自学内容网 自学内容网

F5 – SSL Options (SSL Offloading vs SSL Bridging vs SSL Passthrough)

SSL Offloading (or SSL Termination)

ssl-offloading.png

In this method, SSL traffic is terminated at the F5 BIG-IP system, decrypted and inspected, but is not re-encrypted before being forwarded to the server. The BIG-IP system maintains the SSL session with the client, and the server session is over plain HTTP.

Pros:

  • Offloads the CPU-intensive task of encryption/decryption from the server, potentially improving server performance.
  • Provides the ability to inspect, manipulate, and manage the SSL traffic since it’s decrypted at the load balancer.
  • Enables use of security features like F5’s ASM or WAF because the traffic can be inspected.

Cons:

  • Traffic between the load balancer and servers is not encrypted, whi

原文地址:https://blog.csdn.net/sj349781478/article/details/137520356

免责声明:本站文章内容转载自网络资源,如本站内容侵犯了原著者的合法权益,可联系本站删除。更多内容请关注自学内容网(zxcms.com)!