08-21-2010 01:10 PM
I am working on a WAAS installation where we want to accelerate SFTP traffic over a pair of data center accelerators. Will WAAS support SFTP acceleration or is there another alternative we could deploy - such as migrating the current SFTP setup to a FTP over SSL/TLS scenario. The requirement is that we keep the secure file transfer in place but increase the performance of the transfer. Today the SFTP transfers are taking 8 times longer than a typical FTP transfer without WAAS. SFTP could still benefit from the TFO optimizations however we are really looking for compression here since the link is currently 500Mbps +.
08-25-2010 06:08 PM
Hello,
SSL AO can only be used for port 443 over https traffic. This will not accelerate SFTP traffic. By default SFTP will only use TFO optimization.
Hope this helps.
Regards.
PS: If this answers your question, please mark this as Answered.
08-26-2010 03:26 PM
Any chance you could setup an HTTPS server and use HTTPS for copying your files ?
You don't necessarily need to use a browser for such a transfer. Tools like wget can be used to transfer files over HTTPS.
08-26-2010 03:34 PM
Hello,
I am not sure about the 3rd party tools but the SSL AO depends on the HTTP traffic pattern. Something like Connection Initiation, Connection closure, client behaviour, server behaviour, URI format, etc.
If the third party tools are using same behaviour, yes you can but any diversion from RFC means you may not get the expected result.
Regards.
PS: If this answers your question, please mark it as Answered.
08-27-2010 11:06 AM
A minor correction:
The SSL accelerator does not optimize protocols that do not start their SSL/TLS handshake from the very first byte. The only exception is HTTPS going through a proxy (where the HTTP accelerator detects the start of SSL/TLS, and then hands the connection to SSL accelerator for optimization).
The SSL application accelerator supports SSL Version 3 (SSLv3) and Transport Layer Security Version 1 (TLSv1) protocols. TLSv1.1 and TLSv1.2 protocols are not supported.
So, in your case, you may be able to accelerate it but it will depend a lot on how the SSL/TLS handshake starts in yoru case.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide