F5 – SSL Options (SSL Offloading vs SSL Bridging vs SSL Passthrough)
SSL Offloading (or SSL Termination)
In this method, SSL traffic is terminated at the F5 BIG-IP system, decrypted and inspected, but is not re-encrypted before being forwarded to the server. The BIG-IP system maintains the SSL session with the client, and the server session is over plain HTTP.
Pros:
- Offloads the CPU-intensive task of encryption/decryption from the server, potentially improving server performance.
- Provides the ability to inspect, manipulate, and manage the SSL traffic since it’s decrypted at the load balancer.
- Enables use of security features like F5’s ASM or WAF because the traffic can be inspected.
Cons:
- Traffic between the load balancer and servers is not encrypted, whi
原文地址:https://blog.csdn.net/sj349781478/article/details/137520356
免责声明:本站文章内容转载自网络资源,如本站内容侵犯了原著者的合法权益,可联系本站删除。更多内容请关注自学内容网(zxcms.com)!