SSi Service Strategies Inc.

Inline Deployment

 

 

 

Home
Up
Request Information
Contact SSi
Glossary of Terms
Site Contents
Site Search
Notices

 

SSi

SSL Inline Mode Deployment

Inline Mode

The Inline configuration is the simplest method to deploy because it requires no specific inter-operation configuration on either the SSL-x or the content switch. To maximize uptime, a high-availability option is offered. High-availability in an Inline configuration is unique in that it is offered by the SSL-x, rather than by the content switch’s server-health-check mechanisms. The SSL-x offers a hot-standby mode wherein two SSL-x devices—one active, and one standby—are connected via a serial cable for the sake of heartbeat communications. Should the active SSL-x fail, the standby unit will identify the failure, and will assume the role of active SSL-x. When the failed unit resumes operation, it will do so in a standby mode. Because the SSL-x front-ends the content switch, passing all traffic to the content switch in a decrypted fashion, no additional traffic-handling requirements beyond its normal configuration are necessary on the content switch.

Inline Configuration with Hot-Standby Fail-over

Content switch configuration typically involves a Virtual IP address (VIP) for the virtual server group, and then a number of associated real-servers (back-end servers) that compose the server farm. The client requesting the content, for example, HTTPS content, makes the request of the VIP address, and then the content switch intelligently distributes the traffic to the real-servers according to a balancing algorithm, or some other higher level distribution facility.

All traffic in this scenario passes through the SSL-x in a transparent manner, with the exception of SSL traffic. The SSL-x family is capable of supporting most any TCP based protocol over SSL. Although the most popular application of SSL by far is HTTPS (TCP port 443) other protocols, such as SPOP3, SSMTP, and SSL-LDAP, to name a few, are also supported. Considering the broad protocol support of the Sonicwall SSL-x family, SSL-Server groups must be created through the Configuration Manager in order to designate SSL traffic.

If you would like to request additional information on an SSL security product or application, please click on the button below.

Certified SonicWALL Sales Experts

 

Service Strategies Inc.

2392 Mount Vernon Rd

Dunwoody, GA 30338-3092

678-441-0020   800-662-1615

assist@ssimail.com

Copyright © 1998 - 2002 Service Strategies Inc. All rights reserved.
Revised: April 04, 2005.