ARCHITECTURES: ASIC does XML, security duty

-January 30, 2006

Colorado Springs, Colo. -- Tarari Inc. has embedded a full suite of content-processing and security functions in one ASIC.

The T9000 includes dual grammar-processing agents for Extensible Markup Language (XML) and other application-layer content expressions. Dual agents also exist on-chip for regular-expression security processing (what Tarari calls its RegEx engine), handling intrusion prevention and antivirus tasks. Other agents include compression and decompression, character converters from UTF-8 to UTF-16 code, an RSA public-key modular exponentiation agent, a DES/Triple-DES encryption and decryption agent, an SHA-1 hashing agent and a true random-number generator.

A centralized content-processing controller oversees the agents and buses, the chaining functions between agents, memory control, and off-chip I/O. Tarari has surrounded the agent blocks with control-plane functions, including interfaces to external PCI/PCI-X buses and an internal workflow bus for transferring content among agent processors. The on-chip memory controller interfaces to off-chip DDR memory.

RegEx security functions are handled by the dual cores at 3.2 Gbits/second, and XML tasks in the grammar processors at 2.5 Gbits/s. Compression and character-conversion agents operate at greater than 1 Gbit/s. The content-processing engine bus allows interfaces to external FPGAs for control of up to 64 independent content-processing agents.

Greg Brown, director of network security products, said Tarari is planning open interfaces and application stacks for chips from such network processor vendors as Intel, Broadcom, Raza Microelectronics, Freescale Semiconductor and Applied Microcircuits. Tarari has announced evaluation kits pairing the T9000 with the Broadcom SiByte BCM1280/1480 comms processor and with the Raza RMI XLR732.

The primary NPUs perform physical- and packet-layer processing, then hand off content to the Tarari device for XML and security processing. For custom-agent processing, Tarari also offers interfaces for Xilinx or Altera FPGAs.

On the software front, Tarari is partnering with Intoto Inc. for security protocol stacks, with Inc. for anti-spam signature analysis and with Kaspersky Lab Inc. for OEM antivirus products.

The T9000 is sampling, with production slated for the second quarter. Volume pricing is expected to be $300 to $400. Tarari will offer a $9,995 development kit that will bundle a PCI-X development board with T9000, full agent API libraries and application source code, and documentation. *

Loading comments...

Write a Comment

To comment please Log In