Manualshelf

HP-UX Encrypted Volume and File System Performance and Tuning

ManualsBrandsHP ManualsSoftwareHP-UX Encrypted Volume and File System Software
22232425262728293031
Summary
EVFS is a software module that provides the ability to encrypt data at-rest on an existing storage
device for HP-UX servers running 11iv2 or 11iv3. EVFS operates in the system kernel, and thus
requires CPU cycles for encryption operations. This additional CPU over clear I/O will also throttle
throughput.
Systems that have existing CPU headroom will likely not be affected by the additional requirements of
EVFS. Applications that are process-heavy (as opposed to I/O-heavy) might not be affected by EVFS.
Applications that make efficient utilization of system buffer cache might not be affected by EVFS.
Systems that are running at their CPU limit would likely be affected by EVFS if there are significant
I/O requirements. Systems that have heavy I/O requirements might be affected by EVFS.
Certainly, the best way to judge the effect that EVFS will have on a system and application is to run a
pilot test, set up measures, and collect metrics as was done in these tests. I/Ozone and Postmark
cannot accurately represent a true customer application all they can do is provide a reasonable
measurement utility to report metrics objectively.
Given these variables, HP-UX customers can likely capitalize upon the opportunity to use EVFS to
encrypt data at-rest. HP-UX EVFS is a no-cost feature that is available for 11iv2 and 11iv3, and thus
every opportunity to evaluate it for production usage should be taken to increase security and
minimize IT costs.