Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
892
Views
5
Helpful
1
Replies

N9K MACSEC and SPAN

Wes Smith
Level 1
Level 1

‎10-14-2020 09:49 AM

On NX 93240-FX2 devices that use MACSEC on the  40/100 QSFP ports 

What does SPAN capture for MACSEC secured ports?   Does it capture the clear-text data or the encrypted stream ?

I have not been able to find any reference.  

Thanks in advance 

1 person had this problem
Labels:
1 Reply 1

BrianSekleckiGE
Level 1
Level 1

‎01-10-2022 05:10 AM

Did you ever get a chance to test this? Since the encryption happens in Hardware, presumably after the SPAN process in software replicates the switchport's outbound buffer, I assume you see the cleartext contents?

 

In which case, you would need a passive optical splitter to observe the encrypted traffic on the wire.

0 Helpful
Customers Also Viewed These Support Documents