Shopping For An SSL Accelerator

Believe it or not, the cost of a 128-bit certificate can be a significant factor in the decision to purchase an external acceleration device as opposed to an internal device when multiple Web servers are involved. Even with discounts, the cost of purchasing one certificate per Web server rises quickly. And the cost is recurring because renewal is required every year. Don't forget to factor in the expense of managing each certificate and each set of keys. For large sites, the cost of the certificates could quickly grow to more than the cost of the accelerators. On the other hand, an external device can front hundreds of Web servers, enabling them all with SSL for a fraction of the cost.

If you require SSL encryption at all times, including on the wire on your internal network (often the case for financial institutions), you're going to eat the cost of the certificates anyway because you'll need certificates on all servers, and the decision becomes primarily a question of load-balancing needs. If you need the ability to route traffic at Layer 7, you'll want an SSL-enabled external device to handle these chores. A good reason for routing at Layer 7 is service levels based on cookies (gold members are always directed to server A, B or C because they're the "phat" servers; everyone else gets D, E or F). Also, you can organize your Web farm more efficiently (rules like "images are served from server Y unless Y is under heavy load, then it's X" are difficult to code into Web pages). If you don't require load-balancing above Layer 4, you'll be able to get away with a simple load-balancing solution while leveraging your investment in certificates and internal acceleration devices.

The underlying truth here is that even if you deploy an external cryptographic acceleration device, you're going to want internal acceleration. Without it, the encryption bottleneck will continue to be in your SSL-enabled Web servers--you'll gain almost nothing in terms of number and speed of transaction processing. Why? In this scenario, the SSL session is terminated at the load-balancer and a new SSL session is initiated to the Web server. If you aren't accelerating both sides of the equation, you're still introducing high latency because of SSL processing overhead. Some devices, such as those offered by F5 Networks and NetScaler, pool SSL connections to reduce this overhead.

There are two types of external accelerators: those offered by network device manufacturers, such as Array Networks, F5 and NetScaler, and those offered by primarily hardware cryptographic vendors, such as Rainbow and SonicWall. The differences between them are in each device's ability to go beyond accelerating cryptographic functions. Accelerators offered by network device manufacturers generally include more complete network control--load-balancing, cache-redirection--while the network support offered by traditional cryptographic hardware manufacturers tends to focus more on the cryptography and offers limited, if any, additional network-based options. Your selection will depend entirely on your networking needs. If you require load-balancing and other network functionality, an F5 or NetScaler product will serve you well.

Muddying the picture even more, if you have deployed or are thinking about deploying a network-based IDS (intrusion-detection system), you may want to consider an external device. An IDS can't process SSL-enabled traffic, so you'll need to decrypt the traffic before the IDS receives it. You can always re-encrypt to the back end if necessary, but your IDS won't serve its intended purpose if it's getting encrypted traffic. If you need to re-encrypt traffic, choose a device that supports this function on the back end, such as F5's Big-IP.

The catch, though, is that external devices don't take key management as seriously as internal devices do. NCipher Corp.'s products, for example, offer secure key management and cryptographic acceleration. External, network-based devices generally store certificate keys on a hard drive on the device in a rather nonsecure fashion. Although it's difficult to access the keys on an external device, if your security policies stringently require a secure key management solution, you'll want to turn your attention to an internal solution. Why? Because if your keys are stored on the hard drive of an external SSL accelerator and it is broken into, you lose. Your keys have been compromised, and now the "bad guys" may be able to decrypt that SSL traffic. If the keys are stored securely in a HSM (Hardware Security Module), such as that offered by nCipher or Rainbow, you've added another layer of protection.

Performance & Functionality

There are differences between internal and external devices in terms of the performance increases achieved by each. Cryptographic accelerators are rated in terms of "transactions per second." But don't be fooled; the term transactions in this context refers to 128-bit RSA operations on 1 KB of data. Secure pages via the Web are typically smaller than your average unencrypted page. However, they are almost never as small as 1 KB, and they require more than one RSA operation to complete.

Interestingly enough, an external device can achieve the transaction rates claimed by the vendor--it happened right here in our Green Bay, Wis., Real-World Labs®. But internal devices tend to achieve much lower rates than are claimed. A good rule of thumb is to halve the number of transactions per second claimed by the vendor for an internal SSL acceleration device.

This number is important when sizing the accelerator you want to purchase. You'll need to be sure that the product you choose is not only capable of handling today's load but is capable of scaling as the number of secure transactions being processed grows. Some vendors, such as nCipher and Rainbow, offer multiple internal products handling 300 to 800 tps (transactions per second) while others, such as AEP, target high-volume processing--2,000 tps and up. If the accelerator you select can't support the tps rate you require on a single machine, and you're limited in the number of expansion slots you can use to add cards, reconsider deploying an external solution. If the tps number you're trying to support exceeds what your internal solution can handle, you'll see increasingly longer response times, which is just what you deployed the solution to prevent.

External acceleration devices generally come in a one-size-fits-all configuration. A fixed tps number is offered by a variety of vendors including Array, NetScaler, Nortel Networks, Rainbow and SonicWall. F5 offers a one-size-fits-all solution but also provides a convenient scaling option that lets you start with 100 tps and license additional transactions. Scaling with an external device requires much less configuration and labor because you only have to integrate a single device into the network rather than deploy a new server--the hardware, the OS, the Web server, the accelerator and the certificate.

Lori MacVittie is a Network Computing technology editor. Write to her at [email protected].