Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
743
Views
0
Helpful
1
Replies

How processor-intensive are various encryption algorithms?

mrouch
Level 1
Level 1

‎11-30-2004 04:24 PM

I have what I hope is a fairly straightforward question. I have nine sites in my vpn network. Six of these have pix 501s as their VPN devices (the other three are larger pixes). There is a full mesh of IPSec tunnels connecting the sites, so each pix has 8 active tunnels. I'm concerned about the processor and memory resources on those 501s. I know they are supposed to support a maximum of 10 IPSec tunnels, but at least one of them seems to be having difficulty with its available memory. All the tunnels use AES256 encryption. Would it make a significant difference to switch to 128 bit AES instead of 256? Does it have much smaller processor and memory requirements? I'm thinking of changing to 128 bit AES for the site that is having difficulty and seeing if the situation improves.

Related subject: how does 128-bit AES compare with 3DES as far as level of security?

Thanks in advance

-Mat

Labels:
0 Helpful
1 Reply 1

thisisshanky
Level 11
Level 11

‎11-30-2004 05:48 PM

According to this document it gives you 4.5 Mbps for 128 bit AES on a PIX 501. Cant seem to find a number as far as performance for AES 256. But I would think the CPU load when doing 256 bit AES should be higher than AES 128.

http://www.cisco.com/en/US/netsol/ns340/ns394/ns171/netbr09186a00801f0a72.html

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus
0 Helpful
Customers Also Viewed These Support Documents