O'Reilly logo

CCNP Security SISAS 300-208 Official Cert Guide by Kevin Redmon, Aaron Woland

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Uplink MACSec

Uplink MACSec is the term used to describe encrypting the link between the switches with IEEE 802.1AE. At the time this book was written, the switch-to-switch encryption keying mechanism used Cisco’s proprietary SAP instead of MKA, which is used with the downlink MACSec. The encryption is still the same AES-GCM-128 encryption used with both uplink and downlink MACSec.

Uplink MACSec can be achieved manually or dynamically. Dynamic MACSec requires 802.1X between the switches and is covered in the NDAC section. For this section, we will focus on manual mode.

Manually Configuring Uplink MACSec

This method of MACSec is perfect to layer on top of the Manual SGTs configured earlier in this chapter. It will encrypt the inter-switch links. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required