نوشته‌شده در توسط vpn

web application – How many places should TLS be encrypted/unecrypted for web traffic?

Related, but not the same question as Should SSL be terminated at a load balancer?.

Our web stack looks like:

  1. Web Server – IIS
  2. Load Balancer – NetScalar
  3. Firewall – Palo Alto
  4. CDN/WAF – Akamai
  5. End client

What is the best practice for ensuring security while having the minimal number of TLS encrypts/decrypts?

web application - How many places should TLS be encrypted/unecrypted for web traffic?