Manualshelf

HP-UX IPSec vA.02.00 Performance and Sizing White Paper

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software
12345678910
Table Of Contents
Authenticated AES, DES, and 3DES
ESP by itself does not provide data integrity or data authentication. HP recommends that you use
authenticated ESP for data privacy, integrity and authentication, such as ESP-AES authenticated with
HMAC-SHA1 (ESP-AES-HMAC-SHA1).
The following charts display throughput, CPU utilization, and service demand data for raw IP data
transmission and the following HP-UX IPSec transfer types:
ESP-AES-HMAC-SHA1
ESP-DES-HMAC-SHA1
ESP-3DES-HMAC-SHA1
Throughput
Figure 7 shows the throughput rates in Megabits per second (Mb/s) for ESP-AES-HMAC-SHA1, ESP-
DES-HMAC-S
HA1, and ESP-3DES-HMAC-SHA1.The throughput rates for ESP-DES-HMAC-SHA1 and
ESP-AES-HMAC-SHA1 are close to the throughput for raw (unencrypted) IP. Of the three encryption
types, ESP-AES-HMAC-SHA1 provides the strongest encryption with nearly the best throughput.
Figure 7. One-Way Itanium Throughput for Raw IP, ESP-AES-HMAC-SHA1, ESP-DES-HMAC-SHA1, ESP-3DES-HMAC-SHA1
9