This entry was posted on Tuesday, December 11th, 2007 at 11:29 am and is filed under Viop article. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.
Pages
Throughput Comparison
Unfortunately, although there is compatibility testing, there are no consistent performance criteria across the industry. It, therefore, becomes difficult to compare the performance of different vendor offerings. Vendor claims tend to be exaggerated. They will measure their product in the best possible light (for example, maximum−sized packets and data compression turned on, using the simplest encryption algorithm). Our recommendation is to search the periodical literature for tests on the vendors you are considering as a starting point.
Then, in your request for proposal (RFP), specify a test sequence. With encryption and authentication, there is a lot of end−of−packet processing. This causes a significant performance hit when packet sizes are small. The number of simultaneous sessions also affects performance. Vendors claim thousands of simultaneous sessions, but ask them how many they can set up or tear down at a time, and the
number drops to fewer than 100. Notice also that during this peak−processing load of session setup, overall throughput will be affected.
Here again, having knowledge of how your users use the system, when the peak sign−on demand occurs, when the peak traffic occurs, and what kinds of response time you consider to be reasonable all influence your product selection. By the way, being able to set up 100
sessions/second is plenty in a 1,000−user network. (How many of these users are actually using the VPN?) Worst case (which statistically never occurs) means that the last user might have to wait 10 seconds to get a session setup. Most likely, no one except the network manager with the Sniffer will ever notice a delay.