Protecting critical infra with MACsec security

In Application note, Cyber security news by XXLSEC

How to defend critical infra from attackers if the platform is filled with unknowns and vulnerabilities? Many organisations are moving to “assume breached” mindset. This means it is expected that the bad guy is already in.

Media Access Control Security (MACsec)

MACsec is an 802.1AE IEEE industry-standard security technology that provides secure communication for all traffic on Ethernet links. MACsec provides point-to-point security on Ethernet links between directly connected nodes and is capable of identifying and preventing most security threats, including denial of service, intrusion, man-in-the-middle, masquerading, passive wiretapping, and playback attacks. Securing an enterprise LAN segment with MACsec enables also ransomware infections and APT and ARP attacks against secured segment.

MACsec allows you to secure an Ethernet link for almost all traffic, including frames from the Link Layer Discovery Protocol (LLDP), Link Aggregation Control Protocol (LACP), Dynamic Host Configuration Protocol (DHCP), Address Resolution Protocol (ARP), and other protocols that are not typically secured on an Ethernet link because of limitations with other security solutions. MACsec can be used in combination with other security protocols such as IP Security (IPsec) and Secure Sockets Layer (SSL) to provide end-to-end network security.

How MACsec Works?

MACsec provides industry-standard security through the use of secured point-to-point Ethernet links. The point-to-point links are secured after matching security keys are exchanged and verified between the interfaces at each end of the point-to-point Ethernet link. The key can be user-configured or can be generated dynamically, depending on the security mode used to enable MACsec.

XXLSEC CipherBox M runs MPP protocol witch takes care of secure MACsec key delivery.  The problem with MACsec has been the key management. XXLSEC MPP takes care of secure MACsec key distribution between selected servers, virtual servers and laptops. Read more technical details from XXLSEC Github >>