1. Field of the Invention
The present invention relates to a communication apparatus for providing IPSec communication and the like to an information processing apparatus such as an image forming apparatus.
2. Description of the Related Art
Currently, a technology called IPSec (Security Architecture for Internet Protocol) exists. This protocol is used for securing IP (Internet Protocol) that is used in the Internet and the like. This protocol has functions for encrypting communications of IP and for authenticating communications and the like.
For performing the IPSec communication, since computational processing for encryption is performed, large amount of CPU resources are consumed. Therefore, when using the IPSec, high speed communication is not expected unless the CPU is upgraded.
Therefore, for realizing the IPSec in an apparatus using a small CPU, it has been considered to use a hardware accelerator from the past.
The hardware accelerator is largely classified into two types. One is a coprocessor type. The accelerator of the coprocessor type is implemented in the apparatus that performs the IPSec communication. The coprocessor is embedded, separately from the CPU, as a circuit for performing IPSec processing. When performing the IPSec communication, processing for encryption is not performed in the CPU, but is performed by the coprocessor that is an IPSec processing specific circuit. Since the processing is not performed in the general CPU, but performed in the specific hardware, high speed processing can be performed.
Another type of hardware accelerator is one that is inserted between an apparatus that performs IPSec communication and a communication route.
In this type, the apparatus that needs IPSec communication performs IP communication as usual, and packets that are output from the apparatus pass through the hardware accelerator so that the packets are transmitted to the external network. In addition, packets flow into the apparatus from the network after passing through the hardware accelerator.
The hardware accelerator converts the IPSec packet into a normal IP packet, and converts the IP packet to be transmitted to the external network into the IPSec packet.
Since the bridge type IPSec accelerator basically realizes the IPSec communication by itself, high speed processing is possible and the IPSec accelerator does not affect the apparatus. By the way, following documents relate to the prior art.
[Patent document 1] Japanese Laid-Open Patent Application NO. 2002-317148.
[Patent document 2] Japanese Laid-Open Patent Application NO. 2003-78813.
[Patent document 3] Japanese Laid-Open Patent Application NO. 2004-86590.
[Patent document 4] Japanese Laid-Open Patent Application NO. 2002-251071.
However, for using the bridge type accelerator, settings for the apparatus to be connected should be made manually, and there is a case where settings may be necessary for the apparatus to be connected. Thus, there is a problem in that time and effort are necessary in using the accelerator.