ZEN NETWORKS 3300 PERFORMANCE BENCHMARK SOFINTEL IT ENGINEERING, S.L.



Similar documents
ZVA64EE PERFORMANCE BENCHMARK SOFINTEL IT ENGINEERING, S.L.

Stress Testing for Performance Tuning. Stress Testing for Performance Tuning

ZEN LOAD BALANCER EE v3.04 DATASHEET The Load Balancing made easy

ZEN LOAD BALANCER EE v3.02 DATASHEET The Load Balancing made easy

Hardware Recommendations

Proto Balance SSL TLS Off-Loading, Load Balancing. User Manual - SSL.

IERG 4080 Building Scalable Internet-based Services

Server Scalability and High Availability

NEFSIS DEDICATED SERVER

Configuring Nex-Gen Web Load Balancer

Summary of Results. NGINX SSL Performance

Ignify ecommerce. Item Requirements Notes

Semantic based Web Application Firewall (SWAF V 1.6) Operations and User Manual. Document Version 1.0

4D v11 SQL Release 6 (11.6) ADDENDUM

ACE Management Server Deployment Guide VMware ACE 2.0

REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER

Network Management Card Security Implementation

DNA. White Paper. DNA White paper Version: 1.08 Release Date: 1 st July, 2015 Expiry Date: 31 st December, Ian Silvester DNA Manager.

Zeus Traffic Manager VA Performance on vsphere 4

Process of Performance Testing a Banking Application

Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213

Configuring Secure Socket Layer HTTP

Linux NIC and iscsi Performance over 40GbE

3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol

Table of Contents. Chapter 1: Installing Endpoint Application Control. Chapter 2: Getting Support. Index

Benchmarking and monitoring tools

HTTP Reverse Proxy Scenarios

AgencyPortal v5.1 Performance Test Summary Table of Contents

Riverbed Stingray Traffic Manager VA Performance on vsphere 4 WHITE PAPER

Astaro Security Gateway V8. Remote Access via SSL Configuring ASG and Client

Performance test report

So in order to grab all the visitors requests we add to our workbench a non-test-element of the proxy type.

A Comparative Study on Vega-HTTP & Popular Open-source Web-servers

4 Delivers over 20,000 SSL connections per second (cps), which

What is new in Zorp Professional 6

Deployment Guide Microsoft IIS 7.0

Load Balancing VMware Horizon View. Deployment Guide

Application Delivery Controller (ADC) Implementation Load Balancing Microsoft SharePoint Servers Solution Guide

Load balancing Microsoft IAG

Check Point FireWall-1 HTTP Security Server performance tuning

Introduction to Mobile Access Gateway Installation

Product Manual. MDM On Premise Installation Version 8.1. Last Updated: 06/07/15


Performance Analysis of webmethods Integrations using Apache JMeter Information Guide for JMeter Adoption

Is Your SSL Website and Mobile App Really Secure?

Deployment Guide Oracle Siebel CRM

Chapter 7 Transport-Level Security

Cisco Integrated Services Routers Performance Overview

Flexible Routing and Load Control on Back-End Servers. Controlling the Request Load and Quality of Service

Security Engineering Part III Network Security. Security Protocols (I): SSL/TLS

Overview. SSL Cryptography Overview CHAPTER 1

ALOHA LOAD BALANCER MANAGING SSL ON THE BACKEND & FRONTEND

IronPort X1000 Security System

Performance Testing Process A Whitepaper

Configuration (X87) SAP Mobile Secure: SAP Afaria 7 SP5 September 2014 English. Building Block Configuration Guide

Load Balancing VMware Horizon View. Deployment Guide

SSL-TLS VPN 3.0 Certification Report. For: Array Networks, Inc.

Rally Installation Guide

Sophos UTM Software Appliance

TLS and SRTP for Skype Connect. Technical Datasheet

Citrix XenApp 6.5 and XenDesktop 5.6 Security Standards and Deployment Scenarios Supplementary scenarios

Websense Web Security Gateway: Integrating the Content Gateway component with Third Party Data Loss Prevention Applications

DEPLOYMENT GUIDE. Deploying the BIG-IP LTM v9.x with Microsoft Windows Server 2008 Terminal Services

CumuLogic Load Balancer Overview Guide. March CumuLogic Load Balancer Overview Guide 1

Configure Web Conference Parameters Through The Web Conference Administration User Interface.

How To Model A System

Quectel Cellular Engine

WEBAPP PATTERN FOR APACHE TOMCAT - USER GUIDE

A Hybrid Web Server Architecture for Secure e-business Web Applications

StreamServe Persuasion SP4 Service Broker

Integration Guide. Microsoft Internet Information Services (IIS) 7.0 and ncipher Modules. Windows Server 2008 (32-bit and 64-bit)

AES-GCM software performance on the current high end CPUs as a performance baseline for CAESAR competition

Network Security Essentials Chapter 5

Sophos Mobile Control Installation prerequisites form

Table of Contents. 1 Overview 1-1 Introduction 1-1 Product Design 1-1 Appearance 1-2

Application Performance Testing Basics

Security Protocols HTTPS/ DNSSEC TLS. Internet (IPSEC) Network (802.1x) Application (HTTP,DNS) Transport (TCP/UDP) Transport (TCP/UDP) Internet (IP)

Forward Secrecy: How to Secure SSL from Attacks by Government Agencies

Lab Exercise SSL/TLS. Objective. Step 1: Open a Trace. Step 2: Inspect the Trace

Media Server Installation & Administration Guide

Improving OpenSSL* Performance

Integration Guide. Zen Load Balancer Ubuntu/Microsoft Windows

Criteria for web application security check. Version

Estimate Performance and Capacity Requirements for Workflow in SharePoint Server 2010

OrgChart Now SSL Certificate Installation. OfficeWork Software LLC

Semantic based Web Application Firewall (SWAF - V 1.6)

OpenFlow with Intel Voravit Tanyingyong, Markus Hidell, Peter Sjödin

Reverse Proxy with SSL - ProxySG Technical Brief

Microsoft IIS Integration Guide

Mobile Device Management Version 8. Last updated:

Maximizing Performance with SPDY & SSL. Billy Hoffman

Server Installation Manual 4.4.1

Install an SSL Certificate onto SilverStream. Sender Recipient Attached FIles Pages Date. Development Internal/External None 5 6/16/08

TESTING & INTEGRATION GROUP SOLUTION GUIDE

Transcription:

ZEN NETWORKS 3300 SOFINTEL IT ENGINEERING, S.L. MAY 2014

Table of Contents 1 Benchmark scenario... 3 2 Benchmark cases... 4 2.1 HTTP Profile with HTTPS Offload Listener, 1k key ssl certificate with RC4-SHA algorithm (stronger cipher)... 4 2.2 HTTP Profile with HTTPS Offload Listener, 1k key ssl certificate with ECDHE-RSA- AES256-GCM-SHA384 algorithm (weaker cipher)... 5 2.3 HTTP Profile with HTTPS Offload Listener, 2k key ssl certificate with RC4-SHA algorithm (stronger cipher and higher key)... 7 2.4 HTTP Profile with HTTP Listener... 9 2.5 L4xNAT Profile with HTTP Protocol... 10 3 Results sumary... 12 Page 2 of 13

1 Benchmark scenario The scenario applied consists in 3 connected networks via the hardware appliance. The networks are defined as follows: 1. Management Network: 192.168.0.0/24 Eth0: 192.168.0.99 in 2. Service Network: 172.16.1.0/24 Eth1: 172.16.1.1 in Client: 172.16.1.2 3. Backends Network: 172.16.2.0/24 Eth2: 172.16.2.1 in Backend: 172.16.2.2 The provides a ZenLB EE 3.04 version with a CPU Intel Core i5 660 (2 cores with HT) 3.33G and 4 GB of RAM DDR3. The client and backend hosts have not been overloaded along the benchmark tasks. The client side process used is ab v2.3 (ApacheBench) that will run a big amount of web requests directly to the load balancer. The backend is configured with a simple but powerful web server end called httpterm v1.7.2, which will receive the client requests and will return back an empty web page (0 bytes). Page 3 of 13

2 Benchmark cases 2.1 HTTP Profile with HTTPS Offload Listener, 1k key ssl certificate with RC4- SHA algorithm (stronger cipher) Farm Configuration: Farm Profile: HTTP Modified Farm Parameters: Executed command in Client host: Number of working threads: 2000 Farm Listener: HTTPS Ciphers: Custom Security Customize your Ciphers: RC4 SHA Farm Virtual IP and Virtual Port: 172.16.1.1:443 Key certificate used: 1k # ab n 20000 c 10000 https://172.16.1.1 This command runs 20,000 requests with a 10,000 of concurrent active connections. The result is shown below: Server Software: Server Hostname: 172.16.1.1 Server Port: 443 SSL/TLS Protocol: TLSv1.2,RC4 SHA,1024,128 Document Path: / Document Length: 0 bytes Concurrency Level: 10000 Time taken for tests: 14.335 seconds Complete requests: 20000 Failed requests: 0 Total transferred: 2920217 bytes HTML transferred: 0 bytes Requests per second: 1395.23 [#/sec] (mean) Time per request: 7167.269 [ms] (mean) Time per request: 0.717 [ms] (mean, across all concurrent requests) Transfer rate: 198.94 [Kbytes/sec] received Connection Times (ms) min mean[+/ sd] median max Connect: 1588 4616 1402.7 5164 7015 Processing: 194 910 205.7 948 1101 Waiting: 17 464 105.7 480 622 Total: 1878 5526 1574.4 6172 7954 Percentage of the requests served within a certain time (ms) 50% 6172 66% 6350 75% 6540 80% 6624 Page 4 of 13

90% 6922 95% 7432 98% 7477 99% 7648 100% 7954 (longest request) CPU usage in Zen Load Balancer: Meanwhile the test is running the CPU usage in the is used as follows: As it's shown, the CPU never reaches the 100% of its usage. The requests are SSL offloaded smoothly. 2.2 HTTP Profile with HTTPS Offload Listener, 1k key ssl certificate with ECDHE- RSA-AES256-GCM-SHA384 algorithm (weaker cipher) Farm Configuration: Farm Profile: HTTP Modified Farm Parameters: Executed command in Client host: Number of working threads: 2000 Farm Listener: HTTPS Ciphers: Custom Security Customize your Ciphers: ECDHE RSA AES256 GCM SHA384 Farm Virtual IP and Virtual Port: 172.16.1.1:443 Used certificate: 1k # ab n 20000 c 10000 https://172.16.1.1 Page 5 of 13

This command runs 20,000 requests with a 10,000 of concurrent active connections. The result is shown below: Server Software: Server Hostname: 172.16.1.1 Server Port: 443 SSL/TLS Protocol: TLSv1.2,ECDHE RSA AES256 GCM SHA384,1024,256 Document Path: / Document Length: 0 bytes Concurrency Level: 10000 Time taken for tests: 26.518 seconds Complete requests: 20000 Failed requests: 0 Total transferred: 2920324 bytes HTML transferred: 0 bytes Requests per second: 754.20 [#/sec] (mean) Time per request: 13259.096 [ms] (mean) Time per request: 1.326 [ms] (mean, across all concurrent requests) Transfer rate: 107.54 [Kbytes/sec] received Connection Times (ms) min mean[+/ sd] median max Connect: 1200 8257 2712.4 9593 12391 Processing: 1644 2196 173.4 2257 2299 Waiting: 663 1081 166.5 1024 1323 Total: 3225 10453 2819.0 11855 14651 Percentage of the requests served within a certain time (ms) 50% 11855 66% 11921 75% 11944 80% 11964 90% 13030 95% 13310 98% 14563 99% 14594 100% 14651 (longest request) CPU usage in Zen Load Balancer: Meanwhile the test is running the CPU usage in the is used as follows: Page 6 of 13

As it's shown, the CPU never reaches the 80% of its usage. The requests are SSL offloaded without stress. 2.3 HTTP Profile with HTTPS Offload Listener, 2k key ssl certificate with RC4- SHA algorithm (stronger cipher and higher key) Farm Configuration: Farm Profile: HTTPS Modified Farm Parameters: Executed command in Client host: Number of working threads: 2000 Farm Listener: HTTPS Ciphers: Custom Security Customize your Ciphers: RCA SHA Farm Virtual IP and Virtual Port: 172.16.1.1:443 Used certificate: 2k # ab n 20000 c 10000 https://172.16.1.1 This command runs 20,000 requests with a 10,000 of concurrent active connections. The result is shown below: This is ApacheBench, Version 2.3 <$Revision: 1554214 $> Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/ Licensed to The Apache Software Foundation, http://www.apache.org/ Benchmarking 172.16.1.1 (be patient) Completed 2000 requests Page 7 of 13

Completed 4000 requests Completed 6000 requests Completed 8000 requests Completed 10000 requests Completed 12000 requests Completed 14000 requests Completed 16000 requests Completed 18000 requests Completed 20000 requests Finished 20000 requests Server Software: Server Hostname: 172.16.1.1 Server Port: 80 SSL/TLS Protocol: TLSv1.2,RC4 SHA,2048,128 Document Path: / Document Length: 0 bytes Concurrency Level: 10000 Time taken for tests: 24.223 seconds Complete requests: 20000 Failed requests: 0 Total transferred: 2924653 bytes HTML transferred: 0 bytes Requests per second: 825.66 [#/sec] (mean) Time per request: 12111.512 [ms] (mean) Time per request: 1.211 [ms] (mean, across all concurrent requests) Transfer rate: 117.91 [Kbytes/sec] received Connection Times (ms) min mean[+/ sd] median max Connect: 1721 8643 3441.4 9210 20756 Processing: 1 322 360.0 227 2442 Waiting: 0 306 359.7 208 2416 Total: 1807 8964 3284.2 9447 21056 Percentage of the requests served within a certain time (ms) 50% 9447 66% 9787 75% 10559 80% 12024 90% 13555 95% 13811 98% 14054 99% 14534 100% 21056 (longest request) Page 8 of 13

CPU usage in Zen Load Balancer: Meanwhile the test is running the CPU usage in the is used as follows: As it's shown, the CPU is stable at full load in this case, but the SSL offloaded requests are delivered in a stable response time. 2.4 HTTP Profile with HTTP Listener Farm Configuration: Farm Profile: HTTP Modified Farm Parameters: Executed command in Client host: Number of working threads: 2000 Farm Listener: HTTP Farm Virtual IP and Virtual Port: 172.16.1.1:80 # ab n 40000 c 20000 http://172.16.1.1 This command runs 40,000 requests with a 20,000 of concurrent active connections. The result is shown below: Server Software: Page 9 of 13

Server Hostname: 172.16.1.1 Server Port: 80 Document Path: / Document Length: 0 bytes Concurrency Level: 20000 Time taken for tests: 4.276 seconds Complete requests: 40000 Failed requests: 0 Total transferred: 5840210 bytes HTML transferred: 0 bytes Requests per second: 9355.35 [#/sec] (mean) Time per request: 2137.814 [ms] (mean) Time per request: 0.107 [ms] (mean, across all concurrent requests) Transfer rate: 1333.92 [Kbytes/sec] received Connection Times (ms) min mean[+/ sd] median max Connect: 0 182 181.5 248 468 Processing: 232 1404 576.6 1685 2755 Waiting: 211 1402 580.6 1685 2755 Total: 678 1586 420.7 1741 2788 Percentage of the requests served within a certain time (ms) 50% 1741 66% 1820 75% 1870 80% 1904 90% 2003 95% 2092 98% 2206 99% 2277 100% 2788 (longest request) CPU usage in Zen Load Balancer: Meanwhile the test is running the CPU usage in the is used as follows: Page 10 of 13

As it's shown, the CPU never reaches the 75% of its usage. The requests are served without any penalty. 2.5 L4xNAT Profile with HTTP Protocol Farm Configuration: Farm Profile: L4xNAT Modified Farm Parameters: Executed command in Client host: Farm Virtual IP and Virtual Port: 172.16.1.1:80 # ab n 200000 c 20000 http://172.16.1.1 This command runs 200,000 requests with a 20,000 of concurrent active connections. The result is shown below: Server Software: Server Hostname: 172.16.1.1 Server Port: 80 Document Path: / Document Length: 0 bytes Concurrency Level: 20000 Time taken for tests: 10.060 seconds Complete requests: 200000 Failed requests: 0 Total transferred: 29400000 bytes HTML transferred: 0 bytes Requests per second: 19881.01 [#/sec] (mean) Time per request: 1005.985 [ms] (mean) Page 11 of 13

Time per request: Transfer rate: 0.050 [ms] (mean, across all concurrent requests) 2854.01 [Kbytes/sec] received Connection Times (ms) min mean[+/ sd] median max Connect: 300 434 75.6 432 584 Processing: 353 534 87.1 536 689 Waiting: 105 228 90.5 221 677 Total: 665 968 55.5 986 1005 Percentage of the requests served within a certain time (ms) 50% 986 66% 989 75% 990 80% 990 90% 992 95% 993 98% 994 99% 995 100% 1005 (longest request) CPU usage in Zen Load Balancer: Meanwhile the test is running the CPU usage in the is used as follows: As it's shown, the CPU never reaches the 1.2% of its usage. The requests are served without any penalty. Page 12 of 13

3 Results sumary Please find in the following table the performance benchmark results for all cases over the hardware appliance: Test Number Connections Concurrency Ciphers Protocols 1 20,000 10,000 RC4-SHA 2 20,000 10,000 ECDHE- RSA- AES256- GCM- SHA384 3 20,000 10,000 RC4-SHA 4 40,000 20,000 5 200,000 20,000 HTTP Farm with HTTPS Listener HTTP Farm with HTTPS Listener HTTP Farm with HTTPS Listener HTTP and HTTP Listener L4xNAT with HTTP Protocol Asymmetric key size Test time (secs) 1024 14.33 1024 26.51 2048 24.22 4.27 10.06 Page 13 of 13

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information