C H A P T E R 3 Keys and Certificates
3-5
7110/7115 on the server side can also be enabled to spill to the server.
Spilling is performed dynamically on a connection-by-connection
basis. (See spill command, Chapter 5, “Command Reference.”) If
spill is disabled, the 7110/7115 “throttles,” that is, will not accept
incoming requests when it becomes overloaded.
Figure 3-5: Cascaded 7110/7115s
Availability
When a 7110/7115 fails or is set to Bypass mode while Fail-through
is enabled, the 7110/7115’s network side and server side network
adapters are directly connected, allowing traffic to pass through to the
next device until the failed unit is brought back into service. This
feature eliminates a single point of failure and provides a high level
of availability, should there be a failure. In installations with multiple
7110/7115s, the next unit in the cascade picks up the encryption/
decryption workload, while in single 7110/7115 configurations, the
server assumes the load. See“Failure/Bypass Modes in Appendix B
for more information.
Keys and Certificates
WARNING: The 7110/
7115 comes with default
keys and certificates for
test purposes, however
certificates for
production use should be
obtained from a
recognized certificate
authority.
A necessary part of the 7110/7115 configuration is the use of keys
and certificates. A key is a set of numbers used to encrypt or decrypt
data. A certificate is a “form” that identifies a server or user. The
certificate contains information about your company as well as
information from a third party that verifies your identity.
Intel® NetStructure™ 7110/7115 e-Commerce
Accelerators
Hub/Router/Switch
Server