Broadcom Develops Highest Performance Secured Switch Processors

6/17/2003 - Broadcom Corporation (Nasdaq: BRCM), the leading provider of silicon solutions enabling broadband communications, announced the Broadcom® BCM5830 and BCM5834, the industry’s highest performance integrated secured switch processors that deliver advanced firewall and hardware-accelerated virtual private networks (VPN) capabilities for wired and wireless small-office/home-office (SOHO), remote-office/branch-office (ROBO) and small-to-medium enterprise routers and gateways. These devices are the latest addition to Broadcom’s Sentry5TM product family that offers the industry’s most integrated secured switch processors with complete IPsec processing and Internet Key Exchange (IKE) acceleration, MIPS® processing and Fast Ethernet switching technologies, all incorporated within a single router-system-on-a-chip.

In today’s virtual network environment, security is a critical concern for small-to-mid-sized businesses and central offices with branch offices as a means of protecting networks and assets from hackers and unauthorized users. To protect communications and resources against outside threats and vulnerabilities in the perimeter and remote sites, key security technologies such as VPN and firewall are necessary to prevent intruders from hacking into a wired and wireless network infrastructure.

Traditionally, the deployment of discrete high-performance, hardware-accelerated security components is system-engineering intensive, time consuming and adds significant costs to the overall system. In many cases, this results in lower hardware-accelerated security “attach rates,” which result in compromised system protection. The integration of high-performance security with other system components within a single router system-on-a-chip, as exemplified in the BCM5830 and BCM5834, enables hardware-accelerated security to be pervasive throughout the network (or enterprise), thus eliminating network performance bottlenecks and reducing the overall system cost of deploying security.

The advanced technology architecture of the Sentry5 product family offers the most optimal functionality and performance-to-price ratio to meet the demands of today’s networking equipment manufacturers. The new product offerings integrate an advanced IPsec processor that supports industry-standard security features such as encryption, Internet Key Exchange acceleration and user authentication. As with other Sentry5 products, an on-chip MIPS processor that runs application software and a 5-port 10/100 Ethernet switch are also integrated within the single chip. In addition, software drivers, a comprehensive reference application software suite and reference hardware designs are also available.

“Today’s branch offices and small-to-medium enterprises require the advanced security capabilities and maximum performance-to-price ratio made possible by Broadcom’s newest products in the Sentry5 product family,” said Dr. Ford Tamer, Vice President and General Manager of Broadcom’s Enterprise Networking Business Unit. “Our latest secured switch processors deliver the best-in-class security performance to protect business networks against security threats, whether benign or malicious. Broadcom has uniquely pioneered this trend and strategy of making security ubiquitous across the entire network by inexpensively providing integrated system-level functions, product family scalability and compatibility.”

Technical Information
The BCM5830 and BCM5834 offer complete on-chip IPsec and IKE processing. Similar to other Sentry5 family products, the new devices support a broad range of industry-standard symmetric-key encryption and authentication algorithms, including the latest 256-bit Advanced Encryption Standard (AES), Digital Encryption Standard (DES), 3DES, SHA-1, MD5, HMAC-SHA1 and HMAC-MD5. Both devices have an on-chip true random number generator and a public-key processor to support up to 2048-bit public-key exchange algorithms like Diffie-Hellman, RSA and DSA. Both devices deliver up to 150 megabits per second (Mbps) of single-pass AES/3DES encryption and HMAC-SHA-1/HMAC-MD5 authentication throughput and 150 Diffie-Hellman or 200 RSA 1024-bit public-key exchanges per second IKE negotiations.

Each of the BCM5830 and BCM5834 integrates a high-performance 200 MHz MIPS32TM processor with on-chip memory management unit (MMU) and instruction-cache and data-cache. The BCM5834 also integrates a 5-port 10/100 Ethernet switch with integrated PHY (copper and fibre). With an on-chip 128 KB memory, this switch implementation supports IEEE 802.1Q (VLAN), IEEE 802.1P (4 Priority Queues – CoS, QoS), DiffServ, ToS, IEEE 802.1D (Spanning Tree), 802.1X protocols, IP multicast, IGMP snooping for video streaming applications, broadcast suppression and hosting of multiple subnets. The BCM5830 has two 10/100 Ethernet interfaces with integrated PHY (copper and fibre).

Additionally, both devices support general-purpose interfaces such as USB (host/device), GPIO, Flash, and Synchronous/DDR DRAM (up to 512MB), and have a built-in 32-bit 33 MHz PCI 2.2 (host/slave) controller with the ability to drive up to four additional PCI devices.

Like other Sentry5 products, including the BCM5365/5365P (announced earlier today, June 16, 2003), the BCM5830 and BCM5834 devices are each packaged in a 27mm x 27mm 400-pin PBGA package utilizing 0.18um CMOS process technology. They yield a power consumption of less than 2.3W. Further, both devices are pin and software compatible with the first Sentry5 product offering, BCM5365/5365P, allowing manufacturers to scale product designs with the same form factor, PCB designs and software platform.

Software and Reference Platform Information
Broadcom offers a comprehensive software development kit (SDK) with drivers, application programming interface (API) and Linux® Kernel (version 2.4.x) board support package (BSP), which is fully compatible across the Sentry5 family of products. The kit’s switch and IPsec drivers are fully compatible with Broadcom’s ROBOswitchTM product family drivers and Broadcom’s CryptoNetXTM (BCM582x) drivers, respectively. The BSP for the Sentry5 processors is also integrated and available with the MontaVistaTM Linux Software Fabrication System.

Broadcom offers an application software reference library for the Sentry5 processors that is primarily comprised of routing, firewall, NAT, DMZ hosting, Web-based console management and other applications from Linux Open-source. This application software reference library includes a hardware-accelerated FreeSWAN IPsec stack for VPN applications.

In addition, Broadcom will have a PCI reference design and an Ethernet router (with and without wireless connectivity) reference design available using Broadcom’s Sentry5 processor and reference software platform.

Availability and Pricing
Samples of the BCM5830 and the BCM5834 are currently available with production quantities expected in Q3 of 2003. Pricing is available upon request.

About Sentry5 Products
The Broadcom Sentry5 family is comprised of the first secured switch processors in the industry that integrate key technologies such as Fast Ethernet switching, IPsec processing and MIPS processing into a single router system-on-a-chip. The leading-edge architecture of the Sentry5 family offers the most optimal functionality and performance-to-price ratio to meet the demands of today’s networking equipment manufacturers. The first product offering, the BCM5365 and BCM5365P, provide a low-cost, scalable, hardware-accelerated security solution for wired and wireless residential gateway and small-office/home-office applications. The latest addition, BCM5830 and BCM5834, offer the highest performance and integration that deliver advanced firewall and VPN capabilities for wired and wireless SOHO, ROBO and small-to-medium enterprise routers and gateways.

About Broadcom
Broadcom Corporation is the leading provider of highly integrated silicon solutions that enable broadband communications and networking of voice, video and data services. Using proprietary technologies and advanced design methodologies, Broadcom designs, develops and supplies complete system-on-a-chip solutions and related hardware and software applications for every major broadband communications market. Our diverse product portfolio includes solutions for digital cable and satellite set-top boxes; cable and DSL modems and residential gateways; high-speed transmission and switching for local, metropolitan, wide area and storage networking; home and wireless networking; cellular and terrestrial wireless communications; Voice over Internet Protocol (VoIP) gateway and telephony systems; broadband network processors; and SystemI/OTM server solutions. These technologies and products support our core mission: Connecting everything®.

Broadcom is headquartered in Irvine, Calif., and may be contacted at 1-949-450-8700 or at

Broadcom®, the pulse logo, Connecting everything®, CryptoNetXTM, RoboSwitchTM, Sentry5TM and SystemI/OTM are trademarks of Broadcom Corporation and/or its affiliates in the United States and certain other countries. MIPS® and MIPS32TM are trademarks of MIPS Technologies, Inc. Linux® is a registered trademark of Linus Torvalds. MontaVistaTM is a trademark of MonteVista Software, Inc.

Previous Page | News by Category | News Search

If you found this page useful, bookmark and share it on: