System and method for improving efficiency of ssl/tls connections

Abstract

A system for optimizing network traffic is described. The system includes a plurality of appliances, each having an SSL session exchange module. An appliance in active state is called a primary appliance, and one or more appliances in inactive state are called secondary appliances. An appliance of a cluster of appliances comprises a secure session exchange module and one or more network interfaces configured to facilitate a first secure session between a client device and the appliance and a second secure session between the appliance and a server. The secure session exchange module in a primary appliance is configured to provide a message for sending to one or more secondary appliances. The message indicates that the appliance is acting as a primary instance for a server. The secure session exchange module in the primary appliance is also configured to acquire at least one session-related parameter through a handshake procedure for a secure layer with the server. A network interface of the one or more network interfaces is further configured to send the at least one session-related parameter to the one or more secondary appliances. The one or more secondary appliances are configured to reuse one or more sessions based on the acquired session-related parameter.