Securyzr™ IPsec Engine
The IPsec Engine implements RFC4301 and other relevant RFCs, providing confidentiality, connectionless data integrity, data-origin authentication and replay protection on OSI layer 3.
The scalable architecture provides low-latency, line rate acceleration of packet encapsulation, encryption and replay protection. Its modular design not only gives the ability to choose between different cryptographic algorithms, but also provides >ne-grained control on classi>cation features, packet formats, and more. Integration with a wide range of performance or area-optimized cryptographic IP cores allows unrivalled trade-off possibilities between throughput, area and latency.
|
|
Low Latency Optional cut-through design helps reaching timing targets for latency-critical applications |
 |
No software intervention Can be implemented fully in hardware without any software intervention |
|||
|
Replay protection Offloading replay protection and packet number management reduces the strain on the CPU even more |
|
Line rate acceleration Highly efficient cryptographic cores enable reaching line rate processing, even for 64 byte packets |
Features
 |
Can aggregate several 10, 40 or 100 GbE link | |
UDP encapsulation | |||
|
Compliant with RFC 4106, 4301, 4303, 7634 | |
Byte lifetime counters | |||
|
Supports AES-GCM-128/256, AES-CBC/SHA-2, ChaCha20 Poly1305 | |
Generic interface to TCAM | |||
|
32 to 1024 bits datapath | |
Supports IPv4 and IPv6 | |||
|
ESP encapsulation/decapsulation | |
5-tuple classification | |||
|
Bypass mode | |
Data interface: AMBA 4 AXI-Stream | |||
|
ASIC and FPGA | |
Control interface: AMBA 4 APB |
Wide area of applications
The IPsec engine will bring the most eFcient and [exible solution to your data processing needs, whatever technology and architecture you choose.
Environments in which the IPsec will prove an essential boost are:
IPsec ensures network integrity
There are three common network security protocol standards:
|
MACsec Regulating the traffic of frames between two physical machines, regulated by the MACsec protocol of layer 2. |
|
|
IPsec Checking and ordering the routed packets, done by the IPsec protocol in layer 3. |
|
|
TLS (SSL) Checking the authenticity of the incoming requests and setting up the encryption/decryption. This is the SSL/TLS handshaking of layer 5. |
IPsec provides a transparent end-to-end secure channel for upper-layer protocols, and implementations do not require modi>cations to those protocols or to applications. It is a mature protocol suite that supports a range of encryption and hashing algorithms and is highly scalable and interoperable.
Built for your specific needs
The IPsec engine can be configured to reach the performance level required by your application, enabling efficient offloading of the main CPU.
Free white paper
HOW SMART & SECURE HARDWARE
CAN BOOST YOUR DATA CENTER
High-performance IP blocks to offload network and security processing
Cloud computing is ramping up like never before. New host applications are routinely designed to serve millions of clients, and each of these clients expects high-speed service, minimal latency, and tight security.
Learn more about the key components to boost your data center:
• Record-breaking MACsec performance (up to 1.5Tbps)
• The fastest SSL/TLS handshaking engines in the industry
• …and much more
The first worldwide PQC READY secure solution from chip to cloud
 |
At Secure-IC we are at the forefront of PQC, meaning we are actively working on developing and implementing PQC technologies, and contributing to the advancement of the field. We are conducting research, creating new PQC algorithms, developing PQC-based products, and working with customers to integrate PQC solutions into their systems. |
We are also offering Cybersecurity Evaluation Tools & Security Evaluation as a Service
