MACsec Engine

BA451 MACsec Engine

Overview

In current networking technologies, source authentication, data integrity and confidentiality are becoming more and more important. There exist numerous software implementations for security protocol suites on nearly all OSI layers, but these implementations are not well suited for timing-critical, high throughput applications. On OSI layer 2 (data link layer), MACsec is the transport security protocol of choice. The BA451 is a very scalable engine implementing the MACsec standard for high throughput applications.

Features

  • Can aggregate several 10, 40 or 100 GBE link
  • Throughput from 10 Gbps up to 800 Gbps
  • Scalability enabling trade-off between throughput, area and latency
  • Supports AES-GCM-128/256
  • Available for ASIC and FPGA
  • Compliant with IEEE 802.1AE , 802.1AEbn and 802.1AEbw
  • Datapath from 128 to 1024 bits
  • Interface to TCAM
  • SecTag add/remove
  • ICV generation/check
  • Classification
  • Bypass mode

Applications

  • Cloud computing
  • Data center equipment and applications

Reference: BA451