Enhancing Network Security with MACsec (IEEE 802.1AE)
Until recently, fiber optic network interfaces had a significant advantage over traditional copper Ethernet networks when it came to security. Because fiber optic cabling transmits data as light particles, it natively provides a layer of protection from interception. Conversely, twisted pair copper cables transmit data using electrical signals that emit radiation, making transmissions vulnerable to eavesdropping and tapping.
However, IEEE 802.1AE (also known as MACsec) crypto has somewhat levelled the playing field between copper and fiber optics in regards to security, and positioned copper wiring for some applications where optical wiring was formerly the sole contender. First standardized in 2006, but not fully embraced for another decade, MACsec is now seeing increased adoption, driven by the fact that MACsec support was added to the Linux kernel (as of kernel 4.6) in 2016.
What is MACsec?
Preventing disruption and data loss arising from transmission and reception by unauthorized devices is a required network capability in today’s defense applications. In order to provide this protection, the MACsec standard enhances security for network traffic by identifying unauthorized LAN connections and excluding them from communication within the network. The protocol authenticates nodes through a secure exchange of randomly generated keys, ensuring data can only be transmitted and received by MACsec-configured nodes. By assuring that a frame comes from the station that claimed to send it, MACsec can mitigate attacks on Layer 2 protocols.