Ixia announces IEEE MACSec link security test products

Dec. 5, 2007
DECEMBER 5, 2007 -- MACSec, IEEE 802.1ae, which became an IEEE standard in June 2006, specifies how encryption is used to secure the links between major carrier and data center network devices.

DECEMBER 5, 2007 -- Ixia (search for Ixia) has announced a new test interface module for MACSec link security.

MACSec, IEEE 802.1ae, which became an IEEE standard in June 2006, specifies how encryption is used to secure the links between major carrier and data center network devices. MACSec protects high-speed links from a number of security risks, including impersonation, confidentiality, and data modification. MACSec operates by performing link layer encryption for each hop through a network. It works within carrier core networks and data centers, where 10-Gigabit Ethernet links are fast becoming the norm. Due to these speed requirements, vendors are developing chips specifically designed to handle MACSec encryption/decryption.

Ixia's 10GbE MACSec Load Module is designed to enable chip vendors and NEMs to completely test their designs prior to integration and deployment.

"Testing the performance of network security devices is essential to ensure that the infrastructure will be able to meet both capacity and security requirements under a variety of external and internal loads," said John Burke, principal research analyst at Nemertes Research. "Indeed, the performance of a security device can determine how secure the device is: Many exploits work only when the security appliance is subjected to extreme loads, leading to the exposure of a bug or inherent capacity limit. Proper testing can reveal those limits prior to release or deployment and allow for remediation."

Ixia's 10GbE MACSec Load Module can be used in any of its chassis. The new module offers line rate, link layer encryption using AES-GCM encryption (Advanced Encryption Standard � Galois Counter Mode), as specified in RFC 4106, in addition to the standard features available with the 10GbE family of products.

With MACSec now ratified, the IEEE is turning its attention to an allied standard IEEE 802.1af, also known as KEYSec. KEYSec addresses how MACSec endpoints exchange the encryption keys that they require, and is a key component of a complete link layer security ecosystem.

Visit Ixia

For more test & measurement news and resources, visit the Test & Measurement Resource Center