Home > Security IP > Protocol Engines > Protocol-IP-197
The Protocol-IP-197 Multi-Protocol Engine is an IP family for accelerating IPSec, SSL, TLS, DTLS (CAPWAP), 3GPP and MACsec up to 5, 10, 20, 40, 50 and 100 Gbps in multi-core server, communication or network processors offering a large selection of cipher algorithms. Designed for fast integration, maximum CPU offload and offering full transforms, it provides a reliable and effective embedded IP solution that is easy to integrate into multi-core servers, communication and network processors. It is pre-integrated with the DPDK, Linaro ODP and Linux crypto APIs. Therefore, this IP is designed for seamless integration of network security processing in systems, with its inline and AMBA bus interfaces, embedded classification as well as support of the public APIs.
The Protocol-IP-197 is designed for systems requiring security protocol processing at extreme speeds, where CPU (farms) cannot handle the cryptographic workload due to performance or power limitations. The packet engine handles the security protocol operations and reduces power in high-end servers, communication and network processors for: network processors used in switch applications; data center processing and cloud computing; communication and high-end security gateways.
Multiple configurations are available to support larger data rates for specific use cases.
The MACsec, IPsec and SSL/TLS/DTLS protocols are the primary means of securing data in motion (communicated between connected devices). These protocols can be anchored in hardware or implemented in software as part of an end-to-end security architecture. This white paper provides fundamental information on each of these protocols including their interrelationships and use cases.
Key benefits:
IPsec classification:
IPsec transformation (IPv4 and IPv6):
SSL3.0 / TLS1.0 / TSL1.1 / TLS1.2 / TLS1.3 / DTLS1.0 / DTLS1.2:
MACsec
3GPP Wireless Algorithms
SA -Manager
The cryptographic engine supports the following cryptographic algorithms:
The hash engine supports the following algorithms:
The Pseudo Random Number Generator supports:
The Host interface with DMA controller supports:
Inline interface:
Master and slave interface: