gary
 
» Technology   » Hardware IP   » Software IP
Request More Information     Download Datasheet

Posedge Unified Security Engine (UNISec)

Posedge-UNISec is a multi-protocol processing engine supporting eight 1Gbps ports or one 10Gbps port with the following interfaces.

Some of the IPSEC specific functions include:
•  ESP protocol processing
•  IPV4 and V6 packet processing
•  AES-GCM for encryption and authentication
• 

Anti –replay verification
Both transport and tunnel mode support
• 

1Gbps and 10Gbps support
 
Some of the MACsec specific functions include:
• 

Compliance with IEEE 802.1AE standard
• 

AES-GCM for Crypto and Authentication
• 

Decryption and ICV verification on Ingress
Encryption and Authentication with ICV generation and insertion on Egress

Anti-replay verification on Ingress
MACsec header (SecTAG) insertion and removal
MIB Counter update as per the MACsec standard
1Gbps and 10Gbps support
   
Some of the DTLS specific functions include:

1Gbps DTLS protocol processing

No other protocol present in DTLS configuration
• 

AES-128-CBC-HMAC-SHA1 for Encryption and Authentication
^ Top
The following section specifies the architecture of the Posedge-UNISec Engine.
 
 
Figure 1: Posedge-UNISec Integrated System
 

The Posedge-UNIsec Engine contains the following interfaces.
• 

CPU interface for engine configuration and MIB statistics access
• 

128b Request -> Ack Interface for SA Database (External Memory) access
• 

32b @ 250MHz FIFO packet Interfaces on Receive and Transmit side.
 

The block diagram of the Protocol Processor block is shown below.
 
 
Figure 1: Posedge-UNISec Protocol Processor Block Diagram
 
Features
  • Flow through engine to handle IPSEC, MACsec, and DTLS packets
  • IPSEC ESP processing in Tunnel and Transport modes
  • MACsec (IEEE 802.1AE) processing
  • Rates of 1Gbps  per port or 1 10Gbps per port for integrated IPSEC & MACsec processing and DTLS
  • Rates of 1Gbps  per port or 1 10Gbps per port for integrated IPSEC & MACsec processing and DTLS protocol processing at 1Gbps rate
  • Configurable protocol support on a per port basis
  • AES-GCM Encryption and Authentication - IPSEC & MACsec (10Gbps)
  • MIB counter update  MACsec Standard for Receive and Transmit side
  • Anti-replay protection for IPSEC and MACsec
  • 128Byte packet Interleaving support
  • CPU interface for device management/configuration & MIB statistics access
 
Advantages
   
  • Independent block to perform IPSEC, MACsec, and DTLS processing
  • Easy integration into an existing data path
  • Programmable Packet  Key interface
  • Low gate count
  • World class customer support
   
Deliverables
 
  • Fully Synthesizable RTL
  • Self-checking Test bench and Test cases
  • Verification Specification
  • ASIC/FPGA Synthesis Scripts
  • Documentation
  • Integration Manual
   
   
   
   
   
   
   
   
>> Back
 
 
 
  United States India - Hyderabad India - Bangalore Taiwan  
  350 Oakmead Parkway,
Suite 200, Sunnyvale,
CA - 94085.		 Unit - 2, 5th Floor, Building No 9,
Mindspace, Hitech City,
Madhapur, Hyderabad,
Andhra Pradesh - 500 081		 1st Floor, No.7/3,
Old Madras Road,
Opp: 100ft Road, Indiranagar,
Bangalore - 560038		 11F, No. 206, Sec. 1,
Fu-Xing S. Rd. Taipei, Taiwan		  
  Tel  : +1 408-642-6964 Tel  : +91 40 44182299 Tel  : +91 080 42028553, 25304488  
lilnkedin
 twitter
 
© 2011 Posedge. All Rights Reserved.
Privacy Policy Sitemap Technology Contact Us