Interoperable Security

MACsec is the standard and peer-reviewed Ethernet security solution

Easy Integration

Both 802.1X-2010 and the 802.1AE specifications implemented within own modules with well-defined APIs

Time to Market

Functional and well-tested software implementation to develop and test your solution early

Product description

GUARD MACsec Toolkit (previously QuickSec MACsec Toolkit) implements all the functionalities defined in IEEE standards 802.1AE, and 802.1X-2010. In particular, it supports MKA, Network Announcements, EAPOL, PACP logic, virtual ports, extended sequence numbers and AES-GCM-256. In addition, it reuses proven components from the QuickSec® product family such as EAP-TLS, RADIUS client, certificate manager, and cryptographic libraries.

It is delivered in highly portable ANSI C source code, suitable for a wide range of platforms. It provides well-documented APIs to integrate with existing software and hardware components. It is easy to compile on a standard Linux server as a reference implementation for testing. MACsec Toolkit has been interoperability-tested as both a supplicant and an authenticator with existing products.

GUARD MACsec Toolkit has been designed to easily integrate with an existing product. In particular both the 802.1X-2010 and the 802.1AE specifications are implemented within their own modules with well-defined APIs.

A typical switch manufacturer may only integrate the 802.1X-2010 port access entity module to its hardware implementation of MACsec data plane (e.g. INSIDE EIP-160).

A typical host such as an IP phone has low data throughput requirements and can then integrate both the 802.1X-2010 port access entity module and the 802.1AE SoftSec module. 

Other information

Complete software implementation

• 802.1X-2010

• 802.1AE with AES-GCM Cipher

• Pre-shared keys or EAP key management

• EAP-TLS (others available upon request)

• APIs interfacing to hardware 802.1AE

Modular implementation

• Policy configuration and management APIs

• RADIUS

• AES-GCM (128 and 256bit)

Standards compliance

• IEEE 802.1AE

• IEEE 802.1X-2010

• IEEE 802.1AEbw (extended sequence numbers )

• IEEE 802.1AEbn GCM-AES-256

• IETF RFC 3748-EAP

• IETF FRC2716-EAP-TLS

• IETF RFC 2865 -RADIUS

• IETF REF 2459-X.509

• IETF REF 3280-CRL PROFILE

• IETF RFC-4346-TLS 1.1

Contact