Hi I have some questions on VPN performanace.
As there are a range of options from PPTP to IPSec tunnel mode, will the processing overheads of encryption/decryption increase with the different standards ?
Other than more RAM, how else can the performance be increased, are there any guides to tuning the performnace of a VPN.
thanks hals_left
"hals left" wrote in news:1120080167.320543.289020 @z14g2000cwz.googlegroups.com:
If you have the option you'll always want to use IPSEC it is more secure than PPTP and is preferred. PPTP is around basically for interoperability with legacy devices. As far as performance goes look for a device that does hardware encryption which is much faster than doing encryption in software. Hardware encryption is typical in newer devices but Cisco still sells the 3015 VPN concentrator which does a whopping 4Mb 3DES encryption (yes only 4 Megabits) in software and has a list price of $10,000! When you are evaluating a VPN device you typically see clear text throughput,
3DES and AES throughput in Mb (megabits). The 3DES (168 bit) and AES ( up to 256 bit) throughput will give you the best indicator of the speed of encyrption/decryption. As long as your bandwidth requirements don't exceed the devices throughput and preferrably leave 20 to 30% headroom for growth/expansion you should be fine. Don't underestimate the importance of management and good tech support. I highly recommend Cisco PIX's especially now that version 7 of their software is out it has every feature of a dedicated VPN concentrator and a proven firewall that is easy to setup and manage.Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.