Data-processing device, complete entity, and method for operating a data-processing device or complete entity

The invention claimed is: 1. A data-processing device configured as a system-on-a-chip, comprising: a computing unit configured as a first hardware component on the system-on-a-chip; an interface unit configured as a second hardware component on the system-on-a-chip, comprising: a communication connection with a packet-based communication protocol; and a filter device, wherein at least part of the filter device is made from hardware, and the filter device is designed to forward, to an additional component of the data-processing device, communication data meeting an approval condition, wherein the approval condition evaluates a property of the communication data, and the approval condition is contained in a configuration information predetermined in the data-processing device; a secure element, realized as a Trusted Execution Environment of an authentication arrangement related to the communication protocol; and an intrusion detection unit configured as a third hardware component on the system-on-a-chip, wherein the intrusion detection unit is further configured to: connect with the filter device and/or the secure element via a signal connection; and evaluate an input signal received via the signal connection for a rule infringement of an intrusion detection rule, wherein the intrusion detection rule is logged and/or responded to with a measure; and the intrusion detection rule relates to a violation of the approval condition and/or to an authentication error. 2. The data-processing device according to claim 1 , wherein the packet-based communication protocol of the communication connection comprises a PCI (Peripheral Component Interconnect) Express. 3. The data-processing device according to claim 1 , wherein the signal connection is a hardware signal connection. 4. The data-processing device according to claim 1 , wherein the interface unit further comprises an encryption/decryption device for the authentication arrangement, wherein the encryption/decryption device is configured to: encrypt the communication data for transmission via the communication connection to another data-processing device, wherein an encryption is applied to the communication data in a communication layer of the communication protocol; and decrypt the communication data received via the communication connection from another data-processing device, and wherein the encryption/decryption device comprises a hardware that cannot access the computing unit and/or the secure element. 5. The data-processing device according to claim 4 , wherein the secure element, logically isolated from the computing unit, comprises: a hardware-coded key information, wherein the communication data for transmission is encrypted by the encryption/decryption device based on the hardware-coded key information. 6. The data-processing device according to claim 1 , wherein: the secure element generates the input signal for the intrusion detection unit; and the secure element is at least partially formed as hardware. 7. The data-processing device according to claim 1 , wherein the input signal for the intrusion detection unit describes an authentication error and/or an encryption error. 8. The data-processing device according to claim 1 , wherein the intrusion detection unit is at least partially configured as a part of the secure element. 9. The data-processing device according to claim 1 , wherein the input signal for the intrusion detection unit descriptively generates a piece of information comprising: an initialization error when establishing the communication connection; encrypted packets with partial encryption via the communication connection; further communication data not forwarded due to the configuration information; an exceeding of a permissible communication data throughput; and statistic information on the further communication data not forwarded due to the configuration information. 10. The data-processing device according to claim 9 , wherein the initialization error comprises a missing key from a communication partner. 11. The data-processing device according to claim 9 , wherein the further communication data not forwarded due to the configuration information is stored in a ring buffer. 12. The data-processing device according to claim 1 , wherein the computing unit and/or the intrusion detection unit is designed to reconfigure the filter device when an intrusion is detected. 13. The data-processing device according to claim 1 , wherein the intrusion detection unit is configured to implement an Intrusion Detection and Prevention System (IDPS) with at least one protective measure carried out by another data-processing device external to the data-processing device. 14. A complete entity, comprising: at least two data-processing devices, each comprising at least one computing unit; and a bridge device configured as a system-on-a-chip and comprising: at least one interface unit using a packet-based communication protocol connecting the at least two data-processing devices as end points; and an intrusion detection unit, wherein: the intrusion detection unit is a hardware; the intrusion detection unit is connected via at least one signal connection with a filter device of the at least one interface unit, wherein the at least one signal connection is based on hardware; and the intrusion detection unit evaluates an input signal received from the filter device with regard to an infringement of a set of intrusion detection rules that needs to be logged and/or responded to with at least one measure, wherein: at least part of the filter device is hardware; and the filter device is designed to forward communication data meeting at least one approval condition, wherein:  the at least one approval condition evaluates a property of the communication data received by the at least one interface unit from an interface unit of a target data-processing device; and  at least one intrusion detection rule relates to a violation of at least one approval condition. 15. The complete entity according to claim 14 , wherein the communication protocol is a PCI (Peripheral Component Interconnect) Express. 16. The complete entity according to claim 14 , wherein the intrusion detection unit comprises a ring buffer configured to store the communication data not forwarded by the filter device. 17. A method for operating a data-processing device configured as a system-on-a-chip, comprising: receiving, by an interface unit of the data-processing device that is configured as a first hardware component on the system-on-a-chip, communication data via a communication connection with a packet-based communication protocol; forwarding, by a filter device of the interface unit, the communication data that meets at least one approval condition, to an additional component of the data-processing device, wherein forwarding the communication data by the filter device comprises: evaluating, using the at least one approval condition, at least one property of the communication data, wherein the at least one approval condition is contained in a configuration information predetermined in the data-processing device; and evaluating, by an intrusion detection unit configured as a second hardware component on the system-on-a-chip, an input signal with regard to a rule infringement of a set of intrusion detection rules, wherein evaluating the input signal comprises: receiving the input signal from the filter device and/or a secure element via a hardware-based signal connection, wherein the secure element is real