About This Document

YANG data models for MACsec encryption features

Provides information about YANG data models for MACsec encryption features.

Fundamentals of MACsec encryption

Provides a comprehensive overview of MACsec encryption fundamentals, covering key concepts like MKA, PSK, and deployment models, while detailing hardware compatibility, configuration guidelines, and verification procedures for secure Layer 2 communication.

WAN MACsec encryption

Provides guidance on deploying and configuring MACsec encryption across WAN environments, covering physical and Layer 3 subinterface applications, VLAN-based policies, and EAPoL configuration for secure, interoperable network topologies.

MACsec policy exceptions

Explains how to configure MACsec policy exceptions to permit specific packet types, such as LACP, pause frames, and LLDP, to bypass encryption and be transmitted in clear text for troubleshooting and interoperability.

MACsec encryption using EAP-TLS authentication

Provides guidance on configuring MACsec encryption using EAP-TLS authentication, covering the roles of supplicants and authenticators, the certificate-based mutual authentication process, and verification procedures for secure Ethernet traffic.

MACsec encryption using SKIP

Provides guidance on configuring point-to-point MACsec encryption using the Secure Key Integration Protocol (SKIP) and Quantum Key Distribution (QKD) devices to achieve quantum-safe key management on routers.

Secure MACsec encryption

Provides detailed guidance on securing MACsec-enabled routers, including configuring Power-on Self-Test (KAT) for FIPS compliance, managing dynamic power allocation, and implementing secure Type 6 password encryption for pre-shared keys.

MACsec encryption performance and statistics

Provides comprehensive guidance on monitoring and troubleshooting MACsec performance using SecY statistics, SNMP MIBs, and CLI commands to ensure secure network management and diagnostics.