IPSec provides security solutions to various network based web applications through its protocol suite. Implementing IPSec in the network layer includes significant bandwidth and processing time overhead to application traffic. The upper layer protocols such as TCP and UDP behavior on network traffic is also influenced by these overheads. In our work, we have studied the impact of IPSec on the metrics: Number of Transactions, Transmission Time, Round Trip Time, Average Burst Size and Available Bandwidth for IPv4 and IPv6 network traffic. Authentication algorithm: Hashed Message Authentication Code - Message Digest 5(HMAC-MD5), encryption algorithm: Advanced Encryption Standard(AES) and compression algorithm deflate are considered for Authentication Header(AH), Encapsulated Security Payload(ESP) and IP Compression(IPComp) protocols of IPSec. Using the characterized metrics, computed overheads and user behavior on web page requests, we have analyzed the performance impact of IPSec on web application servers. © 2006 IEEE.