SSL Accelerators

If you run an e-commerce site and use SSL as the primary mechanism for securing your online transactions, you may think security is inherently slow. After all, it's no secret that even beefy servers traditionally can perform only a limited number of SSL transactions per second (fewer than 100).

But there is a solution: hardware. SSL accelerators provide the ability to drastically speed up those SSL transactions -- in some cases by more than 400 percent. There are two types of SSL accelerators: appliances, which require no changes to your Web server, and peripherals, such as PCI cards and SCSI devices, which do require changes to your Web server.

We tested SSL accelerators from Alteon WebSystems (a division of Nortel Networks), CacheFlow, Compaq Computer Corp., F5 Networks, Intel Corp., iVea Technologies (a division of Rainbow Technologies), nCipher Corp. and SonicWall in our partner labs at Schneider National in Green Bay, Wis., and found that the appliance vendors that have entered the market have made a good thing better. Although all the tested devices perform the same task, the architecture, scalability and performance of the appliances kicked ass.

However, stringent security requirements often mandate a solution that keeps data encrypted end to end, with no possible point of intrusion along the way. For sites where such encryption is a must, internal solutions are called for, and their performance, while not up to the level of the appliances', is nothing to sneeze at.

We split the products into two categories because it's nearly impossible to compare the requirements and performance of a solution requiring integration with a Web server with that of a drop-and-go network appliance. After putting the products through rigorous loads of SSL-enabled traffic, we crowned Alteon's iSD 2.0 king of the hill in the appliance-based category, and iVea Technologies' CryptoSwift EN 2000 best of the integrated solutions.

Alteon's iSD 2.0 displayed unmatched management capabilities and exhibited phenomenal performance in our labs under heavy stress, while the CryptoSwift EN 2000 performed well, offered the easiest integration with our Web server and provided some excellent monitoring and diagnostic tools.

Bottom line: Speed with security is within your grasp. Pass the word.