Forum Discussion

Nimbostratus

Jun 13, 2018

SSL offload question regarding licence

We have a cluster of BIG-IP 1600 with 2 tmms and licence for 500 ssl tps. According to the kb below, we should be able to manage up to 1000 ssl tps. Is that correct? Am I missing anything? http...

Employee

Jun 13, 2018

Sort of. The problem is that the 1600 is a pretty old platform, and the TLS hardware only natively supports 1k asymmetric keys. In general, for 2k keys (which is standard today), performance is reduced by about 75%. Having said that, if you license the system for maximum TLS support, it should be able to achieve ~1000 TPS for 2k keys.

Assuming your certificates use 2k keys, you might want to consider a hardware refresh (particularly since the 1600 is now past End of Software Development.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)