Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4657
Views
0
Helpful
4
Replies

Nexus 7K 802.1AE (MACsec)

Go to solution
Marius Gunnerud
VIP
VIP

‎05-22-2013 11:52 PM - edited ‎03-01-2019 07:19 AM

If my understanding is correct, the F2E cards support MACsec but there is no software support yet. According to Cisco this support will be released Q4 2013.  If I am wrong about this please correct me!

In any case, Does anyone have a work around to provide encryption until this support is available? Is it possible to run MACsec on the M2 cards?  We have 10Gig uplinks so to get full usage out of the links IPsec is unfortunately not an option.  any ideas welcome.

Thanks

--
Please remember to select a correct answer and rate helpful posts
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Steve Fuller
Level 9
Level 9

‎05-25-2013 01:02 AM

Hi Marius,

This is my understanding also. I'm told MACsec will be available on a subset of the ports, specifically ports 41-48, from NX-OS 6.2.

In terms of a workaround until that support is available, I can't find a specific reference relating to when MACsec support was introduced for the N7K-M224XP-23L 10GE I/O module, but the 40GE and 100GE modules had MACsec supported added from NX-OS 6.1(1)

From the Release 6.x of the Cisco Nexus 7000 Series NX-OS Security Configuration Guide:

Table 1 New and Changed Security Features

[..]

Cisco TrustSec. Added MACsec support for 40G and 100G M2 Series modules. 6.1(1)

[..]

Regards

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Steve Fuller
Level 9
Level 9

‎05-25-2013 01:02 AM

Hi Marius,

This is my understanding also. I'm told MACsec will be available on a subset of the ports, specifically ports 41-48, from NX-OS 6.2.

In terms of a workaround until that support is available, I can't find a specific reference relating to when MACsec support was introduced for the N7K-M224XP-23L 10GE I/O module, but the 40GE and 100GE modules had MACsec supported added from NX-OS 6.1(1)

From the Release 6.x of the Cisco Nexus 7000 Series NX-OS Security Configuration Guide:

Table 1 New and Changed Security Features

[..]

Cisco TrustSec. Added MACsec support for 40G and 100G M2 Series modules. 6.1(1)

[..]

Regards

0 Helpful

Go to solution
Marius Gunnerud
VIP
VIP
In response to Steve Fuller

‎05-27-2013 02:03 AM

Thanks for the reply.

Nice link.  Interesting though.  Says that support for 802.1ae was added in 6.1(1) and newest release is 6.1(4).  Perhaps support is already there?

--
Please remember to select a correct answer and rate helpful posts
0 Helpful

Go to solution
Marius Gunnerud
VIP
VIP
In response to Marius Gunnerud

‎05-27-2013 03:26 AM

AH my bad, support for M2 card not F2e...

--
Please remember to select a correct answer and rate helpful posts
0 Helpful

Go to solution
Steve Fuller
Level 9
Level 9
In response to Marius Gunnerud

‎05-27-2013 03:31 AM

Correct. MACsec support for the F2E is expected in NX-OS 6.2, while support for the 40G and 100G M2 cards was available since NX-OS 6.1(1). I've not found a specific link detailing exactly when support was added for the 10G M2 module.

Regards

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card