I thought I'd jump in and share something I've been quite pleased with. We've installed a series of Intel NetStructure 7110's in our cabinets. They are basically highly-configurable (CLI) SSL accelerators. They offload SSL processing from your servers and are touted to handle 200 SSL connections/second.
Traffic comes in on a designated port (say 443) and comes out on another (say 80) destined for the server. On the way back out, it leaves the Intel on 443 again. You can load many certificates, set timeouts, spill-over to other units down the line, spill over to servers, etc. The real kicker is that these units cost $4,000 to $6,000 not too long ago. Now you can get them on eBay for $175. You'll also see them listed as Accelar 710's or Ipivot 1000's. Check with Intel about support and software updates, but if you leave remote management services turned off (or restricted to your private network), the unit should remain safe and secure for a long time to come. Anyway, once you get them configured correctly, they are really great. Best regards, Gary | |> (by the way I do have it on its own IP.) | |If you didn't, it wouldn't work. | |Jeff |-- |Jeff Lasman <[EMAIL PROTECTED]> |Linux and Cobalt/Sun/RaQ Consulting |nobaloney.net, P. O. Box 52672, Riverside, CA 92517 |voice: +1 909 778-9980 * fax: +1 909 548-9484 |_______________________________________________ |cobalt-security mailing list |[EMAIL PROTECTED] |http://list.cobalt.com/mailman/listinfo/cobalt-security | | _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
