Sunday, March 2, 2003

Cavium Announces Security Processors with 2 to 10 Gbps Performance

Cavium Networks, a start-up based in Santa Clara, California, introduced its NITROX II family of In-line Security Macro Processors featuring performance ranging from 2 Gbps to 10 Gbps of IPsec or SSL security protocol processing. The processors have the ability to handle 5,000 to 40,000 SSL session set-ups per second. The single chip processors are designed for multi-gigabit networking equipment such as routers, switches, web-servers, server load balancers, firewalls, SANs, and VPN gateways. Cavium said existing security processors typically sit off a host CPU or NPU and offload computationally-intensive security protocol processing. However, look-aside architecture requires extensive host processor cycles to do extra packet parsing and classification, lookups and management of the traffic between the host and the security processor, resulting in a new bottleneck. Its NITROX II architecture places the security processing inline between the MAC and the Host processor, avoiding the look-aside bottleneck. Cavium's NITROX II programmable processor supports a choice of single or dual, streaming SPI-3 or SPI-4.2 interfaces, a 64 bit PCI-X bus for control and data path applications and a local 72 bit DDR bus that enables integration into both In-line and look-aside line-card and security appliance architectures. It supports both IPv4 and IPv6 formats, includes packet classification, L2 and IP header parsing and checksum, Inbound SA lookup, fragmentation support, IPsec selector checks and exception detection and handling. The NITROX II processes symmetric encryption and hashing algorithms such as 3DES, AES, ARC4, SHA-1, SHA-2 and MD-5 with their multiple modes, options and key lengths at performance ranges from 2Gbps to 10Gbps. Asymmetric algorithms such as RSA, DH, DSS with key lengths up to 4096 bit are also supported.
http://www.cavium.com

  • Cavium Networks is headed by Syed Ali, who previously was a founding member and VP Marketing/Sales at Malleable Technologies, a communication chip focused on Voice over Packet processors. Malleable was acquired by PMC-Sierra in June 2000. Cavium's technical team is led by Anil Jain, who previously was team leader for the 1.2 GHz 21364 Alpha Processor design at Compaq / Digital Equipment Corporation.

  • Cavium's current Nitrox-Lite, Nitrox and Nitrox-Plus security processors scale from 100 Mbps to 5 Gbps of throughput. Cavium claimed over 15 network equipment customers in Q4 2002.