[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: What price security?

> Well, there are clearly three options if you want to do CAD and IPSEC
> at the same time:

> My gut feel, as a software guy working for a hardware company, is that
> if (d) isn't good enough, (c) will be most cost-effective over time in
> end systems; (b) is only likely to be effective in security gateways,
> not end systems.

> [disclaimer: in case you hadn't noticed, I work for a hardware vendor
> who will be happy to sell you bigger/faster boxes :-) ]

As someone else who falls into that category, I agree totally!  :)

One other thing we implementors can do... and that's to make sure we tweak
the living daylights out of any algorithms we have out there.  And if there
happens to be any of you out there with fast implementations, if you have
reasonable redistribution policies, let us know fercryinoutloud.  For
example, Craig Metz told me that when he dropped in Phil Karn's
x86-hand-tweaked DES, ESP performance jumped considerably on NRL code running
on Intel boxen.

My $0.02.