Optimize and Accelerate SSL Traffic

Reduce Latency and Speed Up Mission-Critical Communications and Applications

Learn More

Challenge

Over the last several years, DoD networks have faced significant tests on their ability to meet the needs of mission-critical users. From an exponential increase in network traffic, longer links to the cloud, to greater use of SaaS applications, the demands placed on DoD networks often outpace the available capacity, resulting in reduced application performance and crippling latency.

To compound these issues, public sector networks and applications have been leveraging encrypted network communications and as a result, DoD agencies have seen 80-90% of its network traffic move to SSL/TLS protocols.

In the past, to optimize and accelerate this traffic, IT Teams had to share or create proxies of hundreds of SSL certificates and keys, a laborious process which also led to the perception that this process increased network security risks. The result was often an unwillingness to optimize and accelerate SSL traffic and simply throw more bandwidth at the agency’s problems.

Solution

As encrypted traffic started overtaking government networks, Riverbed Technology began reengineering its optimization and acceleration solutions to meet the new norm of SSL/TLS encryption.

Riverbed’s new SSL Agent simplifies the configuration process of optimizing and accelerating SSL/TLS traffic by acting as a Hardware Security Module (HSM) and granting “single session” keys to authorized users and applications. This novel approach to “SSL Interoperability” eliminates the need for certificate and key management and reduces the risk associated with additional devices storing certificates and keys on the network.

The SSL Client allows the DoD to finally benefit from much needed optimization and acceleration while maintaining an encrypted environment. By ensuring faster data transfer, reduced effects from latency and unlocked capacity, the agency’s networks are poised to meet the demands of its global users.

Easy and Secure SSL/TLS Optimization

  • Client sees SSL/TLS connection to application authorized for acceleration
  • Client securely connects to client SteelHead (mutual authentication using ECDHE, and PFS)
  • Client SteelHead or Client Accelerator verifies server-side SteelHead application availability
  • Client SteelHead requests remote key operation from client and receives handle to session key
  • Private keys are never revealed
  • Same technology behind HSM – Allowing the client connection to be secured end to end and transparently optimize

Legend

SSL Certificate

Temporary Session Key

Secured Connection

Secure Agent

Benefits

Simplifies the configuration process of optimizing and accelerating SSL/TLS traffic

Acts as a Hardware Security Module (HSM) and grants “single session” certificates and keys to authorized users and applications

Eliminates the need for certificate and key management

Reduces the risk associated with additional devices storing certificates and keys on the network

Unlocks greater capacity on finite satellite bandwidth

Diminishes the impact of latency and speeds up mission critical communications and applications

Get
Started

NTS is here to help you get the most out of your network environment when it comes to mission critical communications and applications. We will deploy the SSL Client on your network alongside your SteelHead WAN Optimization and Client Accelerator solutions. Once configured, you can start optimizing and accelerating your SSL traffic to unlock needed capacity and reduce the impact of latency, all while maintaining an encrypted environment.

For more information please contact sales@nextechsol.com or
fill out this form