Forum Discussion
What_Lies_Bene1
Feb 18, 2013Cirrostratus
Dee,
1) Probably, that depends on your security policy and the data of course. Yes, anyone can sniff/packet capture the data. Yes, same for Apache to Websphere.
2) There may be a performance hit on the servers (the F5 won't break a sweat) but you'll only be able to judge this by testing I would have thought.
3) LiveHTTPHeaders is displaying the data once the browser has unencrypted it (as with all the relevant HTTP content). To confirm it is encrypted (which I'm sure it is) run Wireshark on the PC and capture traffic to the F5; it'll be clear it's encrypted.