Riverbed Speeds SSL-Encrypted Traffic Across WANs

The WAN optimization provider is the first of the larger players in its space to deliver acceleration of SSL-encrypted traffic between a central site and remote branch offices, an analyst says.

High-flying WAN optimization provider Riverbed Technology on March 5 will overcome a key hurdle in its otherwise fast-growing market acceptance when it introduces the next major release of its Riverbed Optimization System.

Riverbed, which recently launched a secondary stock offering after netting $86 million in its 2006 IPO, upgraded its RIOS software to enable acceleration of SSL (Secure Sockets Layer)-encrypted traffic between a central site and remote branch offices.

Riverbed is the first of the larger players in the WAN optimization/application acceleration space to deliver that capability, according to Joe Skorupa, industry analyst with market research firm Gartner, in Fremont, CA.

"That is something everyone is working on, but none of the big guys have had it," Skorupa said, adding that two smaller players, Certeon and Blue Coat Systems, already have that capability in the market.

"That is the most requested feature weve had for the last 18 months," said Alan Saldich, vice president of product marketing at Riverbed, in San Francisco. "We accelerate encrypted traffic in a way that does not break the trust model. We dont force customers to distribute private keys out to all their branch offices," he said.

Riverbed developed a patent-pending "split termination" method of encryption that uses a temporary session key between a Riverbed Steelhead appliance in the data center and another one in the branch office. The key expires as soon as the session is over.

In setting up the appliances, an administrator copies private keys from the Web server to the Steelhead appliance in the data center. When a remote user makes a request of the Web server, "the handshake between the client and server is intercepted by the data center appliance," which then sets up a secure session using the temporary key between it and the branch office Steelhead appliance, Saldich said.

/zimages/2/28571.gifTo read more about Riverbeds Steelhead appliances, click here.

"There are three separate secure connections. Traffic gets decrypted by each appliance, our optimizations are applied and the traffic is re-encrypted to cross the WAN. Then the appliance in the branch decrypts the traffic and sends it to the local client," he said.

The split termination technique gives Riverbed a way to maintain its lead over large competitors such as Cisco Systems, Juniper Networks, F5 Networks and Citrix Systems by maintaining its product differentiation, according to Gartners Skorupa.

Riverbed has seen significant growth over the past year. Revenues for the company jumped 40 percent from the third to the fourth quarter of 2006, and the independent company saw revenues increase by 219 percent between the fourth quarter of 2005 and the same quarter in 2006.

RIOS 4.0 goes beyond the SSL optimization with other performance enhancements, including new HTTP streamlining. The software can automatically discover and track objects such as images and scripts on Web pages and transfer all the objects in parallel to a remote Steelhead appliance, which then reconstructs the page and delivers it to the client.

Riverbed also boosted performance for high-speed TCP optimizations with a new technique, dubbed Max-Speed TCP. It is intended for high-speed, high-packet-loss links such as satellite or OC-3 links where users want to use as much of the available bandwidth as possible.

Riverbed also made RIOS easier to deploy in complex, multi-hop installations, and added new high-availability features.

RIOS 4.0 is due by mid-March.

/zimages/2/28571.gifCheck out eWEEK.coms for the latest news, views and analysis on servers, switches and networking protocols for the enterprise and small businesses.