cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
465
Views
0
Helpful
1
Replies

MACSec to prevent packet sniffing on a switch ?

Kamel Hashisho
Level 1
Level 1

MACSec will encrypt packet forwarded between endpoint and a switch. However traffic is decrypted once it gets on the switchport. Does that mean that a packet sniffer attached to the switch can extract a copy of the traffic coming from the endpoint device once it is forwarded within the switch ? Can the encryption still be available for all traffic coming through the switch and not only on the switch to endpoint or switch to switch links ?

1 Reply 1

Reza Sharifi
Hall of Fame
Hall of Fame

Yes, there are specific switches like the 3750x and 3560x series that support MACSec between them.

here is a link:

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15-0_1_se/configuration/guide/3750xcg/swmacsec.html

HTH

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: