Beyond stunnel: Secure, high-speed network connections in the public cloud | vCider - 0 views
-
Kevin DiVico on 23 Feb 12Let's say you have two hosts, somewhere out on the Internet: Maybe dedicated servers, maybe Amazon EC2 or Rackspace instances, maybe a mix of the above. Now assume it's your job to provide secure, encrypted connectivity between two services running on those hosts. If those services do not use an encrypted protocol by themselves - such as non-SSL capable SMTP mail servers - then the standard answer has always been: "Use stunnel or OpenVPN!". While both of those are good, cross-platform solutions which can forward unsecure traffic over an encrypted tunnel, I believe that they come not only with administrative overhead, but also introduce a significant performance hit. I believe that there are now solutions that are easier to use, more flexible and most importantly, deliver much better performance. In this article, I will compare stunnel performance characteristics with vCider's virtual private network solution (sign up for use with up to 8 nodes is free). You will see that vCider not only offers more flexibility and is easier to use, but also provides significantly better network performance and reduced CPU load. For my test, I have created two Ubuntu instances on Rackspace. Please note that both stunnel as well as vCider can work across network and cloud provider boundaries.