MACSec support on Cisco Nexus 9000

nips · ‎10-07-2024

Hi All,

I need to know can we encrypt switch-to-host and switch-to-firewall traffic in Nexus 9000 switches using MACSec feature.

As well need to know the license which support MACSec in Nexus 9000.

Thanks

Pavel Tarakanov · ‎10-07-2024

Please find configuration guide:

https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/103x/configuration/security/cisco-nexus-9000-nx-os-security-configuration-guide-103x/m-configuring-macsec.html

Licensing information:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/licensing-options/cisco-nexus-licensing-options-guide.html

DanielP211 · ‎10-09-2024

Hello!

You need the extra security add-on license. Based on your system (NX-OS or ACI) for clasic nxos- NXOS-SEC-XF license or for ACI ACI-SEC-XM or ACI-SEC-XF.

I don't belive FTD supports macsec. Which device would you establish macsec to?

BR

****Kindly rate all useful posts*****

nips · ‎10-09-2024

@DanielP211 Actually The firewalls are Checkpoint, Fortinet and Palo. There are Bare metal servers and VM hosts. Requirement is encrypting the traffic switch to all these nodes

MACSec support on Cisco Nexus 9000

Nexus 9000: Desempenho, Escalabilidade e Flexibilidade

Cisco Nexus シリーズ : Cisco Nexus 2000 シリーズの show tech-support 収集方法

Cisco Spaces Connector の Tech Support Log 取得方法

Doc - L4-L7 Services con Cisco Nexus Dashboard Fabric Controller

Nexus 9000 シリーズ : Bootflash (M5100 もしくは M5300)が Read-only となる