There’s Always a New Threat Out There


With AMD adaptable security, you’ll be ready for it

Network Security

Network Security


Edge. Access. Metro. Core. No matter the network, security plays a vital role. Encryption and decryption must be built into every piece of the chain, from the link layer to the application itself—each with distinct protocols that are in constant evolution. Our broad range of solutions protects you against known and unknown threats. That’s because you can implement security directly within AMD programmable logic—and iterate as standards evolve and threats emerge.

AMD security solutions span line rates from 100M to 400G, crypto protocols, various packet processing and lookup requirements—even predictive malware detection built on machine learning algorithms. Your system is protected in the present—and future-proofed.



Link Security

Learn More >
Bulk Crypto and MACSec for
Physical and Data Link Layer


Secure Route and VPN

Learn More >
IPSec Between Routers,
Clients, and Servers


Application Security with AI

Learn More >
SSL/TLS Offload, L4-L7 Security, Regular Expression (Reg-Ex), DPI/IPS/IDS, ML for Flow Blacklisting

Layer-1 Encryption for Optical Networks

UltraScale+™ FPGAs provide the capability to encrypt up to nx1G - nx100G frames of payload via bulk crypto for the protocols used in Metro and Core optical nodes and switches. Versal™ adaptive SoCs integrate AES-GCM-128/256 encryption/decryption functionality via the High-Speed Crypto (HSC) block to reduce power, simplify place/route times, and provide enough throughput for up to 400G per block.

Layer-2 Encryption for Ethernet Switches

IP is available today to scale from 1M to 400G of throughput, with addional flexibility via channelization. Versal’s HSC block provides up to 400G of integrated MACSec functionality with nx100G granularity, and up to 4k+ security associations (SAs). The Cipher Suites supported are AES-GCM-128/256 and AES-GCM-XPN-128/256 with configurable confidentiality/encryption offset.

Optical Networks, Ethernet Switches
Virtex UltraScale+ FPGA

Available Now

Soft IP for Bulk Crypto and MACSec
1G-200G AES-GCM-128/256
1k+ Security Associations
Can be used in OTN, MACSec, IPSec, and higher-layer TLS encryption

Versal Premium

Coming Soon

400G Bulk Crypto with AES-GCM 128/256
4x100G, 2x200G or 1x400G
128 SAs per 100G of Crypto
Can be used in OTN, MACSec, IPSec, and higher-layer encryption


Secure Route and VPN


AMD FPGA and adaptive SoC solutions offer high-performance inline IPSec processing where performance is needed most. AMD architectures deliver line-rate throughput with minimal latency without taxing the CPU.

Secure Route and VPN

IPSec (Layer-3) Security Components

AMD solutions implement and manage the IPSec data plane, including both IP and IPSec layer packet processing. Processing of packets for extraction of layer 2 and layer 3 fields at different throughputs is readily implemented in AMD FPGA and adaptive SoC devices. IP solutions are available to implement: 1Gb/s to 400Gb/s, with deterministic latency. Security association (SA) and security policy (SP) lookups are easily implemented, and support 100’s to 10,000’s of lookups via AMD content-addressable memory (CAM) IP and high-bandwidth memory (HBM) FPGAs.

IPSec Crypto and Other Features

The flexibility of memory and packet processing available in AMD security IP makes it the only solution that can address server, router and access router in a single vender. A fixed solution cannot support a varying number of L3 VPNs or provide the level of search performance that can be achieved with AMD FPGAs and adaptive SoCs. The range of encryption protocols supported by AMD includes:

Crypto protocols

  • AES-128/192/256 (ECB, CBC, CTR)
  • CHACHA-20 POLY1305

Hashing protocols

  • SHA-1, SHA-224/256/384/512 with HMAC
  • AES-XCBC-MAC-128/192/256

Combined protocols

  • AES-GCM/AES-GMAC (128/192/256)
  • AES-CCM (128/192/256)


  • Custom protocols for crypto/packet processing
  • Transport and tunnel mode operation
  • IPv4 and IPv6 support with all packet sizes
  • Configurable replay protection window size
Virtex UltraScale+ FPGA

Available Now

1G-100G Inline IPSec
URAM for SA lookup and storage
Up to 100G Inline processing
Support for All protocols and IPSec modes
AMD CAM IP for lookup

Virtex UltraScale+ FPGA

Available Now

1G-200G Inline IPSec
HBM for packet buffer and lookups
10,000+ Security Associations and policy
AMD HBM BCAM IP for lookup
58G SerDes for network connectivity
Configuration for replay protection window size
Multi-protocol support with tunnel and transport mode

Versal Premium

Coming Soon

400G IPSec
112G SerDes
Nx400 High-speed Crypto
Hardened Gen5 PCIe core
Hardened packet processing


Application Security with AI


End-to-end offload and acceleration frees up valuable resources without sacrificing security between users and applications, and clients and servers. AMD offers solutions from established protocols to cutting-edge machine learning for malware detection.

Application Security with AI
Application Security with AI

Stateful Security for Firewalls and CPU Acceleration

10-30x performance vs. CPU with security acceleration/offload.

  • Stateful TCP offload using FPGA internal and external memory
  • Session classification and storage
  • Line-rate packet classification with multiple tuple-based flows
  • Secure SSL sessions handled completely in FPGA
  • Partner IPs for stateful TCP Offload Engine (TOE), bulk encryption/decryption, and asymmetric crypto (PKI)

RegEx Processing for DDoS, DPI, IPS, IDS

20-30x when AMD used for parallel analysis of regular expressions.

  • Traffic signature matching at high throughput
  • Rule matching offload for 10x+ performance compared to software
  • RegEx engine compatible with PCRE/POSIX 
  • Millions of rules supported using on-chip HBM or external DRAM
  • AMD IP for high-speed data transfer to CPU, flow classification using CAMs/TCAMs, packet processing
  • Partner IP for RegEX processing with DPI SW (SNORT, SURICATA)

Stateful Processing and Malware Detection in Firewalls using Machine Learning Models

A malware system that learns through artificial intelligence and is smart enough to identify new threats--even ones you may not have anticipated.

  • TLS traffic malware detection using machine learning (ML) inference models
  • TLS flow processing at 200Gbps using combination of P4 and RTL
  • AMD P4 compiler and TCAM IP for flow classification and ML parameter lookups
  • ML model for TLS flow prediction implemented using on-chip DSP cores
  • Statistics collection at 200Gbps for flow processing and predicted flows

Featured Videos


Webinar: The Importance of Programmable Devices in Next-Gen Security Appliances and Firewalls Watch Now >

Featured Documents


Get Started


Find evaluation boards, leverage libraries to develop your own applications, and learn how to become a AMD wired & wireless IP partner.

Use a Pre-built Evaluation Board

Design with a leading-edge using one of our evaluation boards
Explore now >

Develop Your Own Applications

Learn about developing your own applications using Vitis AI
Learn more >

Partner Program

Expand your reach and solve more customer problems by partnering with us
Join now >

Stay Informed

Sign up for Wired & Wireless Updates


Contact Sales for More Information