I recently came across a SaaS company that required support for Perfect Forward Secrecy (PFS) for better SSL security. They bought 4 pairs of [redacted] ADC / load balancers from a proprietary hardware vendor to perform the SSL PFS termination. At first glance, this seems like a safe, logical decision. Just like real estate was a safe and conservative investment strategy in 2006 before the bubble burst, or .com stocks in 2000 right before the stock market's implosion.
First, let’s describe the landscape. SSL crypto hardware has been around for more than a decade, and has been instrumental in facilitating high transaction sites to enable SSL security. But times have changed. Intel CPUs are much more capable, natively incorporating many of the functions necessary for encryption. The encryption has also evolved, with SSL being deprecated in favor of the TLS, new certificates utilizing Elliptic Curve cryptography (ECC) over RSA, and ciphers that enable critical Perfect Forward Secrecy (PFS) protection. While the innovation has existed for some time, forward looking companies such as Apple are now requiring new apps to leverage this technology, which they refer to as App Transport Security, for iOS9 and API calls for the latest versions of Mac OS.
Meanwhile, the crypto card used today is the same crypto card used for the past few generations of load balancers. There are more crypto chips on the cards, but they do not support modern certificates and ciphers, and are not used for PFS handshakes. The proprietary hardware vendor dismisses this as a "slight increase in CPU load, but within tolerance."
Now let’s put in perspective just how wildly out of whack the hardware bubble has become and you can be the judge of "within tolerance".
The [redacted] load balancer hardware can do less than 12k SSL Transactions Per Second using Elliptic Curve for PFS. So with 4 pair, that's about 48k TPS. But wait, this is the '-SSL' variant of the proprietary hardware, which means it has extra SSL cards in it, right? Perhaps, but since SSL crypto hardware is now so old, it doesn't support modern SSL cryptography such as PFS. Therefore SSL processing is done in software on an undersized six core Intel CPU. The upgraded –SSL model didn’t help improve the transaction count at all.
Now let's compare the SSL performance against Avi Vantage, running on a server such as a Dell R430. As a general guideline, SSL using Elliptic Curve certificates can do about 2,000 TPS with PFS, per CPU core. Equipped with 2x 12 core Xeon processors, the R430 is priced around $4,800. Throw in a second server for redundancy, add Avi Vantage software on top, and you are looking at 1/10th the cost for 50k SSL TPS with Perfect Forward Secrecy. And since Avi is a software fabric, not an appliance, it means with a single, fully redundant virtual service, SSL TPS is around 100k, at 1/10th the cost. Both servers are fully active, and with each additional server added, the SSL capacity scales linearly by another 50k.
When customers want to do an SSL bakeoff between Avi Networks and proprietary hardware load balancers, they can use any extra server lying around, or just use one of Avi's loaner laptops. Work the math, it's downright embarrassing that a laptop can outperform outlandishly expensive proprietary hardware. When the numbers get this far out of whack, the market will revolt, the bubble will burst, sanity will prevail, and the world will once again be free to build networks with modern security.
Try it out yourself, or take us up on the laptop versus vanity hardware challenge. :)