Secure Networking: MACsec Fundamentals

Until recently, most network security has been focused on neutralizing external threats to an enterprise. Enterprises were mainly concerned with securing the network from outside attackers. In today’s constantly changing enterprise environment, the source of a large number of threats has reversed direction to data and privacy breaches internal to the enterprise. As network access expands to consultants, contractors, and even guests, network security behind external firewalls has become a top priority.

MACsec is an IEEE 802 standard that specifies how encryption may be used at Link Layer level to secure links behind external firewalls on a Ethernet Local Area Network (LAN). MACsec can be used on a Metropolitan Area Network (MAN) and in some cases even a Wide Area Network (WAN).

As encryption-based security is more and more often required by organizations and governments, MACsec and its capability to provide such a network-wide encryption-based security rather than providing it for each application, stands as the most relevant means to achieve such a level of security. HIPAA, PCI, Sarbanes-Oxley, Basel-II and the FDA among others have already adopted MACsec for securing their networks.