Citrix NetScaler Boosts SSL Performance 5X to Meet the Demands of New Security Standards

Citrix Systems, Inc. today announced it has optimized Citrix® NetScaler® MPX™ to support the National Institute of Standards and Technology’s (NIST) recommendation to switch to 2048-bit RSA keys, which are used to secure data on the web.  NIST issued Publication 800-57, which contains guidelines to move from the current standard 1024-bit RSA keys to 2048-bit RSA keys by the end of 2010. 2048-bit keys are a million times more computationally difficult to compromise than 1024-bit keys and provide web applications and websites greater security, protecting customer transactions and data.

The increased security offered by 2048-bit RSA keys, however, also places much greater demands on existing secure sockets layer (SSL) processing infrastructure. To equal the performance for 1024-bit RSA keys requires an order of magnitude increase in SSL infrastructure.  In preparation for customers making this shift, Citrix has significantly optimized the performance of its NetScaler MPX product line to meet the demands of 2048-bit RSA keys. Citrix NetScaler is the first application delivery controller to increase SSL performance for 2048-bit RSA keys.  By delivering a 5x increase in SSL Transactions Per Second (TPS), Citrix NetScaler is providing its customers with a solution that significantly reduces the additional infrastructure investment required to support 2048-bit RSA keys.

Sunil Potti, Vice President Product Management and Marketing, Networking and Cloud Product Group, Citrix
“We are proud to be the first application delivery infrastructure vendor to meet the emerging demand for high-performance SSL infrastructure supporting 2048-bit keys. Our optimized NetScaler MPX appliances ease the transition to NIST’s new security recommendation, while reducing data center costs.“

Spiros Theodossiou, Director of Product Management, VeriSign
“We fully support NIST’s recommendation for websites to adopt the higher level of security provided by 2048-bit RSA keys. By providing improved performance with 2048-bit certificates, Citrix will be addressing a major concern for larger enterprises as we transition to 2048-bit key sizes during 2010.”


    Facts and Highlights:

  • How will 2048-bit SSL keys affect SSL performance? Doubling the key size from 1024-bit to 2048-bit RSA keys can require a step function increase in SSL hardware requirements.
  • What specific aspects of SSL performance are affected? 2048-bit keys only affect SSL TPS performance. SSL bulk throughput performance is not effected.
  • How do customers upgrade? Optimization for 2048-bit keys is available now by upgrading to NS B46.3 or later versions.