In today's economy, it's important to improve Web-site performance without buying new and faster servers every other week. To meet this need, a number of companies have come out with Web acceleration appliances. One such company is Redline Networks, whose E|X3250 combines several technologies to produce considerable drops in response time to clients and in effective throughput as well. The E|X3250 does several things -- it compresses HTTP traffic, consolidates all TCP/IP sessions from any particular client into one session, and off-loads SSL processing from Web servers. The combined effects of these acceleration techniques can produce very large (over 20x) improvements.
The E|X3250 compresses HTTP traffic both by using HTTP 1.1-compliant compression, and by stripping comments and other useless code from data sent to a client. It also reduces the dozens or even hundreds of TCP sessions a single normal client might produce while Web browsing to a single session, reducing network traffic substantially. In our testing, these technologies produced improvements from two to 20 times on a stock single Web server, depending on the type of traffic tested and number of clients.
SSL processing can dramatically slow a server. Most servers without some type of SSL acceleration can only handle a couple of dozen SSL connections per second. The E|X3250 can process 800 SSL transactions per second, and in addition can transparently add SSL to an entire site without changing the code on the site, automatically rewriting HTTP requests to HTTPS. Including both the compression and session consolidation as well as the SSL acceleration, performance improvements could literally be hundredfold.
Setting up the appliance is a typical process, with initial configuration through a serial terminal for basic IP information, and the rest of the configuration done via browser, or telnet if desired. The E|X 3250 isn't installed as a router, but as a reverse proxy, so the network architecture needn't be changed. The Web site is assigned an IP address in the E|X 3250, and the DNS entry for the Web site is changed to that IP address.
Using the browser interface, completing the configuration is easy and nicely documented. Administrative tasks can be delegated, since the E|X 3250 supports several levels of user permissions.
The E|X3250 also supports Windows NT LAN Manager (NTLM) authentication, can reject clients that don't have SSL certificates from a trusted authority, screens incoming requests for validity, can compress Web services traffic such as SOAP, and supports traffic reporting and alerts to notify administrators of overloads or other problems. It can even protect against some denial of service attacks such as SYN floods, by isolating connections for each user. It performs health checking of both servers and applications, and two devices can be configured in a failover mode for additional security.
The appliance supports 64 virtual IP addresses and up to 32 servers per virtual IP address and 50,000 simultaneous connections. It supports direct server return connections and persistent connections for e-commerce and similar applications, and does most of this automatically, with little configuration necessary.
Most Web sites will see dramatic improvements in response times -- in our testing the average response time was cut in half. Bandwidth utilization for a given number of clients also dropped substantially. This is somewhat traffic dependent -- for example streaming video sites will not see as much improvement, since HTTP compression isn't relevant. SSL acceleration and the Auto-SSL feature alone might be worth the $29,995 price tag to some organizations. Any Web site administrator with servers that are approaching peak loads on a regular basis should investigate the E|X3250. For administrators who don't need the Auto-SSL features, Redline Networks has less expensive accelerators that still provide the other benefits.
- Effective acceleration of most Web sites
- Auto-SSL enables SSL for a whole site without changing code
- Adds protection against HTTP hacking and denial of service attacks