August 29, 2021

SSL Off-loading at Load Balancer Vs Common Scrubbing zone

Hi guys,

When a user submits an online form on a website over HTTPS, I understand that the common practice is to do SSL offloading at the Load Balancer before traffic enters the on-prem network. Thereafter, the data is sent in the clear to the web server. (pls correct me if I am wrong.)

I saw that a vendor is proposing to have a scrubbing zone where SSL traffic is decrypted and distributed to modules such as WAF, IPS, IDS, Malware detection for analysis . Thereafter, the traffic is re-encrypted again before sending it to the webserver via TLS.

Can I check if the latter is a common practice and what are your views on the setup?

Thanks.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.