From: terence_daltonNOSPAM@hotmailDOT.com   
      
   "hals left"  wrote in news:1120080167.320543.289020   
   @z14g2000cwz.googlegroups.com:   
      
   > Hi I have some questions on VPN performanace.   
   >   
   > As there are a range of options from PPTP to IPSec tunnel mode, will   
   > the processing overheads of encryption/decryption increase with the   
   > different standards ?   
   >   
   > Other than more RAM, how else can the performance be increased, are   
   > there any guides to tuning the performnace of a VPN.   
   >   
   > thanks   
   > hals_left   
   >   
   If you have the option you'll always want to use IPSEC it is more secure   
   than PPTP and is preferred.  PPTP is around basically for interoperability   
   with legacy devices.  As far as performance goes look for a device that   
   does hardware encryption which is much faster than doing encryption in   
   software.  Hardware encryption is typical in newer devices but Cisco still   
   sells the 3015 VPN concentrator which does a whopping 4Mb 3DES encryption   
   (yes only 4 Megabits) in software and has a list price of $10,000!  When   
   you are evaluating a VPN device you typically see clear text throughput,   
   3DES and AES throughput in Mb (megabits).  The 3DES (168 bit) and AES ( up   
   to 256 bit) throughput will give you the best indicator of the speed of   
   encyrption/decryption.  As long as your bandwidth requirements don't exceed   
   the devices throughput and preferrably leave 20 to 30% headroom for   
   growth/expansion you should be fine.  Don't underestimate the importance of   
   management and good tech support.  I highly recommend Cisco PIX's   
   especially now that version 7 of their software is out it has every feature   
   of a dedicated VPN concentrator and a proven firewall that is easy to setup   
   and manage.   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)