Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
455
Views
0
Helpful
2
Replies

What are the advantages of end to end ssl vs. server term'd ssl

Go to solution
nygenxny123
Level 1
Level 1

‎02-14-2011 11:46 AM

what would be the advantage of having the ACE terminate ssl and than initating an ssl connection to the backend server

instead of just having the server terminate the ssl connection?

we are currently discussing this..and even from a resource perspective...the server would seem to be using

the same amount of resources

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jsirstin
Level 1
Level 1

‎02-14-2011 01:38 PM

The real advantage with end to end SSL is that the ACE can make layer 7 decisions but still keep the traffic encrypted from client to server. This would be the case if you needed to use cookies as the sticky method or make a load balance decision on URL or host header. Most of the time it is financial or government institutions that use this feature to keep the data secure even on the inside of the network.

This is much more resource intensive on the ACE. You are correct about the performance on the server. From the server perspective it would be no different if the ACE just load balanced SSL, or terminated it first then encrypted it going back to the server.

Hope that helps

Best regards

Jim

View solution in original post

0 Helpful
2 Replies 2

Go to solution
jsirstin
Level 1
Level 1

‎02-14-2011 01:38 PM

The real advantage with end to end SSL is that the ACE can make layer 7 decisions but still keep the traffic encrypted from client to server. This would be the case if you needed to use cookies as the sticky method or make a load balance decision on URL or host header. Most of the time it is financial or government institutions that use this feature to keep the data secure even on the inside of the network.

This is much more resource intensive on the ACE. You are correct about the performance on the server. From the server perspective it would be no different if the ACE just load balanced SSL, or terminated it first then encrypted it going back to the server.

Hope that helps

Best regards

Jim

0 Helpful

Go to solution
nygenxny123
Level 1
Level 1
In response to jsirstin

‎02-14-2011 01:45 PM

thank u..

my company wants the most secure method covering every variable..

end to end looks like the answer

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card