Security processor provider Axiado has announced the availability of two new trusted compute units (TCUs) to help detect ransomware and other cyberattacks on servers and infrastructure elements in cloud data centers, 5G networks, and network switches.
Dubbed AX3000 and AX2000, these TCUs are AI-powered hardware security platform solutions that, the company says, integrate all security functions within a single system-on-chip (SoC) module.
“Products such as Axiado’s TCU are important developments in the market, as they answer a specific need for high-level and multi-function hardware security demands for data center technology,” said Michela Menting, senior research director at ABI Research. “Single-chip implementations provide a better cost-benefit ratio than having to implement different hardware components for different use cases—storage vs crypto acceleration vs ransomware identification.”
The company is providing samples of the AX3000 and AX2000 TCUs to early-access partners in servers, wireless base stations, wired security appliances, centralized and distributed infrastructure, and smart edge gateways.
TCUs are coprocessors for server security
Axiado’s TCUs are single-chip security processors designed to serve as co-processors to the main processors of the target servers. They are aimed at providing zero trust architecture, hardware root of trust, and attack mitigation strategies for servers, base stations and network appliances through a combination of Axiado’s in-house technologies.
“Axiado’s hardware-anchored, AI-driven TCU is a single-chip smart control and management solution for these servers,” said Gopi Sirineni, CEO and president of Axiado. “We integrate baseboard management controller (BMC), root of trust (RoT), trusted platform module (TPM), and LAN on motherboard (LOM) functions into a single SoC to run all trust services.”
The platform, housed in a 23 x 23 ball grid array (BGA) SoC, also incorporates a hardware security manager that is distributed, equipped with anti-tamper and anti-counterfeit mechanisms. Additionally, it includes a SmartNIC network interface controller for the control and management plane, which encompasses platform and tenant virtualization capabilities.
Secure hardware products for the data center are important, said ABI’s Menting, “Especially as there is continued and strong migration to remote and cloud-based platforms, including for mission-critical applications and highly confidential data. […] The ability to ensure security, from a service provider perspective, is key, not least because there is a growing body of regulation globally that is ensuring such protections are enshrined by law.”
The different TCU variants are targeted at different use cases. While the AX3000 comes with a higher number of interface pins, high-speed interfaces like 10GbE ports and AI, AX2000 is limited at 1GbE ports and has no AI function, Axiado’s Sirineni said.
Forensic enabled cybersecurity processors
Axiado claims its latest TCU represents a new category of forensic-enabled cybersecurity processors, designed to enhance existing zero trust models. What this means is that they operate an AI functionality explicitly designed for security.
“We have added four tera operations per second (TOPS) onboard AI engines to protect systems against ransomware, supply-chain, and side-channel attacks,” Sirineni said.
During normal server operations the TCU actively oversees both itself and the main processor to detect side-channel, network, and peripheral-based attacks. It leverages its Secure AITM to identify any deviations from the expected behaviors on these attack surfaces, keeping a record of such anomalies for further analysis. If any anomalies are detected, the TCU initiates mitigation strategies to prevent malware intrusion, spread, and system breakdown.
Such introspection in computer systems is becoming a necessity, according to Joe Byrne, director of processor analysis at TechInsights.
“Companies operating servers—especially if they have large fleets—must manage them, including assessing their security,” said Byrne. “Axiado’s integration reduces cost and physical size. The addition of AI acceleration could prove a useful tool for monitoring system health and security.”
Copyright © 2023 IDG Communications, Inc.