In a traditional environment/architecture, a client makes a request for a certain webpage, where web server process the client request and sends a response back to the client. The modern websites and architecture do this process smartly with the help of SSL offloading.
Let’s start deeper to understand SSL offloading more…
SSL offloading is the process of relieving the webservers from the task of encryption and decryption.
There are SSL off-loader devices like Citrix NetScaler, F5 which comes with separate Application Specific Integrated processors (ASIC) that offsets the webserver’s task of Decryption /Encryption by limiting the SSL traffic handling to itself and perform the encryption and decryption intensive task on behalf of the web applications.
This free up the processing power of the web application servers whose now work is to provide the appropriate response to the client request as fast as it can. In a nutshell, this is how SSL offloading works.
There are some other terms to SSL offloading like SSL Accelerators & SSL load balancing.
A load balancer can be any modern device which helps to improve the distribution of workload amongst various resources available. For instance, limiting the SSL handshaking process to itself and forwarding the plain text data to the least occupied backend server.
So, a strong HTTPS inspection rule can evade the attack using HTTPS traffic. All the https traffic will be inspected and only upon deeming it to be good, it will be allowed to pass through the corporate network.
As the SSL/TLS traffic increases it becomes necessary for each https traffic to be offloaded and inspected.
There are two types of SSL offloading and it is important for you to understand which one suits your requirement.
It is a procedure where the device decrypts the data and send the content in plain text format to the backend servers.
The server will then send the appropriate response based on the client request and send the packet to the device.
The device in turn with encrypt the data using the SSL installed and send the same to the end customer.
It is a process of decrypting the data inspecting the content encrypting it again and sending the same to the backend web server.
The SSL certificates must be installed in all the web servers where the requested URL is hosted. The web server will then decrypt it again.
The server will encrypt the response and send it to the device. The device will then decrypt it, inspect the content and encrypt it again and send the same to the end customer.
Clients prefer SSL offloading more than the SSL bridging reason being the latter being slower because it adds an additional step of encryption-decryption at the web server end.