Performance baseline
The performance of OneSpan Authentication Server 3.26.0 has been tested with a pre-defined baseline to compare with earlier versions.
Performance test setup
Performance test scenarios
Performance data was gathered using the following methods:
- An authenticator import was performed.
- User records were created.
- Authenticators were assigned to users.
-
Test timing:
- Authentication performance tests were run for ten minutes for each test.
-
Test types:
- Typical load, 20 authentications per second
- Typical peak load, 100 authentications per second
- Maximum capacity
-
Collected data:
- Average authentications per second
- Average response times
- Response time distribution
- OneSpan Authentication Server CPU usage
- Database server CPU usage
Only authentications were performed. Other server commands, e.g. administration, were not measured. These typically perform faster.
Performance test hardware
OneSpan Authentication Server was installed, configured, and run on an application server in the configurations given below. The OneSpan Authentication Server service, the database, and the performance test software were run on individual, exclusive virtual machines on separate VMWare ESXi servers with the following hardware:
-
ProLiant DL360 G7
- 64 GB RAM
- 200 GB high performance SSD
- 16 GB SD
-
Network Switch
- HP Procurve 2810-48G
-
Network
- 2 * HP NC382i Dual Port Multifunction Gigabit Svr Adapter
- HP NC360TOCUe DP Gbit Adapter
Software environments
Table: Software environments used for testing lists the different software environments used for the performance tests.
Configuration
- SOAP over SSL as communication protocol
- Auditing to database
- Tracing disabled
Test definition
- Authenticator record import via SOAP.
- User import and assign: Import via SOAP.
- Authentication was performed using one-time password.
- Software encryption using software security module (SSM).
Results
The following tables show the results for different test criteria.
| Action | Configuration A | Configuration B |
|---|---|---|
| Authenticator import | 00h 32m 32s | 17h 10m 38s |
| User creation | 00h 10m 05s | 05h 51m 46s |
| Authenticator assignment | 00h 25m 38s | 06h 31m 47s |
| Benchmarks | Configuration A | Configuration B |
|---|---|---|
| Avg. authentications/sec | 20 | 20 |
| Avg. response times (ms) | 31 | 41 |
| Response time distribution (%) <50ms | 99,6% | 98% |
| Response time distribution (%) <300ms | 0,4% | 2% |
| Response time distribution (%) <1000ms | 0% | 0% |
| Avg. OneSpan Authentication Server CPU load (%) | 4% | 7% |
| Avg. database CPU load (%) | 2% | 3% |
| Benchmarks | Configuration A | Configuration B |
|---|---|---|
| Avg. authentications/sec | 100 | 100 |
| Avg. response times (ms) | 40 | 59 |
| Response time distribution (%) <50ms | 98% | 21% |
| Response time distribution (%) <300ms | 2% | 79% |
| Response time distribution (%) <1000ms | 0% | 0% |
| Avg. OneSpan Authentication Server CPU load (%) | 25% | 32% |
| Avg. database CPU load (%) | 12% | 13% |
| Benchmarks | Configuration A | Configuration B |
|---|---|---|
| Avg. authentications/sec | 294 | 255 |
| Avg. response times (ms) | 131 | 116 |
| Response time distribution (%) <50ms | 2% | 0,4% |
| Response time distribution (%) <300ms | 92% | 99% |
| Response time distribution (%) <1000ms | 6% | 0,6% |
| Avg. OneSpan Authentication Server CPU load (%) | 84% | 85% |
| Avg. database CPU load (%) | 54% | 38% |
Variations
Auditing and reporting
Auditing has a performance impact on OneSpan Authentication Server. For deployments using multiple OneSpan Authentication Server instances, consider one OneSpan Authentication Server instance dedicated to auditing and other administrative tasks, or using a separate auditing database.
Tracing
Enabling tracing has a significant performance impact on OneSpan Authentication Server.