without SSL businesses would have to compromise on security. Offloading SSL to another product is a convenient solution.

SSL Offloading

In SSL Offloading, SSL encryption and decryption are removed from a gateway and transferred to a separate device that is designed for this purpose. By removing the burden of SSL processing from the gateway, resources are freed up to assign connections to the correct server quicker. Load balancers that have clear access to HTTP traffic can easily perform advanced tasks such as reverse proxying, traffic regulation, and cookie persistency.

Parallels RAS, with its High Availability Network Load Balancing (HALB) is an excellent solution to these issues. SSL offloading onto a Parallels HALB appliance improves performance and gets inbound connections on the fast lane.

SSL Offloading with Parallels HALB

Parallels RAS offers High Availability Load Balancing (HALB) that intelligently distributes connections to gateways. This software tool sits between the Parallels RAS gateways and the user to perform effective network load balancing. A typical load balancer checks for the availability of a server before routing an RDP connection; Parallels HALB adds an additional layer of redundancy by also checking the available gateways when routing traffic.

Parallels HALB not only ensures the continuity of a connection, but is able to offload inbound SSL connections from the gateway and decrypt the traffic at the HALB level, hence relieving the burden of the SSL decryption process from the gateway. The HALB appliance can also be set in pass-through, in which case connections are encrypted when sent to the gateways, and then decrypted there.

Parallels HALB is easy to deploy, configure and use. SSL offloading is configured during the setup process. With Parallels RAS, this flexibility ensures that you don’t have to worry about users experiencing slow connection times, whether a connection is encrypted or not.

 

References

Speed vs. security: Four ways that security solutions can cause performance problems (and what you can do about it) | webperformancetoday.com

SSL offloading impact on web applications | blog.haproxy.com

What Is SSL Offloading? | ehow.com

What is SSL and what are the benefits of SSL Offloading? | excitingip.com
SSL Acceleration and Offloading: What Are the Security Implications? | windowsecurity.com

Sean Bianco is the marketing documentalist and technical writer at Parallels. With a bachelor’s degree in Information Technology and Networking and a three year background in software quality assurance testing and usability engineering, Sean is a subject matter expert in mobility and smartphone, app and device management. He is well-versed in developing technical articles and determining market trends. His excellent analytical and problem-solving skills, with emphasis on understanding relationships between technical problems, result in sound and effective business solutions.