I know nothing about the Cisco SCA 11000 and can't find much about it on
the web via a quick Google search either. But since you also ask about
similar equipment, I might as well ask another set of questions.
From my experience for general accelerators is that they all do the
standard job of off loading SSL transactions onto their own device. Your
webserver sends to them traffic in the clear, and they encrypt it--a
strait forward process. So the only things to think about are:
1) the number of new connections per second you want to handle
2) the amount of data per second that will need on the fly encrypting
3) the number of simultaneous connections you want to support
You need to factor growth into this as well (as you said). The internet
is becoming more and more SSL based.
These are just general questions. I don't have a huge amount of
experience with SSL accelerators, but I'd expect answering some of those
questions may help others in finding you the best solution. Oh, and some
SSL accelerators do offer special features that other makers don't have.
Intel's 7115 (I think it is) offers client side certificates. I'm not
sure of what that really is, but it's a feature. Intel's also are
"in-line" accelerators. They have a nice hardwired failover system and
overload function. I'm also aware of the Rainbow cards, but that's
another solution that's a bit more expensive if you have a large farm.
The last product I've had the chance to play with is the Netscaler SSL
solution. They offer some interesting "bonus" features along with (or
last I checked which hasn't been for a while) a SSL box that can be load
balanced or put "in-line". The load balancing feature is good for even
speed improvement. I believe there is one other company that also offers
a SSL product that can be load balanced too (I mean evenly load balancing
In summary, there are a ton of products out there to meet every need and
more. Either come up with more specific requirements (which I guess you
did by saying SCA-11000, just I'm unable to find much info on it) or get a
list of some SSL devices and have the companies send you competitive
reports on each other. I'm sure each of these companies have competitive
white papers on their competition.
/Nicholas W. Blasgen
(yet another unemployed network guy)
Wow that was a long note. Ok, back to watching TV...no more e-mail for me
From: owner-lb-lIZZATvegan.net [mailto:owner-lb-lIZZATvegan.net]On Behalf Of
Sent: Monday, April 08, 2002 4:57 PM
Subject: [load balancing] SCA-11000 - Experiences or Horror stories?
Does anyone have any decent stories to tell regarding the Cisco SCA 11000
(Secure Content Accelerator) or like equipment?
Sounds just like what I need to migrate a few legacy things to SSL and to
increase performance and scalability of my web farm...
The Load Balancing Mailing List
MRTG with SLB: http://vegan.net/MRTG
Hosted by: http://www.tokkisystems.com
This archive was generated by hypermail 2b30 : Mon Apr 08 2002 - 21:23:35 EDT