Macsec Applications; Macsec Operating Mechanism - HPE FlexNetwork 5510 HI Series Macsec Configuration Manual
Hide thumbs
Also See for FlexNetwork 5510 HI Series:
- Configuration manual (572 pages) ,
- Security configuration manual (551 pages) ,
- Mpls configuration manual (505 pages)
Table of Contents
Advertisement
MACsec applications
MACsec supports the following application modes:
•
Client-oriented mode—Secures data transmission between the client and the access device.
In this mode, the authentication server generates and distributes the CAK to the client and the
access device. In this mode, MACsec must operate with 802.1X authentication.
Figure 1 Client-oriented mode
NOTE:
In client-oriented mode, an MKA-enabled port on the access device must perform port-based
802.1X access control. The authentication method must be EAP relay.
•
Device-oriented mode—Secures data transmission between devices. In this mode, the
devices do not perform identity authentication, and the same preshared key must be configured
on the MACsec ports that connect the devices. The devices use the configured preshared key
as the CAK.
Figure 2 Device-oriented mode
MACsec operating mechanism
Operating mechanism for client-oriented mode
Figure 3
illustrates how MACsec operates in client-oriented mode.
3
Hide quick links:
Advertisement
Table of Contents
Need help?
Do you have a question about the FlexNetwork 5510 HI Series and is the answer not in the manual?