Performance Baseline
  • 22 Nov 2024
  • 2 Minutes to read
  • Dark
    Light
  • PDF

Performance Baseline

  • Dark
    Light
  • PDF

Article summary

The performance of OneSpan Authentication Server 3.27.0 has been tested with a pre-defined baseline to compare with earlier versions.

Performance test setup

Performance test scenarios

Performance data was gathered using the following methods:

  • An authenticator import was performed.
  • User records were created.
  • Authenticators were assigned to users.
  • Test timing:

    • Authentication performance tests were run for ten minutes for each test.
  • Test types:

    • Typical load, 20 authentications per second
    • Typical peak load, 100 authentications per second
    • Maximum capacity
  • Collected data:

    • Average authentications per second
    • Average response times
    • Response time distribution
    • OneSpan Authentication Server CPU usage
    • Database server CPU usage

Only authentications were performed. Other server commands, e.g. administration, were not measured. These typically perform faster.

Performance test hardware

OneSpan Authentication Server was installed, configured, and run on an application server in the configurations given below. The OneSpan Authentication Server service, the database, and the performance test software were run on individual, exclusive virtual machines on separate VMWare ESXi servers with the following hardware:

  • ProLiant DL360 G7

    • 64 GB RAM
    • 200 GB high performance SSD
    • 16 GB SD
  • Network Switch

    • HP Procurve 2810-48G
  • Network

    • 2 * HP NC382i Dual Port Multifunction Gigabit Svr Adapter
    • HP NC360TOCUe DP Gbit Adapter

Software environments

Table: Software environments used for testing lists the different software environments used for the performance tests.

   
Table:  Software environments used for testing
DeploymentOperating systemUser/authenticator volumeDatabase configuration
ACentOS 730,000 users and authenticatorsEmbedded MariaDB 10.2.16
BCentOS 7

800,000 users

1,200,000 authenticators

Oracle Database 12c

Configuration

  • SOAP over SSL as communication protocol
  • Auditing to database
  • Tracing disabled

Test definition

  • Authenticator record import via SOAP.
  • User import and assign: Import via SOAP.
  • Authentication was performed using one-time password.
  • Software encryption using software security module (SSM).

Results

The following tables show the results for different test criteria.

  
Table: Import records results
ActionConfiguration AConfiguration B
Authenticator import00h 32m 32s17h 10m 38s
User creation00h 10m 05s05h 51m 46s
Authenticator assignment00h 25m 38s06h 31m 47s
  
Table: Performance test configuration – typical load
BenchmarksConfiguration AConfiguration B
Avg. authentications/sec2020
Avg. response times (ms)3141
Response time distribution (%) <50ms99,6%98%
Response time distribution (%) <300ms0,4%2%
Response time distribution (%) <1000ms0%0%
Avg. OneSpan Authentication Server CPU load (%)4%7%
Avg. database CPU load (%)2%3%
  
Table: Performance test configuration – typical peak load
BenchmarksConfiguration AConfiguration B
Avg. authentications/sec100100
Avg. response times (ms)4059
Response time distribution (%) <50ms98%21%
Response time distribution (%) <300ms2%79%
Response time distribution (%) <1000ms0%0%
Avg. OneSpan Authentication Server CPU load (%)25%32%
Avg. database CPU load (%)12%13%
  
Table: Performance test configuration – maximum capacity
BenchmarksConfiguration AConfiguration B
Avg. authentications/sec294255
Avg. response times (ms)131116
Response time distribution (%) <50ms2%0,4%
Response time distribution (%) <300ms92%99%
Response time distribution (%) <1000ms6%0,6%
Avg. OneSpan Authentication Server CPU load (%)84%85%
Avg. database CPU load (%)54%38%

Variations

Auditing and reporting

Auditing has a performance impact on OneSpan Authentication Server. For deployments using multiple OneSpan Authentication Server instances, consider one OneSpan Authentication Server instance dedicated to auditing and other administrative tasks, or using a separate auditing database.

Tracing

Enabling tracing has a significant performance impact on OneSpan Authentication Server.


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Ozzy, our interactive help assistant