The MACsec-IP-163/164 is a MACsec engine developed specifically for high-speed, multi-rate and multi-port Ethernet devices. Its architecture provides an optimal solution for aggregate throughput ranging from 100G to 800G and beyond. The MACsec-IP-163/164 is ideal for deployment in data center, enterprise and carrier network applications, as well as network-attached high-performance computing.
Cloud computing and data center throughput requirements have driven Ethernet and OTN standards to 100G, 400G and now to 800G. These standards deploy multiple SerDes lanes with various rates, which require support for flexible bandwidth allocation for a varying number of channels (ports), depending on the target silicon.
The MACsec-IP-164 engine provides complete MACsec SecY frame processing for multiple channels (port). It supports multiple SecY (virtual ports) to realize protection for each individual virtual network running over the same physical port. It’s pooled classification and transformation resources allow optimal implementation of multi-port designs. The fat-pipe design allows aggregating multiple port to use the same MACsec SecY.
The MACsec-IP-163 is a virtual port matching classifier that works with the MACsec- IP-164 to form an autonomous MACsec processing data path. Alternatively, the MACsec-IP-164 can be used in combination with an external classifier or stand alone, depending on the use case.
The MACsec-IP-163/164 engine is delivered together with a widely adopted Driver Development Kit (DDK-164). To build a system-level solution, Rambus offers the MACsec Toolkit product that implements a complete IEEE 802.1X specification and has multiple features that facilitate development and testing of the MACsec compliant processing.
The MACsec-163/164 engine has been used by leading silicon and system vendors over multiple generations thanks to the engine’s software compatibility and proven history of API scalability.
SA and Classification Scaling
Default Protocol Support
FIPS 140-2 CAVP ready