Provides an overview of how OTNSec encryption operates on the NCS1K14-2.4T-K9 card, including key implementation features and supported workflows.
The 2.4T, 2.4TX, and 2.4TA line card now supports AES-256 GCM authenticated OTNSec encryption using pre-shared keys or certificate-based authentication, ensuring data confidentiality across optical links.
| Feature Name |
Release Information |
Feature Description |
|---|---|---|
| OTNSec encryption support on the 2.4TX and 2.4TA line card |
Cisco IOS XR Release 26.1.1 |
The 2.4TX and 2.4TA line card now supports AES-256 GCM authenticated OTNSec encryption using pre-shared keys or certificate-based authentication, ensuring data confidentiality across optical links. These pluggable modules are supported:
|
| OTNSec encryption and PPP support on the 2.4T card |
Cisco IOS XR Release 25.2.1 |
The 2.4T line card now supports AES-256 GCM authenticated OTNSec encryption using pre-shared keys or certificate-based authentication, ensuring data confidentiality across optical links. Additionally, PPP over GCC enables secure transmission of control and encryption messages such as IKEv2 exchanges over built-in optical channels, enhancing security and manageability without relying on external interfaces. |
The NCS1K14-2.4T-X-K9 and NCS1K14-2.4T-A-K9 line cards support Encryption only in slice mode.
The need for high-speed encryption
This section explains why high-speed encryption is critical for protecting data transmitted across network infrastructures.
IKEv2 key features
This section explains the main attributes and constructs of IKEv2 protocols used for secure authentication and encryption in Cisco NCS network environments.
OTNSec encryption key features
This section explains the key features of OTNSec encryption on the NCS 1014 platform.
FIPS compliance for IKEv2 sessions
This section explains how FIPS-compliant IKEv2 sessions operate, including enforcement modes, compatibility considerations, and regulatory benefits.