Network Security

Overview

Edge. Access. Metro. Core. No matter the network, security plays a vital role. Encryption and decryption must be built into every piece of the chain, from the link layer to the application itself—each with distinct protocols that are in constant evolution. Our broad range of solutions protects you against known and unknown threats. That’s because you can implement security directly within AMD programmable logic—and iterate as standards evolve and threats emerge.

AMD security solutions span line rates from 100M to 400G, crypto protocols, various packet processing and lookup requirements—even predictive malware detection built on machine learning algorithms. Your system is protected in the present—and future-proofed.

Security Solutions

Link Security
Secure Route and VPN
Application Security with AI

Link Security

AMD offers LinkSec/MACSec implementations from 100Mbps to 400Gbps for switches, routers, and more. Integrating security directly into the data paths yields an efficient implementation that runs at line rate.

Layer-1 Encryption for Optical Networks

UltraScale+™ FPGAs provide the capability to encrypt up to nx1G - nx100G frames of payload via bulk crypto for the protocols used in Metro and Core optical nodes and switches. Versal™ adaptive SoCs integrate AES-GCM-128/256 encryption/decryption functionality via the High-Speed Crypto (HSC) block to reduce power, simplify place/route times, and provide enough throughput for up to 400G per block.

Layer-2 Encryption for Ethernet Switches

IP is available today to scale from 1M to 400G of throughput, with additional flexibility via channelization. Versal’s HSC block provides up to 400G of integrated MACSec functionality with nx100G granularity, and up to 4k+ security associations (SAs). The Cipher Suites supported are AES-GCM-128/256 and AES-GCM-XPN-128/256 with configurable confidentiality/encryption offset.

画像を拡大

AMD Virtex™ UltraScale+™, AMD Virtex™ UltraScale™

Soft IP for Bulk Crypto and MACSec
1G-200G AES-GCM-128/256
1k+ Security Associations
Can be used in OTN, MACSec, IPSec, and higher-layer TLS encryption

AMD Versal™ Premium

400G Bulk Crypto with AES-GCM 128/256
4x100G, 2x200G or 1x400G
128 SAs per 100G of Crypto
Can be used in OTN, MACSec, IPSec, and higher-layer encryption

Secure Route and VPN

AMD FPGA and adaptive SoC solutions offer high-performance inline IPSec processing where performance is needed most. AMD architectures deliver line-rate throughput with minimal latency without taxing the CPU.

Video IPSec (Layer-3) Security Components

AMD solutions implement and manage the IPSec data plane, including both IP and IPSec layer packet processing. Processing of packets for extraction of layer 2 and layer 3 fields at different throughputs is readily implemented in AMD FPGA and adaptive SoC devices. IP solutions are available to implement: 1Gb/s to 400Gb/s, with deterministic latency. Security association (SA) and security policy (SP) lookups are easily implemented, and support 100’s to 10,000’s of lookups via AMD content-addressable memory (CAM) IP and high-bandwidth memory (HBM) FPGAs.

IPSec Crypto and Other Features

The flexibility of memory and packet processing available in AMD security IP makes it the only solution that can address server, router, and access router in a single vender. A fixed solution cannot support a varying number of L3 VPNs or provide the level of search performance that can be achieved with AMD FPGAs and adaptive SoCs. The range of encryption protocols supported by AMD includes:

Crypto protocols:

AES-128/192/256 (ECB, CBC, CTR)
CHACHA-20 POLY1305

Hashing protocols:

SHA-1, SHA-224/256/384/512 with HMAC
GHASH
AES-XCBC-MAC-128/192/256

Combined protocols:

AES-GCM/AES-GMAC (128/192/256)
AES-CCM (128/192/256)

Other:

Custom protocols for crypto/packet processing
Transport and tunnel mode operation
IPv4 and IPv6 support with all packet sizes
Configurable replay protection window size

画像を拡大

AMD Virtex™ UltraScale+™

1G-100G Inline IPSec
URAM for SA lookup and storage
Up to 100G Inline processing
Support for All protocols and IPSec modes
AMD CAM IP for lookup

AMD Virtex™ UltraScale™ + HBM

1G-200G Inline IPSec
HBM for packet buffer and lookups
10,000+ Security Associations and policy
AMD HBM BCAM IP for lookup
58G SerDes for network connectivity
Configuration for replay protection window size
Multi-protocol support with tunnel and transport mode

AMD Versal™ Premium

400G IPSec
112G SerDes
Nx400 High-speed Crypto
Hardened Gen5 PCIe core
Hardened packet processing

Application Security with AI

End-to-end offload and acceleration frees up valuable resources without sacrificing security between users and applications, and clients and servers. AMD offers solutions from established protocols to cutting-edge machine learning for malware detection.

Stateful Security for Firewalls and CPU Acceleration

10-30x performance vs. CPU with security acceleration/offload

Stateful TCP offload using FPGA internal and external memory
Session classification and storage
Line-rate packet classification with multiple tuple-based flows
Secure SSL sessions handled completely in FPGA
Partner IPs for stateful TCP Offload Engine (TOE), bulk encryption/decryption, and asymmetric crypto (PKI)

画像を拡大

RegEx Processing for DDoS, DPI, IPS, IDS

Traffic signature matching at high throughput

Rule matching offload for 10x+ performance compared to software
RegEx engine compatible with PCRE/POSIX
Millions of rules supported using on-chip HBM or external DRAM
AMD IP for high-speed data transfer to CPU, flow classification using CAMs/TCAMs, packet processing
Partner IP for RegEX processing with DPI SW (SNORT, SURICATA)

画像を拡大

Stateful Processing and Malware Detection in Firewalls using Machine Learning Models

Malware system that learns through artificial intelligence and is smart enough to identify new threats—even ones you may not have anticipated

TLS traffic malware detection using machine learning (ML) inference models
TLS flow processing at 200Gbps using combination of P4 and RTL
AMD P4 compiler and TCAM IP for flow classification and ML parameter lookups
ML model for TLS flow prediction implemented using on-chip DSP cores
Statistics collection at 200Gbps for flow processing and predicted flows

画像を拡大

Resources

Webinars

The Importance of Programmable Devices in Next-Gen Security Appliances and Firewalls

Watch Now

Video

Versal™ Premium series: First look at 112G PAM4 transceivers, 600G Ethernet cores & 400G HSC Engines

Watch the Video

Documentation

Use of AI and ML Classifiers for Distributed Denial of Service in Network Security Accelerating Cryptographic Performance on the Zynq UltraScale+ MPSoC Programmability in Next-Gen Security Appliances

Stay Connected

Contact Sales

データセンター

ビジネスシステム

パーソナル & ゲーミング

エンベデッド

リソース

アクセラレータ

アダプティブ アクセラレータ

DPU アクセラレータ

イーサネット アダプター

ワークステーション

デスクトップ

ノート PC

リソース

アダプティブ SoC & FPGA

システム オン モジュール (SOM)

テクノロジ

開発者リソース

評価ボード & キット

プロセッサ ツール

グラフィックス ツール＆アプリケーション

アダプティブ SoC & FPGA ツール

IP & アプリ

GPU アクセラレータ ツール & アプリケーション

概要

データセンター & クラウド向け

エッジ & エンドポイント向け

開発者向け

業界

業界

業界

Industrias

ゲーミング

システム

テクノロジ

リソース

EPYC プロセッサ

Radeon グラフィックス & AMD チップセット

FPGA & アダプティブ SoC

Alveo アクセラレータ & Kria SOM

Ryzen プロセッサ

イーサネット アダプター

概要

EPYC プロセッサ

アクセラレータ

アダプティブ SoC、FPGA、SOM

グラフィックス

概要

市場セグメント別リソース

製品別リソース

タイプ別リソース

AMD のパートナーについて

AMD グローバル サポート

プロセッサ & グラフィックス

アクセラレータ

アダプティブ SoC & FPGA

AMD 正規販売店から購入

アダプティブ & エンベデッドコンピューティング

Get AMD Fan Gear

Get AMD Fan Gear

Buy Direct From AMD

Buy Direct From AMD

Buy Direct From AMD

Buy Direct From AMD

Buy Direct From AMD

Buy Direct From AMD

Your cart is empty

Network Security

Overview

Security Solutions

Link Security

Layer-1 Encryption for Optical Networks

Layer-2 Encryption for Ethernet Switches

AMD Virtex™ UltraScale+™, AMD Virtex™ UltraScale™

AMD Versal™ Premium

Secure Route and VPN

Video IPSec (Layer-3) Security Components

IPSec Crypto and Other Features

AMD Virtex™ UltraScale+™

AMD Virtex™ UltraScale™ + HBM

AMD Versal™ Premium

アダプティブアクセラレータ

イーサネットアダプター

システムオンモジュール (SOM)

プロセッサツール

グラフィックスツール＆アプリケーション

GPU アクセラレータツール & アプリケーション

イーサネットアダプター

AMD グローバルサポート