[vpn] metrics for vpn sessions
Phil McGarr
phil at vpnlabs.org
Tue Mar 26 20:11:04 EST 2002
Sandy,
I'm very interested, along with our readers ;>, to learn about the
possibility of doubling throughput by running AES rather than 3DES.
If you have more resources I'd really like to take a look at them.
thanks,
Phil
Phil McGarr
VPN Labs
http://www.vpnlabs.org/
-----Original Message-----
From: Sandy Harris [mailto:sandy at storm.ca]
Sent: Tuesday, March 26, 2002 7:16 PM
To: Phil McGarr
Cc: vpn at securityfocus.com
Subject: Re: [vpn] metrics for vpn sessions
Phil McGarr wrote:
>
> Greetings,
>
> I've been asked the following question:
> What metrics are companies using when the say "1,000 concurrent VPN
> tunnels?"
>
> This spawned some of my own questions:
> Is the number of concurrent tunnels possible limited by bandwidth to the
VPN
> server rather than some algorithmic restriction?
> Are VPN companies arbitrarily restricting the number of tunnels so that
they
> can sell upgraded versions when people need to allow more users onto their
> VPN network?
>
I'm not sure it'll be much help, but there's some related info
and a bunch of links at:
http://www.freeswan.org/freeswan_trees/freeswan-1.95/doc/performance.html
Ask off-list and I can send you a more current version.
The only important change is a link to some user benchmarks indicating
that replacing 3DES with AES roughly doubles IPsec throughput. These
are preliminary results; we don't yet have enough data to be precise
or confident about this.
VPN is sponsored by SecurityFocus.com
VPN is sponsored by SecurityFocus.com
More information about the VPN
mailing list