Array Networks TMX3000
This is a well-documented and easy-to-configure system with plenty of performance available.
The restrictions on cipher suite allocation to virtual hosts might be a problem.
The TMX3000 is a useful addition to the range and well worth further consideration.
This product has two 10/100/1000 Base-T Ethernet ports and can support up to six gigabit links with copper or fiber connections. The system used a Pentium 4 processor backed with 4096 MB of main memory with SSL acceleration, compression and caching options.
Array Networks describes the TMX3000 as an application-front-end processor. It offers a number of features apart from SSL acceleration, including server load balancing and multiplexing as well as clustering, all designed to appeal to the enterprise market and fitting in below their TM range of systems.
Installation was simple, using a command line interface (CLI) over a serial connection for the initial stages. Although the system can be administered and monitored using this interface, Array Networks has also provided a browser-based interface, the "Array Pilot" system.
This can be used to manage most aspects of the TMX3000's operation without resorting to the CLI. Both interfaces are easy to use, but the browser interface offers a more flexible connection option over a password-protected SSL link. The "Array Pilot" also provides the "Flight Deck" display to monitor the state of the system's operation.
Configuring the system for SSL acceleration was straightforward and the procedures were well documented. All the SSL parameters can be accessed conveniently from one place, which helps avoid errors when configuring the system. We had no trouble setting the system up and configuring real and virtual servers to match our test system.
The GUI provides ways to manage certificates and keys, generate certificate requests and import new or existing keys and certificates as needed. Cipher suites and SSL protocol versions can also be selected. Although all the cipher suites can be used on real hosts, only a limited subset can be used for virtual hosts.
The system allows for server load balancing and we enabled this. It allows the link between the TMX3000 and the servers to use SSL encryption for added security on the internal network, but we did not use this. Encrypting the back-end link is also a consideration.