At Rambus, we create cutting-edge semiconductor and IP products, spanning memory and interfaces to security, smart sensors and lighting.

Products
- - - Explore our full catalog of products so you can find the right solution to fit your needs.
    - Product Selector
Solutions
- - By Market
  - AI & Machine Learning
  - Automotive
  - Data Center
  - Edge
  - Government
  - IoT
- - - Explore our full catalog of products so you can find the right solution to fit your needs.
    - Product Selector
Resources
- - Resource Library
  - Our library of informational videos, papers, presentations, and more
  - Webinars
  - Check out our library of upcoming and on-demand webinars
- - Inventions
  - Explore innovations that enable the superior performance of Rambus solutions
  - Certifications
  - Certified silicon IP solutions tailored to the specific needs of some of the world’s most demanding applications
- - - Explore our full catalog of products so you can find the right solution to fit your needs.
    - Product Selector
Company
- - About
  - Corporate Overview
  - Leadership
  - Inventors
  - Careers
  - Locations
  - Investor Relations
- - News & Media
  - Newsroom
  - Blog
  - Events
- - - Explore our full catalog of products so you can find the right solution to fit your needs.
    - Product Selector
- English

1.6T/3.2T Multi-Channel MACsec Engine with TDM Interface (MACsec-IP-364)

MACsec solution for data center, service providers, 5G and AI

Home > Security IP > Protocol Engines > 1.6T/3.2T Multi-Channel MACsec Engine with TDM Interface (MACsec-IP-364)

The MACsec-IP-364 is a MACsec/IPsec engine developed specifically for high-speed, multi-rate and multi-port Ethernet devices. Its architecture provides an optimal multi-protocol solution for aggregate throughput for 1.6T and 3.2T. The MACsec-IP-364 is ideal for deployment in data center, enterprise and carrier network applications, as well as network-attached high-performance computing.

Remarkable progress in optical connectivity in combination with the ramp of 3/2nm silicon technology has enabled 1.6T pluggable optical modules for short-reach (<10km) to long-haul (>500km) applications. A new generation of Rambus industry-proven MACsec/IPsec Silicon IP can secure Terabit-plus Ethernet traffic while maintaining power budgets and addressing the latency and throughput requirements of advanced end applications.

Contact

Product Brief

Security Certifications

Complete and fully compliant MACsec Packet Engine with classifier and transformation engines for rates of 1.6T and 3.2T, up to 64 channels, ready for FlexE

All IEEE MACsec standards supported (including IEEE802.1AE-2018). Optional inclusion of IPsec ESP transport and tunnel modes

Supplied with the Driver Development Kit to accelerate time to market. Rambus offers MACsec Toolkit for IEEE 802.1X key management

How the MACsec-IP-364 Works

The MACsec-IP-364 engine provides complete MACsec SecY frame processing for multiple channels (ports). It supports multiple SecY (virtual ports) to realize protection for each individual virtual network running over the same physical port. Its pooled classification and transformation resources allow optimal implementation of multi-port designs. A segmented, fat-pipe design allows aggregating multiple ports to use the same MACsec SecY as well as protecting a single port.

The MACsec-IP-363 is a virtual port matching classifier that works with the MACsec-IP-364 to form an autonomous MACsec processing data path. Alternatively, the MACsec-IP-364 can be used in combination with an external classifier or stand alone, depending on the use case.

The MACsec-IP-364 (+ 363) engine offers flexibility on integration in the customer’s Ethernet subsystem. Integration depends on the following major factors: data path design (channelized or port-based), bus width, number of packets per clock, location of the IEEE 1588 timestamping and preferred method for handling packet expansion (per-packet or port-based). Customers have the flexibility to implement buffering and flow control according to their system requirements.

The engine provides the minimum latency and deterministic latency and can be used in combination with IEEE1588 timestamp update logic.

For applications that require numerous SA and TCAM matching rules, the engine can be supplied with a TCAM controller that supports configurable TCAM profiles. The default TCAM implementation is logic-based.

MACsec Fundamentals

For end-to-end security of data, it must be secured both when at rest (stored on a connected device) and when in motion (communicated between connected devices). For data at rest, a hardware root of trust anchored in silicon provides that foundation upon which all device security is built. Similarly, MACsec security anchored in hardware at the foundational communication layer (Layer 2) provides that basis of trust for data in motion over Ethernet-based networks.

Solution Offerings

Features

Deliverables

Services

Features

Deliverables

Services

Secure Networking Basics: MACsec, IPsec, and SSL/TLS/DTLS

The MACsec, IPsec and SSL/TLS/DTLS protocols are the primary means of securing data in motion (communicated between connected devices). These protocols can be anchored in hardware or implemented in software as part of an end-to-end security architecture. This white paper provides fundamental information on each of these protocols including their interrelationships and use cases.