In case you'll find it interesting - all three major cloud providers (AWS, Azure, GCP) support MACSec on their circuits dedicated to customers (restictions may apply).
https://aws.amazon.com/directconnect/locations/ https://cloud.google.com/network-connectivity/docs/interconnect/concepts/choosing-colocation-facilities Can't find the similar table for Azure unfortunately but MACSec is there https://learn.microsoft.com/en-us/azure/expressroute/expressroute-about-encryption On Mon, Oct 21, 2024 at 9:11 PM John Schiel <jsch...@flowtools.net> wrote: > I know this is a NANOG forum but curious how widespread usage of MACsec > might be. (https://1.ieee802.org/security/802-1ae/).Currently reading > the spec but wanted to pose some questions. > > I'm seeing some pitfalls: > 1) May not work over wireless LAN devices? > 2) Needs a centralized key server. > 3) May not be supportable on all devices? > > Purported to be faster on the LAN than IPsec because MACsec is on layer 2. > > Thoughts? > > > > >
