138 ServerIron ADX Security Guide
53-1002440-03
SSL acceleration on the ServerIron ADX
6
SSL Proxy Mode
In full SSL proxy mode, a ServerIronADX maintains encrypted data channels with the client and
server. The ServerIronADX maintains an SSL session with the client and a separate one with the
server. This maintains total SSL security between client and server.
This is useful in a configuration where you want to maintain full SSL security between a client and
server and also have the ServerIronADX perform L7 processing and security to application traffic.
This works because after the SSL connection is terminated at the ServerIronADX and before it
enters the SSL connection with the server, it is in clear-text within the ServerIronADX where it can
be subject to L7 inspection.
Figure 10 shows the basic topology for a configuration of the full SSL proxy mode.
FIGURE 10 ServerIron ADX SSL Proxy
ServerIron ADX SSL
This section describes the SSL features used in configuration of a ServerIron ADX for SSL
acceleration.
ServerIron
Real
Server
Client
SSL Termination on:
rs10 (10.1.1.20)
vip 10 (10.1.1.100
)
HTTP
Traffic
SSL
Traffic
(encrypted) (unencrypted)

ServerIron

Real

Server

Client rs10 (10.1.1.20)

SSL

Traffic

(encrypted)

SSL

Traffic

(encrypted)
SSLProxy on:
vip7 (10.1.1.30)