Up to 140 Mbits/s of IPsec virtual private network (VPN) performance. Firewall throughput reaching 200 Mbits/s. Over 100 IPsec Key Exchange (IKE) or secure socket layer (SSL) transactions per second. Though the numbers may seem somewhat lofty, they're attainable with the NITROX Soho CN220 and CN225 secure communication processors (SCPs).
These Soho products, developed by Cavium Networks, deliver consistent performance for multitunnel VPNs and performance support for simultaneous SSL and IPsec VPN connections. The turnkey EZaccess SSL VPN application software, which also is available, supports all IP/TCP applications and seamlessly integrates into small-office/home-office or small-to-medium-enterprise networks.
The overall solution offers a time-to-market advantage for equipment manufacturers, who will now be able to support the latest in ease-of-use SSL VPN technology for their customers. The CN220 and CN225 add hardware SSL and VPN protocol acceleration engines to the resources available on previous Nitrox family processors. These acceleration engines support up to 900 RSA 1024-bit exponent or 1550 Diffie-Hellman 180-bit exponent operations per second, as well as 200 Mbits/s of all standard encryption and hashing algorithms (e.g., DES, 3DES, 256-bit AES, and HMAC MD5/SHA1).
The CN220 and CN225 include a wide range of network and other interfaces on-chip—three 10/100 Ethernet media access controllers, a 32-bit/33-MHz PCI port, UARTs, GPIOs, timers, and serial buses. A complete software development kit is available with evaluation boards, software and drivers, Linux and VxWorks operating-system support, and a broad range of third-party software applications.
Also, customers now can license the EZAccess SSL VPN application software, which is compatible with Windows and Macintosh systems and popular browsers. In 50,000-unit quantities, the CN220 and CN225 cost $20 and $25 each, respectively. Production quantities will be available in the second quarter.
Cavium Networks Inc.