Forum Discussion
If you assume that ECC ciphers are in play, or you're using servers with SSL acceleration hardware built in (as alluded to in Adam Langley's quote), then the implications of SSL CPU usage and throughput are perhaps less of a factor in the offloading decision today, but certainly not something to completely ignore. In truth, you really have to consider the implications of not handling SSL at a "trusted proxy". If you're creating an "end-to-end" SSL session from the client to the server, the following things become either lost to you, or exponentially more difficult:
-
Intelligent load balancing - in the absence of access to application layer visibility, an ADC (i.e. load balancer) is largely reduced to persisting on source addresses for browser-based communications.
-
Insight - malware generally exists at the application layer, and an entire industry of products (IDS, IPS, AV, WAF, etc.) have been built to address this challenge. In the absence of application layer visibility, these security controls have to happen at the server and/or the client, which is a completely unreasonable request in most cases.
-
SSL intelligence - if you've reviewed the SSLLabs grading criteria lately, you'll notice that the requirements are fairly complex. Quite a few of the items on that list are simply harder to accomplish (and maintain) on a set of "stock" web servers, vs. a single secure ADC entry point.
I'd point out here an interesting difference between SSL offloading and SSL management. In an age where we weren't as concerned about the inside of the network, and SSL was expensive on commodity servers, offloading simply made more sense. But I think we've evolved a bit. SSL is definitely cheaper these days, and malware is slipping right through that open port 443 on your firewall. SSL management is therefore not the (IMHO, reckless) pursuit of "end-to-end" SSL, but rather an evolutionary state where SSL is indeed maintained between every point in the network, but also managed intelligently at a central point, where security "layers" (IDS, IPS, WAF, etc.) are given privileged visibility to unencrypted data and the SSL process itself is controlled at the highest possible standard for each party involved. SSL management also implies a return to intelligent load balancing and robust logging capabilities that you won't get otherwise.