Linley Wire: October 11, 2016
Mellanox Embeds IPSec in Adapter
By Loring Wirbel
Mellanox believes making IPSec offload as common as TCP offload will enhance data-center security. Combining its ConnectX-4 Lx controller IC with a Xilinx Kintex UltraScale FPGA (XCKU060), it’s offering a new 10/40GbE PCIe adapter for IPSec acceleration: the Innova IPSec 4 Lx EN (MNV101511A-BCIT).
The company has no need to promote the IPSec protocol, which has survived a brief slump in interest to gain new popularity as virtualization increases microsegmentation in cloud data centers. IPSec is a robust and transparent way to enforce policies through granular encryption and authentication across virtual machines. The default deployment method in a server rack is to simply use a software IPSec stack and effectively consume server CPU cycles. Mellanox believes this approach is a waste of CPU capability and needlessly diminishes server performance.
That argument plays to the company’s strengths, as Mellanox can exploit years of experience in designing high-performance InfiniBand (IB) and Ethernet adapters for the data center. Its challenge is to convince users that its own protocol-offload effort, and its inclusion of Tilera expertise through its EZchip acquisition, provides an edge in security markets.
Mellanox has always priced IB and Ethernet adapters competitively, so offering high performance at low prices should be feasible, provided it can affordably obtain different Kintex FPGAs from Xilinx. As the Innova family expands, the company must decide when it needs a more powerful FPGA to offer multifunction soft-switched IPSec/SSL capability. It must also decide when an existing lower-cost FPGA is the best bet for SSL/TLS or storage applications, such as lossless compression. In any event, the Innova family is attractive enough to warrant development of several members.
Networking Report subscribers can access the full article here:
list.linleygroup.com
(And, on the opposite side of this same coin is Intel; now with its acquisition of Altera, a former major competitor of Xilinx). |
