Slashdot Mirror

← Back to Stories (view on slashdot.org)

Build an Open Source SSL Accelerator

Posted by timothy on from the macguyver-it-up dept.

Amin Zelfani writes "SSL accelerators like Big-IP 6900 from F5 Networks typically carry a $50k or more price tag. An article over at o3magazine.com shows you how to build an SSL accelerator that's on par with the commercial solutions, using Open Source projects. SSL Accelerators offload the encryption / decryption process from web servers, reducing load and reducing the number of certificates needed."

5 of 136 comments (clear)

  1. Re:Huh? by Trepidity · · Score: 4, Informative

    Partly the article is quoting prices on a whole box, not just the SSL acceleration. The Big-IP 6900 mentioned in the summary, for example, is a dual-core rackmount server with 10GigE, and hardware SSL and compression. Presumably much of that money you're paying is going for the actual server, not just the SSL-accelerating coprocessor. Of course, you're probably also paying a markup for buying a specialty server of that sort, rather than slapping an SSL accelerator in a server from a commodity vendor.

    --
    10 PRINT CHR$(205.5+RND(1)); : GOTO 10
  2. uh by anthonyclark · · Score: 3, Informative

    you *do* know that an F5 Big-IP is more than an SSL accelerator? Like, a load balancer with lots of cool features.

    I guess you could duplicate the features of an f5 with nginx and more, but I guess it'd take a developer more than 50k worth of time to do it.

    --
    ----- Documentation is worth it just to be able to answer all your mail with 'RTFM' - Alan Cox.
    1. Re:uh by deraj123 · · Score: 3, Informative

      but I guess it'd take a developer more than 50k worth of time to do it.

      He wasn't trivializing. He was, in a somewhat roundabout way, saying that 50k is a lot cheaper than what it would cost to implement the same solution yourself. The summary (don't know about the article, didn't read it) was trivializing the difficulty, the GP was refuting the summary.

  3. Re:Huh? by Anonymous Coward · · Score: 2, Informative

    Actually you forgot to mention that most licensing systems require multiple licenses per 'machine'. One of the advantages of using one of these SSL accelerators, besides offloading the work, is being able to consolidate certs onto one machine for many front-edge machines.

  4. Re:Huh? by upside · · Score: 4, Informative

    The BIGIP does load balancing, active-active clustering, routing, packet manipulation using scripts etc. It's extortionately priced but is very powerful and very user friendly.

    --
    I'm sorry if I haven't offended anyone