The site's content switches also handle SSL sessions. So when a fan subscribes to MLB's new MLBtv streaming video service that broadcasts all MLB games, his credit-card transaction goes to the NetScaler box, which processes the keys itself rather than having the Web servers do so. That eliminated the extra hardware accelerator cards installed in each Web server to handle the CPU-intensive encryption processing.
"And we also now only need one SSL digital certificate for the NetScaler boxes, rather than one for each Web server," Shaffer says. That eased the management headaches of maintaining certs for each server.
The site had been using VeriSign's digital certificate service, which cost $500 to $1,000 per server per year; it now subscribes to a root certificate from VeriSign just for the NetScaler boxes.
TCP/IP processing, too, had been a burden on the site's servers, so the NetScaler appliances also perform the TCP/IP handshake.
"That lets the application boxes handle JavaScripts and other tasks at hand," says Craig Currim, NetScaler's senior systems engineer who helped MLB set up the site. The NetScaler boxes also compress the site's hefty graphics, images and text, which can be too fat for a fan's dial-up or cellular modem connection.