Intel to Release Network Processor with Inherent Security Features

Crytography and 10 Gbps bandwidth offered on a single chip.

Following a recently announced strategy for enabling safer computing, Intel has introduced the first network processor to combine high-performance packet processing and security features in a single chip.

The new design, called the IXP2850, is based on Intel's yet-to-be-released IXP2800 network processor family, which is designed to allow data and state information to be shared among applications to minimize memory, power requirements and overall board space. The chip announcement represents a significant advance for the microprocessor industry, as the combination of data processing and specialized features, such as security, have traditionally required multiple processors.

"We're doing in one chip what other folks do with co-processors," says Bill Mello, marketing manager for Intel network devices.

Mello says Intel will be aggressively using its new programmable architecture, which is the key feature of the IXP2800 network processor line, to release more functionality beyond security. "We think one of our biggest virtues is this fully programmable network architecture, which allows us to bring new capabilities to market quickly," he says. "In this case it was high-bandwidth cryptography."

The IXP2850 can be programmed to accelerate content-rich services, such as load balancing, among multiple Web servers. In addition, hardware mechanisms within the chip enable popular encryption and data-integrity standards such as 3DES, AES and SHA-1 to be implemented at speeds up to 10 Gbps.

Intel expects the IXP2850 to be a popular product for virtual private networks, storage area networks, wireless applications, and e-commerce environments.

In conjunction with the IXP2850, existing simulation routines, libraries and compiler software in the Intel Internet Exchange Architecture (IXA) Software Development Kit 3.0 have been updated to support the chip's new security features. Intel is also offering reference software and support services on various security-related topics, such as IPsec and TCP/SSL.

According to Mello, the IXP2850 complements Intel's recently announced LaGrande Technology. "[LaGrande] is aimed at the PC side," he says. "[The IXP2850] is aimed at the network connectivity side." While no official announcements have been made about when the first security-enabled chips under LaGrande will be released, both seem to reflect comments Paul Otellini, president of Intel, made in April at the Microsoft Windows Hardware Engineering conference in Seattle. At that conference, Otellini said, "More robust hardware with specific security features is fundamental to building greater levels of protection for businesses as software-based attacks increase."

The Intel IXP2850 will be available in the second quarter of 2003. The IXP2800, which was originally slated for release late in 2002, will be available at about the same time. Mello says the delay has nothing to do with the technology itself, but reflects Intel's desire to synchronize its release date with application releases for the platform. He says the chip is ready, but the applications for it are still being finished.

About the Author

Matt Migliore is regular contributor to He focuses particularly on Microsoft .NET and other Web services technologies. Matt was the editor of several technology-related Web publications and electronic newsletters, including Web Services Report, ASP insights and MIDRANGE Systems.