Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


01:39 PM

Cavium Unveils World's First Adapter With 1 Million SSL Transactions Per Second For Virtualized Data Center And Cloud Computing

NITROX III XL CNN35XX-NHB adapter family includes PCI-Express Gen2 and PCI-Express Gen3 versions

Cavium, Inc. (NASDAQ: CAVM), a leading provider of semiconductor products that enable intelligent processing for networking, communications, and the digital home, today announced the new NITROX' III XL CNN35XX-NHB adapter family that delivers unprecedented performance for secure and virtualized data center and cloud computing. The new NITROX III XL Adapter family, which is available immediately, is built using the NITROX III security processor that integrates 16 to 64 purpose-bui lt security RISC cores with high-performance compression engines and virtualization. The adapter family includes PCI-Express Gen2 and PCI-Express Gen3 versions. This family of adapter products is being integrated into a wide range of equipment including Application Delivery Controllers, WAN Optimization Appliances, Cloud Servers, L4+ Switches, Unified Threat Management Appliances, WLAN controllers & Servers and Storage Appliances.

The increased cloud and data center deployments, coupled with the need for doubling the key size from 1024-bit to 2048-bit for Secure Socket Layer (SSL) applications based on NIST (National Institute of Standards and Technology) guidelines, places a significant demand on the overall security infrastructure. Security performance and demand is also driven by cloud service providers as they add IPsec and SSL security to their cloud service infrastructure for both networking and storage. Additionally, vendors are rapidly adding features to support virtualization in their data-center networking and blade-server systems. In conjunction, high performance traffic and data-at-rest compression is becoming a critical feature for data centers where vendors need to send very high rates of traffic on limited capacity wires and store very large amount of data in their storage systems. Finally, energy usage has become a dominant factor driving data-center and enterprise cost and capacity, re quiring next generation networking solutions to fit in the smallest and most energy efficient footprint. These critical requirements in today's networks require highly advanced technology with a tremendous amount of application specific acceleration at very high line rates.

The NITROX III XL Adapter family delivers unmatched SSL and security performance, virtualization features, compression performance and very low power consumption in an easily deployable form-factor. These features enable Cavium's OEM customers to deliver breakthrough next-generation solutions in an optimized, energy efficient manner. The NITROX III XL Adapter family delivers a highly scalable solution from 35K 1024-bit to 1Million RSA ops/sec. Additionally, the NITROX III XL adapters are supported by Cavium's NITROX software development kit (SDK) and are software compatible with the current generation NITROX PX chip and adapter families that are widely deployed at several Tier 1 networking and security vendors.

Supporting Quotes "Demand for high-performance RSA ops with 2048-bit keys, compression for networking and storage, and virtualization support is burgeoning in high-security data centers," said Joseph Byrne, Senior Analyst at The Linley Group. "Cavium's NITROX III Adapter family delivers the highest-performance and lowest-power combination of security, compression, and virtualization features in a ready-to-use form-factor."

"The NITROX III XL adapter product line is being designed-in by several Tier-1 customers in data-center, cloud service-provider and WAN optimization areas," said Rajneesh Gaur, general manager of the Accelerators and Adapters Group at Cavium. "The unprecedented benefit this family provides addresses the two critical issues in cloud computing and virtualized data center: security and bandwidth compression. As a result, we believe this product family will drive the expansion of the security processor market."

NITROX III Adapter Family Highlights

Up to 1Million 1024-bit RSA ops/sec - The NITROX III XL Adapter product family delivers up to 1 Million 1024-bit RSA ops/sec and up to 150K 2048-bit RSA ops/sec. Up to 60Gbps of Security Performance - The NITROX III Adapter family offers scalable security performance from 5Gbps to 60Gbps. Up to 60Gbps of Compression Performance - Integrated Compression engines in the NITROX III Adapter family deliver 5Gbps to 60Gbps of compression performance. The Compression engine supports a wide variety of algorithms including GZIP, PKZIP, Inflate and Deflate algorithms and LZS. LZS protocol is commonly used for storage compression. High bandwidth IO - The NITROX III XL Adapter family supports both PCI-Express Gen2 x8 on the low profile single chip adapter and the latest and high performing PCI-Express Gen3 x8 on the multi-chip adapter delivering over 60Gbps performance. Virtualization support - The NITROX III XL Adapter supports Single Root IO Virtualization (SRIOV) feature on the PCI-Express interface. The implementation supports 8, 16, 32 or 64 virtual functions to meet the requirements of different system with a varying number of CPU cores or Virtual machines. Latest security features - The NITROX III Adapter includes a Random Number Generator that is compliant to the new FIPS 140-3 NIST standard that is required for next generation security applications. This product family has support for a wide variety of protocols including IPsec, SSL TLS 1.2, DTLS and ECC Suite B and also supports a wide variety of algorithms including several variants of AES, 3DES, ARC4, MD5, SHA-1, SHA-2, RSA 2048, RSA 4096, Kasumi, EC-DH, EC-DSA and AES-XTS for data at rest. Scalable Adapter product family - The NITROX III XL Adapters are available in multiple SKUs spanning in performance from 35K to 1 million 1024-bit RSA ops/sec, 6K to 150K 2048-bit RSA ops/sec, 5 Gbps to 60 Gbps of Security and Compression performance.

Software The NITROX III software development kit (SDK) includes x86 drivers for Microsoft Windows 2008 R2 & Linux, feature rich APIs for a variety of protocols, firmware and reference stacks for IPSec and SSL. The APIs, firmware and protocol stacks are compatible with the current NITROX PX SDK. The NITROX III SDK also delivers fully tested and proven drivers for Citrix XenServer, Red Hat KVM and VMWare vSphere.

Availability The NITROX III XL Adapter family is available now. Please contact your Cavium sales representative for additional details.

About Cavium, Inc. Cavium is a leading provider of highly integrated semiconductor products that enable intelligent processing in networking, communications and the digital home. Cavium offers a broad portfolio of integrated, software compatible processors ranging in performance from 10 Mbps to over 100 Gbps that enable secure, intelligent functionality in enterprise, data-center, broadband/consumer and access & service provider equipment. Cavium's processors are supported by ecosystem partners that provide operating systems, tool support, reference designs and other services. Cavium's principal offices are in San Jose, California with design team locations in California, Massachusetts, India, Taiwan and China. For more information, please visit: http://www.cavium.com

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-04-17
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivile...
PUBLISHED: 2021-04-17
Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service (ker...
PUBLISHED: 2021-04-17
A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. We have already fixed this vulnerability in the following versions: QTS Build 20210202 and later Q...
PUBLISHED: 2021-04-17
An SQL injection vulnerability has been reported to affect QNAP NAS running Multimedia Console or the Media Streaming add-on. If exploited, the vulnerability allows remote attackers to obtain application information. QNAP has already fixed this vulnerability in the following versions of Multimedia C...
PUBLISHED: 2021-04-16
jose-node-esm-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDe...