Intoto's iGateway IPsec IKE Integrates with Hifn's HIPP Security Processors

7/29/2004 - Network security and flow classification market leader HifnTM (Nasdaq: HIFN), and Intoto Inc., a leading provider of integrated security, wireless and voice software platforms to networking equipment manufacturers, announced Hifn’s HIPP III IKE Software package that utilizes Intoto’s iGateway IPsec IKE (Internet Key Exchange) software platform for automatic key management and authentication.

The HIPP III IKE Software package is a licensed option for use with Hifn’s 4300, 4350, 8300 or 8350 FlowThrough Security Processors. It is a complete implementation of the IETF IKE protocol (also known as ISAKMP/Oakley) that is pre-integrated to run on the internal eSC (embedded Session Controller) processor in the HIPP III device. It is delivered as an object code “binary image” for downloading into the eSC at boot time.

All of the required algorithms & modes of IKE processing are supported, giving the Hifn solution an edge in compatibility with other IPsec implementations.

The Hifn-supplied IKE package dramatically decreases the software integration costs and engineering time for the OEM designing the end-user product since porting IKE to a hardware-based IPsec engine can require multiple months of engineering time. In addition, support and maintenance are reduced significantly over an “in-house” or open source IKE implementation. A yearly maintenance option for the HIPP III IKE software assures the customer that they are up to date with bug fixes and future releases.

"We are pleased to partner with Hifn to deliver the first solution on the market where IKE is directly integrated within a Gigabit class IPsec chip. Up until now, a separate control-plane processor has been used to support the IKE function.” said Doug Makishima, Intoto’s vice president of marketing. “Intoto is a proven leader in delivering fully integrated system solutions and this integration of our IPsec IKE software platform represents a tremendous benefit to the customer, in reduced engineering cost and time-to-market as well as interoperability.”

“Interoperability was a major concern when considering the source for an IKE software package,” said Bob Doud, product line director at Hifn, Inc. “The industry leading iGateway IPsec software platform from Intoto, Inc., has been fielded for more than 5 years and is used in many currently shipping commercial VPN products from top tier equipment vendors. Furthermore, it is certified for IPsec VPN compatibility by both ICSA and VPNC. Our customers can be assured that we have integrated a world-class IPsec IKE engine that will interoperate with all of the leading IPsec VPN products on the market.”

Intoto’s iGateway IKE daemon is the heart of the control-plane software running on the eSC core. The IKE engine takes advantage of Hifn’s integrated hardware accelerators such as the public key processor and Random Number services to speed up the security handshake process. It communicates with IKE peers via an integrated TCP/IP stack. In addition, the IKE software includes powerful Certificate management functions such as an SCEP (Secure Certificate Enrollment Protocol) and an OCSP (On-line Certificate Status Protocol) client.

A Hifn-provided “Security Management API” (SM-API) has components that run on both the internal eSC processor and on the host system. This API offers functions for the overall control of IKE including policy & authentication credential configuration and Certificate management.

The HIPP III IKE Software package also includes a Java-based user interface and management tool. This Graphical User Interface (GUI) is designed to run seamlessly on multiple host platforms such as Windows, Linux, Solaris, etc. This tool can be used ‘as-is’ or it can be modified to suit the OEM’s look and feel requirements.

Hifn’s 4300, 4350, 8300 and 8350 security processors offer complete IPsec processing for single and dual Gigabit Ethernet applications. The 4350 and 8350 can sustain 4 Gbps of IPsec processing, with over one million packets per second back-to-back SA variations. All four chips are manufactured in a .13 micron process and utilize 324 LBGA packaging.

About Intoto
Intoto is a leading provider of integrated security, wireless and voice software platforms to networking and communications OEMs. Intoto’s iGatewayTM software platform is a fully integrated and comprehensive communications solution, offering security (firewall, VPN, intrusion prevention and wireless security), csonvergence (VoIP), connectivity (wired and wireless) and management functions. iGateway is used extensively in many high-volume and top-tier networking products such as security appliances, broadband gateways, IADs/integrated communication platforms, routers and edge appliances. Founded in 1998, Intoto Inc. is headquartered in Santa Clara, CA USA.

About Hifn
Hifn, of Los Gatos, California makes integrated circuits and software for storage and network infrastructure developers. Hifn's integrated data flow technology enables intelligent secure networks with compression, encryption and application-aware classification. This is central to the growth of the Internet, helping to make electronic mail, web browsing, storage, Internet shopping and multimedia communications better, faster and more secure. Most of the major network equipment manufacturers use Hifn's patented technology to improve packet processing.

Hifn was founded in 1996 and is traded on the Nasdaq Stock Exchange under the HIFN symbol. For more information, contact: Hifn, 750 University Avenue, Los Gatos, CA 95032. Phone: 408-399-3500. Fax: 408-399-3501. Web:

Previous Page | News by Category | News Search

If you found this page useful, bookmark and share it on: