?
Solved

Formula to determine SSL processing overhead for web transactions?

Posted on 2011-02-25
2
Medium Priority
?
444 Views
Last Modified: 2012-06-22
Hi everyone,
Was wondering if any one had any thoughts on a formula which we could use to determine the overhead on a server to handle incoming SSL web connections.  Basically looking for a way to say with x number of ssl connections coming in, that causes y amount of overhead to process, which equals needing z resources on the server.  

Honestly not sure if there is a way to do this and guess would have to define certain things, like "what is a ssl transaction".  Is it the complete handshake or just the incoming hit, etc.

Curious to see if anyone has any thoughts...

Thanks.
0
Comment
Question by:frankrizzo1856
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 10

Expert Comment

by:lanboyo
ID: 34983972
Depends on the operating system.

On a unix box you can test with a self signed certificate and watch system resources with top as the connection is made and multiply by the number of desired connections. Barring this you can consult with your certificate vendor.
0
 
LVL 20

Accepted Solution

by:
edster9999 earned 2000 total points
ID: 34984052
The overhead for SSL is very low compared to the benefits.
The 'heavy' CPU work happens on first contact.  Setting up the keys for the rest of the session involves pretty heavy asymmetrical encryption maths. But the good news is this only happens once at the start (well to be exact it will be repeated if your session lasts long enough - but that is not often)
The measure of this is not easy.  Every different system is different in how it deals with this. Some systems do it in software, some in hardware.
The best measure you could do would be to set up your system to return the same pages to http and https (with and without ssl) then to measure lots of pages.
Jmeter is a great tool for this.
Pull 100 pages from 10 users.  You'll find the first pages they pull are a bit slower but the other pages go just as quick as the non-ssl versions.
So the answer is.... Ssl will slow you down. But not much. A very rough 'guess' for a system which does all the ssl in software (like IIS) would be when you pull 10 pages the first one takes twists as much CPU as the non ssl version and the other 9 would use a little bit more so the CPU time for 10 ssl pages would be similar to 12 or 13 pages on the other non ssl site.
The advantage of security and safety make this worth while :)

0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A web service (http://en.wikipedia.org/wiki/Web_service) is a software related technology that facilitates machine-to-machine interaction over a network. This article helps beginners in creating and consuming a web service using the ColdFusion Ma…
One of the typical problems I have experienced is when you have to move a web server from one hosting site to another. You normally prepare all on the new host, transfer the site, change DNS and cross your fingers hoping all will be ok on new server…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question