Do you really need a hardware TLS accelerator? Check stunnel performance data below.

Data throughput ECDHE-RSA-AES128-GCM-SHA256 688 MB/s 5.5 Gbit/s
ECDHE-RSA-AES256-GCM-SHA384 648 MB/s 5.2 Gbit/s
ECDHE-RSA-AES128-SHA256 244 MB/s 2.0 Gbit/s
ECDHE-RSA-AES256-SHA384 204 MB/s 1.6 Gbit/s
DES-CBC3-SHA 28 MB/s 0.22 Gbit/s
New connections New session(1,2) 750 connections/s
Resumed session(2) 4 700 connections/s
PSK authentication(3) 4 460 connections/s
Concurrent sessions Unix poll() limited by available memory(4)
Unix select() 500
64-bit Windows build limited by available memory
32-bit Windows build 1 000
Memory usage Resident Set Size (RSS) 5 MB + 60 KB/connection

Performance was tested on:

(1) 2048-bit RSA certificate
(2) Negotiated encryption: ECDHE-RSA-AES256-GCM-SHA384
(3) Negotiated encryption: PSK-AES256-CBC-SHA
(4) In order to handle N concurrent connections on a Unix platform, stunnel requires nfile (ulimit -n) to be higher than 2*N, and nproc (ulimit -u) to be higher than N

Our supporters:
Go to the top