ActiveArmor: nVidia Secure Networking Engine

nVidia's on-chip Gigabit Ethernet is a popular feature of the nForce3-250 chipset. This was combined with the hardware based nVidia Firewall on all but the basic 250 chipset. On-chip Gigabit Ethernet and the hardware firewall are still a significant part of the nForce4 chipset, and all of the nForce4 chipsets feature both. However, nVidia has expanded the Network Security features in the Ultra and SLI chipsets to provide further protection against network attacks.

The new network security features are called ActiveArmor, which are implemented as a dedicated hardware engine for the nVidia hardware Firewall.

nVidia's ActiveArmor enhances nVidia Firewall performance in several ways to protect from network attacks:
  • Dedicated hardware engine enhances networking security while reducing CPU overhead
  • Specialized features defend against hacker attacks
  • User-friendly interface offers advanced management features
  • Supports new Microsoft TCP Chimney Architecture for fast and secure networking
A hardware solution was chosen instead of a software solution to minimize CPU utilization. Software firewalls and software firewall management can consume up to 75% of CPU overhead.

This compares to about 10% CPU overhead with the nVidia ActiveArmor hardware solution, which handles most of the network security management in the nForce4 chipset.

SLI Performance 3Gb/s SATA


View All Comments

  • ImJacksAmygdala - Saturday, October 23, 2004 - link


    That is an interesting idea and I can see the appeal for both the SFF and HTPC enthusiast markets.

    I wonder if ATI's dual graphics incarnation could use this with their new DX9.0 integrated graphics chip. That would be cool indeed.

  • Ivo - Saturday, October 23, 2004 - link

    Recently I posted my opinion that SLI is not important for a small form-factor HTPC. Meanwhile I changed my mind (hope, this still is not a crime :-))

    In the past the Integrated Graphic Processor was a synonym for 'moderate 2D and sparse 3D performance'. Now, an IGP could be combined in a SLI scheme with an AGP or PCIe Graphic Card. Than, for 2D and simple 3D applications (Office etc.) the IGP (with DVI-out!) will work, and the GC will be idle (Cool-and-Quiet!). For intensive 3D applications the GC will wake up, adding performance.

    I suppose, such an user- and environment-friendly scheme could sell more chipsets AND GCs than the two GCs SLI-solution from NF4.
  • Addlepate - Friday, October 22, 2004 - link

    Found an answer to my question here:

    Looks like second week of November, SLI not until Late Nov / early Dec.
  • quanta - Friday, October 22, 2004 - link

    Accoring to 3DSS's detailed Sound Blaster Audigy review[1], encoding sounds to Dolby Digital 5.1 format may actually be bad idea, since the streams have to be compressed, then decompressed at the speakers end, and adds latency.

    If you want better 5.1, forget the Dolby encoder. Just plug the speakers to S/PDIF ports, and let the analog conversion be done there.

  • Addlepate - Friday, October 22, 2004 - link

    Anyone able to predict when the first of these boards will be available retail, from Newegg or similar sites? Reply
  • quanta - Friday, October 22, 2004 - link

    #92, from the documents I've read about DDICE, it doesn't seem to be a bandwidth issue at all. What 'hardware Dolby 5.1 encoding' does is just converting data stream targeted to different speaker into another format. As for the 'interactive' part, it's just marketing speak for 'user applications taking advantage of hardware mixers, and choose what and how to mix based of application driven events.' This is well within the capability of major DSP-based soundcards, though your DSP performance may vary.

    As for 'hardware' mixing, it means little for DSP-based APU. For example, if an APU runs a microcode program that reads a MIDI, mixing all tracks into 5.1 streams, then does AC-3 encoding before sending out to speakers, is it still 'hardware' mixing? I prefer to call it 'non-CPU programmable controller mixing', but marketers didn't seem to agree. Anyway, I suspect what 'hardware accelerated DDICE' is just a combination of channel/effect mixing, then feed the streams to the converters, by using an APU. The extra bandwidth needed to load the conversion program will not be sufficient to stress the PCI bus, if done properly. Therefore the lack of 'hardware' DDICE support is a latency problem rather than bandwidth problem.
  • rjm55 - Friday, October 22, 2004 - link

    92 and 93 -
    Anyone reading the comments can't help but notice that you believe it is tragic SoundStorm is not a part of nForce4. That's your opinion, which is your right, but lots of others don't agree with you. nVidia has not had SoundStorm in any of their A64 chipsets for the last year and a half, so why are you just waking up to that fact?

    What I don't understand is that you seem angry the reviewer and AnandTech aren't as upset as you obviously are. I thought it was a balanced and fair review and good reading. But then again I never thought a review had to agree with me on every point to be worth reading.

    Your anger should be directed at nVidia and not at the reviewer or AnandTech IMHO.
  • Filibuster - Friday, October 22, 2004 - link

    #93, the first thread you referenced has information on a Cmedia chip which can do Dolby Digital encoding.

    It appears there will be cards with it soon...pci cards.

    The bandwidth thing is blown way out of proportion...its a PR thing that nobody caught.
    Do the simple math: 48000 samples per second * 24 bits per sample * 6 channels = ~7Mbit/second....not even a full megabyte per/sec for uncompressed 48khz/24bit/6 channel audio. AC3 is smaller yet, since it is compressed. Its more of a cpu power thing, since SS does the encoding instead of the cpu.

    My old 1.3Ghz PVR machine uses way more PCI bandwidth than that and its perfect. 2 tv tuners recording at 7Mbit/s each and it runs smooth as glass.
  • ImJacksAmygdala - Thursday, October 21, 2004 - link

    If you want to see exactly why the lack of SS2 on the nforce4 is such a big deal take a look at these threads. It goes into the details of why SS was so different from any other available solution and why we may never see it again from Nvidia even in a stand alone sound card.

    I hope those links work... If not check out the AVS forums and do a search on the subject.

    You can also see some great replies from people on this subject at The Tech Report here..

    If you read all of the user replies you will finally understand why enthusiasts wanted SoundStorm2 so badly and why NO other solution exists currently on the market.

    So what are our options now and in the near future? Will a SS type solution become available as a PCIexpress card?

    Those seem to be the two biggest questions currently. I don't care who makes it as long as it is possible on a AMD64/dual DRR/dual PCIexpress graphics platform. Otherwise I will continue to save my pennies.
  • ImJacksAmygdala - Thursday, October 21, 2004 - link

    "there are other good players on the market too :-)"

    Really? Please tell us one audio solution on the market that is capable of DDICE with SPDIF Optical outputs? Sorry, but you can't.=D

    The ONLY one is Nvidia's Sound Storm...

    The reason is that the PCI bus does not have enough bandwidth to do so. For that reason no PCI solution is capable of what Sound Storm can do with such a small foot print.

    DDICE (Dolby ® Digital real-time Interactive Content Encoder) is critical for several enthusiast markets. The same markets that can afforde Nvidia's top of the line graphics cards or even the more extreme dual SLI PCIexpress graphics solutions. The HTPC theater crowd, SFF HTPC crowd, and the Wide Screen PC Gaming super 1337 crowd both use home theater audio equipment that has better DACs and S/N than any computer sound card could achieve. On that high end equipment any noise from the source is just that much more horrible.

    Sound Storm is the only solution available that has digital SPDIF optical outputs for low noise that can hook up to HT audio amplifiers and the DDICE is the only solution for real-time hardware DD encoding applied to surround streams that allows you to do 5.1 gaming and movies using high quality home theater THX certified speakers with little overhead on the CPU. (DTS would even be better)

    It is possible that a PCIexpress card could be made that could use the bandwidth required for DDICE, but currently no solution exists except for Nvidias Sound Storm on a dated motherboard using a dated CPU socket.

    This effectively leaves many enthusiasts that are willing to shell out the extra cash required for the dolby license totally alienated in the market.

    Many in this crowd want the Cool n Quiet AMD64 CPU, but skipped the Nforce3 because of the lack of SoundStorm. Instead opting to wait for Nforce4 hoping Nvidia would see the light. Nope they didn't so I guess we are SOL and now we can only hope other chipset makers will add HD audio that is DDICE capable on the AMD64 platform, preferably one that offers dual 16X PCIexpress graphics cards.

    With the lack of SoundStorm2 the Nforce4 product line does not distinguish itself from the rest of the pack except for SLI, but even now there are other 16X dual PCIexpress graphics card chipsets on the way.

    Kinda sucks, I was really hoping I didn't have to wait any longer and I could build in November with the Nforce4 in time for HL2, I guess I'll just wait a little longer and see if a PCIexpress sound card comes out that can do what SoundStorm did.


Log in

Don't have an account? Sign up now