LBaaS Security Overview

You can configure the Load Balancer as a Service (LBaaS) feature on the Oracle Private Cloud Appliance. A load balancer (LB) connects a client’s applications and a customer’s VCN. LBs use TLS1.2 by default. You can configure LBs to use Oracle Private Cloud Appliance public or private IP addresses.

Oracle Private Cloud Appliance LBs use TLS and SSL for security. You can create LBs with one of three different types of connections:

• SSL Termination: The load balancer handles incoming SSL traffic and passes the unencrypted request to a backend server.
• End-to-End (Point-to-Point) SSL: The load balancer ends the SSL connection from an incoming traffic client, and then initiates another SSL connection to a backend server.
• SSL Tunneling: If the load balancer's listener is configured for TCP traffic, the load balancer tunnels incoming SSL connections to the application servers.

You can configure LBs with two types of protocols:

• HTTP: LBs using HTTP or HTTPS end the TLS connection at the LB itself.
• TCP: LBs using TCP end the TLS connection at a backend server.

LBs listen to an IP address for these types of protocols. For information about configuring a listener, see "Listeners" in the Load Balancer as a Service chapter in the Oracle Private Cloud Appliance User Guide.

For more information on load balancers for the Oracle Private Cloud Appliance in general, see the Load Balancing Overview chapter in the Oracle Private Cloud Appliance Concepts Guide.

For LB configuration specifics, see the Load Balancer as a Service chapter in the Oracle Private Cloud Appliance User Guide.