cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
805
Views
0
Helpful
4
Replies
Imran Ahmad
Explorer

Hardware Based Encryption

Hello Guys,

Is there any way to encrypt data travelling on WAN link without establishing VPN between sites ?    if yes please let me know what hardware can do this task

I m asking this question because >

We have an existing HQ with 20-existing branches connected to HQ through VPN links over internet cloud.  and we are planning to discard 3 of the existing branches internet link and provide them  DATA-Link through micro-wave, so while they are connected through micro-wave data-link  the actual data which is transmitted between those 3-branches to HQ will not be encrypted because we are not going to establish vpn between HQ and those 3-brs.  so here we want to have some sort of Router to encrypt the data at Hardware Level without needing to have vpn link established.

2 ACCEPTED SOLUTIONS

Accepted Solutions
Marvin Rhoads
VIP Community Legend

You can use MACsec switch to switch if you have the right hardware. See this matrix.

View solution in original post

It's pretty new technology and usually done as part of an ISE deployment. The matrix I linked to earlier has the hardware you'd need. Software is generally a very recent release - e.g. 12.2(55)SE or later. The respective software configuration guides have the details. For instance, here is the one for 3560X/3750X 12.2(55)SE:

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750x_3560x/software/release/12.2_55_se/configuration/guide/sw8021x.html#wp1316722

Frankly, MACsec isn't a "magic bullet" and you will find a lot more information and assistnace if you continue to use VPN technology. Why do you want to get awaay from that?

View solution in original post

4 REPLIES 4
Marvin Rhoads
VIP Community Legend

You can use MACsec switch to switch if you have the right hardware. See this matrix.

Thank you Marvin.

I have never heard or done the MACsec configuration.      For a complete setup of MACsec  can you please help me what are the requirement  on Hardware and Software point     &   and what steps i should take on the configuration of this.

I would appreciate your assistance

It's pretty new technology and usually done as part of an ISE deployment. The matrix I linked to earlier has the hardware you'd need. Software is generally a very recent release - e.g. 12.2(55)SE or later. The respective software configuration guides have the details. For instance, here is the one for 3560X/3750X 12.2(55)SE:

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750x_3560x/software/release/12.2_55_se/configuration/guide/sw8021x.html#wp1316722

Frankly, MACsec isn't a "magic bullet" and you will find a lot more information and assistnace if you continue to use VPN technology. Why do you want to get awaay from that?

Thank you for the info

You mean we must have either ISE or Cisco ACS in our network  to deploy  TrustSec ?  without that it is not possible ?

the link you sent it has the docs, but do you have any  live configuration of a network where   TrustSec is fully setup and configured ?

one thing else,  i m searching to purchase a  Vedio Training on  Cisco ACS for Windows.  because i tried and wasted alot of my time on reading  pdf docs which are availble on cisco webside , but it could not help me more than 30%.  and still i have not been able to deploy  cisco acs  at our network.   do you have any reference to provide me ?

Create
Recognize Your Peers
Content for Community-Ad