In a traditional environment/architecture, a client makes a request for a certain webpage. After that web server process the client request and sends a response back to the client. The modern websites and architecture do this process smartly with the help of SSL offloading.
Let’s start deeper to understand SSL offloading more…
SSL offloading is the process of relieving the webservers from the task of encryption and decryption.
There are SSL off-loader devices like Citrix NetScaler, F5. It comes with separate Application Specific Integrated processors (ASIC). This offsets the webserver’s task of Decryption /Encryption by limiting the SSL traffic. It performs the encryption and decryption intensive task on behalf of the web applications.
This free up the processing power of the web application servers. Now it can work to provide the appropriate response to the client request as fast as it can. In a nutshell, this is how SSL offloading works.
There are some other terms to SSL offloading like SSL Accelerators & SSL load balancing.
A load balancer can be any modern device which helps to improve the distribution of workload amongst various resources available. For instance, limiting the SSL handshaking process to itself and forwarding the plain text data to the least occupied backend server.
So, a strong HTTPS inspection rule can evade the attack using HTTPS traffic. All the https traffic will be inspected and only upon deeming it to be good, it will be allowed to pass through the corporate network.
As the SSL/TLS traffic increases it becomes necessary for each https traffic to be offloaded and inspected.
There are two types of SSL offloading and it is important for you to understand which one suits your requirement.
It is a procedure where the device decrypts the data and send the content in plain text format to the backend servers.
The server will then send the appropriate response based on the client request and send the packet to the device.
The device in turn with encrypt the data using the SSL installed and send the same to the end customer.
It is a process of decrypting the data inspecting the content encrypting it again and sending the same to the backend web server.
The SSL certificates must be installed in all the web servers where the requested URL is hosted. The web server will then decrypt it again.
The server will encrypt the response and send it to the device. The device will then decrypt it, inspect the content and encrypt it again and send the same to the end customer.
SSL bridging is a slower process, it adds an additional step of encryption-decryption at the web server end. Due to this factor clients prefer SSL offloading compared to SSL bridging.