Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cavium Move May Spell End For 'Security Processor' Market

Cavium Networks Inc. hosted a coming-out party in Santa Clara, Calif. last night for its Octeon processor. The event marked more than the company's licensing of the 64-bit MIPS instruction set: By moving into control plane functions, Cavium could herald the slow demise of the standalone security processor.

The popularity of Cavium's Nitrox line of security processors would seem to dictate otherwise: With more than 70 customers and 125 design wins for that line, Cavium has attracted more than $40 million in venture capital since its founding in late 2000. But the mere existence of Octeon shows that long-range trends in embedded security favor control plane RISC cores alongside dedicated security silicon.

When the first-generation Nitrox was introduced less than a month after the 9/11 attacks, security topped the list of IT managers' corporate necessities. A few semiconductor players, including Hi/fn Inc. and SafeNet Inc., had expanded encryption and compression products to include virtual-private-network creation and embedded firewall support. But Cavium was at the fore of a second wave of startups focused solely on single-chip security devices.

In late 2000, during the early phases of the communications recession, Cavium chief executive officer Syed Ali had discussed network equipment design trends with an IC design team led by Anil Jain, formerly responsible for the 64-bit Alpha processor at Digital Equipment Corp. Jain realized that Cavium was not going to get attention following a me-too route.

Communications processor design had followed two main paths in the late 1990s. Startups involved in strict data-plane packet-forwarding devices " the chips most commonly called network processors " emphasized 10- and 40-Gbit/second services, with raw speed trumping higher-layer packet inspection. A smaller class of startups was following the model of Motorola's 68360 and PowerQuicc families, offering aggregation of multiple traffic types at lower speeds, but with more offline support for complex service mixes.

  • 1