HP-UX Encrypted Volume and File System Performance and Tuning
2
Introduction
HP-UX Encrypted Volume and File System is an OS-based data encryption product. EVFS
transparently encrypts user process data as it is being written to a configured storage device, and
decrypts data that is read from the storage device. Data is encrypted using a symmetric volume
encryption key. The key is loaded into the kernel at volume configuration time and the EVFS kernel
module then uses the key to process outgoing and incoming data for encryption and decryption.
Because of EVFS kernel activity, there is an effect upon the CPU utilization of the system as data
transfer rates increase and decrease, and there is an effect upon system data throughput to and from
the storage device. These effects inspire the question: How does EVFS affect system performance?
The ultimate effect of EVFS upon the user performance experience is directly associated with
application design, file system features, system resources, and tuning. Depending upon these
variables, installing and configuring EVFS and encrypting a data stream may produce no perceived
performance degradation, but it also could noticeably and measurably affect these characteristics.
Therefore, there is no simple response to the question of how EVFS affects system performance. The
only accurate way to profile the performance impact is to install EVFS on a system and run the actual
application through it.
However, utilizing industry defacto benchmarks can provide guidance about how to quantify the CPU
and throughput effects of EVFS. But these metrics can only be a guide, because system variables
contribute significantly to the variation of each test case. Each system and test case will exhibit
unique performance characteristics based upon these variables.