Abstract: In one embodiment, a computer apparatus includes a first NIC including at least one network interface port to transfer data with a first packet-data network (PDN) including a master clock to provide a clock synchronization signal S1, a first physical hardware clock (PHC) to maintain a time value T1 responsively to S1, and a first clock controller to generate a clock synchronization signal S2 responsively to S1, S2 having a frequency set responsively to S1, and send S2 over a connection to a second NIC including at least one network interface port to transfer data with a second PDN, a second PHC, and a second clock controller to receive S2, update the second PHC with a time value T2 responsively to S2, send another clock synchronization signal to network nodes in the second PDN responsively to T2, the second NIC acting as a master clock in the second PDN.

Abstract: A network adapter includes one or more network ports, multiple bus interfaces and a processor. The network ports are configured to communicate with a communication network. The bus interfaces are configured to communicate with multiple respective CPUs of a multi-CPU device. The processor is included in the network adapter and is configured to support an Option-ROM functionality, in which the network adapter holds Option-ROM program instructions that are loadable and executable by the multi-CPU device during a boot process, to expose the support of the Option-ROM functionality to the multi-CPU device over only a single bus interface, selected from among the multiple bus interfaces, and, by loading the Option-ROM program instructions to the multi-CPU device, to cause the multi-CPU device to present to a user only a single, non-redundant set of commands for managing all the multiple bus interfaces of the network adapter via the single bus interface.

Abstract: In one embodiment, a network interface card device includes communication interfaces to provide data connection with respective local devices configured to run respective clock synchronization clients, at least one network interface to provide data connection between a packet data network and ones of the local devices, and a hardware clock to maintain a time value, and serve the clock synchronization clients.

Abstract: A network adapter includes one or more network ports, multiple bus interfaces and a processor. The network ports are configured to communicate with a communication network. The bus interfaces are configured to communicate with multiple respective CPUs of a multi-CPU device. The processor is included in the network adapter and is configured to support an Option-ROM functionality, in which the network adapter holds Option-ROM program instructions that are loadable and executable by the multi-CPU device during a boot process, to expose the support of the Option-ROM functionality to the multi-CPU device over only a single bus interface, selected from among the multiple bus interfaces, and, by loading the Option-ROM program instructions to the multi-CPU device, to cause the multi-CPU device to present to a user only a single, non-redundant set of commands for managing all the multiple bus interfaces of the network adapter via the single bus interface.

Abstract: A method for secure boot includes, in a processor, retrieving from a memory device a firmware boot code for bootstrapping a firmware of the processor. The firmware boot code is authenticated using an authentication key. In response to failing to authenticate the firmware boot code using the authentication key, an attempt is made to authenticate a recovery firmware code, which has reduced functionality relative to the firmware boot code, using a recovery key. Upon successfully authenticating the recovery firmware code using the recovery key, the firmware boot code is restored from a host, the restored firmware boot code is authenticated by executing the recovery firmware code, and the firmware is bootstrapped using the authenticated firmware boot code.

Abstract: Apparatus having a firmware memory storing firmware, a cache memory loading at least part of the firmware for execution by a processor, and a firmware checking engine having a defined syndrome storage location and performing the following iteratively on cache line entries associated with the firmware stored in the cache memory: choose a cache line entry; verify that an address mapped in the cache line entry maps to an address in the firmware memory, and when the cache line entry is locked and the address mapped in the cache line entry maps to an address in the firmware memory, compare a content of the cache line entry to a content of a corresponding address in the firmware stored in the firmware memory, and produce an integrity result indicating whether integrity of the apparatus has been compromised.

Abstract: Apparatus having a firmware memory storing firmware, a cache memory loading at least part of the firmware for execution by a processor, and a firmware checking engine having a defined syndrome storage location and performing the following iteratively on cache line entries associated with the firmware stored in the cache memory: choose a cache line entry; verify that an address mapped in the cache line entry maps to an address in the firmware memory, and when the cache line entry is locked and the address mapped in the cache line entry maps to an address in the firmware memory, compare a content of the cache line entry to a content of a corresponding address in the firmware stored in the firmware memory, and produce an integrity result indicating whether integrity of the apparatus has been compromised. The abstract is not meant to be limiting.

Abstract: A host computer is linked to a network interface controller having a plurality of network ports connectable to a data network. The network interface controller has an embedded central processing unit, a host interface linked to the host central processing unit, a sideband interface and a baseboard management controller linked to the network interface controller via the sideband interface. The baseboard management controller connects to a management network via the management network port. The embedded central processing unit in the network interface controller is linked to a datacenter manager via the management network port of the baseboard management controller, enabling the datacenter manager to instruct the embedded central processing unit to control data flows in the network interface controller between the host interface and the data network.

Abstract: An Integrated Circuit (IC) includes two or more subsystem circuits, a multiplexed bus, a multiplexer/de-multiplexer (MUX/DEMUX) and a logic circuit. The subsystems are independent of one another and are configured to communicate data over multiple General-Purpose Input-Output (GPIO) ports. The multiplexed bus is configured to communicate with circuitry external to the IC. The MUX/DEMUX is configured to translate between the data communicated by the subsystem circuits over the multiple GPIO ports and the multiplexed bus. The logic circuit is independent of the subsystem circuits and is configured to allocate resources of the MUX/DEMUX among the subsystem circuits in response to requests received from the subsystem circuits, and to configure the MUX/DEMUX to provide the allocated resources to the subsystem circuits.

Abstract: A method for secure boot includes, in a processor, retrieving from a memory device a firmware boot code for bootstrapping a firmware of the processor. The firmware boot code is authenticated using an authentication key. In response to failing to authenticate the firmware boot code using the authentication key, an attempt is made to authenticate a recovery firmware code, which has reduced functionality relative to the firmware boot code, using a recovery key. Upon successfully authenticating the recovery firmware code using the recovery key, the firmware boot code is restored from a host, the restored firmware boot code is authenticated by executing the recovery firmware code, and the firmware is bootstrapped using the authenticated firmware boot code.

Abstract: A computer system includes a system bus having multiple lanes, one or more peripheral devices, and a bus controller. The peripheral devices are coupled to the system bus. The bus controller is configured to receive, from one or more of the peripheral devices, respective indications of numbers of the lanes requested by the peripheral devices, and to configure the system bus in response to the indications.

Abstract: A host computer is linked to a network interface controller having a plurality of network ports connectable to a data network. The network interface controller has an embedded central processing unit, a host interface linked to the host central processing unit, a sideband interface and a baseboard management controller linked to the network interface controller via the sideband interface. The baseboard management controller connects to a management network via the management network port. The embedded central processing unit in the network interface controller is linked to a datacenter manager via the management network port of the baseboard management controller, enabling the datacenter manager to instruct the embedded central processing unit to control data flows in the network interface controller between the host interface and the data network.

Abstract: Computerized methods and systems are disclosed for configuring a network controller (NC). These methods and systems recognize, via a network device, e.g., hardware, software, processors, storage media, memory, a predetermined command from a management controller (MC). The network device responds to the predetermined command by configuring the NC with a message type associated with an event, and controlling enablement of a message associated with the message type using a selectable enable bit as defined in the predetermined command.

Abstract: A network connection device having a security processor exchanges data traffic between a data network and a host computer via a network port. Security management data is exchanged exclusively between the security processor and a management network via a management network connectivity port that is inaccessible to the data traffic.

Abstract: A host computer connects to a data network via a host interface to a network interface controller A sideband interface connects the network interface controller to a baseboard management controller having a management network port for connection to a management network. A path is established in the network interface controller between the host interface the basement management controller via the sideband interface of the network interface controller to conduct data selectively between the management network and either the host central processing unit and the or internally in the network interface controller.

Abstract: A network adapter includes one or more network ports, multiple bus interfaces, and a processor. The one or more network ports are configured to communicate with a communication network. The multiple bus interfaces are configured to communicate with multiple respective Central Processing Units (CPUs) that belong to a multi-CPU device. The processor is configured to support an Option-ROM functionality, in which the network adapter holds Option-ROM program instructions that are loadable and executable by the multi-CPU device during a boot process, and, in response to a request from the multi-CPU device to report the support of the Option-ROM functionality, to report the support of the Option-ROM functionality over only a single bus interface, selected from among the multiple bus interfaces connecting the network adapter to the multi-CPU device.

Abstract: A network adapter includes one or more network ports, multiple bus interfaces, and a processor. The one or more network ports are configured to communicate with a communication network. The multiple bus interfaces are configured to communicate with multiple respective Central Processing Units (CPUs) that support a management protocol and belong to a multi-CPU device, and with a Baseboard Management Controller (BMC). The processor is configured to, in response to a request to enumerate the bus interfaces that support the management protocol, report support of the management protocol over only a single bus interface, selected from among the multiple bus interfaces connecting the network adapter to the multi-CPU device, and exchange management packets over the communication network between the BMC and a remote management computer, wherein the management packets manage the entire multi-CPU device but traverse only the single selected bus interface.

Abstract: A network adapter includes one or more network ports, multiple bus interfaces, and a processor. The one or more network ports are configured to communicate with a communication network. The multiple bus interfaces are configured to communicate with multiple respective Central Processing Units (CPUs) that belong to a multi-CPU device. The processor is configured to support an Option-ROM functionality, in which the network adapter holds Option-ROM program instructions that are loadable and executable by the multi-CPU device during a boot process, and, in response to a request from the multi-CPU device to report the support of the Option-ROM functionality, to report the support of the Option-ROM functionality over only a single bus interface, selected from among the multiple bus interfaces connecting the network adapter to the multi-CPU device.

Abstract: A network adapter includes one or more network ports, multiple bus interfaces, and a processor. The one or more network ports are configured to communicate with a communication network. The multiple bus interfaces are configured to communicate with multiple respective Central Processing Units (CPUs) that support a management protocol and belong to a multi-CPU device, and with a Baseboard Management Controller (BMC). The processor is configured to, in response to a request to enumerate the bus interfaces that support the management protocol, report support of the management protocol over only a single bus interface, selected from among the multiple bus interfaces connecting the network adapter to the multi-CPU device, and exchange management packets over the communication network between the BMC and a remote management computer, wherein the management packets manage the entire multi-CPU device but traverse only the single selected bus interface.

Abstract: Peripheral apparatus for use with a host computer includes an add-on device, which includes a first network port coupled to one end of a packet communication link and add-on logic, which is configured to receive and transmit packets containing data over the packet communication link and to perform computational operations on the data. A network interface controller (NIC) includes a host bus interface, configured for connection to the host bus of the host computer and a second network port, coupled to the other end of the packet communication link. Packet processing logic in the NIC is coupled between the host bus interface and the second network port, and is configured to translate between the packets transmitted and received over the packet communication link and transactions executed on the host bus so as to provide access between the add-on device and the resources of the host computer.