SSL Traffic Types (Part of SSL Profile Function) - TMOS 201 Flashcards
What are the three types of SSL traffic?
SSL offloading or client-side termination
SSL bridging
SSL pass-through
What is ssl offloading?
Also known as client-side termination, the client sends encrypted traffic (HTTPS) TO THE F5. The F5 decrypts the traffic and forwards it unencrypted to the pool members.
A client ssl profile is needed to make this work.
Additional profiles needed: tcp protocol profile and application HTTPS profile.
What is ssl bridging?
The type of traffic where the client sends encrypted traffic to the f5. The f5 receives the encrypted traffic and then decrypts it. Afterwards, the f5 reencrypts the traffic and sends it encrypted to the pool members.
Both client ssl and server ssl profiles are needed for this to work.
What is SSL pass-through?
It is traffic that is encrypted from client to f5 to server. The f5 does nothing with the traffic, it simply passes it through.
No client ssl or server ssl profiles are needed. Only a tcp protocol profile is needed.
The only configuration needed is the virtual server listens in port 443 and the pool members listen on port 443.
