|
|
|
 |
SSL - Is dedicated hardware a requirement? To use SSL - does one need a dedicated piece of hardware/software?
Ram Dass
I assume by "To use SSL" you mean to serve web pages. Most web servers can use SSL without additional software. There is dedicated hardware available to enhance performance.
Anonymous
There are a number of affordable SSL accelerator appliances available that can offload the CPU hogging of SSL encryption. It can make a big difference if you expect many simultaneous sessions.
Edoc
However, if the effective number of business transactions per second handled by your server is minimal (those are the ones requiring the SSL--remember?) due to large transactions, you might as well assume what the Athlon/Pentium can pull off is good enough.
Li-fan Chen
One of the primary reasons that people offload SSL to dedicated hardware, apart from offloading processing, is to support load-balancing - Setting up and tearing down SSL connections is very expensive, but maintaining a session is very cheap. On the flip side, a maintained connection ties a connection to one web server, which may not best facilitate load balancing or failovers. This is why people have the keep alive SSL connection at dedicated hardware, and the actual requests can be load balanced/failovered on the web server side.
Dennis Forbes
There is another theoretical reason to use hardware SSL which is that software can be "modified" remotely whereas you need physical access to switch a hardware module.
|
