SlideShare a Scribd company logo

Getting ahead of the trend towards SSL and HTTPS

Download as PPTX, PDF
Array Networks

Getting ahead of the trend towards SSL and HTTPS. Recent vulnerabilities in SSL are related to the use of OpenSSL by many server and dedicated SSL vendors. Array Networks Dedicated SSL solutions that use a proprietary SSL implementation were immune to the recent Heartbleed and MITM vulnerabilities.

Technology
1 of 10
Securelyconnectingusersandapplications fromanywheretoanywhereintoday’sglobal economy. Getting ahead of the trend towards SSL and HTTPS Bank & Finance IT Canada
Introduction Rich Harrison rharrison@arraynetworks.com Senior Systems Engineer – US East Array Networks www.arraynetworks.com Global application delivery networking vendor  Advanced load balancing, WAN optimization and secure remote and mobile access
SSL trends Cloud, SaaS and data center consolidation Heartbleed is a serious vulnerability in OpenSSL cryptographic software Google to reward secure websites with better search ranking Starting in 2014 CAs will no longer support 1024-bit SSL certificates SSL
Impact on banking and finance • Large data center or private cloud • Business critical B2B or B2C banking or finance applications • SSL encryption for compliance and consumer protection Current and future risk associated with performance, scalability, cost and security.
Performance, scalability and cost Key Size 64-bit Server Dedicated SSL Solution 1024 1,500 TPS 7 Servers 25,000 TPS 200,000 TPS 2048 300 TPS 35 Servers 5,000 TPS 40,000 TPS Implication Where servers once sufficed for handling SSL, a dedicated SSL solution may be required More robust dedicated SSL solutions may be required to meet increasing demands  Increasing adoption of SSL, data center consolidation and the more compute-intensive 2048-bit standard creates a dynamic that impacts both costs and performance (user experience)
Security Server Dedicated SSL Solution Proprietary Dedicated SSL Vulnerability OpenSSL OpenSSL Proprietary SSL Performance Software SSL Hardware SSL Optimized HW SSL Remediation Many OpenSSL versions results in complex remediation Multiple OpenSSL versions increases remediation burden Single proprietary SSL simplifies remediation (if needed)  Recent vulnerabilities in SSL are related to the use of OpenSSL by many server and dedicated SSL vendors  Dedicated SSL solutions that use a proprietary SSL implementation were immune to the recent Heartbleed and MITM vulnerabilities
Strategies for success Scalability Solid performance on entry- level, mid-range and high- end solutions ensures seamless upgrades if and when needed. Performance If you require SSL, use a dedicated appliance, even in environments where many other elements are virtualized. Speeds, feeds and price vary by vendor and provider, normalize metrics and offers to $/SSL TPS to make accurate comparisons Cost Seek solutions that use proprietary SSL to mitigate OpenSSL-related issues such as Heartbleed and MITM vulnerabilities. Security • If you are purchasing equipment, carefully evaluate vendors • If you are deploying in the cloud, carefully evaluate IaaS providers • Measure costs in $/SSL TPS • SSL is becoming ubiquitous, consider your future needs $
Additional BFSI considerations  Scaling certificate management  Client certificate authentication and certificate revocation list (CRL) management are potential bottlenecks  Solutions that perform these functions at a system level (as opposed to solutions based on OpenSSL) will ensure maximum performance  More stringent certificate management and security  BFSI industry is trending towards greater use of certificates to authenticate and authorize sessions  Look for solutions capable of: • Operating in bridge mode as an SSL server and/or client • Requesting certificate re-verification on demand “in-flight” • Supporting multi-level authentication (open, credentials, certificate) • Supporting 2-way certificates
Shameless plug  25K 2048-bit SSL TPS  20Gbps or 30Gbps Throughput  Heartbleed & MITM-proof  1RU  10GigE Fiber & Copper Interfaces APV3600 & APV3650 Application Delivery Controllers  ~ 50 – 75% lower $/TPS  Advanced certificate management features  Starting at $24,995
Securelyconnectingusersandapplications fromanywheretoanywhereintoday’sglobal economy. Thank you! Bank & Finance IT Canada

Recommended

RMS Security Breakfast
RMS Security BreakfastRMS Security Breakfast
RMS Security BreakfastRackspace
 
Visual Online - Cloud Computing - 4 Mars 2011
Visual Online - Cloud Computing - 4 Mars 2011Visual Online - Cloud Computing - 4 Mars 2011
Visual Online - Cloud Computing - 4 Mars 2011Francisco Malpica
 
Soa Eai Ver1 0
Soa Eai Ver1 0Soa Eai Ver1 0
Soa Eai Ver1 0Maganathin Veeraragaloo
 
Design Strategy for Data Isolation in SaaS Model
Design Strategy for Data Isolation in SaaS ModelDesign Strategy for Data Isolation in SaaS Model
Design Strategy for Data Isolation in SaaS ModelTechcello
 
Become an IT Service Broker
Become an IT Service BrokerBecome an IT Service Broker
Become an IT Service BrokerRackspace
 
Webinar Series Part 2 -Recipe for a Successful SaaS Company - Migrating Sing...
Webinar Series Part 2 -Recipe for a Successful SaaS Company - Migrating Sing...Webinar Series Part 2 -Recipe for a Successful SaaS Company - Migrating Sing...
Webinar Series Part 2 -Recipe for a Successful SaaS Company - Migrating Sing...Techcello
 
The Big Data Ecosystem for Financial Services
The Big Data Ecosystem for Financial ServicesThe Big Data Ecosystem for Financial Services
The Big Data Ecosystem for Financial ServicesDataStax
 
Building Multi-tenant, Configurable, High Quality Applications on .NET for an...
Building Multi-tenant, Configurable, High Quality Applications on .NET for an...Building Multi-tenant, Configurable, High Quality Applications on .NET for an...
Building Multi-tenant, Configurable, High Quality Applications on .NET for an...Techcello
 

Recommended

RMS Security Breakfast
RMS Security BreakfastRMS Security Breakfast
RMS Security BreakfastRackspace
 
Visual Online - Cloud Computing - 4 Mars 2011
Visual Online - Cloud Computing - 4 Mars 2011Visual Online - Cloud Computing - 4 Mars 2011
Visual Online - Cloud Computing - 4 Mars 2011Francisco Malpica
 
Soa Eai Ver1 0
Soa Eai Ver1 0Soa Eai Ver1 0
Soa Eai Ver1 0Maganathin Veeraragaloo
 
Design Strategy for Data Isolation in SaaS Model
Design Strategy for Data Isolation in SaaS ModelDesign Strategy for Data Isolation in SaaS Model
Design Strategy for Data Isolation in SaaS ModelTechcello
 
Become an IT Service Broker
Become an IT Service BrokerBecome an IT Service Broker
Become an IT Service BrokerRackspace
 
Webinar Series Part 2 -Recipe for a Successful SaaS Company - Migrating Sing...
Webinar Series Part 2 -Recipe for a Successful SaaS Company - Migrating Sing...Webinar Series Part 2 -Recipe for a Successful SaaS Company - Migrating Sing...
Webinar Series Part 2 -Recipe for a Successful SaaS Company - Migrating Sing...Techcello
 
The Big Data Ecosystem for Financial Services
The Big Data Ecosystem for Financial ServicesThe Big Data Ecosystem for Financial Services
The Big Data Ecosystem for Financial ServicesDataStax
 
Building Multi-tenant, Configurable, High Quality Applications on .NET for an...
Building Multi-tenant, Configurable, High Quality Applications on .NET for an...Building Multi-tenant, Configurable, High Quality Applications on .NET for an...
Building Multi-tenant, Configurable, High Quality Applications on .NET for an...Techcello
 
How to get Real-Time Value from your IoT Data - Datastax
How to get Real-Time Value from your IoT Data - DatastaxHow to get Real-Time Value from your IoT Data - Datastax
How to get Real-Time Value from your IoT Data - DatastaxDataStax
 
Webinar: Fighting Fraud with Graph Databases
Webinar: Fighting Fraud with Graph DatabasesWebinar: Fighting Fraud with Graph Databases
Webinar: Fighting Fraud with Graph DatabasesDataStax
 
Zero trust in a multi tenant environment
Zero trust in a multi tenant environment Zero trust in a multi tenant environment
Zero trust in a multi tenant environment Ashnikbiz
 
Abacus Presentation
Abacus PresentationAbacus Presentation
Abacus Presentationjcarreiro
 
Designing Fault-Tolerant Applications with DataStax Enterprise and Apache Cas...
Designing Fault-Tolerant Applications with DataStax Enterprise and Apache Cas...Designing Fault-Tolerant Applications with DataStax Enterprise and Apache Cas...
Designing Fault-Tolerant Applications with DataStax Enterprise and Apache Cas...DataStax
 
Deploy and automate ‘Secrets Management’ for a multi-cloud environment
Deploy and automate ‘Secrets Management’ for a multi-cloud environmentDeploy and automate ‘Secrets Management’ for a multi-cloud environment
Deploy and automate ‘Secrets Management’ for a multi-cloud environmentAshnikbiz
 
Introduction: Architecting for Scale
Introduction: Architecting for ScaleIntroduction: Architecting for Scale
Introduction: Architecting for ScaleDataStax
 
Glue conference DJ Harris - SoftLayer
Glue conference DJ Harris - SoftLayerGlue conference DJ Harris - SoftLayer
Glue conference DJ Harris - SoftLayerSoftLayer Technologies
 
Litigation Management Solution - LexComply
Litigation Management Solution - LexComplyLitigation Management Solution - LexComply
Litigation Management Solution - LexComplyLexComply
 
Tci reference architecture_v2.0
Tci reference architecture_v2.0Tci reference architecture_v2.0
Tci reference architecture_v2.0Sandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 
Relying on Data for Strategic Decision-Making--Financial Services Experience
Relying on Data for Strategic Decision-Making--Financial Services ExperienceRelying on Data for Strategic Decision-Making--Financial Services Experience
Relying on Data for Strategic Decision-Making--Financial Services ExperienceCloudera, Inc.
 
Hosting servers
Hosting serversHosting servers
Hosting serversBesar Limani
 
Introduction to Infrastructure as a Service (IaaS)
Introduction to Infrastructure as a Service (IaaS)Introduction to Infrastructure as a Service (IaaS)
Introduction to Infrastructure as a Service (IaaS)rgtechnologies
 
Cloud infrastructure solutions
Cloud infrastructure solutions Cloud infrastructure solutions
Cloud infrastructure solutions jbsmidis
 
Best friends forever! - Atlassian Cloud and the GDPR
Best friends forever! - Atlassian Cloud and the GDPRBest friends forever! - Atlassian Cloud and the GDPR
Best friends forever! - Atlassian Cloud and the GDPRkreuzwerker GmbH
 
RapidScale CloudServer
RapidScale CloudServerRapidScale CloudServer
RapidScale CloudServerRapidScale
 
Single vs. Multi Tenant Cost Comparison
Single vs. Multi Tenant Cost ComparisonSingle vs. Multi Tenant Cost Comparison
Single vs. Multi Tenant Cost ComparisonTechcello
 
Pillars of DevOps: Platform, Method and Architecture
Pillars of DevOps: Platform, Method and ArchitecturePillars of DevOps: Platform, Method and Architecture
Pillars of DevOps: Platform, Method and ArchitectureFlorian Georg
 
GWAVACon: Solve your biggest Exchange issues
GWAVACon: Solve your biggest Exchange issuesGWAVACon: Solve your biggest Exchange issues
GWAVACon: Solve your biggest Exchange issuesGWAVA
 
Recipe for Successful SaaS Company - Part 1
Recipe for Successful SaaS Company - Part 1Recipe for Successful SaaS Company - Part 1
Recipe for Successful SaaS Company - Part 1Techcello
 
Don't Get Schooled: Performance and Security Tips from a Leading Education Sa...
Don't Get Schooled: Performance and Security Tips from a Leading Education Sa...Don't Get Schooled: Performance and Security Tips from a Leading Education Sa...
Don't Get Schooled: Performance and Security Tips from a Leading Education Sa...Meghan Weinreich
 
Architecting SaaS
Architecting SaaSArchitecting SaaS
Architecting SaaSAxEdge Consulting
 

More Related Content

What's hot

How to get Real-Time Value from your IoT Data - Datastax
How to get Real-Time Value from your IoT Data - DatastaxHow to get Real-Time Value from your IoT Data - Datastax
How to get Real-Time Value from your IoT Data - DatastaxDataStax
 
Webinar: Fighting Fraud with Graph Databases
Webinar: Fighting Fraud with Graph DatabasesWebinar: Fighting Fraud with Graph Databases
Webinar: Fighting Fraud with Graph DatabasesDataStax
 
Zero trust in a multi tenant environment
Zero trust in a multi tenant environment Zero trust in a multi tenant environment
Zero trust in a multi tenant environment Ashnikbiz
 
Abacus Presentation
Abacus PresentationAbacus Presentation
Abacus Presentationjcarreiro
 
Designing Fault-Tolerant Applications with DataStax Enterprise and Apache Cas...
Designing Fault-Tolerant Applications with DataStax Enterprise and Apache Cas...Designing Fault-Tolerant Applications with DataStax Enterprise and Apache Cas...
Designing Fault-Tolerant Applications with DataStax Enterprise and Apache Cas...DataStax
 
Deploy and automate ‘Secrets Management’ for a multi-cloud environment
Deploy and automate ‘Secrets Management’ for a multi-cloud environmentDeploy and automate ‘Secrets Management’ for a multi-cloud environment
Deploy and automate ‘Secrets Management’ for a multi-cloud environmentAshnikbiz
 
Introduction: Architecting for Scale
Introduction: Architecting for ScaleIntroduction: Architecting for Scale
Introduction: Architecting for ScaleDataStax
 
Litigation Management Solution - LexComply
Litigation Management Solution - LexComplyLitigation Management Solution - LexComply
Litigation Management Solution - LexComplyLexComply
 
Relying on Data for Strategic Decision-Making--Financial Services Experience
Relying on Data for Strategic Decision-Making--Financial Services ExperienceRelying on Data for Strategic Decision-Making--Financial Services Experience
Relying on Data for Strategic Decision-Making--Financial Services ExperienceCloudera, Inc.
 
Introduction to Infrastructure as a Service (IaaS)
Introduction to Infrastructure as a Service (IaaS)Introduction to Infrastructure as a Service (IaaS)
Introduction to Infrastructure as a Service (IaaS)rgtechnologies
 
Cloud infrastructure solutions
Cloud infrastructure solutions Cloud infrastructure solutions
Cloud infrastructure solutions jbsmidis
 
Best friends forever! - Atlassian Cloud and the GDPR
Best friends forever! - Atlassian Cloud and the GDPRBest friends forever! - Atlassian Cloud and the GDPR
Best friends forever! - Atlassian Cloud and the GDPRkreuzwerker GmbH
 
RapidScale CloudServer
RapidScale CloudServerRapidScale CloudServer
RapidScale CloudServerRapidScale
 
Single vs. Multi Tenant Cost Comparison
Single vs. Multi Tenant Cost ComparisonSingle vs. Multi Tenant Cost Comparison
Single vs. Multi Tenant Cost ComparisonTechcello
 
Pillars of DevOps: Platform, Method and Architecture
Pillars of DevOps: Platform, Method and ArchitecturePillars of DevOps: Platform, Method and Architecture
Pillars of DevOps: Platform, Method and ArchitectureFlorian Georg
 
GWAVACon: Solve your biggest Exchange issues
GWAVACon: Solve your biggest Exchange issuesGWAVACon: Solve your biggest Exchange issues
GWAVACon: Solve your biggest Exchange issuesGWAVA
 
Recipe for Successful SaaS Company - Part 1
Recipe for Successful SaaS Company - Part 1Recipe for Successful SaaS Company - Part 1
Recipe for Successful SaaS Company - Part 1Techcello
 

What's hot (20)

How to get Real-Time Value from your IoT Data - Datastax
How to get Real-Time Value from your IoT Data - DatastaxHow to get Real-Time Value from your IoT Data - Datastax
How to get Real-Time Value from your IoT Data - Datastax
 
Webinar: Fighting Fraud with Graph Databases
Webinar: Fighting Fraud with Graph DatabasesWebinar: Fighting Fraud with Graph Databases
Webinar: Fighting Fraud with Graph Databases
 
Zero trust in a multi tenant environment
Zero trust in a multi tenant environment Zero trust in a multi tenant environment
Zero trust in a multi tenant environment
 
Abacus Presentation
Abacus PresentationAbacus Presentation
Abacus Presentation
 
Designing Fault-Tolerant Applications with DataStax Enterprise and Apache Cas...
Designing Fault-Tolerant Applications with DataStax Enterprise and Apache Cas...Designing Fault-Tolerant Applications with DataStax Enterprise and Apache Cas...
Designing Fault-Tolerant Applications with DataStax Enterprise and Apache Cas...
 
Deploy and automate ‘Secrets Management’ for a multi-cloud environment
Deploy and automate ‘Secrets Management’ for a multi-cloud environmentDeploy and automate ‘Secrets Management’ for a multi-cloud environment
Deploy and automate ‘Secrets Management’ for a multi-cloud environment
 
Introduction: Architecting for Scale
Introduction: Architecting for ScaleIntroduction: Architecting for Scale
Introduction: Architecting for Scale
 
Glue conference DJ Harris - SoftLayer
Glue conference DJ Harris - SoftLayerGlue conference DJ Harris - SoftLayer
Glue conference DJ Harris - SoftLayer
 
Litigation Management Solution - LexComply
Litigation Management Solution - LexComplyLitigation Management Solution - LexComply
Litigation Management Solution - LexComply
 
Tci reference architecture_v2.0
Tci reference architecture_v2.0Tci reference architecture_v2.0
Tci reference architecture_v2.0
 
Relying on Data for Strategic Decision-Making--Financial Services Experience
Relying on Data for Strategic Decision-Making--Financial Services ExperienceRelying on Data for Strategic Decision-Making--Financial Services Experience
Relying on Data for Strategic Decision-Making--Financial Services Experience
 
Hosting servers
Hosting serversHosting servers
Hosting servers
 
Introduction to Infrastructure as a Service (IaaS)
Introduction to Infrastructure as a Service (IaaS)Introduction to Infrastructure as a Service (IaaS)
Introduction to Infrastructure as a Service (IaaS)
 
Cloud infrastructure solutions
Cloud infrastructure solutions Cloud infrastructure solutions
Cloud infrastructure solutions
 
Best friends forever! - Atlassian Cloud and the GDPR
Best friends forever! - Atlassian Cloud and the GDPRBest friends forever! - Atlassian Cloud and the GDPR
Best friends forever! - Atlassian Cloud and the GDPR
 
RapidScale CloudServer
RapidScale CloudServerRapidScale CloudServer
RapidScale CloudServer
 
Single vs. Multi Tenant Cost Comparison
Single vs. Multi Tenant Cost ComparisonSingle vs. Multi Tenant Cost Comparison
Single vs. Multi Tenant Cost Comparison
 
Pillars of DevOps: Platform, Method and Architecture
Pillars of DevOps: Platform, Method and ArchitecturePillars of DevOps: Platform, Method and Architecture
Pillars of DevOps: Platform, Method and Architecture
 
GWAVACon: Solve your biggest Exchange issues
GWAVACon: Solve your biggest Exchange issuesGWAVACon: Solve your biggest Exchange issues
GWAVACon: Solve your biggest Exchange issues
 
Recipe for Successful SaaS Company - Part 1
Recipe for Successful SaaS Company - Part 1Recipe for Successful SaaS Company - Part 1
Recipe for Successful SaaS Company - Part 1
 

Similar to Getting ahead of the trend towards SSL and HTTPS

Don't Get Schooled: Performance and Security Tips from a Leading Education Sa...
Don't Get Schooled: Performance and Security Tips from a Leading Education Sa...Don't Get Schooled: Performance and Security Tips from a Leading Education Sa...
Don't Get Schooled: Performance and Security Tips from a Leading Education Sa...Meghan Weinreich
 
Purpose-Built-SSL-VPN White Paper
Purpose-Built-SSL-VPN White PaperPurpose-Built-SSL-VPN White Paper
Purpose-Built-SSL-VPN White Paper Array Networks
 
Sun: Solaris On-Demand Assists ISVs' Strategic Move To Software-As-A-Service
Sun: Solaris On-Demand Assists ISVs' Strategic Move To Software-As-A-ServiceSun: Solaris On-Demand Assists ISVs' Strategic Move To Software-As-A-Service
Sun: Solaris On-Demand Assists ISVs' Strategic Move To Software-As-A-ServiceCallidus Software
 
Migrate and Manage Workloads with Apps Associates
Migrate and Manage Workloads with Apps AssociatesMigrate and Manage Workloads with Apps Associates
Migrate and Manage Workloads with Apps AssociatesAmazon Web Services
 
Cloud Computing Models: Private, Public and Hybrid
Cloud Computing Models: Private, Public and Hybrid Cloud Computing Models: Private, Public and Hybrid
Cloud Computing Models: Private, Public and Hybrid Evilázaro Alves
 
Wp cipher graph-cag-topology
Wp cipher graph-cag-topologyWp cipher graph-cag-topology
Wp cipher graph-cag-topologyIRSHAD RATHER
 
Barracuda WAF: Scalable Security for Applications on AWS
Barracuda WAF: Scalable Security for Applications on AWSBarracuda WAF: Scalable Security for Applications on AWS
Barracuda WAF: Scalable Security for Applications on AWSAmazon Web Services
 
ShareResponsibilityModel.pptx
ShareResponsibilityModel.pptxShareResponsibilityModel.pptx
ShareResponsibilityModel.pptxBabatundeAbioye2
 
Cloudy with a Chance of Failure - Novosco
Cloudy with a Chance of Failure - NovoscoCloudy with a Chance of Failure - Novosco
Cloudy with a Chance of Failure - NovoscoNovosco
 
Best Practices for Workload Security: Securing Servers in Modern Data Center ...
Best Practices for Workload Security: Securing Servers in Modern Data Center ...Best Practices for Workload Security: Securing Servers in Modern Data Center ...
Best Practices for Workload Security: Securing Servers in Modern Data Center ...CloudPassage
 
RapidScale Product Training
RapidScale Product TrainingRapidScale Product Training
RapidScale Product TrainingRapidScale
 
CloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingCloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingAmazon Web Services
 
Transformation of IT Spending
Transformation of IT SpendingTransformation of IT Spending
Transformation of IT SpendingKokLeong Ong
 
High-Performance Hong Kong Dedicated Server | Onlive Server
High-Performance Hong Kong Dedicated Server | Onlive ServerHigh-Performance Hong Kong Dedicated Server | Onlive Server
High-Performance Hong Kong Dedicated Server | Onlive ServerDivya Rajput
 
FreeSBC - A New Approach to the SBC
FreeSBC - A New Approach to the SBCFreeSBC - A New Approach to the SBC
FreeSBC - A New Approach to the SBCAlan Percy
 
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...EuroCloud
 

Similar to Getting ahead of the trend towards SSL and HTTPS (20)

Don't Get Schooled: Performance and Security Tips from a Leading Education Sa...
Don't Get Schooled: Performance and Security Tips from a Leading Education Sa...Don't Get Schooled: Performance and Security Tips from a Leading Education Sa...
Don't Get Schooled: Performance and Security Tips from a Leading Education Sa...
 
Architecting SaaS
Architecting SaaSArchitecting SaaS
Architecting SaaS
 
Cloud services and it security
Cloud services and it securityCloud services and it security
Cloud services and it security
 
Purpose-Built-SSL-VPN White Paper
Purpose-Built-SSL-VPN White PaperPurpose-Built-SSL-VPN White Paper
Purpose-Built-SSL-VPN White Paper
 
Sun: Solaris On-Demand Assists ISVs' Strategic Move To Software-As-A-Service
Sun: Solaris On-Demand Assists ISVs' Strategic Move To Software-As-A-ServiceSun: Solaris On-Demand Assists ISVs' Strategic Move To Software-As-A-Service
Sun: Solaris On-Demand Assists ISVs' Strategic Move To Software-As-A-Service
 
Migrate and Manage Workloads with Apps Associates
Migrate and Manage Workloads with Apps AssociatesMigrate and Manage Workloads with Apps Associates
Migrate and Manage Workloads with Apps Associates
 
Cloud Computing Models: Private, Public and Hybrid
Cloud Computing Models: Private, Public and Hybrid Cloud Computing Models: Private, Public and Hybrid
Cloud Computing Models: Private, Public and Hybrid
 
Wp cipher graph-cag-topology
Wp cipher graph-cag-topologyWp cipher graph-cag-topology
Wp cipher graph-cag-topology
 
Barracuda WAF: Scalable Security for Applications on AWS
Barracuda WAF: Scalable Security for Applications on AWSBarracuda WAF: Scalable Security for Applications on AWS
Barracuda WAF: Scalable Security for Applications on AWS
 
ShareResponsibilityModel.pptx
ShareResponsibilityModel.pptxShareResponsibilityModel.pptx
ShareResponsibilityModel.pptx
 
Cloudy with a Chance of Failure - Novosco
Cloudy with a Chance of Failure - NovoscoCloudy with a Chance of Failure - Novosco
Cloudy with a Chance of Failure - Novosco
 
Best Practices for Workload Security: Securing Servers in Modern Data Center ...
Best Practices for Workload Security: Securing Servers in Modern Data Center ...Best Practices for Workload Security: Securing Servers in Modern Data Center ...
Best Practices for Workload Security: Securing Servers in Modern Data Center ...
 
RapidScale Product Training
RapidScale Product TrainingRapidScale Product Training
RapidScale Product Training
 
CloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingCloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security Scaling
 
F5 TLS & SSL Practices
F5 TLS & SSL PracticesF5 TLS & SSL Practices
F5 TLS & SSL Practices
 
Transformation of IT Spending
Transformation of IT SpendingTransformation of IT Spending
Transformation of IT Spending
 
Future of Enterprise IT
Future of Enterprise IT Future of Enterprise IT
Future of Enterprise IT
 
High-Performance Hong Kong Dedicated Server | Onlive Server
High-Performance Hong Kong Dedicated Server | Onlive ServerHigh-Performance Hong Kong Dedicated Server | Onlive Server
High-Performance Hong Kong Dedicated Server | Onlive Server
 
FreeSBC - A New Approach to the SBC
FreeSBC - A New Approach to the SBCFreeSBC - A New Approach to the SBC
FreeSBC - A New Approach to the SBC
 
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...
 

More from Array Networks

Redefining ADCs for Software-as-a-Service Application Delivery that’s Scalabl...
Redefining ADCs for Software-as-a-Service Application Delivery that’s Scalabl...Redefining ADCs for Software-as-a-Service Application Delivery that’s Scalabl...
Redefining ADCs for Software-as-a-Service Application Delivery that’s Scalabl... Array Networks
 
WAF FOR PCI-DSS COMPLIANCE
WAF FOR PCI-DSS COMPLIANCEWAF FOR PCI-DSS COMPLIANCE
WAF FOR PCI-DSS COMPLIANCE Array Networks
 
Array Networks’ Application Delivery Solutions Now Available Through Promark ...
Array Networks’ Application Delivery Solutions Now Available Through Promark ...Array Networks’ Application Delivery Solutions Now Available Through Promark ...
Array Networks’ Application Delivery Solutions Now Available Through Promark ... Array Networks
 
Array Networks - Application Availability, Security & Performance
Array Networks - Application Availability, Security & PerformanceArray Networks - Application Availability, Security & Performance
Array Networks - Application Availability, Security & Performance Array Networks
 
Virtual WAN Optimization Controllers Data Sheet - Array Networks
Virtual WAN Optimization Controllers Data Sheet - Array NetworksVirtual WAN Optimization Controllers Data Sheet - Array Networks
Virtual WAN Optimization Controllers Data Sheet - Array Networks Array Networks
 
Web Application Firewall (WAF) Data Sheet - Array Networks
Web Application Firewall (WAF) Data Sheet - Array NetworksWeb Application Firewall (WAF) Data Sheet - Array Networks
Web Application Firewall (WAF) Data Sheet - Array Networks Array Networks
 
Virtual Web Application Firewall (vAWF) Data Sheet - Array Networks
Virtual Web Application Firewall (vAWF) Data Sheet - Array NetworksVirtual Web Application Firewall (vAWF) Data Sheet - Array Networks
Virtual Web Application Firewall (vAWF) Data Sheet - Array Networks Array Networks
 
Array Networks Case Study - SoftLayer
Array Networks Case Study - SoftLayerArray Networks Case Study - SoftLayer
Array Networks Case Study - SoftLayer Array Networks
 
DELL STORAGE REPLICATION aCelera and WAN Series Solution Brief
DELL STORAGE REPLICATION aCelera and WAN Series Solution BriefDELL STORAGE REPLICATION aCelera and WAN Series Solution Brief
DELL STORAGE REPLICATION aCelera and WAN Series Solution Brief Array Networks
 
DATA STORAGE REPLICATION aCelera and WAN Series Solution Brief
DATA STORAGE REPLICATION aCelera and WAN Series Solution BriefDATA STORAGE REPLICATION aCelera and WAN Series Solution Brief
DATA STORAGE REPLICATION aCelera and WAN Series Solution Brief Array Networks
 
Array Networks & Microsoft Exchange Server 2010
Array Networks & Microsoft Exchange Server 2010Array Networks & Microsoft Exchange Server 2010
Array Networks & Microsoft Exchange Server 2010 Array Networks
 
eCLINICALWORKS APV Series Solution Brief
eCLINICALWORKS APV Series Solution BriefeCLINICALWORKS APV Series Solution Brief
eCLINICALWORKS APV Series Solution Brief Array Networks
 
Array APV Series application delivery controllers help scale performance, ava...
Array APV Series application delivery controllers help scale performance, ava...Array APV Series application delivery controllers help scale performance, ava...
Array APV Series application delivery controllers help scale performance, ava... Array Networks
 
APPLICATION DELIVERY CONTROLLERS
APPLICATION DELIVERY CONTROLLERSAPPLICATION DELIVERY CONTROLLERS
APPLICATION DELIVERY CONTROLLERS Array Networks
 
WAN OPTIMIZATION CONTROLLERS
WAN OPTIMIZATION CONTROLLERSWAN OPTIMIZATION CONTROLLERS
WAN OPTIMIZATION CONTROLLERS Array Networks
 
VIRTUAL SECURE ACCESS GATEWAY
VIRTUAL SECURE ACCESS GATEWAYVIRTUAL SECURE ACCESS GATEWAY
VIRTUAL SECURE ACCESS GATEWAY Array Networks
 
VIRTUAL APPLICATION DELIVERY CONTROLLERS
VIRTUAL APPLICATION DELIVERY CONTROLLERSVIRTUAL APPLICATION DELIVERY CONTROLLERS
VIRTUAL APPLICATION DELIVERY CONTROLLERS Array Networks
 
CENTRALIZED MANAGEMENT APPLIANCES
CENTRALIZED MANAGEMENT APPLIANCESCENTRALIZED MANAGEMENT APPLIANCES
CENTRALIZED MANAGEMENT APPLIANCES Array Networks
 
AVX SERIES VIRTUALIZED APPLIANCES
AVX SERIES VIRTUALIZED APPLIANCESAVX SERIES VIRTUALIZED APPLIANCES
AVX SERIES VIRTUALIZED APPLIANCES Array Networks
 

More from Array Networks (20)

Redefining ADCs for Software-as-a-Service Application Delivery that’s Scalabl...
Redefining ADCs for Software-as-a-Service Application Delivery that’s Scalabl...Redefining ADCs for Software-as-a-Service Application Delivery that’s Scalabl...
Redefining ADCs for Software-as-a-Service Application Delivery that’s Scalabl...
 
WAF FOR PCI-DSS COMPLIANCE
WAF FOR PCI-DSS COMPLIANCEWAF FOR PCI-DSS COMPLIANCE
WAF FOR PCI-DSS COMPLIANCE
 
Array Networks’ Application Delivery Solutions Now Available Through Promark ...
Array Networks’ Application Delivery Solutions Now Available Through Promark ...Array Networks’ Application Delivery Solutions Now Available Through Promark ...
Array Networks’ Application Delivery Solutions Now Available Through Promark ...
 
Array Networks - Application Availability, Security & Performance
Array Networks - Application Availability, Security & PerformanceArray Networks - Application Availability, Security & Performance
Array Networks - Application Availability, Security & Performance
 
Virtual WAN Optimization Controllers Data Sheet - Array Networks
Virtual WAN Optimization Controllers Data Sheet - Array NetworksVirtual WAN Optimization Controllers Data Sheet - Array Networks
Virtual WAN Optimization Controllers Data Sheet - Array Networks
 
Web Application Firewall (WAF) Data Sheet - Array Networks
Web Application Firewall (WAF) Data Sheet - Array NetworksWeb Application Firewall (WAF) Data Sheet - Array Networks
Web Application Firewall (WAF) Data Sheet - Array Networks
 
Virtual Web Application Firewall (vAWF) Data Sheet - Array Networks
Virtual Web Application Firewall (vAWF) Data Sheet - Array NetworksVirtual Web Application Firewall (vAWF) Data Sheet - Array Networks
Virtual Web Application Firewall (vAWF) Data Sheet - Array Networks
 
Array Networks Case Study - SoftLayer
Array Networks Case Study - SoftLayerArray Networks Case Study - SoftLayer
Array Networks Case Study - SoftLayer
 
DELL STORAGE REPLICATION aCelera and WAN Series Solution Brief
DELL STORAGE REPLICATION aCelera and WAN Series Solution BriefDELL STORAGE REPLICATION aCelera and WAN Series Solution Brief
DELL STORAGE REPLICATION aCelera and WAN Series Solution Brief
 
DATA STORAGE REPLICATION aCelera and WAN Series Solution Brief
DATA STORAGE REPLICATION aCelera and WAN Series Solution BriefDATA STORAGE REPLICATION aCelera and WAN Series Solution Brief
DATA STORAGE REPLICATION aCelera and WAN Series Solution Brief
 
Array Networks & Microsoft Exchange Server 2010
Array Networks & Microsoft Exchange Server 2010Array Networks & Microsoft Exchange Server 2010
Array Networks & Microsoft Exchange Server 2010
 
eCLINICALWORKS APV Series Solution Brief
eCLINICALWORKS APV Series Solution BriefeCLINICALWORKS APV Series Solution Brief
eCLINICALWORKS APV Series Solution Brief
 
Array APV Series application delivery controllers help scale performance, ava...
Array APV Series application delivery controllers help scale performance, ava...Array APV Series application delivery controllers help scale performance, ava...
Array APV Series application delivery controllers help scale performance, ava...
 
APPLICATION DELIVERY CONTROLLERS
APPLICATION DELIVERY CONTROLLERSAPPLICATION DELIVERY CONTROLLERS
APPLICATION DELIVERY CONTROLLERS
 
SECURE ACCESS GATEWAYS
SECURE ACCESS GATEWAYSSECURE ACCESS GATEWAYS
SECURE ACCESS GATEWAYS
 
WAN OPTIMIZATION CONTROLLERS
WAN OPTIMIZATION CONTROLLERSWAN OPTIMIZATION CONTROLLERS
WAN OPTIMIZATION CONTROLLERS
 
VIRTUAL SECURE ACCESS GATEWAY
VIRTUAL SECURE ACCESS GATEWAYVIRTUAL SECURE ACCESS GATEWAY
VIRTUAL SECURE ACCESS GATEWAY
 
VIRTUAL APPLICATION DELIVERY CONTROLLERS
VIRTUAL APPLICATION DELIVERY CONTROLLERSVIRTUAL APPLICATION DELIVERY CONTROLLERS
VIRTUAL APPLICATION DELIVERY CONTROLLERS
 
CENTRALIZED MANAGEMENT APPLIANCES
CENTRALIZED MANAGEMENT APPLIANCESCENTRALIZED MANAGEMENT APPLIANCES
CENTRALIZED MANAGEMENT APPLIANCES
 
AVX SERIES VIRTUALIZED APPLIANCES
AVX SERIES VIRTUALIZED APPLIANCESAVX SERIES VIRTUALIZED APPLIANCES
AVX SERIES VIRTUALIZED APPLIANCES
 

Recently uploaded

APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfngoud9212
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 

Recently uploaded (20)

APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdf
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 

Getting ahead of the trend towards SSL and HTTPS

  • 2. Introduction Rich Harrison rharrison@arraynetworks.com Senior Systems Engineer – US East Array Networks www.arraynetworks.com Global application delivery networking vendor  Advanced load balancing, WAN optimization and secure remote and mobile access
  • 3. SSL trends Cloud, SaaS and data center consolidation Heartbleed is a serious vulnerability in OpenSSL cryptographic software Google to reward secure websites with better search ranking Starting in 2014 CAs will no longer support 1024-bit SSL certificates SSL
  • 4. Impact on banking and finance • Large data center or private cloud • Business critical B2B or B2C banking or finance applications • SSL encryption for compliance and consumer protection Current and future risk associated with performance, scalability, cost and security.
  • 5. Performance, scalability and cost Key Size 64-bit Server Dedicated SSL Solution 1024 1,500 TPS 7 Servers 25,000 TPS 200,000 TPS 2048 300 TPS 35 Servers 5,000 TPS 40,000 TPS Implication Where servers once sufficed for handling SSL, a dedicated SSL solution may be required More robust dedicated SSL solutions may be required to meet increasing demands  Increasing adoption of SSL, data center consolidation and the more compute-intensive 2048-bit standard creates a dynamic that impacts both costs and performance (user experience)
  • 6. Security Server Dedicated SSL Solution Proprietary Dedicated SSL Vulnerability OpenSSL OpenSSL Proprietary SSL Performance Software SSL Hardware SSL Optimized HW SSL Remediation Many OpenSSL versions results in complex remediation Multiple OpenSSL versions increases remediation burden Single proprietary SSL simplifies remediation (if needed)  Recent vulnerabilities in SSL are related to the use of OpenSSL by many server and dedicated SSL vendors  Dedicated SSL solutions that use a proprietary SSL implementation were immune to the recent Heartbleed and MITM vulnerabilities
  • 7. Strategies for success Scalability Solid performance on entry- level, mid-range and high- end solutions ensures seamless upgrades if and when needed. Performance If you require SSL, use a dedicated appliance, even in environments where many other elements are virtualized. Speeds, feeds and price vary by vendor and provider, normalize metrics and offers to $/SSL TPS to make accurate comparisons Cost Seek solutions that use proprietary SSL to mitigate OpenSSL-related issues such as Heartbleed and MITM vulnerabilities. Security • If you are purchasing equipment, carefully evaluate vendors • If you are deploying in the cloud, carefully evaluate IaaS providers • Measure costs in $/SSL TPS • SSL is becoming ubiquitous, consider your future needs $
  • 8. Additional BFSI considerations  Scaling certificate management  Client certificate authentication and certificate revocation list (CRL) management are potential bottlenecks  Solutions that perform these functions at a system level (as opposed to solutions based on OpenSSL) will ensure maximum performance  More stringent certificate management and security  BFSI industry is trending towards greater use of certificates to authenticate and authorize sessions  Look for solutions capable of: • Operating in bridge mode as an SSL server and/or client • Requesting certificate re-verification on demand “in-flight” • Supporting multi-level authentication (open, credentials, certificate) • Supporting 2-way certificates
  • 9. Shameless plug  25K 2048-bit SSL TPS  20Gbps or 30Gbps Throughput  Heartbleed & MITM-proof  1RU  10GigE Fiber & Copper Interfaces APV3600 & APV3650 Application Delivery Controllers  ~ 50 – 75% lower $/TPS  Advanced certificate management features  Starting at $24,995

Editor's Notes

  1. Google recently announced SSL encrypted pages will receive higher search rankings. This will drive broader adoption of SSL as the Google algorithm increasingly favors encrypted pages. As of 2014, NIST, CAB and CAs no longer support or issue 1024-bit certificates. New 2048-bit certificates are more secure, however, they consume fives times more compute horsepower. In data centers where SSL connections are aggregated, this has forced a choice between increased costs or diminished performance. Recent vulnerabilities such as Heartbleed and man-in-the-middle (MITM) have raised the question of whether SSL is sufficiently secure, and have caused many to worry over when and where the next vulnerability will occur. With the rise of cloud and Web-based SaaS applications, businesses are consolidating their operations into a small number of more scalable data centers. Without proper planning, supporting cloud-scale SSL has the potential to impact the performance of applications and servers.