What is SSL (Secure Sockets Layer)?

SSL (Secure Sockets Layer) Evolved into TLS (Transport Layer Security)

SSL (Secure Sockets Layers) is a cryptographic protocol used to authenticate internet connections and enable data encryption and decryption for network communications. First developed by Netscape in the mid-1990s, SSL overcame its initial security flaws with the release of SSL 3.0 in 1996, which served as the de facto standard for secure internet communications for several years. As further security vulnerabilities have become evident, the Secure Sockets Layer protocol has been superseded by TLS (Transport Layer Security), which was initially defined in 1999 and updated to TLS 1.3 in August 2018. All releases of SSL have been deprecated, and most modern browsers no longer support the protocol, though the same certificates can be used with both TLS and SSL.

While they differ in specifics such as the encryption algorithms they use and the ports they support, the Secure Sockets Layer and Transport Layer Security protocols function essentially the same way. Like TLS, Secure Sockets Layer performs SSL encryption and SSL decryption using a set of two keys, one public, and the other known only to the recipient. When a browser attempts to connect with a website secured with SSL (or TLS), indicated by HTTPS in its URL, the web server will respond to its request for identification with a copy of its public key certificate. If the certificate is trusted—or validated by a certificate authority—the browser and server will initiate an encrypted session. All the data that passes between them will be fully secured and private, rendered unintelligible to outside parties and protected from attack.

The computing-intensive nature of SSL encryption and SSL decryption can burden a web server, degrading performance. This can be addressed through SSL offload, in which a separate device is used to perform this functions.

How A10 Networks Supports SSL (Secure Sockets Layer)

Encryption, thanks to providing privacy and security to connections between users and servers, has become ubiquitous, to the point that over 90 percent of the internet traffic is encrypted. A10 Networks Thunder® Application Delivery Controller (ADC) provides SSL offload capabilities, which takes care of the compute intensive SSL decryption and SSL encryption of application traffic, relieving the web servers from these duties and allowing them to function at optimal performance levels.

SSL decrypted traffic can also be fed into security appliances, like A10’s Thunder® SSL Insight (SSLi®), where SSL inspection can be performed in clear text before reaching the servers, protecting them from potential encrypted attacks.

SSL (Secure Sockets Layer) Articles and Assets of Interest

 

Hosting Provider Increases Value with SSL Offload (Case Study)

Company: SapientNitro

Critical Issues:

  • Legacy ADC solutions could not meet capacity requirements for large-scale web infrastructure
  • 2048-bit SSL keys would increase web server hardware cost
  • SSL key management was complex and time consuming

Selection Criteria:

  • High performance, SSL Offload, no licensing gimmicks for advanced features and high quality support

Results:

  • Handle more customers with existing infrastructure and improve the end-user experience through faster response, while reducing operational and capital expenditure

Read How SapientNitro Benefitted