As my boss’ boss said in the press release:
“Thanks to Broadcom’s inclusion of IPsec task offload support, our mutual customers will have even greater flexibility when implementing the IPsec features of Windows Vista and Windows Server® 2008,” said Mike Schutz, Director of Security and Access Product Management at Microsoft. “By easing any potential performance tradeoffs, these latest NetXtreme security features will help further the adoption of such advanced Microsoft Windows security solutions as Server and Domain Isolation and Network Access Protection.”
Effectively, with IPsec task offload support, many of the CPU intensive work required for hashing packets or encryption (if you’re using the encryption options) can be moved to the NIC. This frees up the many CPU(s) for more interesting tasks, like running applications or surfing the web for stuff.
This means there’ll be one less reason to not consider using IPsec as the great network security tool I’ve written about for sometime now!