The Cost of Securing LAN Traffic using the End-to-End Security Model of Windows XP/2000 IPSec Protocols

N.Z. ALMeshary (Saudi Arabia)


Communication Systems and Networks, Windows XP/2000 IPSec Protocol, End-to-End Security Model, Throughput, Latency, and Scalability


As one of the major OSes in building LANs, Windows XP/2000 provides a mechanism that allows applications to establish a secure communication channel to other applications running on another Windows XP machine. This channel provides confidentiality, authentication, and anti reply attack security services. Despite the fact that benefits of using the transport mode of Windows XP IPSec protocol to solve many security issues are well known and its acceptance has been successful, very little is known about the IPSec overhead that it introduces. In this paper, quantitative analysis is presented for the current implementation of the transport mode of Windows XP IPSec protocols. This analysis aims to raise the awareness of Windows XP users about the cost of using the IPSec protocols. It also identifies its best deployment scenarios as well as the impact of various security services on key performance parameters, such as latency, scalability, and throughput. Finally, the TCP key parameters that have a significant impact on throughput are also identified.

Important Links:

Go Back