Filter
Top Products
FW/IPSec VPN Buyer’s Guide
Copyright © 2004, Juniper Networks, Inc. 12
2. Predictable Performance
Ability to process traffic of
varying packet sizes to meet
the performance
requirements of the network
Yes,
See Tolly Reports for
third party verification
Accelerates intensive
processing with hardware
Yes, including custom
security ASICs
Ability to support applications
with a low tolerance for
latency/jitter, such as VoIP,
multimedia, etc.
Yes, hardware is
optimized for streamlined
processing
Fast session ramp rates to
protect against DoS attacks
Yes, Dedicated hardware,
allowing separate paths
for session set up and
established flows
Provide additional
functionality without
degrading performance
Yes,
• ASIC/FPGAs offload
intensive processing,
making CPU available
for new/additional
functions
• Programmability in
ASIC to accelerate
future functions
Turning on all applications
does not affect the solutions
ability to meet the
performance needs of the
deployment
See spec sheets for
performance numbers
Traffic prioritization to ensure
business critical applications
are available
Yes
Deliver Quality of Service
(QoS):
o Control bandwidth
o Set priority field in
the Type of Service
(TOS) byte to reflect
traffic class priority
Yes
Yes
VPN Specific
Accelerate IKE
negotiations for quick
tunnel set up
Yes, OS and Hardware
designed specifically to
negotiate security
associations
Purpose built solutions can
develop process efficiencies
over general purpose OS’
Minimal latency to ensure
real-time applications are
not degraded:
Yes,
o Provides fast path for
established flows
o Packets are quickly
processed without
unnecessary
traversals of PCI
busses
Unnecessary traversals of
PCI busses is a common
problem with PC-based
platforms using VPN
acceleration cards, adding
latency to application.
Maintain large numbers of
tunnels to ensure
availability
Yes