Monday, 1 June 2020

F5

1-) SSL Offloading: It means that client to F5 traffic is encrypted, SSL ends on F5, then clear text traffic goes through from F5 to server. ClientSSL profile is needed and http monitor is used for servers. You can also add http profile and optimize traffic according to Layer 7 traffic. Cookie persistency can be used.



2-) SSL Bridging: It means that client to F5 traffic is encrypted, and F5 to server traffic is encrypted. But each site has separate SSL session. ClientSSL and ServerSSL profile are needed, https monitor is used for servers. You can also add http profile and optimize traffic according to Layer 7 traffic. Cookie persistency can be used.



3-) SSL passthrough: It means that F5 only load balances traffic at TCP level and SSL ends on Servers. You should NOT add clientSSL and serverSSL profile. You CANNOT use http profile, therefore you CANNOT optimize layer 7 traffic. Cookie persistency CANNOT be used.

No comments:

Post a Comment

iRule

  iRule: -- o iRule is a powerful and flexible feature within the BIG-IP local traffic management (LTM). o IRule is a powerful & flexibl...