IPsec Engine | Silex Insight

IPsec Engine

Get in touch with us
Performance
Applications
Diagram
Product Sheet

The IPsec Engine implements RFC4301 and other relevant RFCs, providing confidentiality, connectionless data integrity, data-origin authentication and replay protection on OSI layer 3.

The scalable architecture provides low-latency, line rate acceleration of packet encapsulation, encryption and replay protection. Its modular design not only gives the ability to choose between different cryptographic algorithms, but also provides fine-grained control on classification features, packet formats, and more. Integration with a wide range of performance or area-optimized cryptographic IP cores allows unrivalled trade-off possibilities between throughput, area and latency.

  • Low Latency
    Optional cut-through design helps reaching timing targets for latency-critical applications
  • Replay protection
    Offloading replay protection and packet number management reduces the strain on the CPU even more
  • No software intervention
    Can be implemented fully in hardware without any software intervention
  • Line rate acceleration
    Highly efficient cryptographic cores enable reaching line rate processing, even for 64 byte packets

HIGH PERFORMANCE

0
Gbps

Throughput

0
Gbps

FEATURES

  • Can aggregate several 10, 40 or 100 GbE link
  • Throughput from 1 Gbps up to 100 Gbps
  • Compliant with RFC 4106, 4301, 4303, 7634
  • Supports:
    - AES-GCM-128/256
    - AES-CBC/SHA-2
    - Chacha20-poly1305 HP
  • 32 to 1024 bits datapath
  • ESP encapsulation/decapsulation
  • UDP encapsulation
  • Byte lifetime counters
  • Generic interface to TCAM
  • Supports IPv4 and IPv6
  • 5-tuple classification
  • Bypass mode
  • Data interface: AMBA 4 AXI-Stream
  • Control interface: AMBA 4 APB

Wide Area of Applications

The IPsec engine will bring the most efficient and flexible solution to your data processing needs, whatever technology and architecture you choose.

Environments in which the IPsec will prove an essential boost are:

IPsec ensures network integrity

There are three common network security protocol standards:

  • MACsec
    Regulating the traffic of frames between two physical machines, regulated by the MACsec protocol of layer 2.
  • IPsec
    Checking and ordering the routed packets, done by the IPsec protocol in layer 3.
  • TLS (SSL)
    Checking the authenticity of the incoming requests and setting up the encryption/decryption. This is the SSL/TLS handshaking of layer 5.
Open Systems Interconnection (OSI) networking reference model

IPsec (layer 3) provide for the authentication, confidentiality, and integrity of communications.

IPsec provides a transparent end-to-end secure channel for upper-layer protocols, and implementations do not require modifications to those protocols or to applications. It is a mature protocol suite that supports a range of encryption and hashing algorithms and is highly scalable and interoperable.

⇧ Click diagram for full-size view ⇧
Download Product Sheet

Built For Your Specific Needs

The IPsec engine can be configured to reach the performance level required by your application, enabling efficient offloading of the main CPU.

CONFIGURABLE

Include features as needed

SCALABLE

Define performance and footprint depending on your needs

CUSTOMIZABLE

Adapt to your specific needs

Configurable

0%

Scalable

0%

Customizable

0%

FREE WHITE PAPER

HOW SMART HARDWARE CAN BOOST YOUR DATA CENTER

HIGH-PERFORMANCE IP BLOCKS OFFLOAD NETWORK AND SECURITY PROCESSING

 

 

  • Cloud computing is ramping up like never before. New host applications are routinely designed to serve millions of clients, and each of these clients expects high-speed service, minimal latency, and tight security.

    Learn more about the key components to boost your data center:

    • Record-breaking MACsec performance (up to 1.5Tbps)

  • • The fastest SSL/TLS handshaking engines in the industry

  • • IPsec for secure connections

  •  • …and much more

FREE DOWNLOAD >
Pieter Simons
What distinguishes our IPsec from the competition is its extremely high scalability and flexibility,
 
Application designers can now really optimize the hardware trade-off between throughput, latency and available resources. For each application, they can add the most powerful IPsec engine at the lowest cost, without having to over-dimension their hardware.

Pieter Simons

-
R&D Director

Interested to know more about our IPsec engine?

Feel free to get in touch with us

 

PRODUCT SHEET

Download

Free White Paper Download