F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Hardware Acceleration Critical Component for Cost-Conscious Data Centers

Better performance, reduced costs and data center footprint are not niche-market interests. The fast-paced world of finance is taking a hard look at the benefits of hardware acceleration for perf...
Published Mar 24, 2009
Version 1.0
acceleration
application delivery
architecture
availability
compression
consolidation
data center
design
hardware
internet
Lori_MacVittie's avatar
Lori_MacVittie
Icon for Employee rankEmployee
Mar 25, 2009
@johnar

 

 

I disagree. Not necessarily with the ability of the host to scale but on how that fits into the larger architecture. End-to-end SSL sounds great until you realize how many devices and solutions between the client and the host need to inspect the content - firewalls, IDS, IPS, load balancer, etc... - and how many times you'd have to decrypt/reencrypt in order to not break the infrastructure.

 

 

Now you start adding up the OPEX of managing those certs in 3,4, or more different places - because every device that needs to inspect needs to decrypt first and then reencrypt - and the additional latency added by doing so and it suddenly isn't such a great cost savings after all.

 

 

Sure, you can just side-arm/span-port all that traffic so it isn't inline and affecting performance, but then you lose the ability to detect/stop/protect that was intended in the first place.

 

 

So while it sounds all puppies and rainbows to just let hosts do SSL and other tasks, from an architectural and functional viewpoint it isn't the best solution at all.