Table of Contents
Advertisement
6
SSL acceleration on the ServerIron ADX
SSL Proxy Mode
In full SSL proxy mode, a ServerIronADX maintains encrypted data channels with the client and
server. The ServerIronADX maintains an SSL session with the client and a separate one with the
server. This maintains total SSL security between client and server.
This is useful in a configuration where you want to maintain full SSL security between a client and
server and also have the ServerIronADX perform L7 processing and security to application traffic.
This works because after the SSL connection is terminated at the ServerIronADX and before it
enters the SSL connection with the server, it is in clear-text within the ServerIronADX where it can
be subject to L7 inspection.
Figure 10 shows the basic topology for a configuration of the full SSL proxy mode.
FIGURE 10
ServerIron ADX SSL
This section describes the SSL features used in configuration of a ServerIron ADX for SSL
acceleration.
138
Client
SSL
Traffic
(encrypted)
ServerIron ADX SSL Proxy
Client
SSL
Traffic
(encrypted)
HTTP
SSL Termination on:
Traffic
)
vip 10 (10.1.1.100
(unencrypted)
SSL Proxy on:
vip7 (10.1.1.30)
Real
Server
rs10 (10.1.1.20)
Real
Server
rs10 (10.1.1.20)
SSL
Traffic
(encrypted)
ServerIron ADX Security Guide
53-1002440-03
Advertisement
Table of Contents
Troubleshooting
