[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ipsec NICs?
On Sun, 5 Mar 2000, Michael Helm wrote:
> Is there anyone keeping track of vendors' ipsec-friendly
> NICs & other networking cards? ... think it's necessary to put
> at least some crypto support for this set of standards
> on the hardware in order for it to be practical on a wide
> scale.
Why? The commodity processors (200MHz Pentiums and the like) currently
being *thrown out* in favor of newer ones will do IPSEC using 3DES -- a
software-unfriendly algorithm if there ever was one -- and MD5 at several
megabits per second. (I'm talking about measured end-to-end data rates
with real protocols, mind you, not theoretical calculations.) High-end
consumer-market processors with software-optimized algorithms should take
this up into the T3 range.
These standards are practical on cheap, commodity computers right now.
Only people with very fat pipes have a real need for crypto hardware.
Henry Spencer
henry@spsystems.net
References: