[c-nsp] Cisco load balancers with SSL offload
James Slepicka
cisco-nsp at slepicka.net
Mon Apr 16 11:00:00 EDT 2007
We're doing SSL termination on CSS11503s (available on the 11501S-C and
above). The 11503 is modular and price can vary greatly based on
config, so I won't toss out any numbers.
After a few tweaks to solve poor performance issues (ssl-queue-delay, in
particular), I've been pretty happy with them. I'm curious to know,
aside from the fact that it's an aging platform, why you're not.
p.s. -- Though I have limited experience with them, I'd recommend
staying away from the Radware boxes. We, and the Radware tech we had
installing them, ran into tons of problems.
James
Gert Doering wrote:
> Hi,
>
> what are folks using for "HTTP load balancing" with SSL offload (SSL
> connection and all the crypto works is done on the load balancer, and
> the server machines only do HTTP) today, in Cisco land?
>
> We're currently using Foundry (don't ask), Citrix Netscaler (very nice
> boxes!), and Cisco/Arrowpoint CSS (no SSL, as far as I know, and somewhat
> aged platform...).
>
> Now we have a customer that's unhappy with Foundry, and doesn't want
> Netscalers - and is asking for "what Cisco products can you recommend?".
>
> I can't recommend CSSs, but I assume that there are more "recent"
> products available...
>
> So - what are you using, how happy are you with that solution (and what's
> the global list proce for it? :) ).
>
> Sorry to offload my research homework to the cisco-nsp list, but you just
> can't get useful answers from looking at "yes, we can do all this!!!"
> vendor pages...
>
> gert
>
>
More information about the cisco-nsp
mailing list