CSS and ACE appliance SSL TPS

Unanswered Question
Oct 15th, 2008

Hi,

Can someone explain how are SSL Transactions per second calculated on CSS and ACE?

We need to select appropriate SSL license needed for future ACE appliance, wich is defined in terms of TPS.

We also currently have CSS device with SSL module. Is there any way to find current SSL TPS info on a CSS device?

Thank you and regards,

Jasmina

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Loading.
jasmina27s Thu, 10/16/2008 - 23:06

Hi Gilles, :)

Thanks, I know that is a maximum number for one SSL module in CSS, but it does not help to estimate if we need SSL 1,000 TPS License or SSL 5,000 TPS License for ACE 4710.

Can you or someone else explain what exactly is counted as 1 Transaction in SSL and how should we estimate needed number of TPS for ACE?

An idea was to use CSS to find some current statistics, but if you have any better suggestion, it is welcomed. :)

Best regards,

Jasmina

Syed Iftekhar Ahmed Thu, 10/16/2008 - 23:58

TPS tells you how many NEW SSL sessions can be setup by ACE per second. if you are using 1000 TPS license, and the ACE

receives more than 1000 new connection attempts in one second then these new connections will be dropped.

"Show resource usage" on ACE can give the consumed amount

ACE-4710/Admin# show resource usage | incl ssl-conn

Resource Current Peak Min Max

Denied

ssl-connections rate 0 0 0 1000

On CSS "show SSL flows" can give you the

current number of open SSL connections.

Another important SSL number is "Concurrent SSL Sessions supported" . ACE appliance supports 100K concurrent SSL sessions whereas CSS 11501 supports 40K.

HTH

Syed Iftekhar Ahmed

SSS999888 Fri, 07/09/2010 - 02:32

What is the method used to calculate SSL TPS requirement.

example,
Current: Peak SSL Transactions  6,000

If I expect a peak concurrent connection of 200,000 what would be the methodology for calculating SSL TPS needs. (Some sample calculation steps would be appreciated.)

Can I interpret the licensing as follows,

SSL TPS: SSL Transactions per second: Number of NEW transactions that can be setup by ACE per second. (Does this mean established SSL transactions are not counted by the license, though each of the packets in established transactions require SSL termination!)

Thanks

Sri

Actions

This Discussion