SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    RE: is 1 Gbps a MUST?



    Hi Fred,
    
    |
    |I won't respond to the wording of the draft, but to the sense 
    |that it must 
    |be intended to convey. If the wording doesn't convey this, it is the 
    |wording which must change.
    |
    |It seems to me that if the transfer of encrypted data at 
    |nominal link rates 
    |is expected, then encryption and decryption must be achieved 
    |at link rates. 
    |If 1 GBPS link rates are in view, guess what rates are 
    |important. If 10 GBPS...
    
    Unfortunately some believe that they can be iSCSI compliant by having a slow
    implementation of IPSec and claiming that most traffic will not require
    security processing. I am not one of those persons. I think that at least
    the policy check must occur at link speed regardless of what proportion of
    traffic requires security processing.
    
    |
    |It seems to me that the question is not whether or not you are 
    |mandated to 
    |implement IPSEC in software, but what you need to do to 
    |accomplish link 
    |speed encryption and decryption. Hardware and software are 
    |duals; you can 
    |implement the algorithm either way, and the trade-off is money 
    |vs speed.
    
    I agree, and I did not mean to imply otherwise. I am trying to gather
    opinions from this group on whether link speed encryption/decryption is
    necessary, especially now that Bernad Aboba has clarified that the spec does
    not mandate it.
    
    Vince
    


Home

Last updated: Fri Feb 22 16:18:00 2002
8855 messages in chronological order