Data encryption performance: standalone dedicated vs. converged solutions in high speed networks

Luther Troell

Note: imported from RIT’s Digital Media Library running on DSpace to RIT Scholar Works in February 2013.


In January, 2005, Safenet, Inc. contacted the networking group to investigate the possibility of using our students for the purpose of comparing the performance of dedicated encryption device to an integrated encrypting device. The tests would also include a performance comparison between Data Link Layer (Layer 2) devices and Network Layer (Layer 3) devices. It was decided that the tests would consist of throughput, frame loss, and network latency. Two network topologies were used for the experiments: gigabit Ethernet and SONET OC-48. The equipment to be tested was Safenet’s High Assurance 4000 Gateway (HA4000) for the gigabit Ethernet topology and the SafeNet SSE Encryptor for the SONET topology. The Cisco Catalyst 6509 equipped with the Cisco VPN Accelerator was used for both topologies. An IXIA400T was used to generate the traffic for the performance tests. The procedure was straight forward. Baselines for each of the criteria (throughput, frame loss, and latency) by connecting the Cisco 6509’s back to back for each of the topologies to be tested. Once the baselines were established, the performance tests were performed for each of the encryption technologies and data was collected for each of the criteria.