Slashdot Mirror

← Back to Stories (view on slashdot.org)

F5 Fires Back On Open Source SSL Accelerator

Posted by timothy on from the first-name-basis dept.

Random Feature writes "In response to Build an Open Source SSL Accelerator, in which o3 magazine detailed how to build a solution comparable to an F5 BIG-IP 6900 on the cheap, F5 Fires Back claiming it's not as cheap as it appears and pointing out the potential performance implications of a 'cobbled together set of components designed to mimic similar functionality.' The discussion on the performance of the Open Source solution based on Opteron RSA operation processing capabilities brings into question the validity of the 'more SSL TPS for cheaper' argument presented by o3."

3 of 120 comments (clear)

  1. Nothing wrong with cobbled together by sakdoctor · · Score: 0, Troll

    Obviously any company selling "integrated solutions" will say otherwise.

    Where is the total non-story tag?

  2. Re:Shill by drinkypoo · · Score: 1, Troll

    The parent has a point; this response is not only predictable, but precisely the same kind of FUD used to sell closed-source products. The difference is that since the F5 is made up of the same stuff that you can roll yourself, it's even less warranted.

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  3. Re:Shill by RiotingPacifist · · Score: 1, Troll

    you know your a shill when:
    *Page served on aspx
    *You make lists that contain just 2 valid criticisms then bloat it out to 5 with shillness

    * TCP connection setup and teardown processing
    * Inspection of application data (layer 7 inspection is rarely computationally inexpensive)
    * Execution of functionality (caching, security, acceleration, etcâ¦) [does their software magically do these without executing the different operations]
    * Transfer of data between proxies (when deployed on the same device this is minimized) [A way of doing it, which is impossible to do with their stack, vs a way both systems can be deployed]
    * Multiple log files [cat log1 log2 log3 log4 > logALL too much? I'm sure many loggers could make it even simpler and that's assuming you don't prefer separate log files, for separate steps in the operation]

    *You use very artificial scenarios to make your point:

    In situations where images are being delivered over a LAN, for example, this will not provide any significant performance benefit and in fact will likely degrade performance.

    would you really need ssl acceleration for your lan? would it really be the same one you use for web serving?

    He also claims it's impossible to secure a Linux box against ARP poisoning and DoS attacks, which is a shame because in amongst the shilling there are some good points.

    --
    IranAir Flight 655 never forget!