NTLM authentication performance

Hello, All!

I'm using integrated Windows security for authentication purposes and made
some performance tests.
In ISAPI filter I start the timer on event "headers preprocessed" and stop
it in my ISAPI extension in
the entry to HttpExtensionProc.

I have HTTP keep-alive enabled and don't worry so much about first HTPP
request timing but repetitive
calls in the context of the same session are very important to me.

If I use anonymous authentication IIS overhead is neglectable and it's about
0.1-0.2 milliseconds.
However when I turn off anonymous and turn on NTLM the request propagates
through IIS in 8-15
milliseconds and sometimes it takes even 25-30 milli. Once again, first
requests propagates in 80-100
milli due to challenge-response negotiations but that's fine with me.

Everything is happening on LAN.

I'm not an expert in NTLM internals and I wonder if such an overhead is
normal or something can be
adjusted. I've played with AuthPersistence flag without any success.

With best regards, Georgy Malyshev.