Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

SSL - Hardware Accelerator Required?

Go to solution
Former Member

on ‎2005 Jan 22 11:31 PM

0 Likes
452

When using SSL on the Enterprise Portal, is it a requirement (or preferred) to use SSL hardware acceleraton? If so, how can this be implemented?

I was thinking that you could use IIS (or another web server) on the J2EE engine with the Dispatcher service and run SSL hardware acceleration based on that, but I am not sure of the interaction between IIS and the J2EE engine...

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies
View Entire Topic
Former Member
‎2005 Jan 23 2:50 PM
0 Likes

Hi,

SSL hardware accelerator is not a requirement, the usage depends on the size of your cluster and the number of users.

Not sure what the best architecture is though.

Show replies
Show replies
Former Member
‎2005 Jan 24 9:06 AM
0 Likes

If we expect up to 800 concurrent users onto an Entperise Portal with a single J2EE Engine and a seperate DB server, the users will have cut down MSS functionality (fairly low transactional work effort so little stress on the server).

Do you think SSL acceleration would be required?

Thanks.

Former Member
‎2005 Jan 26 8:20 PM
0 Likes

Paul,

I doubt one single J2EE node will be capable of 800 concurrent ssl sessions (naturally this depends on the hardware underneath ...)

Also, for security reasons it is always of good advice to have some hardware (read: proxy, application level gateway ...) in front of a sensitive web application. Thus, you could easily implement one of these thingies and let SSL terminate on that machine.

btw: Any plans of using X.509 client certificates for user authentication? If so, SSL offloading will become a little more tricky (but still feasible, though you will have to take more care to the proxy solution to choose)

Regards,

Dominik

Former Member
‎2005 Apr 12 7:12 PM
0 Likes

Dominik I have a Question, we want to terminate SSL on the CISCO Load Balancer but my questio is, how will we use SSL just for certain pages like login or card Payment if the URL at the top of the Portal is always the Same? http://myportal.domaim.com:50000/irj/portal

Thanx in Advanced I really need help on this one :O(

Former Member
‎2006 Mar 26 2:14 AM
0 Likes

Paul/Dagfinn/Dominik/Gerardo - I'm new to Cisco and am focusing on our solutions for SAP customers, specifically for the load balancing products. Are there any issues you have where I might be able to help out.

If so, please contact me at dosilver@cisco.com or +1 650-346-8945..... Doug

Ask a Question