Greetings, The auditors are trying to force me to encrypt our WAN traffic. The WAN in question is Cogent's ethernet service - built as a mesh of point-to-point VLANs. There are 3 sites, at every site I have a single port over which I receive 2 VLANs in a dot1q trunk. Aggregate bandwidth on the port is 200Mbps. Putting in encryption seems fairly straightforward - 3 static IPSEC tunnels. I am trying to figure out what kind of hardware can handle IPSEC at this bandwidth. So far I am looking at: -ASA5520. Specs say 225Mb of IPSEC - can the box actually handle that, or should I be looking at 5540? -7201 (or 7206) with NPEG2. Do I need to add a VAM, or will the NPE handle the load?
Any real-world experiences will be most appreciated. Also, if there are better suggestions (including non-Cisco), please share. Thanks, Michael Malitsky _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/