J. Gomes, T. Carvalho, J. Faísca, J. Rogado

Universidade Lusófona (PORTUGAL)
This document describes the development of a Web Appliance, an essential component of the ongoing Virtlab project [1] taking place at Universidade Lusófona. This component is responsible for managing all HTTP traffic, providing secure reverse proxying, encryption, compression, load balancing, thread pooling and caching functionalities.
The Virtlab project aims at considerably improving the e-learning environment by allowing students to access virtualized laboratory resources. This goal is achieved by specifically combining various existing technologies in order to provide a fully integrated environment. These include e-learning style web access to virtualized commodity system and applicational platforms, protected by the Shibboleth [2] authentication and authorization components, providing secure and selective access to resources by the constantly changing student population.
In this environment, the web appliance fulfills the important tasks of intercepting all the communication traffic on the campus network which is directed to the virtual environment, and managing all the data flow in the most efficient way. To address these issues, the web appliance must deal with all the issues related to heavy secure HTTP traffic, providing a single gateway for all the encrypted traffic, thus releasing the various instances of the authentication infrastructure from the heavy burden of running the encryption and decryption algorithms. This functionality is called secure reverse proxying.
Besides, the web appliance also implements caching, in order to minimize connections and decrease response time, data compression, to significantly decrease the amount of traffic over the network, and load balancing to allow multiple server instances in advanced network configurations. Internally, the appliance uses thread pooling to increase system availability and to manage memory and CPU resources efficiently.
The paper will describe the web appliance technical features in detail, and by providing performance figures, show how this type of functionality can greatly improve the access times in an e-learning heavily used environment. The paper will also provide an insight of the Virtlab specific architecture and functionalities, presenting how the web appliance solves critical issues in this environment.

[1] Quintino Rogado, J., “VirtLab: Virtual Laboratories in Federated Environments”, V International Conference on Multimedia, Information and Communication Technologies in Education, Lisboa, Portugal, April 2009, http://www.formatex.org/micte2009/book/593-597.pdf.

[2] Morgan, R. L. et al., “Federated Security: The Shibboleth Approach”, EDUCAUSE Quarterly, Volume 27, 2004, http://connect.educause.edu/Library/EDUCAUSE+Quarterly/FederatedSecurityTheShibb/39889.