The IPsec Engine implements RFC4301 and other relevant RFCs, providing confidentiality, connectionless data integrity, data-origin authentication and replay protection on OSI layer 3.
The scalable architecture provides low-latency, line rate acceleration of packet encapsulation, encryption and replay protection. Its modular design not only gives the ability to choose between different cryptographic algorithms, but also provides fine-grained control on classification features, packet formats, and more. Integration with a wide range of performance or area-optimized cryptographic IP cores allows unrivalled trade-off possibilities between throughput, area and latency.
Replay protection Offloading replay protection and packet number management reduces the strain on the CPU even more
No software intervention Can be implemented fully in hardware without any software intervention
Line rate acceleration Highly efficient cryptographic cores enable reaching line rate processing, even for 64 byte packets
HIGHPERFORMANCE
0
Gbps
Throughput
0
Gbps
FEATURES
Can aggregate several 10, 40 or 100 GbE link
Throughput from 1 Gbps up to 100 Gbps
Compliant with RFC 4106, 4301, 4303, 7634
Supports: - AES-GCM-128/256 - AES-CBC/SHA-2 - Chacha20-poly1305 HP
32 to 1024 bits datapath
ESP encapsulation/decapsulation
UDP encapsulation
Byte lifetime counters
Generic interface to TCAM
Supports IPv4 and IPv6
5-tuple classification
Bypass mode
Data interface: AMBA 4 AXI-Stream
Control interface: AMBA 4 APB
Wide Area of Applications
The IPsec engine will bring the most efficient and flexible solution to your data processing needs, whatever technology and architecture you choose.
Environments in which the IPsec will prove an essential boost are:
Cloud Computing
Data Centers
Edge router
Edge networking for IoT data aggregation
IPsec ensures network integrity
There are three common network security protocol standards:
MACsec Regulating the traffic of frames between two physical machines, regulated by the MACsec protocol of layer 2.
IPsec Checking and ordering the routed packets, done by the IPsec protocol in layer 3.
TLS (SSL) Checking the authenticity of the incoming requests and setting up the encryption/decryption. This is the SSL/TLS handshaking of layer 5.
Open Systems Interconnection (OSI) networking reference model
IPsec (layer 3) provide for the authentication, confidentiality, and integrity of communications.
IPsec provides a transparent end-to-end secure channel for upper-layer protocols, and implementations do not require modifications to those protocols or to applications. It is a mature protocol suite that supports a range of encryption and hashing algorithms and is highly scalable and interoperable.
The IPsec engine can be configured to reach the performance level required by your application, enabling efficient offloading of the main CPU.
CONFIGURABLE
Include features as needed
SCALABLE
Define performance and footprint depending on your needs
CUSTOMIZABLE
Adapt to your specific needs
Configurable
0%
Scalable
0%
Customizable
0%
FREE WHITE PAPER
HOW SMART HARDWARE CAN BOOST YOUR DATA CENTER
HIGH-PERFORMANCE IP BLOCKS OFFLOAD NETWORK AND SECURITY PROCESSING
Cloud computing is ramping up like never before. New host applications are routinely designed to serve millions of clients, and each of these clients expects high-speed service, minimal latency, and tight security.
Learn more about the key components to boost your data center:
• Record-breaking MACsec performance (up to 1.5Tbps)
• The fastest SSL/TLS handshaking engines in the industry
What distinguishes our IPsec from the competition is its extremely high scalability and flexibility,
Application designers can now really optimize the hardware trade-off between throughput, latency and available resources. For each application, they can add the most powerful IPsec engine at the lowest cost, without having to over-dimension their hardware.
We use cookies on our website. To learn more about cookies, how we use them on our site and how to change your cookie settings please view our cookie policy. By continuing to use this site without changing your settings you consent to our use of cookies in accordance with our cookie policy.