A few weeks ago Lori nailed it with a post (The 2048-bit Keys to the Kingdom) on the coming forced migration to 2048-bit keys.  A few days prior, I got a call from “THE” Matt Cauthorn, DevCentral resident stud contributor L4L7 about the very same issue.  Not surprisingly, he was ahead of the game on this and has spent some time developing a tool that will take the mystery out of the licensing and infrastructure impact checklist items Lori mentioned.  Well what does this tool do?

  • Function
    • Generates a high-level report in pdf format on what 2048-bit keys will do to your infrastructure
    • Graphs the last seven days of TPS data by default (you can also run against 24 hour and 30 day data as well)
    • Highlight any platforms in your infrastructure that might be improperly sized for 2048-bit keys under existing loads
  • Details
    • Fetches some graph data, the license file, the platform ID, the TMOS version, and general system information.  These are all read-only calls.
    • Assumptions
      • Using 1024-bit keys today.  This may not be true for you.  If you’re using 2048-bit keys, the report will still generate useful information
      • To estimate your maximum platform TPS, the tool simply takes the maximum 1024-bit TPS for your platforms and reports 20% of that value.  Note that this is maximum platform TPS, not maximum licensed TPS.


If you haven’t taken the time to configure your environment for pyControl, you’ll need to do so to use this tool.  There are installation tutorials for Windows and Ubuntu.  Here are the packages you’ll need:

These details and the reporting tool itself are ready for you here in the iControl codeshare.  Enjoy!

Related Articles