AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Transmit security architecture8/16/2023 The secure associations each use a separate, randomly generated key. In MACsec, packets flow over "secure channels", which are supported by "secure associations". MACsec was standardized in 2006 by IEEE (standard IEEE 802.1AE-2006), but support was only recently added to the mainline Linux kernel (as of 4.6). It relies on GCM-AES to ensure the confidentiality and integrity of all the network traffic. MACsec hasn't gained much traction yet, but now with an open source implementation available in the Linux kernel, this is will very likely change.Īs a layer 2 specification, MACsec can protect not only IP traffic, but also ARP, neighbour discovery, and DHCP. Besides TLS and IPSec, most other protocols in use today are proprietary. By default, TCP/IP doesn't offer any security guarantee. The current landscape of cryptographic network protocols is rather narrow. IPsec (a Layer 3 security protocol) and TLS (a Layer 4 security protocol) offer different guarantees and can be a better fit, depending on the use case.It is an extension to 802.1X provides secure key exchange and mutual authentication for MACsec nodes.It can secure all traffic within a LAN, including DHCP and ARP, as well as traffic from higher layer protocols. ![]()
0 Comments
Read More
Leave a Reply. |