MACsec to edge hosts

• Previous message (by thread): How to update IPv6 geolocation data? Google sites blocked.
• Next message (by thread): MACsec to edge hosts
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Are any of you pushing MACsec (802.1AE) out from your switches to the edge hosts?  Vs. just running it on the network cross-connect fabric?

We have a scenario where, if we could MACsec encrypt those (switch <-> host) links, we could eliminate a lot of application level TLS.  But searching for a list of PHYs that support this turned up a very thin set of chips, with most of them being several years old now.

Are people even using MACsec in anything other than an "encrypt cross connects between the cages" context?  I would be very interested in chatting with anyone who has tried pushing this out from their switches to the connected hosts.

--lyndon

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20151222/f02e0ce6/attachment.sig>

• Previous message (by thread): How to update IPv6 geolocation data? Google sites blocked.
• Next message (by thread): MACsec to edge hosts
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]