The MACsec Engine, also known as Media Access Control Security, implements the latest IEEE 802.1AE specification, providing connectionless data integrity, data origin authenticity and confidentiality on OSI layer 2.
The scalable architecture provides low-latency, line rate acceleration of frame encapsulation, encryption and replay protection. The multi-channel structure makes the engine extremely suitable for use in switches, enabling per-port security with a single IP instantiation. Integration options with either performance or area-optimized AES-GCM IP cores enables a high level of scalability enabling unrivalled trade-off possibilities between throughput, area and latency.
At its very core, the MACsec Engine is completely technology-agnostic and can be integrated in a wide range of FPGA and ASIC technologies. On FPGA, the engine can use vendor-specific optimizations to reach very high throughput goals.
The MACsec engine will bring the most efficient and flexible solution to your data processing needs, whatever technology and architecture you choose.
Environments in which the MACsec will prove an essential boost are:
Cloud Computing
Data Centers
Secure IP/MPLS
(replace MPLS over GRE + IPsec)
Secure IoT devices on LAN
In-vehicle communication with Automotive Ethernet
MACsec is the foundation for any network security
There are three common network security protocol standards:
MACsec Regulating the traffic of frames between two physical machines, regulated by the MACsec protocol of layer 2.
IPsec Checking and ordering the routed packets, done by the IPsec protocol in layer 3.
TLS (SSL) Checking the authenticity of the incoming requests and setting up the encryption/decryption. This is the SSL/TLS handshaking of layer 5.
Open Systems Interconnection (OSI) networking reference model
As Layer 2 is where communication begins, security here builds the foundation for security for the entire network stack.
MACsec provides Layer 2 (the data link layer – OSI) security allowing it to safeguard network communications against a variety of attacks including intrusion, denial of service and eavesdropping. These attacks exploit vulnerabilities in the data line layer and often it will not be detected or prevented by higher layer security protocols. Therefore, MACsec provides the basis on which a network security architecture can be built.
The MACsec engine can be configured to reach the performance level required by your application, enabling efficient offloading of the main CPU.
CONFIGURABLE
Include features as needed
SCALABLE
Define performance and footprint depending on your needs
CUSTOMIZABLE
Adapt to your specific needs
Configurable
0%
Scalable
0%
Customizable
0%
FREE WHITE PAPER
HOW SMART HARDWARE CAN BOOST YOUR DATA CENTER
HIGH-PERFORMANCE IP BLOCKS OFFLOAD NETWORK AND SECURITY PROCESSING
Cloud computing is ramping up like never before. New host applications are routinely designed to serve millions of clients, and each of these clients expects high-speed service, minimal latency, and tight security.
Learn more about the key components to boost your data center:
• Record-breaking MACsec performance (up to 1.5Tbps)
• The fastest SSL/TLS handshaking engines in the industry
Combined with the explosion of cloud processing, the emerging 5G revolution, and new techniques such as virtualization, high performance is a must-have. In this environment, efficient cryptography accelerators are indispensable.
Our MACsec engine is developed accordingly which will benefit all our customers. Not only when it comes to speed, but also bring down their cost of ownership of their datacenter as more and more of the network and security processing can be offloaded to fast hardware.
We use cookies on our website. To learn more about cookies, how we use them on our site and how to change your cookie settings please view our cookie policy. By continuing to use this site without changing your settings you consent to our use of cookies in accordance with our cookie policy.