09-22-2012 02:51 AM
Hello Guys,
Is there any way to encrypt data travelling on WAN link without establishing VPN between sites ? if yes please let me know what hardware can do this task
I m asking this question because >
We have an existing HQ with 20-existing branches connected to HQ through VPN links over internet cloud. and we are planning to discard 3 of the existing branches internet link and provide them DATA-Link through micro-wave, so while they are connected through micro-wave data-link the actual data which is transmitted between those 3-branches to HQ will not be encrypted because we are not going to establish vpn between HQ and those 3-brs. so here we want to have some sort of Router to encrypt the data at Hardware Level without needing to have vpn link established.
Solved! Go to Solution.
09-22-2012 08:08 AM
You can use MACsec switch to switch if you have the right hardware. See this matrix.
09-23-2012 06:55 AM
It's pretty new technology and usually done as part of an ISE deployment. The matrix I linked to earlier has the hardware you'd need. Software is generally a very recent release - e.g. 12.2(55)SE or later. The respective software configuration guides have the details. For instance, here is the one for 3560X/3750X 12.2(55)SE:
Frankly, MACsec isn't a "magic bullet" and you will find a lot more information and assistnace if you continue to use VPN technology. Why do you want to get awaay from that?
09-22-2012 08:08 AM
You can use MACsec switch to switch if you have the right hardware. See this matrix.
09-22-2012 11:16 PM
Thank you Marvin.
I have never heard or done the MACsec configuration. For a complete setup of MACsec can you please help me what are the requirement on Hardware and Software point & and what steps i should take on the configuration of this.
I would appreciate your assistance
09-23-2012 06:55 AM
It's pretty new technology and usually done as part of an ISE deployment. The matrix I linked to earlier has the hardware you'd need. Software is generally a very recent release - e.g. 12.2(55)SE or later. The respective software configuration guides have the details. For instance, here is the one for 3560X/3750X 12.2(55)SE:
Frankly, MACsec isn't a "magic bullet" and you will find a lot more information and assistnace if you continue to use VPN technology. Why do you want to get awaay from that?
09-25-2012 09:07 AM
Thank you for the info
You mean we must have either ISE or Cisco ACS in our network to deploy TrustSec ? without that it is not possible ?
the link you sent it has the docs, but do you have any live configuration of a network where TrustSec is fully setup and configured ?
one thing else, i m searching to purchase a Vedio Training on Cisco ACS for Windows. because i tried and wasted alot of my time on reading pdf docs which are availble on cisco webside , but it could not help me more than 30%. and still i have not been able to deploy cisco acs at our network. do you have any reference to provide me ?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: