AMD Networking solutions on Zen-based processors

AMD ENTERPRISE SOLUTIONS BU

SEPTEMBER 2017
AMD CONFIDENTIAL

CONFIDENTIAL UNDER NDA

 HEALTHY COMPETITION DRIVES INNOVATION

FIRST x86 64- FIRST APU FIRST QUAD

BIT TO MARKET CORE x86
ARCHITECTURE SOC

FIRST TO FIRST X86 DUAL- FASTEST CPU FIRST

BREAK 1GHZ CORE PROCESSOR IN MARKET SERVER APU

 64 bit addressing  Multi core processors  Hardware-accelerated virtualization

2 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL

 Core Architecture

3 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL

 NEXT-GENERATION, HIGH-PERFORMANCE X86 CORE

“ZEN”
 Totally New High-performance
Core Design
 Simultaneous Multithreading (SMT) for
High Throughput
 New High-Bandwidth, Low Latency
Cache System
 Energy-efficient FinFET Design

4 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL

 AMD X86 CORES: DRIVING COMPETITIVE PERFORMANCE

“Zen2” Cores

“Zen” Core
INSTRUCTIONS PER CLOCK

52%
MORE
INSTRUCTIONS
PER CLOCK1

“Excavator” Core

“Bulldozer” Core

1. Based on internal AMD estimates for

“Zen” x86 CPU core compared to
2012 2013 2014 2015 2016 “Excavator” x86 CPU core.

5 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL

 “ZEPPELIN” DIE BUILDING BLOCK FOR PORTFOLIO OF PRODUCTS
8 CORES, 2 DDR4 CHANNELS

ZP ZP ZP ZP
SP3
512k 512k PCIe Gen3 “Naples”
Zen Core Zen Core SATA3
L2 L2 10GbE MCM Socketed Mainstream Server
8M L3
Server
512k 512k
Zen Core Zen Core Controller
L2 L2 Hub
ZP ZP
DDR4
Zen Core
512k 512k
Zen Core Memory
SP4
L2 L2 Controller
8M L3 “Snowy Owl”
Zen Core
512k 512k
Zen Core AMD Secure MCM BGA
L2 L2 Processor
Networking and
Coherent Interconnect Embedded
ZP
SP4
“Snowy Owl”
SCM BGA

6 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL

AMD SOLUTIONS FOR NETWORKING
VALUE PROPOSITION – PERFORMANCE/$ & PERFORMANCE/$/WATT

Switch/Router Control Plane Access Router

SDN/NFV
Snowy Owl 4-16 x86 Cores Snowy Owl 4-16 x86 Cores
Snowy Owl - 4-16 x86 Cores
V1000– 2-4 x86 Cores V1000– 2-4 x86 Cores
Naples – 16-32 x86 cores
G Series: Crowned Eagle-T.O.R, Line Integrated Control and Data Plane
Cards Virtualized L2-L7 Switching and Routing Solution
Functions
Snowy Owl - Supervisor Integrated IPSec Acceleration
Integrated 10G Ethernet

AMD’s solutions address low power (6W) and high performance (32 Cores) Networking Applications

7 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL

 AMD DIFFERENTIATED SOLUTIONS TO ADDRESS NETWORKING MARKETS
HIGHLY SCALABLE PORTFOLIO OF X86 SOC OFFERINGS

Platforms Target segment AMD Solution Benefits

Core/Edge Router High Performance Control Plane

Routing Access Routing Integrated Control + Data Plane
Integrated IPSec Offload
NFV Superior VM Density & I/O connectivity

Data Center TOR High performance Control Plane

Switching Data Center Solutions for Line Card and Supervisors
Aggregation Best-in-class memory bandwidth
Price/performance leadership
Enterprise Switching

Industry-leading cores/thread Count

Security Firewall, IDS/IPS, UTM Integrated IPSec Offload
Best-in-class memory bandwidth & I/O
8 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL
 ROADMAP UPDATE

9 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL

 AMD ENTERPRISE APU/CPU PRODUCTS* TDP Range 4-15 Process Node 14nm

iTemp SKUs HSA Compliant HSA

Max # of Cores/ 4/8

Threads

2015 2016 2017 2017 2018 2019+

“Naples/Snowy Owl” x86 CPU “Rome” x86 CPU

14nm 32/64 25-180 7nm 95-180

AMD’s next generation x86 “Zen” core

“Merlin Falcon” x86 APU “V1000” x86 APU “Grey Hawk” x86 APU

28nm HSA 4 12-35 14nm 4/8 12-54 7nm 4/8 10-35

AMD’s x86 “Excavator” core AMD’s next generation x86 “Zen” core

“Brown Falcon” x86 APU “R1000” x86 APU

AMD’s x86 “Excavator” core
28nm HSA 2 12-15 14nm 2/4 4-15

AMD’s next generation x86 “Zen” core

Crowned Eagle x86 CPU

28nm 4 5-25
“River Hawk” x86 AP
Products still in concept and subject to
change 7nm 2/4 4-15

*AMD roadmaps are subject to change without notice or obligations to notify of changes. Placement of boxes
10 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL is not intended to represent first year of product shipment.
 SNOWY OWL

11 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL

 Zen

Next Generation High Performance 64-bit x86 CPU

Snowy Owl for Communications and Networking
Up to Up to Up to Up to Up to Up to

16 32MB 4 Independent 64 lanes 16 8x10GbE SP4

Zen Cores Shared L3 Cache Memory Channels PCIe® Gen3 SATA or NVME Highly Integrated I/O BGA

12 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL

 “SNOWY OWL”: THE NEXT GENERATION AMD SOC FOR COMMS./NETWORKING
IDEAL FOR COMMUNICATIONS/NETWORK WITH COMPELLING PERFORMANCE AND SUPERIOR I/O INTEGRATION

COMPUTE
512k
512k 512k
512k
Zen Core Zen Core PCIe3  4 to 16 AMD “Zen” x86 cores (16 to 32 threads)
L2
L2 L2
L2
8M
8M L3
L3 SATA3
Zen Core
512k
512k
L2
512k
512k
L2
Zen Core 10GbE  512KB L2 cache per core (8 MB total L2 cache)
L2 L2
Zen Core
512k
512k 512k
512k Zen Core
 Up to 32MB shared L3 cache (8MB per 4 cores)
L2
L2 8M L3 L2 Server
L2
 TDP range: 25W-100W
SP4 MCM Zen Core
512k
512k
L2
L2
512k
512k
L2
L2
Zen Core Controller
Hub MEMORY
Coherent Interconnect
 Up to 4 channel DDR4 with ECC up to 2667 MHz
512k 512k DDR4
Zen Core
L2 L2
Zen Core
Memory  UDIMM, RDIMM, LRDIMM, NVDIMM, Flash, 3DS
8M L3
Zen Core
512k
L2
512k
L2
Zen Core Controllers  2 DIMMs/channel capacity of 2TB/socket
Zen Core
512k
L2
512k
L2
Zen Core AMD INTEGRATED I/O – NO CHIPSET
8M L3 Secure
Zen Core
512k 512k
Zen Core Processor
 Up to 64 lanes PCIe Gen3
L2 L2
 Used for PCIe, SATA, Ethernet and Coherent Interconnect
 Up to 32 SATA or NVMe devices
Zen Core
512k 512k
Zen Core  Up to 8 10GBASE-KR or 1Gb Ethernet
L2 L2
512k
8M L3
512k  Server Controller Hub (USB, UART, SPI, LPC, I2C, etc.)
Zen Core
L2 L2
Zen Core PCIe3

Zen Core
512k 512k
Zen Core
SATA3 SECURITY
10GbE
L2
8M L3
L2
SP4r2 SCM  Dedicated Security Subsystem
512k 512k
Zen Core
L2 L2
Zen Core  Hardware Root of Trust-ability to run certified (signed) firmware
DDR4
AMD Secure
Server SP4 and SP4r2 - Pin Compatible BGA Package
Memory Controller
Processor
Controllers Hub 10 Year Longevity
13 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL
 SNOWY OWL PRELIMINARY PRODUCT STACK
PRELIMINARY SUBJECT TO CHANGE

Base All Cores Max DDR Extend

TDP Max. Boost L3 $ DDR
Package Cores Threads Freq Boost Freq Freq PCIe 10GbE ECC ed
(W) Freq (Ghz) (MB) Channels
(Ghz) (Ghz) (1DPC) Temp*

50 8 16 2.50 3.1 3.1 16 2 2666 x32 4x Yes Yes

30 8 8 1.50 3.1 3.1 16 2 2133 x32 4x Yes No

SP4r2
45 4 8 2.90 2.9 2.9 8 2 2666 x32 4x Yes No

35 4 4 2.60 2.9 2.9 8 2 2666 x32 4x Yes No

100 16 32 2.15 2.45 3.00 32 4 2666 x64 8x Yes No

80 12 24 1.90 2.75 3.00 32 4 2666 x64 8x Yes No

SP4
85 16 16 1.85 2.25 3.00 32 4 2666 x64 8x Yes Yes

65 12 12 20 2.15 TBD 32 4 2666 x64 8x Yes No

14 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL

 SNOWY OWL SP4 BLOCK DIAGRAM
SP4-MCM BGA UP TO 16 CORES

 4x 64-bit DDR
x16 x16 x16 x16
 4x “heavy” 10GE
 4x “light” 10GE
 64 lanes PCIe Gen3
Memory
0 2
Memory
 4 x USB 3.0 Memory
1 3 Memory
A B
 eMMC, SPI, I2C, UART
 65-100W
 BGA MCM
‒ 45 x 45 mm substrate
‒ 0.8mm non-uniform pitch

 KEY
‒ Blue square  8-core die
‒ Yellow links  GMI (x32 @ 2xMEMCLK)
‒ Green links  PCIe (x16 @ 4xMEMCLK)
‒ Red links  Ext PCIe lanes
15 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL
 SNOWY OWL SP4R2 BLOCK DIAGRAM
SP4r2-SCM BGA up to 8 cores

 2x 64-bit DDR x16 x16

 2x “heavy” 10GE

 2x “light” 10GE 0
Memory
1
 32 lanes PCIe Gen3 Memory
A
 4x USB 3.0

 eMMC, SPI, I2C, UART

 25-50W

 BGA SCM
‒ 45 x 45 mm substrate
 KEY
‒ 0.8mm non-uniform pitch ‒ Blue square  8-core die
‒ Yellow links  GMI (x32 @ 2xMEMCLK)
‒ Green links  PCIe (x16 @ 4xMEMCLK)
‒ Red links  Ext PCIe lanes
16 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL
 SERDES MUXING

10
15
14
13
12
11

5
9
8
7
6

4
3
2
1
0
x16
x8 x8
Type A x4 x4 x4 x4
x2 x2 x2 x2 x2 x2 x2 x2
x1 x1 x1 x1 x1 x1 x1 x1 x1 x1 x1 x1 x1 x1 x1 x1
x1 x1 x1 x1 x1 x1 x1 x1
29 x1 x1 x1 x1 x2 x2

23

18
31
30

28
27
26
25
24

22
21
20
19

17
16
x16 PHY lane grouping
PCIe Port
Type B x8 x8 SATA Port
x4 x4 x4 x4 Ethernet Port
x2 x2 x2 x2 x2 x2 x2 x2 SATA Express Port
x1 x1 x1 x1 x1 x1 x1 x1 x1 x1 x1 x1 x1 x1 x1 x1

17 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL

 “SNOWY OWL” PRODUCT CHARACTERISTICS AND CAPABILITIES

SP4 MCM SP4r2 SCM

Module Type BGA
Package size, pad pitch 45 x 45 @ 0.8mm non-uniform pitch
TDP 100W, 85W, 80W and 65W 50W, 35W, 30W, and 25W
Cores Up to 16 cores / 32 threads Up to 8 cores / 16 threads
Memory channels 4 2
Max DIMMs/channel 2
DIMM Type RDIMM, LRDIMM, NVDIMM, 3DS DIMM
Combo links1 4 – 16 bit links 2 – 16 bit links
Max PCIe 64 lanes 32 lanes
Max SATA2 16 8
Max 10GigE2,3,4 8 4
Native I/O USB3, UART, I2C, RMI, SPI, LPC, RTC, Power control, etc.
Notes: 1: Combo links can take the form of PCIe, SATA, 10GBase-KR, SGMII with configuration restrictions
2: These function are in lieu of PCIe on those ports; 8 SATA displaces 8 PCIe lanes
3: 10GBase-KR can be alternately configured as SGMII
4: Half of the ethernet ports have 16 TX/RX DMA queues (WHQL compliant); half have 2 TX/RX DMA queues
18 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL
 NFV SOFTWARE FRAMEWORK

VNFs vRouter vFirewall vWAN Opt vVPN

APIs and libraries DPDK OVS VPP VirtIO

Orchestration &
OpenDayLight OpenStack
Management
Virtualization
KVM QEMU Docker Ceph
Components

Linux Distro CentOS UEFI Debian Ubuntu

Hardware Platforms Snowy Owl / Naples

19 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL

 AMD SNOWY OWL TARGETED OPERATING SYSTEMS

N-1 Launch (N) N+1

RHEL 6.92 RHEL 7.32 RHEL 82

Ubuntu 16.042 Ubuntu 17.042 Ubuntu 17.102

WRL91 WRL101
• 1basedon specific
networking
MEL (Dogwood) MEL (Elm) customer Demand
• 2Subject to final
validation on
platform

20 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL

 AMD “SNOWY OWL” VALUE PROPOSITION
INNOVATION FOR THE NEXT WAVE OF NETWORK TRANSFORMATION

Superior Cache Industry Leading 1st Hardware

Capacity and I/O Density Enabled Secure
Memory Multi-tenancy
Bandwidth
 2X Instruction L1 cache and  Support for 8x 10GE ports  Integrated crypto
L2 Cache per core accelerator for IPSEC
 Support for 64 PCI-E lanes offload
 33% larger L3 Cache
 Integrated support for up to  Cryptographically isolates
 2X Memory bandwidth over 16 SATA/NVME ports hypervisor from guest VM’s
16C Broadwell or containers
 Encrypts all system memory
or a specific partition

Larger Cache Subsystem +Extensive I/O Integration+ Revolutionary Security = Superior Performance

21 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL

 L2 AND L3 DPDK PACKET FORWARDING BENCHMARK
SETUP

DPDK PMD Loopback Application

for L3 Forwarding

Unmodified DPDK
www.dpdk.org

Linux Distribution

Dual
IXIA traffic generator AMD
2x10 Gbps 10Gbps
with RFC2544 tests
PCIe NIC

Snowy Owl
3.0 GHz
• Two cores and defaults parameters are used to run L2fwd – “sudo -E ./build/l2fwd -c 0x3 -
n 2 -- -p 0x3”
(boost)
• Two cores and defaults parameters are used to run L3fwd – “sudo -E ./build/l3fwd -c 0xf - PCIe Gen3
n 4 -- -p 0x3 --config="(0,0,2)(1,0,2)" --parse-ptype” x8
• The same Intel X-520 dual-port 10G NIC card was used
• DPDK is compiled with “march=native”; the compiled binaries are tuned for the platform
on which it is built
22 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL
 DPDK L2 AND L3 FORWARDING BENCHMARKING
SNOWY OWL 8C/8T - ICC16 RESULTS. TESTS DONE WITH INTEL NIC: X-520

Agg Rx/Tx rate % ICC16 Snowy Owl ICC16 Snowy Owl

L2fwd bi-dir L3fwd bi-dir
64 Bytes 76.797
66 Bytes 77.5
128 Bytes 99.272 99.272
256 Bytes 99.272 99.272
512 Bytes 99.272 99.272
1024 Bytes 100 100
1280 Bytes 100 100
1518 Bytes 100 100
Even though ICC16 is not optimized for Snowy Owl, the processor
shows the same performance as Xeon D-1540 .
23 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL
 NAPLES

24 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL

 “NAPLES”: THE NEXT GENERATION OF SERVER SOC
LOWERING TCO THROUGH AN OPTIMAL BALANCE OF COMPUTE, MEMORY, I/O AND SECURITY

COMPUTE
 16 to 32 AMD “Zen” x86 cores (32 to 64 threads) 512k 512k 512k 512k
Zen Core Zen Core Zen Core Zen Core
L2 L2 L2 L2 PCIe3
 512KB L2 cache per core (16 MB total L2 cache) 8M
L3
8M
L3 SATA3
512k 512k 512k 512k
 64MB shared L3 cache (8MB per 4 cores) Zen Core
L2 L2
Zen Core Zen Core
L2 L2
Zen Core

 TDP range: 120W-180W Zen Core

512k 512k
Zen Core Zen Core
512k 512k
Zen Core
L2 8M L2 L2 8M L2 Server
L3 L3
MEMORY Zen Core
512k
L2
512k
L2
Zen Core Zen Core
512k
L2
512k
L2
Zen Core
Controller
Hub
 8 channel DDR4 with ECC up to 2667 MHz
Coherent Interconnect
 RDIMM, LRDIMM, NVDIMM, Flash, 3DS
512k 512k 512k 512k DDR4
 2 DIMMs/channel capacity of 2TB/socket Zen Core
L2 8M L2
Zen Core Zen Core
L2 8M L2
Zen Core
Memory
512k L3 512k 512k L3 512k Controllers
INTEGRATED I/O – NO CHIPSET Zen Core
L2 L2
Zen Core Zen Core
L2 L2
Zen Core

 128 lanes PCIe Gen3 Zen Core

512k 512k
Zen Core Zen Core
512k 512k
Zen Core AMD
L2 8M L2 L2 8M L2
 Used for PCIe, SATA, and Coherent Interconnect 512k L3 512k 512k L3 512k
Secure
Zen Core Zen Core Zen Core Zen Core Processor
 Up to 32 SATA or NVMe devices L2 L2 L2 L2

 Server Controller Hub (USB, UART, SPI, LPC, I2C, etc.)

SECURITY
 Dedicated Security Subsystem
 Hardware Root of Trust-ability to run certified (signed) firmware
 Encrypt System Memory and VM’s
25 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL
 EPYC 7000 SERIES PROCESSOR PRODUCT STACK

26 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL

 Security

27 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL

 TRUSTED SYSTEM – AMD SECURE PROCESSOR

AMD SOC
A Dedicated Security Subsystem
 AMD Secure Processor integrated within SOC
‒ 32-bit microcontroller (ARM Cortex-A5) 00

 Secure off-chip NV storage for firmware and Root of Trust

data (i.e. SPI ROM) AMD

Secure
 Provides cryptographic functionality for Processor

secure key generation and key management

 Enables hardware validated boot

Hardware root of trust provides foundation for platform security

28 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL

 COMPRESSION AND ENCRYPTION SOLUTIONS
NAPLES AND SNOWY OWL

Features Naples Snowy Owl

Crypto,
compression-
CPU Core AES-NI, SHA1, SHA256, CRC32 (SSE4.2)
related
instructions
Supported
AES, AES-XTS-128/256,
Encryption 3DES, SHA, RSA, ECC
Functions
Encryption AES-XTS-256: AES-XTS-256:
Hardware
Performance Up to 48 GB/s Up to 24 GB/s
Offload
Zlib
Decompress: Decompress:
Compression/
Up to 5 GB/s max output Up to 2.5 GB/s max output
Decompression at 4:1 compression ratio at 4:1 compression ratio
Performance

Performance shown is maximum HW engine performance @500MHz and

does not include software overhead

29 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL

 TRUSTED SYSTEM - HARDWARE VALIDATED BOOT

 AMD Secure Processor loads the on-chip Boot ROM Root of Trust
which loads and authenticates the off-chip boot AMD On-chip
loader Secure Load
Boot ROM
Processor
‒ Immutable Boot ROM provides level of security not
Load / Authenticate
available from traditional TPM implementations
 Boot Loader authenticates BIOS before x86 core Off-chip
Boot Loader
starts executing the BIOS code
‒ Boot Loader also authenticates and loads code for AMD Load / Authenticate
Secure Processor to perform secure key management
 Once BIOS is authenticated the OS Boot Loader BIOS

loads the OS or Hypervisor

Load / Authenticate

OS Secure Boot
(UEFI)

Ensures that a system is booted with trusted software

30 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL

 HARDWARE MEMORY ENCRYPTION - HW SUPPORT

AMD Secure Memory Encryption (SME) / AMD Secure Encrypted Virtualization (SEV)
 Hardware AES engine located in the memory controller
performs inline encryption/decryption of DRAM
 Encryption keys are managed by the AMD Secure Processor AES-128 Engine Root of Trust
and are hardware isolated AMD
‒ not known to any software on the CPU Secure
DRAM Processor
 Minimal performance impact
‒ Extra latency only taken for encrypted pages
 No application changes required

Defense against unauthorized access to memory

31 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL

 HARDWARE MEMORY ENCRYPTION - COMPARISON

AMD AMD Intel

AMD Secure Memory AMD Secure Encrypted
SME SEV SGX
Encryption (SME) Virtualization (SEV)
Protects against physical
  *
attack Applications Applications
Applications
Applications
Encrypts all system
  VM … VM
memory
Operating System Hypervisor
Protects against
Key Key Key … Key
Administrative tampering  *
AES-128 Engine AES-128 Engine
Untrusted hypervisor  * DRAM DRAM
Untrusted guests  *
Requires no change to One key encrypts entire system One key per Hypervisor / VM
 
application

* Each application must be modified and recompiled to enable protection

32 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL

 IPSEC REFERENCE STACK FOR CCP
SUBJECT TO CHANGE Application

DPDK Framework Strong

 DPDK-based IPSec reference code using CCP Swan
 Key components: Ethernet CCP Crypto
PMD PMD
‒ Naples Ethernet PMD DPDK driver
‒ Naples CCP Crypto PDM DPDK driver Naples
‒ Port of StrongSwan using CCP offload for IKE
‒ DPDK test application Preliminary IPSec Encryption+Decryption Performance Targets
AES-CBC-128 ESP Tunnel Mode, CCP Clock=500MHz
 Support for
‒ IPSec AH & ESP as per RFC 4301, 4302 & 4303 Product Large Packet IMIX
‒ Transport and Tunnel Modes 80Gbps Total BW 40Gbps Total BW
‒ IPsec with IPv4 and IPv6 Naples SP3 40Gbps Encryption + 20Gbps Encryption +
40Gbps Decryption 20Gbps Decryption
‒ IPsec with IP Fragmentation support for IPv4 and IPv6
40Gbps Total BW 20Gbps Total BW
‒ Statistics report – Global, per SA, PDUs or Bytes received Snowy Owl MCM 20Gbps Encryption + 10Gbps Encryption +
and drop counters 20Gbps Decryption 10Gbps Decryption

 Capable of leveraging multiple CCP blocks across 20Gbps Total BW 10 Gbps Total BW
Naples/Snowy Owl package Snowy Owl SCM 10Gbps Encryption + 5 Gbps Encryption +
10Gbps Decryption 5 Gbps Decryption
33 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL
 DISCLAIMER & ATTRIBUTION

The information presented in this document is for informational purposes only and may contain technical inaccuracies, omissions and typographical errors.

The information contained herein is subject to change and may be rendered inaccurate for many reasons, including but not limited to product and roadmap changes, component and motherboard version changes, new
model and/or product releases, product differences between differing manufacturers, software changes, BIOS flashes, firmware upgrades, or the like. AMD assumes no obligation to update or otherwise correct or revise
this information. However, AMD reserves the right to revise this information and to make changes from time to time to the content hereof without obligation of AMD to notify any person of such revisions or changes.

AMD MAKES NO REPRESENTATIONS OR WARRANTIES WITH RESPECT TO THE CONTENTS HEREOF AND ASSUMES NO RESPONSIBILITY FOR ANY INACCURACIES, ERRORS OR OMISSIONS THAT MAY APPEAR IN THIS
INFORMATION.

AMD SPECIFICALLY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE. IN NO EVENT WILL AMD BE LIABLE TO ANY PERSON FOR ANY DIRECT, INDIRECT, SPECIAL OR
OTHER CONSEQUENTIAL DAMAGES ARISING FROM THE USE OF ANY INFORMATION CONTAINED HEREIN, EVEN IF AMD IS EXPRESSLY ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

ATTRIBUTION

© 2017 Advanced Micro Devices, Inc. All rights reserved. AMD, the AMD Arrow logo and combinations thereof are trademarks of Advanced Micro Devices, Inc. in the United States and/or other jurisdictions. Other names
are for informational purposes only and may be trademarks of their respective owners.

35 | AMD ENTERPRISE PRODUCT ROADMAP UPDATE | SEPTEMBER 2017 | AMD CONFIDENTIAL