Introduction to WAN MACsec and Encryption Positioning
Craig Hill – Distinguished SE (@netwrkr95) Stephen Orr – Distinguished SE (@StephenMOrr)
BRKRST-2309 Cisco Spark
Questions? Use Cisco Spark to chat with the speaker after the session
How 1. Find this session in the Cisco Live Mobile App 2. Click “Join the Discussion” 3. Install Spark or go directly to the space 4. Enter messages/questions in the space
Cisco Spark spaces will be cs.co/ciscolivebot#BRKRST-2309 available until July 3, 2017.
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Session Presenters
Craig Hill Stephen Orr Distinguished System Engineer Distinguished System Engineer US Public Sector US Public Sector CCIE #1628 CCIE #12126
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 4 What we hope to Achieve in this session:
• Understanding that data transfer requirements are exceeding what IPSec can deliver
• Introduce you to new encryption options evolving that will offer alternative solutions to meet application demands
• Enable you to understand what is available, when and how to position what solution
• Understand the right tool in the tool bag to meet encryption requirements
• Understand the pros/cons and key drivers for positioning an encryption solution
• What key capabilities drive the selection of an encryption technology
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 5 Session Assumptions and Disclaimers
• Intermediate understanding of Cisco Site-to-Site Encryption Technologies • DMVPN • GETVPN • FlexVPN
• Intermediate understanding of Ethernet, VLANs, 802.1Q tagging
• Intermediate understanding of WAN design, IP routing topologies, peering vs. overlay
• Basic understanding of optical transport and impact of OSI model on various layers (L0 – L3) of network designs
• Many 2 hour breakout sessions will focus strictly on areas this presentation touches on briefly (we will provide references to those sessions)
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 6 Agenda
• Introduction
• Cisco’s Next Generation Encryption Initiative
• Understanding Service Provider Transport options
• WAN Encryption Options Existing Today
• Introduction to MACsec
• WAN MACsec Deployment Deep Dive and Use Cases
• Putting it all together… Key Decision Criteria for Designs and Positioning
• Solution Roadmap Cisco’s Next Generation Encryption Initiative Crytography is embedded in all of Cisco’s Cryptography products
Cryptography is critical to every solution and The Universal market Security Feature Vital to Cybersecurity efforts within all of our customers
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 9 Where Cryptography is Deployed Today
Management Authentication Privacy/Confidentiality
• TLS based Protocols • IPSec • SSH • EAP-TLS • SRTP • sFTP • PEAP • DTLS • SCP • EAP-FAST • SSL • HTTPS • Hashing • 802.1AE • FTPs • SHA1 • 802.11i (802.11-2012) • SHA256/384/512 • Radius Key-Wrap • Digital Signatures • Key Negotiation
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 10 Security at Different Layers
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 11 802.11i WPA2 Wireless Security
Application 802.11i
Presentation
Session
Transport
Network
Link
Physical
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 12 Ethernet 802.1AE MACsec
Application
Presentation
Session
Transport MACsec
Network
Link
Physical
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 13 IPsec
Application IPsec Presentation
Session
Transport
Network
Link
Physical
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 14 Transport Layer Security (TLS)
Application
Presentation
Session
Transport TLS Network
Link
Physical
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 15 Secure Shell (SSH)
Application
Presentation
Session
Transport
Network SSH Link
Physical
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 16 Secure RTP
Application
Presentation
Session
Transport SRTP Network
Link
Physical
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 17 Defense in Depth
Application IPsec 802.11i Presentation
Session MACsec Transport TLS SRTP Network SSH Link
Physical
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 18 What is Next Generation Encryption (NGE)?
• New/Upgraded algorithms, key sizes, Cryptographic protocols and entropy Technologies • Compatible with existing security architectures,
• Algorithm efficiency enabling increased Secure and Efficient security • Scales well to high/low throughput
Compatible with • Suite B (US) Government • FIPS-140 (US/Canada) Standards • NATO
Security Briefings & Training
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 19 • Next Generation Encryption (NGE) • A widely accepted and consistent set of cryptographic algorithms that provide strong security and good performance • Best standards that can be implemented today to meet the security and scalability requirements for network security in the years to come • No attacks against these algorithms have been demonstrated.
• Quantum Computing – a different paradigm in computing • A quantum computer could break public key cryptography standards in use today. • While no practical quantum computer is known to be available today, the risk does exist. • Information with long-term confidentiality requirements should be protected against future decryption (i.e., capture now, decrypt when quantum computers become viable.) • Data-in-transit (e.g., capture data communications) • Data-at-rest (e.g., capture file images)
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 20 Cryptography Recommendations
Operation Algorithm Acceptable NGE (preferred) QCR
Encryption AES-CBC mode — ✅ (256-bit) Authenticated encryption — AES-GCM mode ✅ (256-bit)
Integrity — SHA-256 / 384 / 512 ✅ (384/512)
Integrity HMAC-SHA-1 HMAC-SHA-256 ✅ (256-bit key)
RSA: Key exchange / DH / RSA / DSA -2048 / Encryption / ECDH / ECDSA-384 / 521 3072 / 4096 Authentication ECC: Key exchange / ECDH / ECDSA-256 ECDH / ECDSA-384 / 521 Authentication
QCR = quantum computer resistant.
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 21 Recommended algorithms per security level
Algorithm Security level Acceptable NGE (preferred)
AES-128-CBC AES-128-GCM DH, DSA, RSA-3072 ECDH, ECDSA-256 128 bits - SHA-256 HMAC-SHA-1 HMAC-SHA-256 AES-192-CBC AES-192-GCM - ECDH, ECDSA-384 192 bits - SHA-384 - HMAC-SHA-256 AES-256-CBC AES-256-GCM - ECDH, ECDSA-521 256 bits - SHA-512 - HMAC-SHA-256 For customers who are concerned that a quantum-computer might be built in the near future, we recommend using the larger keys algorithms (higher than 128-bit security level) recommended in NGE. BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 22 What is Suite B?
“Suite B” is not a protocol – but a profile for consistent security when using multiple cryptographically strong protocols. WHY Suite B? • Enables government customers to adhere to stronger consistent security requirements • Suite B offers the best technologies for future-proof cryptography, setting the trend for the industry • Eliminates the “mix and match” selection of protocols and key lengths.
The following documents provide guidance for using Suite B cryptography with internet protocols: IPsec using the Internet Key Exchange Version 2 (IKEv2): "Suite B Profile for Internet Protocol Security (IPsec)," RFC 6380 SSH: "Suite B Cryptographic Suites for Secure Shell (SSH),” RFC 6239 TLS: "Suite B Profile for Transport Layer Security (TLS)," RFC 6460 Enrollment over Secure Transport," RFC 7030 S/MIME: "Suite B in Secure/Multipurpose Internet Mail Extensions (S/MIME)," RFC 6318
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 23 Next Generation Encryption vs Suite B
ECDSA- AES-256-GCM ECDH-P521 P521 SHA-512
Encryption AES-192-GCM ECDH-P384 ECDSA-P384 SHA-384 Suite B mLoS Data Authentication 192
Key Establishment AES-128- ECDH-P256 ECDSA-P256 SHA-256 GCM Suite B mLoS Signatures 128
Hashing
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 24 NGE Enabled Encryption Architectures:
Available Today GM3 GM4 GM2 ASA Firewall GM5 CSM / ASDM GM 1 GM6 . . . Remote GM9 KS Access VPNs GM8 GM7
Guest User Data sent in clear GETVPN Sp ok Authenticated Encrypt Decrypt User e-3 802.1X &^*RTW#(*J^*&*sd#J$%UJ&( &^*RTW#(*J^*&*sd#J$%UJWD &( Site to Site, Supplicant with DMVPN, and MACsec MACsec Capable FlexVPN MACsec Link Devices MACsec
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 25 Service Provider Transport Options Today’s WAN Transport Catalog
Transport Transport Offerings Connectivity Layer MPLS IP VPN Layer 3 Any to Any Internet / Broadband Point to Point Layer 2 Ethernet (E-LINE, E-LAN) Point to Multipoint Multipoint to Multipoint OTN, SONET Layer 0 / 1 Point to Point DWDM / Dark Fiber
Other L3: Carrier Supporting Carrier, IP SatCom Other L2: ATM/FR, Ethernet/E-TREE, L2 SatCom Other L1: T1/E1, T3/ E3, DSx, OC-3/12/48/192
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 27 Layer 3 - Provider Offered Transport Options SP Offered IP VPN Service (Layer 3 Service) - Customer owns CE Layer 3 “IP VPN” Transport Services SP Managed “IP VPN” Service • CE Routers owned by customer
• PE Routers owned by SP
• Customer “peers” to “PE” via IP
• No labels are exchanged with SP PE CE Site1 SP Managed Domain • No end-to-end visibility of other CE’s L3 VPN CE Service Site 3 • Route exchange with SP done via PE Provider PE eBGP/static Site 2 CE IP Routing Peer • Customer relies on SP to advertise (BGP, Static, IGP) their internal routes to all CE’s in the Customer Customer VPN for reachability Managed Domain Managed Domain • SP can offer multiple services: QoS, multicast, IPv6 * No Labels Are Exchanged with the SP
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 28 Layer 2 - Provider Offered Transport Options VPN Service (Layer 3 Service) - Customer owns CE Layer 2 “Ethernet” Transport Services SP Managed “Ethernet” Service
• CE Routers owned by customer
• PE Routers owned by SP SP Managed Domain • Customer “peers” to own “CE” via IP CE Ethernet Service Site 1 • IP Route exchange done through the Ethernet CE SP Ethernet service (not to it) Service Site 3 Provider Ethernet Site 2 Ethernet PE • SP is nothing more than Ethernet (L2) PE “wire” transport CE IP Routing Peer (BGP, Static, IGP) • All IP (v4/v6, OSPF/EIGRP, MPLS, Customer Customer etc…) transparent to service Managed Domain Managed Domain
Same IP characteristics that apply to Ethernet, also apply to Optical/DWDM, ATM/FR, SONET/SDH, and T1/T3 Services
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 29 Layer 0/1 - Provider Offered Transport OptionsOffered IP VPN Service (Layer 3 Service) - Customer owns CE Layer 0/1 “Optical” Transport Services SP Managed “Optical” Service
• CE Routers owned by customer
• Optical Mux owned by SP (or SP Managed Domain customer) Optical Service CE • Customer “peers” to own “CE” via IP Site 1 Optical CE • IP Route exchange done through the Site 3 SP optical service (not to it) Site 2 Optical Transport Optical Mux Mux • SP is nothing more than Optical “wire” CE IP Routing Peer transport for “CE to CE” traffic (BGP, Static, IGP)
• Customer Customer All IP (v4/v6, OSPF/EIGRP, MPLS, Managed Domain Managed Domain etc…) transparent to service
Typical Optical offerings include: dark fiber, or lambda service
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 30 Today’s WAN Transport Catalog + Encryption
Transport Transport Connectivity Network Layer Offerings Topologies MPLS IP VPN Layer 3 Internet / Any to Any • Point-to-Point Broadband • Full Mesh • Partial Mesh Point to Point • Hub/Spoke Ethernet (E-LINE, Layer 2 Point to Multipoint • Multi-tier E-LAN) Multipoint to Multipoint • Hybrid (combination of OTN, SONET any) Layer 0 / 1 Point to Point DWDM
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 31 Today’s WAN Transport Catalog + Encryption
Transport Transport Connectivity Network Encryption Criteria Layer Offerings Topologies MPLS IP VPN Available Options? Layer 3 Internet / Any to Any • Point-to-Point Evaluation criteria ? Broadband • Full Mesh Recent Innovations? • Partial Mesh Point to Point • Hub/Spoke Ethernet (E-LINE, Impact of choice via: Layer 2 Point to Multipoint • Multi-tier E-LAN) - Transport ? • Hybrid Multipoint to Multipoint - Connectivity ? (combination of - Performance ? OTN, SONET any) Layer 0 / 1 Point to Point - Topology ? DWDM
Goal of this session
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 32 Traditional WAN Encryption Technologies
DMVPN, FlexVPN, GETVPN VPN Technology Positioning Data Center Core
Internet Edge IPSec Agg. GM GM
Remote Access KS KS SW Clients WAN Edge
Internet/Shared Network GET MPLS/Private Encrypted Network
Site-to- Site VPN
DMVPN/FlexVPN EzVPN/FlexVP GETVPN GM GETVPN GM GETVPN GM N Client Spoke Spoke BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 34 DMVPN Flexible Secure WAN Design Over Any Transport Dynamic Multipoint VPN (DMVPN)
Transport-Independent Flexible Secure
Simplifies WAN Dynamic Full-Meshed Proven Robust Design Connectivity Security • Easy multi-homing over any carrier • Consistent design over all transports • Certified crypto and firewall for service offering compliance • Automatic site-to-site IPsec tunnels • Single routing control plane with • Scalable design with high- • Zero-touch hub configuration for minimal peering to the provider new spokes performance cryptography in hardware
Internet
ASR 1000 WAN
ISR-G2
MPLS Branch ASR 1000 Data Center
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 36 DMVPN Components
• Next Hop Resolution Protocol (NHRP) • Creates a distributed (NHRP) mapping database of all the spoke’s tunnel to real (public interface) addresses • Multipoint GRE Tunnel Interface (mGRE) • Single GRE interface to support multiple GRE/IPsec tunnels • Simplifies size and complexity of configuration • IPsec tunnel protection • Dynamically creates and applies encryption policies (optional) • Routing • Dynamic advertisement of branch networks; almost all routing protocols (EIGRP, RIP, OSPF, BGP, ODR) are supported
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 37 Over-the-Top WAN Design With Dynamic Multipoint VPN (DMVPN)
• Branch spoke sites establish an IPsec tunnel to and SECURE ON-DEMAND TUNNELS register with the hub site
• Only the WAN IP addresses need to be known Hub by the WAN transport ASR 1000 • WAN interface IP address can be used for the tunnel source address Branch n IPsec • IP routing exchanges prefix information for each site VPN ISR G2 • BGP or EIGRP are typically used for scalability
ISR G2 • Data traffic flows over the DMVPN tunnels ISR G2 Branch 1 Branch 2 • When traffic flows between spoke sites, the hub assists the spokes to establish a site-to-site tunnel Traditional Static Tunnels • Per-tunnel QOS is applied to prevent hub site DMVPN On-Demand Tunnels oversubscription to spoke sites Static Known IP Addresses Dynamic Unknown IP Addresses
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 38 BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 39 FlexVPN What is FlexVPN? Overview
• VPN solution that combines site-to-site, remote-access, hub-spoke and spoke-spoke topologies
• Utilizes IKEv2 (only) for performing mutual authentication and establishing and maintaining Security Associations (SAs)
• FlexVPN combines multiple frameworks into a single, comprehensive set of CLI and binds it together offering more flexibility and a means to extend functionality in the future
• FlexVPN offers a simple but modular framework that extensively uses the tunnel interface paradigm
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 41 When To Use It?
. Customer desires to build site-to-site, remote-access, hub- spoke and spoke-spoke topologies utilizing a unified CLI . Large Scale deployment (of spoke to spoke and hub and spoke) . Customer wishes to reduce learning curve of implementing multiple different types of VPN connectivity . Customer requires IKEv2 features
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 42 FlexVPN
• One VPN to develop and position
• Everything works – Simplify Deployment and Operation
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 43 GETVPN BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 45 Main Components of GETVPN
Key Servers (KSs) • IOS devices responsible for creating /maintaining control plane • Distributing keys to the group members
GDOI (Group Domain of Interpretation, RFC 6407) Cryptographic protocol for group key management
Group Security Associations • Tunnel-less Network • No Peer-to-Peer Tunnel required • IPsec SAs shared by GM’s
Group Members (GMs) IOS devices used for encryption/decryption
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 46 BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 47 BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 48 BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 49 IPSec VPN Summary VPN Solutions Compared DMVPN FlexVPN GET VPN . Any-to-Any; . Large Scale Hub and Spoke . Converged Site to Site and (Site-to-Site) Network Style with dynamic Any-to-Any Remote Access . 24,000 group members . Up to 4000 sites . Up to 10000 sites per KS . Dyn Routing or IKEv2 Route Failover . A/A based on Dynamic Distribution . Transport Routing Redundancy Routing . Server Clustering . COOP Based on GDOI . Stateful Failover * . Multicast replication at hub . Multicast replication in . Multicast replication at hub IP Multicast . Multicast replication in IP WAN IP WAN network network * . Per Tunnel QoS, Hub to . Per SA QoS, Hub to Spoke QoS . Transport QoS Spoke . Per SA QoS, Spoke to Spoke* Policy Control . Locally Managed . Centralized Policy Management . Locally Managed
. Tunneled VPN . Tunneled VPN . Tunnel-less VPN Technology . Multi-Point GRE Tunnel . Point to Point Tunnels . Group Protection . IKEv1 or IKEv2 . IKEv2 Only . Private IP Transport Infrastructure . Public or Private Transport . Public or Private Transport . Flat/Non-Overlay IP Network . Overlay Routing . Overlay Routing Routing
3rd Party rd . No . Yes – up to 3 party . No Compatibility implementation
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 51 Evolving Encryption Solutions – Introduction to MACsec Challenges with Current WAN Encryption
• IPSec performance, complexity, and cost becoming more challenged • Throughput constrained to the performance of the IPSec encryption engine
• MPLS, Multicast, IPv6 in some cases require GRE tunneling to operate • GRE and IP overlays add an additional leverage of complexity and performance impact in certain router platforms
• Innovations such as DMVPN, MPLS VPN over mGRE simplify this, but IPSec performance still lowest common denominator and performance impact
• Line-rate encryption is becoming a requirement, that is simpler to operate, and removes levels of complexity from the WAN solution WAN MACsec targets addressing these challenges…
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 53 Link Speeds Out-Pacing IP Encryption
• Bandwidth application requirements out- pacing IP encryption capabilities
• Bi-directional and packet sizes further impact encryption performance
• IPSec engines dictate aggregate performance of the platform (much less that link router forwarding capabilities) BW
Link speed = Encryption Engine • Encryption must align with link speed (100G+) to support next-generation applications time
Link Speed IPSec Encryption Speed BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 54 Problems addressed by L2 Encryption
• IPSec performance, complexity, and cost becoming more challenged • Performance at a fraction of overall router throughput
• High-speed solutions target line-rate encryption
• Solves Architectural complexity
• Removes packet size/MTU issues
• Obscures IP and MPLS content
OTN and WAN MACsec targets these challenges…
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 55 New Applications and Architectures Driving WAN Encryption Rates
• Increasing bandwidth demands over the WAN for branch, applications and data centers
• Less applications run locally in branch locations, driving high-speed transport increases
• Highly resilient cloud computing architectures (C2S, GovCloud) driving high speed data center replication requirements
• Traffic pattern changes dictated by cloud, M2M communications, IoT/IoE
• Encryption landscape is changing driving high speed layered encryption solution offerings
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 56 What is MAC Security (MACsec)? Hop-by-Hop Encryption via IEEE802.1AE
• Hop-by-Hop vs End-to-End “Bump-in-the-wire” model -Packets are decrypted on ingress port -Packets are in the clear in the device -Packets are encrypted on egress port
• Allows the network to continue to perform all the packet inspection features currently used
Decrypt at Encrypt at Ingress Egress everything in clear 01101001010001001 01101001010001001 128bit AES GCM Encryption 128bit AES GCM Encryption 128bit AES GCM Encryption
01001010001001001000101001001110101 011010010001100010010010001010010011101010 01101001000110001001001000
ASIC
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 57 Confidentiality and Integrity 802.1AE based Encryption
• * NIST Special Publication 800-38D (http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf)
• MACsec provides Layer 2 hop-by-hop encryption and integrity, based on IEEE 802.1AE 802.1AE standard • 128/256 bit AES-GCM (Galois/Counter Mode) – NIST Approved * • Line rate Encryption / Decryption for both 1/10/40/100GbE interface • Replay Protection of each and every frame
Customer Benefits . Protects against man-in-the-middle attacks (snooping, tampering, replay) . Standards based frame format and algorithm (AES-GCM) . 802.1X-2010/MKA addition supports per-device security associations in shared media environments (e.g. PC vs. IP Phone) to provide secured communication . Network service amenable hop-by-hop approach compared to end-to-end approach (e.g. Microsoft Domain Isolation/virtualization)
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 58 Macsec Timeline
2013 802.1AEbw 2010 Amendment 2006 802.1af becomes MACSec defines 802.1AE part of 802.1x-2010 AES-GCM-XPN -128 MACSec AES- MACSec Key ann AES-GCM-XPN- 128-GCM Agreement (MKA) 256
2007 2011 2017 802.1af 802.1AEbn 802.1AEcg Authenticated Key Amendment Agreement for Current working MACSec MACSec adds group adds support AES-256-GCM for MACSec over provider bridges
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 59 MACsec Protocols & Algorithms Function Protocol Specification Encryption Algorithms 1 Device Identification Secure Device IEEE 802.1AR RSA, ECC Identification 2 Authentication and EAP: Extensible IEEE 802.1X (RFC 5126, TLS Based: Key Establishment Authentication Protocol RFC 4851) RSA, ECC, AES, (EAP-TLS, Cisco EAP-FAST) HMAC-SHA2
3 Control Key MKA: MACsec KEY IEEE 802.1X-2010 AES-128 KeyWrap, Management Agreement AES-128-CMAC AES-256-CMAC
4 Authorization and RADIUS with Cisco Key RFC 6218 AES-128-KeyWrap, Key Distribution Wrap Attributes HMAC-SHA-2 DTLS IPSec 5 Bulk Data MACsec IEEE 802.1 AE AES-GCM-128 Encryption 802.1AEbn AES-GCM-256 802.1AEbw AES-GCM-128-XPN 802.1AEcg AES-GCM-128-XPN BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 60 802.1AE (MASec) Tagging TrustSec Frame Format Authenticated Encrypted
DMAC SMAC 802.1AE Header 802.1Q CMD ETYPE PAYLOAD ICV CRC
0x88e5
MACsec EtherType TCI/AN SL Packet Number SCI (optional)
Frames are encrypted and protected with an integrity check value (ICV)
MACsec Ethertype is 0x88e5
No impact to IP MTU/Fragmentation
L2 Frame MTU Impact*: ~ 40 bytes = less than baby giant frame (~1600 bytes with 1552 bytes MTU)
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 61 Quick MACsec Terminology Acronym Definition MACsec Key Agreement – defined in IEEE 802.1XREV-2010 is a key agreement protocol for MKA discovering MACsec peers and negotiating keys
Master Session Key, generated during EAP exchange. Supplicant and authentication server MSK use the MSK to generate the CAK.
Connectivity Association Key is derived from MSK. CAK is a long-lived master key used to CAK generate all other keys used for MACsec. CKN Connectivity Association Key Name – identifies the CAK Secure Association Key is derived from the CAK and is the key used by supplicant and switch SAK to encrypt traffic for a given session.
Key Server KS • responsible for selecting and advertising a cipher suite • responsible for generating the SAK from the CAK.
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 62 MACsec Key Agreement (MKA) and EAP Authentication
Authenticator/AS Supplicant
Mutual Authentication, IEEE 802.1X/EAP MSK
MACsec Key Agreement protected by key derived from the EAP IEEE 802.1X/MKA MACsec Key MACsec protecting IEEE 802.1AE data
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 63 MACsec Functional Sequence
Supplicant Authen cator Authen ca on Server
EAPoL: EAP Request-Iden ty
1 EAPoL: EAP-Response: Alice I Authen ca on RADIUS Access-Request E
E
and Master Key [AVP: EAP-Response: Alice] E
Distribu on RADIUS Access-Challenge 8
0
[AVP: EAP-Request: PEAP] 2
.
1
RADIUS Access-Accept X EAP Success [AVP: EAP Success] [AVP: EAP Key Name] [AVP: CAK]
2 EAPoL-MKA: Key Server
Session M EAPoL-MKA: MACSec Capable Key K
A
Agreement EAPoL-MKA: Key Name, SAK EAPoL-MKA: SAK Installed
AES-GCM-128 M 3 Session Encrypted Data A
C
Secure Encrypted Data S
e
c
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 64 MACsec Key Hierarchy
• Two Methods to derive Encryption Keys EAP MSK • 802.1x/EAP • Pre-shared Keys CKN CAK
ICK KEK SAK • If EAP method is used – all keys are generated from the Master Session Key (MSK)
• If Pre-shared Key is used the CAK=PSK Pre-Shared Key and the CKN must be manually entered CAK CKN
ICK KEK SAK
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 65 MKA with Pre-shared and cached CAKs • When EAP is not used for Authentication – a pre-shared key (PSK) can be used. The CAK is manually placed in the router/switch configuration and used as the PSK
• Some EAP/MACsec use cases require the link to come up even if the AAA server cannot be reached • A preinstalled CAK can be cached in the configuration, and then used until such time as the AAA server is reached and a new CAK is obtained.
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 66 Cryptography: Keys used in MKA (CAK/CKN)
MKA uses a key hierarchy based on a single long-term key (CAK) CAK is derived from the EAP MSK using a key derivation function (KDF) defined in NIST SP800-108. The following is for a 128-bit CAK. (The key is longer for a 256-bit CAK.) CAK = KDF(MSK[0-15], "IEEE8021 EAP CAK”, mac1 | mac2, CAKlength)
A unique name is derived for the CAK, called a CKN. This is like a KeyID CKN = KDF(MSK[0-15], "IEEE8021 EAP CKN”, mac1 | mac2, CKNlength)
Note: A pre-shared or cached CAK requires both the CAK and CKN to be saved in the network device configuration, as well as some policy (e.g., cipher suite)
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 67 Keys used in MKA (MKA keys/SAK)
• Two keys are generated from the CAK by MKA ICV Key (ICK) used to prove an authorized peer sent the message ICK = KDF(CAK, “IEEE8021 ICK”, Keyid, ICKLength) Key Encrypting Key (KEK) used to protect the MACsec keys (SAK) KEK = KDF(CAK, “IEEE8021 KEK”, Keyid, KEKLength)
• A MACsec key is called a Secure Association Key (SAK) • It is typically generated using the KS FIPS 140-2 compliant random number generator • Alternatively, it can be generated using a KDF, including randomness provided by other participants as well as the KS. This protects against a failure in KS randomness SAK = KDF(CAK, “IEEE8021 SAK”, KS-nonce | MI-value list | KN, SAKlength) Where: KS-nonce is randomness provided by the KS, MI-value list includes a 32-bit value provided by each member in the group (not the MAC address) KN is a counter maintained by the KS
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 68 MKA Key Chain configuration
Key Chain Name
Connectivity Association Key Name (CKN)
MKA Authentication Cipher
Connectivity Association Key (CAK) • 32 Characters for 128bit • 64 Characters for 256bit
Lifetime Note: The lifetime is for the CKN not the CAK
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 69 MKA Policy
MKA Policy Name MACsec Cipher suite for Secure Association Key (SAK)
Confidentiality Offset
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 70 MACSec Interface Configuration
MKA Policy Name
Key Chain Name Enables MACSec
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 71 MKA Info
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 72 MACSec Status
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 73 MACSEC SA Scale with Re-Keying (ASR9K)
• We always allocate 2 SAs: • 1st SA = Active SA has SAK • 2nd SA = Idle SA reserved for re-keying, has no SAK
• During re-key time there is time overlap to: 1. Exchange and install new SAK key and bind it to idle SA 2. Purge the old SAK key and allocate an new idle SA
MACSEC Re-Keying R1 R2 AES-GCN-256-bit Effective Scale with Re-Keying Total MACSEC 10G = 1,600 Ports Per System 40G = 320 Time Axis 100G = 160 Per Port SA Count 10G Tx/Rx SAs = 32/2 = 16 Only 1 SA Installed T1 SA1 SA1 Idle SA1 SAK1 SA1 Idle 40G Tx/Rx SAs = 128/2 = 64 SAK1 100G Tx/Rx SAs = 256/2 = 128 SA1 SAK1 Re-Keying 2 T2 SA1 Total MACSEC SAs 10G Tx/Rx SAs = 51,200/2 = 25,600 SAK1 SAs installed SA2 SA2 SAK2 Per System 40G Tx/Rx SAs = 40,960/2 = 20,480 SAK2 100G Tx/Rx SAs = 40,960/2 = 20,480 Re-Key Complete T3 SA2 SA2 Idle Purge Old SAK SA2 SA2 Idle SAK2 SAK2 Reclaim SA
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 74 Handing MACSEC Out-of-Sequence Frames Replay-Protection-Window-Size Behavior
• Replay protection Window Size = Maximum out-of-sequence frames MACSEC accepts and not discarded
• MACSEC Egress Decryption PE expects: • All frames to be received in sequence as 1,2,3, etc … (ascending order) • All out-or-order or out-of-sequence frames should not exceed “Replay Protection Window Size” • If any frame with sequence number outside of window size arrives it will be discarded. Eg, window expects 1-64, but we get 100 then100 will be discarded. Replay-Protection-Window-Size = 0 Replay-Protection-Window-Size = 64 Strict Discard Enforced Max 64 out of Sequence accepted
MACSEC Rx PHY MACSEC Rx PHY
Frame Sequence Number: Frame Sequence Number: etc 62 …,15,14,63,64,11,10,8,7,9,6,5,4,3,2,1 …,15,14,13,12,11,10,8,7,9,6,5,4,3,2,1
All Discarded Accepted All Accepted Out-of-Sequence Out-of-Sequence Detected Detected BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 75 Let’s talk MACsec Access Control
• Use the macsec access-control {must-secure | should-secure} command to control the behavior of unencrypted packets.
• The should-secure keyword allows unencrypted packets from the physical interface or subinterfaces to be transmitted or received.
• The must-secure keyword does not allow unencrypted packets from physical interface or subinterfaces to be transmitted or received. All such packets are dropped except for MKA control protocol packets
CAUTION
• If MACsec is enabled only on selected subinterfaces, configure the should-secure keyword option on the corresponding interface.
• The default configuration for MACsec on subinterfaces is macsec access-control must-secure. This option is enabled by default when the macsec command is configured on an interface.
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 76 WHY AES-GCM-XPN?
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 77 MACsec and IPsec Comparison
Category MACsec IPsec Market Positioning 1. Aggregate Deployments such as Regional Hubs 1. Small Branches 2. Large Branches that require high throughput 2. High Scale deployments 3. Data Center Interconnects 3. Low throughput Branches 4. Beyond MetroE (International) Reach Link Requires dedicated MetroE EVC circuits for L2 connectivity Easily Routable over many commonly available public Requirement/Topologi between sites network es Point-to-Point, Point-to-MultiPoint Any Topology Encryption Per PHY Link Speed (1G, 10G, 40G, 100G) Constrained by IPsec Crypto engine performance Performance Services Enablement No impact to encryption throughput Impacts encryption throughput
Peers Scale Limited by hardware resources Highly Scalable Throughput Up to Line Rate on each port (limited only by the forwarding Aggregate throughput (limited by the encryption capability) throughput) Configurability Simple configuration More complex configuration and policy choices
Layer 3 Visibility for No. Except Layer 2 headers (and optionally VLAN/MPLS Labels) Visible. L3 info can be used for monitoring & policy Monitoring everything else is encrypted enforcement purposes
Kural Arangasamy BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 78 MACsec Deployment Models and Use Cases Carrier Ethernet Services Overview Primary focus areas in this session for MACsec discussion
Source: Carrier Ethernet Services Overview - http://metroethernetforum.org/Presentations
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 81 Source: Overview presentation of the MEF - http://metroethernetforum.org/Presentations
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 82 Router Peering Model View over E-LINE Point to Point E-LINE Service Physical View
CE2 CE1
P2P “virtual” Carrier Ethernet Ethernet Service Pseudo-wire E-LINE (P2P)
CE4 CE3 Ethernet Sub-interface with 802.1q support Central Site
IP Routing Peer (BGP, Static, IGP)
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 83 Router Peering Model View over E-LINE Point to Point E-LINE Service Physical View Logical View
CE2 CE2 CE1 CE1
Routers peer per P2P “virtual” Carrier Ethernet VLAN sub- Ethernet Service Pseudo-wire interface per PW E-LINE (P2P)
CE4 CE3 CE4 CE3 Ethernet Sub-interface with Central Ethernet Sub- Central 802.1q support interface with Site 802.1q support Site
• E-LINE is a point-to-point virtual “Ethernet wire” service IP Routing Peer • Connection model can be point to point, with virtual (BGP, Static, IGP) multiplexing at hub site via 802.1Q/sub-interface offering BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 84 Source: Overview presentation of the MEF - http://metroethernetforum.org/Presentations
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 85 Router Peering Model View for E-LAN
Physical View Logical View CE2 CE2 CE1 CE1 Routing Peers (N – 1)
Carrier Ethernet Service Flat Ethernet Bridge domain E-LAN (multi-pt)
Single VLAN
CE3 CE4 CE3 CE4
• E-LAN emulates the network as an “Ethernet switch”
• Routers appear as part of a single “flat” Ethernet domain
• Caution required as IP Peering is N – 1 (N = # of router nodes) IP Routing Peer • Transport is MAC address aware of “well known” MAC (BGP, Static, IGP) addresses and Ether types BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 86 What is WAN MACsec? What is “WAN MACsec? Secure Ethernet Link(s) over Public Ethernet Transport MKA Session
Service Provider Owned Routers/Bridges Data Data Center Public Carrier Center Ethernet Service Remote Central Campus/DC Campus/DC
• Leverage “public” standard-based Ethernet transport MACsec MKA Session
• Optimize MACsec + WAN features to accommodate MACsec Secured Path / MKA running over public Ethernet transport Session MACsec Capable Router • Target “line-rate” encryption for high-speed applications MACsec Capable PHY • Inter DC, MPLS WAN links, massive data projects SP Owned Ethernet • Targets 100G, but support 1/10/40G as well Transport Device
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 88 What is “WAN” MACsec? New Enhancements to 802.1AE for WAN/Metro-E Transport
• AES-256 (AES/GCM) support – 1/10/40 and 100G rates • Target Next Generation Encryption (NGE) profile that currently leverages public NSA Suite B • Standards Based MKA key framework • (defined in 802.1X-2010) within Cisco security development (Cisco “NGE”) • Ability to support 802.1Q tags in clear • Offset 802.1Q tags in clear before encryption (2 tags is optional) • Vital Network Features to Interoperate over Public Carrier Ethernet Providers • 802.1Q tag in the clear • Ability to change MKA EAPoL Destination Address type • Ability to change MKA Ether-type value • Ability to configure Anti-replay window sizes • System Interoperability • Create a common MACsec integration among all MACsec platforms in Cisco and Open Standards
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 89 MACsec vs. “WAN” MACsec Support
Capability MACsec WAN MACsec Data Plane Encryption AES-128 (AES-GCM) AES-128/AES-256 (AES-GCM)
1/10/40/100G AES-256/GCM No (AES-128 only) Yes
Control Plane Keying SAP (Cisco) MKA (IEEE)
802.1Q Tag in the Clear No Yes
Point to MultiPoint Topology No Yes
MKA EAPoL Tuning No Yes
MKA Ether Type Tuning No Yes
Anti Replay Window Support Limited Yes
Multi Vendor Support No Yes
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 90 WAN MACsec Topology Basic Site to Site Example
Data Data Center Public Carrier Center Ethernet Service Remote Central Campus/DC Campus/DC
• Leverage “public” standard-based Ethernet transport MACsec Secured Path / MKA Session • Optimize MACsec + WAN features to accommodate the MACsec Capable Router
service provider transport requirements MACsec Capable PHY
• Offer “line-rate” alternatives to IPSec when high-speed SP Owned Ethernet encryption is required for certain applications (DCI, Transport Device storage replication, service provider backbone WAN links
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 91 WAN MACsec Use Cases Primary WAN MACsec Use Cases
1. Point to Point (E-LINE) 2. Point to Multi Point (E-LINE/E-LAN) 3. Multi-point to Multi-point (E-LAN)
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 93 WAN MACsec: Top Enterprise and SP Use Cases
Use Case Applicability Transport
Metro E - Branch Router Back- Encryption requirements exceed IPSec E-LINE haul capabilities E-LAN High Speed Data Center Targets 10 / 40/ 100Gbps DC interconnect E-LINE Interconnect (DCI) links for storage replication and workload optical/fiber movement MPLS Core / Edge Links Encrypt all PE-P, P-P links inside of an MPLS E-LINE Security backbone. Allows transparency of MPLS optical/fiber labels, TE, Segment Routing, etc… Secure PE-CE links to Trusted Service Provider option for offering secure PE- E-LINE SP Service CE transport when PE is in Co-Lo over E-LAN untrusted links Secure Metro Ethernet Service Service Provider option for offering “secure” E-LINE Offering Metro E services to end customers E-LAN Hybrid MACsec and IPSec Position MACsec in high-speed core, and E-LINE/E- Design IPSec for high-volume sites, lower speed LAN/IPSec
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 94 WAN MACsec: Top Enterprise and SP Use Cases
Use Case Applicability Key WAN MACsec Feature Focus Transport
Leverage MACsec encryption rates Line-rate encryption 10Gb+, 802.1Q tag in the High-speed Branch E-LINE without need for expensive IPSec clear, Carrier-E adaption features, no GRE Router Back-haul E-LAN engine Targets 10Gbps – 100Gbps DC 100Gb Line-rate encryption, 802.1Q tag in the High Speed Data Center E-LINE interconnect links for DC replication and clear, Carrier-E adaption features, no GRE Interconnections (DCI) optical/fiber workload movement Simplified encryption Leverage MACsec over Ethernet back- Line-rate encryption 10Gb+, 802.1Q tag in the E-LINE solutions where lower- haul service clear, Carrier-E adaption features, no GRE ELAN cost Ethernet is offered Securing MPLS links in Encrypt all PE-P, P-P links inside of an 100Gb Line-rate encryption, 802.1Q tag in the Self Managed MPLS MPLS backbone. Allows transparency clear, no MPLS over GRE requirements E-LINE backbone of MPLS labels, MPLS TE, Segment optical/fiber Routing, etc… SP option for offering secure PE-CE Line-rate encryption 10Gb+, 802.1Q tag in the Securing PE-CE links to E-LINE transport when PE is in Co-Lo over clear, Carrier-E adaption features Trusted SP Service ELAN (SP) untrusted links Secure Metro Ethernet SP option for offering “secure” Metro Line-rate encryption 100Gb+, 802.1Q tag in E-LINE Service Offering Ethernet services to end customers the clear ELAN (SP)
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 95 Use Cases Leveraging E-LINE Router Peering Model View over E-LINE Point to Point E-LINE Service Physical View Logical View
CE2 CE2 CE1 CE1
Routers peer per P2P “virtual” Carrier Ethernet VLAN sub- Ethernet Service Pseudo-wire interface per PW E-LINE (P2P)
CE4 CE3 CE4 CE3 Ethernet Sub-interface with Central Ethernet Sub- Central 802.1q support interface with Site 802.1q support Site
• E-LINE is a point-to-point virtual “Ethernet wire” service IP Routing Peer • Connection model can be point to point, with virtual (BGP, Static, IGP) multiplexing at hub site via 802.1Q/sub-interface offering BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 97 WAN MACsec Use Cases High Speed Site to Site MKA Session
Data Data Center Carrier Ethernet Center Service
Central Central Site Site
MACsec Secured Path / MKA • Point to point PW (EPL) service Session • Typically Port-mode, or 802.1Q offering MACsec Capable Router MACsec Capable PHY • Target Solution: High-speed (line-rate) transfers SP Owned Ethernet • Speeds typically exceed IPSec Transport Device • Reduce IPSec complexity (DMVPN, GRE tunnels) MACsec MKA Session
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 98 WAN MACsec Use Cases High Speed 40/100G WAN Applications
E-LINE - Point to Point • Use Cases – Requirement • 10GE 100GE High speed Site to Site requirement • Campus, WAN, DCDC, Metro E • Data Center Interconnect (replication, massive storage transfers) • SP: IP/MPLS core/edge links (PE–P, P–P, PE–PE) Carrier Ethernet • H-QOS: per sub-interface Service • WAN MACsec Features Central Central • Strong Encryption: AES-GCM-256 (Suite B) Site / DC 1 Site / DC 2 • 802.1Q in the clear (VRF-lite option) • Key Benefits MACsec Capable Router MACsec Secure Path / MKA Session • Simple to configure • 10/100G line-rate encryption MACsec enable Ethernet PHY • Transparent to WAN Technology (IP/MPLS, Multicast) • Cost Effective encryption, even in Terabit Routers
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 99 WAN MACsec Use Cases E-LINE – Single Site to Site
Data Data Center Carrier Ethernet Center Service
Central Central Site Site
MACsec Secured Path / MKA Session • Point to point PW service (no MAC address lookup) MACsec Capable Router
• Typically Port-mode, or 802.1Q offering MACsec Capable PHY
• Target Solution: High-speed (line-rate) transfers SP Owned Ethernet Transport Device • Speeds typically exceed IPSec • Reduce IPSec complexity (DMVPN, GRE tunnels)
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 100 WAN MACsec Use Cases E-LINE – Single Site to Site
E-LINE - Point to Point • Use Cases – Requirement • 10GE 100GE High speed Site to Site requirement • Data Center Interconnect (replication, massive storage transfers) • IP/MPLS core/edge links (PE – P, P – P, PE – PE) Carrier • H-QOS: per sub-interface Ethernet Service • WAN MACsec Features
• Strong Encryption: AES-GCM-256 (Suite B) Central Central • 802.1Q in the clear (VRF-lite option) Site / DC 1 Site / DC 2
• Target Customer MACsec Capable Router • Enterprise, Cloud Provider, Federal/Government MACsec Secure Path / MKA Session • Service provider desiring secure WAN links MACsec enable Ethernet PHY
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 101 WAN MACsec Use Cases E-LINE Point to Multipoint Backhaul MKA Session
Data Carrier Ethernet Center Service Branch Central Site
Branch MACsec Secured Path / MKA Session • Point to point PW service (no MAC address lookup) MACsec Capable Router MACsec Capable PHY • Must leverage 802.1Q offering at Central site SP Owned Ethernet Transport Device • Target Solution: Simple and/or high-speed Branch Backhaul MACsec MKA Session • Speeds typically exceed IPSec 802.1Q MACsec PHY • Reduce IPSec complexity (DMVPN, GRE tunnels) BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 102 802.1AE (MacSec) Tagging TrustSec Frame Format Authenticated Encrypted
DMAC SMAC 802.1AE Header 802.1Q CMD ETYPE PAYLOAD ICV CRC
0x88e5
MACsec EtherType TCI/AN SL Packet Number SCI (optional)
Frames are encrypted and protected with an integrity check value (ICV)
MACsec Ethertype is 0x88e5
No impact to IP MTU/Fragmentation
L2 Frame MTU Impact*: ~ 40 bytes = less than baby giant frame (~1600 bytes with 1552 bytes MTU)
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 103 802.1AE (MACsec) “Tag in Clear”
Encrypted
DMAC SMAC 802.1AE Header 802.1Q CMD ETYPE PAYLOAD ICV CRC
0x88e5
MACsec Ether Type TCI/AN SL Packet Number SCI (optional)
802.1Q tag in clear Encrypted
DMAC SMAC 802.1Q 802.1AE Header CMD ETYPE PAYLOAD ICV CRC
0x88e5
MACsec Ether Type TCI/AN SL Packet Number SCI (optional)
• 802.1Q tag offers significant network design options over the carrier network
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 104 WAN MACsec Use Case – 802.1Q Tag in the Clear
. Key to solution is use of 802.1q for logicalC connectivity to each site H . This is analogous to “channelization” in SONET 4 . Router enables logical IP sub-interface using8 with 802.1Q tag per location . This will allow multiple connections into a single PHYSICAL interface Physical Ethernet Wire
10 Public MACsec 20 Ethernet Transport PHY 30 40
802.1Q VLAN tags to provider
Ethernet Interface Supporting 802.1q Trunking Encrypted Ethernet session per destination using 802.1q tag on SP n-PE
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 105 WAN MACsec – 802.1Q Tag in the Clear Expose the 802.1Q tag “outside” the encrypted payload
Example: ... interface GigabitEthernet0/0/4 macsec dot1q-in-clear 1 Allows the ability to leverage MACsec on a per sub-interface Interface GigabitEthernet0/0/4.20 basis, exposing the “802.1Q tag” encapsulation dot1Q 20 outside the encryption header. ip address 10.3.2.1 255.255.255.0 mka pre-shared-key key-chain k1 macsec ! Interface GigabitEthernet0/0/4.30 encapsulation dot1Q 30 ip address 10.3.3.1 255.255.255.0 mka pre-shared-key key-chain k1 macsec Note: “1” denotes one .1Q tag depth
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 106 WAN MACsec Use Cases Point to Multi-point Topology (Hub/Spoke) with 802.1Q Tag in Clear
• Use Case - Requirement E-LINE - Point to Multipoint • High Speed hub-and-spoke Topology Support • Leverage low-cost/high-speed Metro E transport Branch n • Ability to mix MACsec with IPSec • MACsec – high-speed, low-volume locations over Metro E Branch 2 • IPSec – lower-speed, high-volume locations over IP
• Cost Effective Design where N x 10G is required Carrier Ethernet • WAN MACsec Features Service • Strong Encryption: AES-GCM-256 (Suite B) Branch 1 Central • Leverage 802.1Q in the clear (Hub-Site logical separation) Site • Key Benefits • Simple to configure MACsec Capable Router • Lower cost hardware design for N x 10Gbps+ encryption MACsec Secure Path / MKA Session • Ex: 1 RU ASR1001-x, 20G MACsec, 4G IPSec MACsec enable Ethernet PHY • 802.1Q Tag in Clear allows simple site aggregation MACsec 802.1Q Ethernet PHY • Flexible to support MACsec and IPSec at Central Site
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 107 WAN MACsec Use Cases E-LINE Point to Multipoint Backhaul
Data Carrier Ethernet Center Service Branch Central Site
Branch MACsec Secured Path / MKA Session • Point to point PW service (no MAC address lookup) MACsec Capable Router MACsec Capable PHY • Must leverage 802.1Q offering at Central site SP Owned Ethernet Transport Device • Target Solution: Simple and/or high-speed Branch Backhaul • Speeds typically exceed IPSec • Reduce IPSec complexity (DMVPN, GRE tunnels) BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 108 802.1AE (MacSec) Tag in “Clear”
Encrypted
DMAC SMAC 802.1AE Header 802.1Q CMD ETYPE PAYLOAD ICV CRC
0x88e5
MACsec EtherType TCI/AN SL Packet Number SCI (optional)
802.1Q tag in clear Encrypted
DMAC SMAC 802.1Q 802.1AE Header CMD ETYPE PAYLOAD ICV CRC
0x88e5
MACsec EtherType TCI/AN SL Packet Number SCI (optional)
• 802.1Q tag offers significant network design options over the carrier network
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 109 WAN MACsec Use Case – 802.1Q Tag in the Clear
MKA Session
Data Carrier Ethernet Center Service Branch Central Site
Branch PHY Encrypted Ethernet session per Expanded PHY View destination using 802.1q tag on SP n-PE PHY
20 Sub-int
30 Sub-int
Physical Ethernet cable
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 110 WAN MACsec Use Case – 802.1Q Tag in the Clear
. Key to solution is use of 802.1q for logicalC connectivity to each site H . This is analogous to “channelization” in SONET 4 . Router enables logical IP sub-interface using8 with 802.1Q tag per location . This will allow multiple connections into a single PHYSICAL interface Physical Ethernet Wire
10 Public MacSec 20 Ethernet Transport PHY 30 40
802.1Q VLAN tags to provider
Ethernet Interface Supporting 802.1q Trunking Encrypted Ethernet session per destination using 802.1q tag on SP n-PE
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 111 WAN MACsec Use Case – 802.1Q Tag in the Clear
MKA Session
Data Carrier Ethernet Center Service Branch Central Site
Branch PHY Expanded PHY View
Sub-int
Sub-int
Physical Ethernet cable
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 112 WAN MACsec Use Cases E-LINE – Point to Multi-point Topology • Use Case - Requirement E-LINE - Point to Multipoint • High Speed hub-and-spoke requirement • Targets < 30 Site Remote Branch back-haul topology (SA Limit) Branch n
• Ability to leverage low-cost/high-speed local Metro E Branch 2 transport • May require H-QOS: per sub-interface (Hub), Sub-rate (spoke) Carrier • Desire is to eliminate IPSec complexity Ethernet Service • WAN MACsec Features • Strong Encryption: AES-GCM-256 (Suite B) Branch 1 Central • Ability to leverage 802.1Q in the clear (Hub-Site logical Site separation), offering flexible topology options
MACsec Capable Router • Target Customer MACsec Secure Path / MKA Session • Low cost Ethernet transport service available • May require encryption exceeding IPSec capabilities, MACsec enable Ethernet PHY specifically at the Hub location MACsec 802.1Q Ethernet PHY • Targets: Enterprise, Commercial, Federal/Government
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 113 Use Cases Leveraging E-LAN Source: Overview presentation of the MEF - http://metroethernetforum.org/Presentations BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 115 Router Peering Model View for E-LAN
Physical View Logical View CE2 CE2 CE1 CE1 Routing Peers (N – 1)
Carrier Ethernet Service Flat Ethernet Bridge domain E-LAN (multi-pt)
Single VLAN
CE3 CE4 CE3 CE4
• E-LAN emulates the network as an “Ethernet switch”
• Routers appear as part of a single “flat” Ethernet domain
• Caution required as IP Peering is N – 1 (N = # of router nodes) IP Routing Peer • Transport is MAC address aware of “well known” MAC (BGP, Static, IGP) addresses and Ether types BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 116 WAN MACsec Use Cases E-LAN Point to Multipoint Backhaul
Data Carrier Ethernet Center Service Branch Central Site
Branch MACsec Secured Path / MKA • MAC address lookup based service Session MACsec Capable Router • WAN MACsec destination EAPoL address change may be required • Allows MKA session over any Carrier Ethernet transport MACsec Capable PHY
SP Owned Ethernet • Leverage any-to-any forwarding of E-LAN service Transport Device
• Target Solution: Traffic patterns that require any to any connectivity (voice, video, distributed application locations)
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 117 Adapting to Service Provider Ethernet Services Enhancement: Ability to Change EAPoL Destination Address
• MKA uses Extensible Authentication Protocol over LAN (EAPoL) as the transport protocol
• By default, EAPoL uses a destination multicast MAC address of 01:80:c2:00:00:03
• Because EAPoL is a standards (802.1X), the SP may consume this packet (based on the destination multicast MAC address)
• If so, the EAPoL packet will eventually get dropped, causing the MKA session establishment process to fail
• We need a method to change the destination MAC address of an EAPoL packet, to ensures the SP tunnels the packet like any other data packet instead of consuming them.
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 118 EAPoL “Destination Address” Change Command
• The “eapol destination-address” command allows the operator to change the destination MAC address of an EAPoL packet that is transmitted on an interface towards the service provider (to destination MACsec router).
• This ensures that the service provider tunnels the Ethernet frame like any other data packet instead of consuming them.
• Example:
... interface GigabitEthernet0/0/4 Leverage “broadcast” address macsec dot1q-in-clear 1* as the destination EAPoL macsec replay-protection-window-size 100 address. Provider switch will eapol destination-address broadcast forward as standard “broadcast” Ethernet frame.
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 119 EAPoL “Ether Type” Change Command
• The “macsec eth-type” command allows the operator to change the destination Ether Type value of an EAPoL packet to a “well known” value on an interface connecting to the Ethernet service provider (to destination MACsec router).
• This ensures the service provider forwards the Ethernet frame/ether-type like any other data packet instead of consuming them.
• Example:
... interface GigabitEthernet0/0/4 macsec dot1q-in-clear 1* Leverages a “well known” ether macsec replay-protection-window-size 100 type value. eapol destination-address broadcast Provider bridge will NOT ingest macsec eth-type B860 frame as ether-type 0xB860 is assumed “well known”. Note: “macsec eth-type” will be replaced with “eapol eth-type” in next release BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 120 WAN MACsec Use Cases Point to Multi-point / Multi-point to Multi-point Topology
• Use Case - Requirement E-LAN - Multipoint to Multipoint • High Speed Any-to-Any Topology Support • Targets ~30 sites (10G PHY), 64 SA HW limit Branch n • Leverage lower-cost E-LAN Metro E service • Traffic patterns dictated by business application behavior Branch 2 • Cost Effective Design where N x 10G is required
Carrier • WAN MACsec Features Ethernet • Strong Encryption: AES-GCM-256 (Suite B) Service • Leverage 802.1Q in the clear (Hub-Site logical separation) Branch 1 Central • Leverage (if needed) use of EAPoL “destination-address” Site and “ether type change control feature
• Key Benefits MACsec Capable Router • Simple to configure MACsec Secure Path / MKA Session • Ability for router to adjust to providers Ethernet services MACsec enable Ethernet PHY • EAPoL Dest-addr and Ether Type MACsec 802.1Q Ethernet PHY • 802.1Q Tag in Clear allows simple site aggregation • Flexible to support MACsec and IPSec at Central Site BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 121 Additional Customer Use Cases Gaining Interest WAN MACsec for Secure MPLS Backbone Per Link Encryption at 100Gb+ with MACsec End-to-End •IP/MPLS •Segment Routing •IPv6 Data Center
P4 PE2 Enterprise Site Data P1 Center P3 PE 1 Enterprise Data Site P2 Center PE3 Enterprise Site • Leverage MACsec encryption on WAN links connecting PE and P routers in MPLS Core up to 100Gb, N x 100Gb • Offers the ability of “per hop” analytics at P/PE hops MACsec Secured Path / MKA Session • WAN links transparent to: MPLS, MPLS-TE, IPv4/v6, QoS, IS-IS, MACsec Capable Router OSPF, BGP, multicast • Seamless transparent encryption when using Segment Routing BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 123 Hierarchical “Hybrid” MACsec + IPSec Design CSR MACsec IPsec High Throughput Encryption + Lower Scale Sites Lower Throughput Encryption + High Scale Sites
Co Lo Facility Regional IPsec Sites Hub 1 Branch Branch Internet Carrier Ethernet Service Branch Enterprise IPsec Network Branch
Internet Branch Regional Branch MPLS WAN Hub 2 MACsec (WAN MACsec) MACsec Metro E IPsec Branch Regional Hub 3 + DC • “Hybrid” design option for mix of scale, performance, leveraging Ethernet services • MACsec: Core/Backbone Transport – Higher throughput BW, Lower Number of Sites • IPSec: Branch/back-haul – Lower throughput BW, higher number of sites, cloud (CSR)
BRKRST-2309 © 20162017 Cisco and/or its affiliates. All rights reserved. Cisco Public 124 Why OTN Encryption? • Bulk Encapsulation of the client signal ensures line rate • Encrypting the OTN Payload allows Transparency and Interoperability
OC-192/STM-64 Fibre Channel Ethernet OTU-2
OTN Overhead PAYLOAD
Data Center A
Data Center B
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 125 Optical Transport Network (OTN) Encryption
OTN DC Edge Data Center #2 OTN Router OTN DC Data Center #1 Edge Router OTN DC Edge Data Center #3 Router • Bulk Encryption at the OTN layer provides protocol agnostic, line rate, client payload encapsulation security across the transport network OTN Secured Path / MKA Session • Eliminates the need to encrypt at the IP, Ethernet, SONET or application layers NCS 2000 + OTN Encryption Interface
• Encryption is line-rate at 10Gbps (100 Gbps future)
• Idea, solution: DCI, or when fiber channel needs protection BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 126 Separate Customer and Provider Control Allocation of Addresses
“Old” 802.1Q Address C-VLAN Component S-VLAN-Component Bridge 01:80:C2:00:00:00 BPDUs Bridge Group Address Treat as Data 01:80:C2:00:00:01 802.3 Pause 802.3 Full Duplex PAUSE Operation 802.3 Full Duplex PAUSE Operation 01:80:C2:00:00:02 Slow Protocols 802.3 Slow_Protocols_Multicast Address 802.3 Slow Protocols Multicast Address 01:80:C2:00:00:03 802.1X 802.1X PAE Address 802.1X PAE Address Reserved for Future Standardization—Media Access Method Reserved for Future Standardization—Media Access 01:80:C2:00:00:04 LLDP Specific (LLDP) Method Specific Reserved for Future Standardization—Media Access Method Reserved for Future Standardization—Media Access 01:80:C2:00:00:05 Specific Method Specific 01:80:C2:00:00:06 Reserved for Future Standardization Reserved for Future Standardization 01:80:C2:00:00:07 Reserved for Future Standardization Reserved for Future Standardization 01:80:C2:00:00:08 Provider Bridge Group Address Provider Bridge Group Address 01:80:C2:00:00:09 Reserved for Future Standardization Reserved for Future Standardization Reserved: Do Not 01:80:C2:00:00:0A Reserved for Future Standardization Reserved for Future Standardization Pass Through 01:80:C2:00:00:0B Reserved for Future Standardization Treat as Data 01:80:C2:00:00:0C Reserved for Future Standardization Treat as Data 01:80:C2:00:00:0D Provider Bridge GVRP Address Treat as Data IEEE Std. 802.1AB Link Layer Discovery Protocol Multicast 01:80:C2:00:00:0E Treat as Data Address 01:80:C2:00:00:0F Reserved for Future Standardization Treat as Data
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 127 WAN MACsec with PfR MACsec Capable Router Hybrid WAN Leveraging MACsec for High Speed Encryption MACsec Secure Path / MKA Session HYBRID Encryption Option IPSec + MACsec
Active/Active • Leverage MACsec for data transport that WAN Paths Data Center exceeds IPSec’s performance capability One IPsec Overlay • Leverage IPSec/DMVPN for backup path DMVPN over the Internet ISP A SP V One MACsec Underlay DMVPN + MACsec • If MACsec link fails, operator has choice Carrier to throttle down high-speed application - Internet Ethernet One WAN Routing or- wait for high-speed link to recover Domain iBGP, EIGRP, or OSPF • Leverage Policy Based Routing (PBR) or PfR to dictate application paths for DMVPN Leverage MACsec when encryption MACsec and IPSec/DMVPN paths requirement Branch exceeds IPSec
This is NOT IWAN, but leverages common components
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 128 Adding Automation to Security Operations “Open” Programmability Options Open Automation Platform Based
SDN Control Plane Architecture (Hybrid)
Application(s) / Management
YDK
YANG
Puppet, Chef (agents), SSH, “South Bound” control and API REST, NETCONF, RESTCONF Agents API’s
Packet Virtual XR DP IP/MPLS Forwarding EVPN/VXLAN Hardware + CP x86 Compute (WAN, DC, Campus Cloud Cloud Packet Virtual Routers Phy/Virtual Forwarding L4-L7 appliances (Public/p Packet rivate) R/S Hardware + CP Switches Routers Forwarding Hardware + CP Cloud Based BRKRST-2309 © 2017 Cisco and/or its affiliates. All rightsL3 reserved. – L7 Services Cisco Public 130 MACsec Tasks That Could Leverage Automation
• Creating a MACsec Key Chain • Chain, key string, key lifetime
• Creating a User-Defined MACsec Policy • Cipher, confidentiality offset, priority
• Applying MACsec Configuration on an Interface
• Verifying MACsec Encryption enabled • Assure policy enabled, secure peering, cipher’s used
Target those operations tasks that are repeatable, requires touching on all security devices, and are often a burden to the Sec/NetOps teams
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 131 Automating Keychain Password Using Ansible IOS Module Leveraging Ansible Playbook to Automate MACsec Key Chain
Example: ! key chain June-key macsec key 01 cryptographic-algorithm aes-128-cmac key-string 12345678901234567890123456789011 lifetime 00:00:00 Jun 1 2017 23:59:59 Jun 30 2017 !
• Ansible Tasks broken up into MACsec key-chain categories (optional)
• Example uses 256 bit key string
• Key lifetime is 7 days
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 132 What is Ansible?
• Automation Engine, Open-Source
• Clientless (uses SSH)
• Python, YAML, Jinja2
• Useful for Day 0
• More Useful for Day 1 tasks: applying common “repeatable” and “global” config changes, VRF, VLANs, configure tunnels, HA, licensing
• Operations tool (validate configs, collect show commands) Checkout DEVNET-1002 • Modules (2.1): ios_command, ios_config, ios_template BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 133 Automating Keychain Password Using Ansible IOS Module Leveraging Ansible Playbook to Automate MACsec Key Chain
Example: ! key chain June-key macsec key 01 cryptographic-algorithm aes-128-cmac key-string 12345678901234567890123456789011 lifetime 00:00:00 Jun 1 2017 23:59:59 Jun 30 2017 !
• Ansible Tasks broken up into MACsec key-chain categories (optional)
• Example uses 256 bit key string
• Key lifetime is 7 days
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 134 Automating Key Chain Changes Using Ansible Automating VRF Creation and Deployment in an Enterprise Example: ! key chain June-key macsec key 01 cryptographic-algorithm aes-128-cmac key-string 12345678901234567890123456789011 lifetime 00:00:00 Jun 1 2017 23:59:59 Jun 30 2017 !
• Playbook: - SSH credential - cryptographic-algorithm aes-128-cmac - key chain name {{ chain_name }} macsec - key-string {{ string_num }} - Key number in the chain {{ key_num }} - Lifetime of the key {{start/stop, time, day, year, month }}
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 135 Ansible for NetOps Host Inventory Automating MACsec Key Chain Changes Playbooks • Ansible 2.2.1 (Linux VM)
• Cisco ASR 1001-X (XE 16.3.2) Ansible Host (Ubuntu 14.04 VM)
SSH • Playbook: - SSH credential WAN - key chain name: June-key - Key number: 01 Herndon VA - cryptographic-algorithm aes-128-cmac - key-string: 1234567890..... 23456789011 - Lifetime: 00:00:00 Jun 1 2017 23:59:59 Jun 30 2017 ASR 1001-X ASR 1001-X
GitHub Repository to Example:
https://git.io/vQUR3 BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 136 • Ansible Tasks broken up into MACsec key-chain categories • Granularity is up to the programmer • Option exists to leverage variables with templates for more simplification (I leveraged a hybrid in my example)
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 137 Ansible (Demo) Automating VRF Creation and Deployment in an Host Inventory Enterprise Playbooks • Ansible 2.2.1 (Linux VM)
• Cisco CSR (VM) Ansible Host (Ubuntu 14.04 VM)
• Playbook: SSH • SSH credential • Create VRF definition “ansible” WAN • Create RD 1:1 • Create RT 1:1 • Apply VRF “ansible” to interface 192.168.50.145 • Create “VRF ansible” under BGP ipv4 ASR 1001-X address-family Herndon VA • Execute ‘wr mem’ GitHub Repository to Example: https://github.com/netwrkr95/ansible-ios-xe
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 138 Yang Models for MACsec YANG Example – MACsec Keychain Configuration
• Screenshot from Cisco-IOS-XR-lib-keychain-macsec- cfg.yang
• Container 'interfaces' with list of 'interface' items
• List items (leafs) have a 'name' which is also the key for the list
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 140 YANG Example – MACsec Keychain Configuration
• Screenshot from Cisco-IOS-XR-lib- keychain-macsec- cfg.yang
• Container 'interfaces' with list of 'interface' items
• List items (leafs) have a 'name' which is also the key for the list
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 141 Generation of Model-Driven APIs Using YANG Development Kit (YDK)
YDK YDK-Py Python Docs YDK-gen Data C++ Docs YDK-Cpp Models API YANG(YANG) YANYANG Generator Ruby Docs G
go Docs
: :
C♯ Docs
https://developer.cisco.com/site/ydk/documents/overview/ BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 142 Automating Keychain Password Using NETCONF/YANG Leveraging Python Based Application (YDK) with YANG Models Example: ! key chain CHAIN3 macsec key 10 key-string password 01435756085F5359761C1F5B4A514 … A545C7519185E cryptographic-algorithm aes-256-cmac lifetime 00:00:00 january 01 2017 23:59:59 january 07 2017 !
Note: Key string password is abbreviated Sample Applications to Configure MACsec key chains • nc-create-xr-lib-keychain-macsec-cfg-20-ydk.py - One AES-128-GCM key • nc-create-xr-lib-keychain-macsec-cfg-22-ydk.py - One AES-256-GCM key • nc-create-xr-lib-keychain-macsec-cfg-24-ydk.py - Two rolling keys https://github.com/netwrkr95/ydk-py-samples/tree/master/samples/basic/crud/models/cisco-ios-xr/Cisco- IOS-XR-lib-keychain-macsec-cfg
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 143 Yang Model Support for MACsec – IOS-XR
Source: https://github.com/YangModels/yang/tree/master/vendor/cisco/xr/621
• Cisco-IOS-XR-crypto-macsec-mka-cfg.yang • Cisco-IOS-XR-crypto-macsec-mka-if-cfg.yang • Cisco-IOS-XR-crypto-macsec-mka-oper-sub1.yang • Cisco-IOS-XR-crypto-macsec-mka-oper.yang • Cisco-IOS-XR-crypto-macsec-secy-oper-sub1.yang • Cisco-IOS-XR-crypto-macsec-secy-oper.yang • Cisco-IOS-XR-lib-keychain-macsec-cfg.yang • Cisco-IOS-XR-macsec-ctrlr-oper-sub1.yang • Cisco-IOS-XR-macsec-ctrlr-oper.yang • Cisco-IOS-XR-ncs1k-macsec-ea-oper-sub1.yang • Cisco-IOS-XR-ncs1k-macsec-ea-oper.yang
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 144 External Resources (GitHub)
https://github.com/netwrkr95 Ansible – MACsec Keychain Examples
• Ansible WAN MACsec Playbook and Configs (https://git.io/vQUR3 ) YANG Models – MACsec Keychain Examples (Using YDK)
• MACsec Key Chain Configuration applications (https://git.io/vH7uD )
• What is YDK? (https://developer.cisco.com/site/ydk/ ) Ansible Module Using YANG Models with YDK
• Ansible + YDK app (https://git.io/vH7XZ )
• Session @ DevNet-1223 (Monday, 1:00pm-1:45pm / Wednesday, 2:00pm-2:45pm Workshop 1)
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 145 External Resources (cont.)
GitHub
• YDK Python API – YDK-Py (https://git.io/vaWsg)
• YDK-Py sample apps (https://git.io/vaw1U)
• YDK C++ API – YDK-Cpp (https://git.io/v1Cst) - alpha
• YDK-Cpp sample apps (https://git.io/v14Qh)
• YDK Generator – YDK-gen (https://git.io/vaw1M) YDK Documentation
• YDK-Py docs (http://ydk.cisco.com/py/docs)
• YDK-Cpp docs (http://ydk.cisco.com/cpp/docs)
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 146 Solution Roadmap (Subject to change) Cisco MACsec Portfolio (Summarized Version)
Platform Series MACsec Delivery MACsec Speed (AES-256) ISR 4xxx Series • 1p / 2p Ethernet NIM • 1 GE ASR 1000 Series • Fixed and Modular solutions • 1GE, 10GE ASR 9000 Series • Modular Line Cards • 10GE, 40GE, 100GE Nexus 7700 Series ** • Modular M3 Series Card • 1/10GE, 40GE, 100GE Nexus 9000 Series • Fixed and Modular solutions • 10GE, 40GE, 100GE Optical NCS Series • Client ports • 10GE, 40GE, 100GE Catalyst Switching • Multiple Platforms C3850, • 1GE, 10GE Catalyst Switching ** • Cat 4K, 6K • 1GE, 10GE
** Currently does NOT support MKA key negotiation (SAP only)
Cisco Account Teams can provide more details BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 148 Roadmap – WAN/Optical MACsec (Subject to change)
Platform Module / Encryption Speed Target Key Timeframe Notes Linecard when Shipping Agreement
ISR 4k Platform 1 or 2-port GE NM AES-GCM-128 or 1G MKA NOW Branch, WAN edge (RJ45/SFP) 256
ASR 1001-X 2 x 10G, 6 x 1G (on AES-GCM-128 or 100Mb, 1G, 10G MKA NOW 20G 1001-X, Branch, WAN board ports) 256 Aggregation, DCI
ASR-1001-HX 4 x 10G, 8 x 1G (on AES-GCM-128 or 100Mb, 1G, 10G MKA FEB 2017 60G throughput, Branch, (60G throughput) board ports) 256 WAN Aggregation, DCI
ASR-1002-HX 8 x 10G, 8 x 1G (on AES-GCM-128 or 100Mb, 1G, 10G MKA FEB 2017 Branch, WAN Aggregation, (100G throughput) board ports) 256 DCI (10G do not support 1G)
ASR 1013, Modular LC AES-GCM-128 or 100Mb, 1G, 10G MKA CY - 2016 Branch, WAN Aggregation, ASR1006/9-X 10x10G,18x1G 256 DCI
ASR 9000 Series 4 or 8-port 100G AES-GCM-128 or 10G, 40G, 100G MKA NOW WAN Agg, 100G high-speed Linecard 256 DCI, MPLS Edge/Core
ASR 9000 Modular MOD-200/400 AES-GCM-128 or 10G, 100G, MKA NOW WAN Agg, 100G high-speed 20x10G, 1p/2p x 256 IPoDWDM 100G DCI, MPLS Edge/Core 100G, IPoDWDM
NCS 5500 36p x 100G AES-GCM-128 or 100G MKA Q4 2016 WAN Aggregation, 100G 256 high-speed DCI, Edge/Core
NCS 5500 6p x 200G AES-GCM-128 or 100G interfaces over MKA AUG 2016 WAN Edge, Aggregation, to IPoDWDM (CFP2) 256 200G ITU DWDM ROADM network
NCS 2000/WSE 5-port (client Tx/Rx AES-GCM-128 or 10 and 100 Gbps MKA NOW Optical core, DCI pair) 10Gbps 256
NCS 1000 20 client ports of 10, AES-GCM-128 or 10, 40, 100G MKA JULY 2016 Ethernet client to DWDM 40, 100G) 256 aggregation in DC * All roadmap dates are subject to change BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 149 Roadmap – WAN MACsec
Platform Module / Encryption Speed Target Timeframe Target Use Linecard when Shipping Cases ISR 4k Platform 1 or 2-port GE AES-GCM-128 1G 2H - 2015 Branch, WAN NM (RJ45/SFP) or 256 edge ASR 1001-X 2 x 10G, 6 x 1G AES-GCM-128 100Mb, 1G, 10G NOW Branch, WAN (on board ports) or 256 Aggregation, DCI ASR 1000 Series Modular LC AES-GCM-128 100Mb, 1G, 10G 1H - 2016 WAN 6x10G, or 256 Aggregation, DCI 2x40G,18x1G ASR 9000 Series 4 or 8-port 100G AES-GCM-128 1/10G, 40G, 100G 2H - 2015 WAN Linecard or 256 Aggregation, high-speed DCI, MPLS Edge/Core NCS 2000/WSE 5-port (client AES-GCM-128 10Gbps NOW Optical core, DCI Tx/Rx pair) or 256 10Gbps * All roadmap dates are subject to change
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 150 ASR 9000 (Tomahawk) Per Slice MACSEC PHY Capability
• MACSEC Security Standards Compliant with:
• IEEE 802.1EA-2006
• IEEE 802.1AEbn- 2011 (256-bit key)
• IEEE 802.1AEbw-2013 (extended packet numbering)
• Security Suites Supported:
• AES-GCM-128, 128-bit key (32 bits)
• AES-GCM-256, 256-bit key (32 bits)
• AES-GCM-XPN-128, provides extended packet number counter (64 bits)
• AES-GCM-XPN-256, provides extended packet number counter (64 bits)
• Unique Security Attributes Per Security Association (SA):
• 10G port = 32 SA
• 40G port = 128 SA
• 100G port = 256 SA
• Per Slice Port Combination Supported (CPAK)
• 2x100G, 20x10G, 4x40G, 1x100G + 10x10G, 2x40G + 10x10G, 2x40G + 1x100G
• All Tomahawk LC variations support MACSEC
• 8x100G, 4x100G, MOD-400, MOD-200
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 151 Putting it All Together – Positioning, Use Cases Positioning the Proper Encryption Solution
• It is important NOT to position encryption solutions against one another
• Rather, consider each as a tool in the tool bag, which requires a positioning exercise to meet the technical and business requirement
• Understand the sum of the requirements, available technology options in the router, and align the solution with this combination
• Key Factors for encryption decisions will include: 1. Transport availability / options 2. Performance requirements of the solution/application 3. Scale of the design and requirements (number of spokes, connected end- points, aggregate encryption)
• Remember, beyond IPSec, “the underlying transport dictates the available encryption options that can be leveraged” BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 153 “When looking to leverage “Link Layer” encryption option, the underlying Transport dictates this as a viable option”
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 154 Multi-Layer Encryption Options
L3 • IPSec
L2 • Ethernet • ATM
• OTN L1 • SONET Link Encryption options • Link encryption options offer alternatives to IPSec
• Link encryption offers trade-off’s (speed vs. scale) when high-speed encryption (N x 10G or 100Gbps) is required
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 155 Encryption Capabilities Matrix Design Component OTN MACsec IPSec Topology – Point to Point Topology – Multipoint Capable (P2MP, MP2MP) Per Port per site Transport Service Support Ethernet (P2P, Point to Multipoint) IP (MPLS VPN, broadband, Internet) Optical / Lambda / Dark fiber (to xponder) (speed limited) Logical Link Segmentation (802.1Q/sub-int capable) Leverage legacy transport (T1/E1/T3/E3, SONET/SDH) Encryption Performance Encryption Line rate per the PHY interface (1/10/40/100G) Encryption process NOT dependent on physical interface Encryption rate limited by packet size, MTU, PPS of engine Scale Hub Site Scale (Hub/Spoke Topology) (1 int/site/link) (PHY dependent) (1000+ sites) Simplicity of Configuration Transparent to IPv4/v6, MPLS, IGP/BGP, IP Multicast (needs GRE)
Excellent Supported (with Limitations) BRKRST-2309 © 2017 CiscoNot and/or Supported its affiliates. All rights reserved. Cisco Public 156 Net/Net – From Encryption Positioning Matrix
• IPSec extremely flexible from a transport perspective (completely agnostic) • MACsec/OTN extremely dependent on transport • OTN limited to DWDM, dark fiber, lambda service • MACsec limited to Ethernet transport, dark fiber, or DWDM/lambda service
• MACsec/OTN supports line-rate performance (100+ Gb), regardless of MTU, packet size • IPSec performance = router performance when “encrypt all traffic” is required
• IPSec supports massive scale (DMVPN moving beyond 4000 connections) • MACsec limited to security association scale in the PHY • OTN restricted to physical interface connectivity (no logical connection support)
• MACsec/OTN are transparent to upper layer IP protocols • IPSec requires DMVPN, GET VPN, GRE for IP/MPLS/multicast support with IPSec
• Multiple decision factors, business requirements, and transport availability options and criteria
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 157 Summary – Key Advantages
Encryption Key Factors Technology Options IPSec • IPSec by far the most flexible encryption option (completely DMVPN, GETVPN (typically paired agnostic to underlying transport) with MPLS VPN over mGRE, LISP, • Is limited by packet size and packet per second performance and is native multicast capable), (IPSec performance not typically equal to router performance) FlexVPN, TLS • Together with other enhancements (DMVPN for example), IPSec can support massive scale (beyond 4000 connections) MACsec • Supports line-rate Ethernet performance (100+ Gb) regardless of Supported in the router/switch MTU, packet size Ethernet PHY, WAN MACsec • Is transparent to upper layer IP protocols, MPLS, multicast Enhancements, transparent to IP • No performance impact on router forwarding capabilities and MPLS over encrypted links OTN • Supports of line-rate performance at optical/OTN layer Optical transport capabilities, with • Encapsulation frame formats include: 10Gb, 100+ Gb, rich handoff to other optical platforms client-side encapsulation options at OTU2 (transponder, OADM, etc…) • Transparent to both Layer 2 (Ethernet) and Layer 3 (IP) upper layer IP protocols
Solutions are complimentary and can be run together for additional security BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 158 Summary Summary and Key Takeaways
• Include Cisco’s Next Generation Encryption (NGE) as part of any WAN deployment
• Understanding the impact the Service Provider Transport options can have on the overall encryption choices
• Understand the pros/cons the WAN Encryption Options Existing Today and where they best fit, including platform performance
• Include WAN MACsec as part of the Enterprise and SP encryption options when line-rate encryption is required
• Be aware of the barriers Metro Ethernet services can have on existing MACsec solutions, and the need for the solution to adapt to that service provider
• Leverage the design criteria, pros/cons matrix to understand the key questions to ask when implementing high-speed encryption over the WAN
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 160 Additional Info
• http://www.cisco.com/c/dam/en/us/td/docs/solutions/Enterprise/Security/MACsec /WP-High-Speed-WAN-Encrypt-MACsec.pdf
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 161 Complimentary Sessions This Week
• BRKCRS-2892 - Cisco MACsec Solution Design and Deployment for a Secure Enterprise
• BRKRST-2041 - WAN Architectures and Design Principles
• BRKSEC-3054 - Advanced IPSec with FlexVPN and IKEv2
• BRKSEC-4054 - Advanced Concepts of DMVPN
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 162 Complete Your Online Session Evaluation
• Give us your feedback to be entered into a Daily Survey Drawing. A daily winner will receive a $750 gift card. • Complete your session surveys through the Cisco Live mobile app or on www.CiscoLive.com/us.
Don’t forget: Cisco Live sessions will be available for viewing on demand after the event at www.CiscoLive.com/Online.
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Continue Your Education
• Demos in the Cisco campus
• Walk-in Self-Paced Labs
• Lunch & Learn
• Meet the Engineer 1:1 meetings
• Related sessions
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 164 Thank you
Backup Use Cases & Config CLIs
WAN MACsec: commands, roadmap, caveats, limitations Kural Arangasamy Optical Encryption Options What is OTN? k OTUk OPUk Payload 0 1,238,954 k • OTN = Optical Transport Network 1 2,666,057 k 2,488,320 k • Standards docs: 2 10,709,225 k 9,995,277 k • G.709 Hierarchy and frame structures 3 43,018,414 k 40,150,519 k • G.872 Architecture 4 111,809,974 k 104,355,975 k • G.798 Management functions etc • OTN defines a framing technology that is very similar to SONET/SDH (TDM) Payload • OTN started as a digital wrapper around WDM client signals to improve reach and manageability • Evolved to a complex multiplexing hierarchy that enables a service layer
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 170 Why OTN Encryption? • Bulk Encapsulation of the client signal ensures line rate • Encrypting the OTN Payload allows Transparency and Interoperability
OC-192/STM-64 Fibre Channel Ethernet OTU-2
OTN Overhead PAYLOAD
Data Center A
Data Center B
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 171 The Role of Layer 1 encryption in securing your network
• Bulk Encryption at the OTN layer provides agnostic, line rate, client payload encapsulation security across the transport network
• Current encryption devices are not protocol agnostic
• They only encrypt a single type of traffic type i.e. Ethernet, IP, SONET requiring “stacking” of multiple types of Encryption devices driving interface count and complexity
• If the ability for the customer can leverage encryption at the optical layer, it eliminates the need for ALL layers above it
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 172 Layers in the OTN Hierarchy
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 173 Frame Structure
The ITU-T G.709 frame has three distinct parts, two that are broadly similar to a SDH/SONET frame: • Overhead area for operation, administration and maintenance functions • Payload area for customer data • Forward error control (FEC) block. 16 Bytes 3,808 Bytes 256 Bytes Row 1 Row 2 Row 3 OH Digital Payload FEC Row 4
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 174 Layer 1 - OTN Encryption 10G Multi-Rate OTN/DWDM Encryption
L3
L2
Optical Transport
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 175 Wire Speed Encryption (WSE) 10G Multi-Rate OTN/DWDM Encryption
L3
L2
L1
OTN Layer
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 176 Layer 1 - OTN Encryption 10G Multi-Rate OTN/DWDM Encryption
L3 • IPSec
L2 • MACsec
L1 • OTN Encryption
• Robust Key Exchange Mechanism over G.709 GCC2 using TLS and ECDH • AES-256 Data Payload Encryption • Card Authentication, GMAC Frame Authentication • FIPS 140-2 level 2 Certified, Common Criteria Certified
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 177 Flexible options depending on Traffic Pattern Per Port Flexibility
Unencrypted, Grey Client Encrypted, DWDM Trunk
OTU2 output from AnyRate Xponder Encrypted, DWDM Trunk
Unencrypted, Grey Client Encrypted, Gray output to 40G or 100G Muxponder
Unencrypted, Grey Client Unencrypted, DWDM Trunk
Unencrypted / Encrypted DWDM Trunk Unencrypted / Encrypted DWDM Trunk
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 178 Optical Transport Network (OTN) Encryption
OTN DC Edge Data Center #2 OTN Router OTN DC Data Center #1 Edge Router OTN DC Edge Data Center #3 Router • Bulk Encryption at the OTN layer provides protocol agnostic, line rate, client payload encapsulation security across the transport network OTN Secured Path / MKA Session • Eliminates the need to encrypt at the IP, Ethernet, SONET or application layers NCS 2000 + OTN Encryption Interface
• Encryption is line-rate at 10Gbps (100 Gbps future)
• Idea, solution: DCI, or when fiber channel needs protection BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 179 BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 180 Advanced Encryption • Role Based Access Control (RBAC) for separation between a Transport user profile and a Security user profile • Complete User Management and Cryptographic Lifecycle Management through Cisco Transport Controller (CTC) and/or PRIME Optical • Card to Card Authentication • Passive Attack protection – Monitors optical loss, with threshold alarms • Active Attack Protection – GMAC frame authentication detects modified OTN traffic • Secure boot – Anti-counterfeiting, anti-tampering, and key storage via ACT2Lite ASIC • Key generation – based on Secure Unique Device Identifier (SUDI) – Supports X.509 certificates • Key exchange - Elliptic Curve (ECDH) Cryptography over a secured TLS channel (GCC2) • XTS-AES 256 algorithm for encryption of payload • GMAC for authentication of payload • Key zeroization in case of card reboot / removal from the chassis • FIPS 140-2 Level 2 and Common Criteria compliant design
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 181 Layer 1 OTN Encryption 10G Multi-Rate OTN/DWDM Encryption Card
• Single slot card for 2, 6, and 15 slot chassis • 10x SFP+ ports supporting 5x independent Encrypted 10Gbps streams • Integrated Transponder Functionalities • Trunk SFP+’s can be grey (SR, LR, ER, ZR) or WDM (Tunable) • FEC or E-FEC can be SW Provisioned on Trunks • OTN Ports can be Muxed to 40G or 100G MXP for wavelength aggregation
Clients: Trunks: • 10GE • OTU2 • OTU2 • OTU2e • OTU2e • OTU1e Per Port Flexibility • OTU1e • OC192 • 8G FC • 10G FC
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 182 MR-MXP – MultiRate MuxPonder 10G/40G/100G Aggregation/Encryption Line Card
. Single slot card for 2, 6, and 15 slot chassis . Client card for 10G, 40G, and 100G clients . 2 x 10G SFP+, 2 x 40G QSFP+, and 1 x 100G CPAK ports . 10G / 40G clients aggregated to backplane or CPAK port . Clients aggregated to 100G or 200G DWDM trunk . Aggregated client signal can be encrypted – 100G
100G ITU Trunk 100G Trunk 100G ITU 100G Trunk Grey (encrypted) Grey (encrypted) (encrypted) (encrypted)
100G TXP MR 100G 100G TXP MR 100G MR 100G MR 100G MR 100G
100G client Grey 100G client Grey Nx40G/Nx10G client Grey Nx40G/Nx10G client Grey (unencrypted) (unencrypted) (unencrypted) (unencrypted)
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 183 WSE - Wire Speed Encryption Card 10G Multi-Rate OTN/DWDM Encryption Card
• Single slot card for 2, 6, and 15 slot chassis – ONS-MSTP/NCS 2000 • 10x SFP+ ports supporting 5x completely independent Encrypted 10Gbps streams • Real-time Encryption and Authentication of Multiple Client types • CTC & CPO controlled • Integrated Transponder Functionalities • Trunk SFP+’s can be grey (SR, LR, ER, ZR) or WDM (Full C-band Tunable) • FEC or E-FEC can be SW Provisioned on Trunk • OTN Ports can be interconnected with 40G or 100G MXP for wavelength aggregation
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 184 Port-based E-LINE Service (P2P)
CE1/CE2 Config Port Based E-LINE (Point-to-Point) key chain k1 macsec* (a.k.a Ethernet Private Line (EPL) key 01 key-string 12345678901234567890123456789012 P2P EVC interface GigabitEthernet0/0/4 ip address 10.3.1.1 255.255.255.0 CE1 CE2 mka pre-shared-key key-chain k1* Metro Ethernet macsec* Network
Use Case 1: Point to Point E-LINE Service Defaults Point to Point SA Configuration MKA Session MKA default policy: MACsec Flow • Cipher suite: AES-128-CMAC • MACsec enabled Interface MKA Key • Physical MKA Keying MACsec Interface • Key server priority: 0 • Sub-interface (802.1Q) (802.1X-2010) • Confidentiality offset: 0 Central Branch Site Campus / DC CE2 Carrier Ethernet CE1 Enterprise MACsec default parameters: Enterprise Service Network Network • Dot1q-in-clear 0 E-LINE (P2P) • Access-control must-secure • Replay-protection-window-size 64 Ethernet Service Point to point PW service (no MAC address lookup) • Cipher suite: GCM-AES-128 Port-mode Default Keychain parameters: Customer Use Cases Note: * is mandatory CLI • Lifetime: Unlimited • Secure: CE – CE link, DC Interconnect MACsec configuration BLUE
Kural Arangasamy BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 185 VLAN-based E-LINE Service (P2P) Only MACsec sub-interfaces CE1 Config VLAN Based E-LINE (Point-to-Point) key chain k1 macsec* (a.k.a Ethernet Virtual Private Line (EVPL) key 01 key-string 12345678901234567890123456789012 P2P EVC interface GigabitEthernet0/0/4 CE2 macsec dot1q-in-clear 1* macsec replay-protection-window-size 1000 CE1 Metro Ethernet interface GigabitEthernet0/0/4.1 Network encapsulation dot1Q 10 CE3 ip address 10.3.1.1 255.255.255.0 Use Case 2: Point to Point E-LINE Service Point to Point SA Configuration – Hub and Spoke mka pre-shared-key key-chain k1* • MACsec enabled macsec* Interface iterface GigabitEthernet0/0/4.2 MKA Keying • Physical (802.1X-2010) • Sub-interface (802.1Q) encapsulation dot1Q 20 Central CE2ip address Config 10.3.2.1 255.255.255.0 Branch Site Campus / DC CE2 Carrier Ethernet CE1 mka pre-shared-key key-chain k1* Enterprise Enterprise key chain k1 macsec* Service macsec* Network key 01 Network E-LINE (P2P) key-string 12345678901234567890123456789012 Branch Site CE3 Enterprise interface GigabitEthernet0/0/4 Network macsec dot1q-in-clear 1* macsec replay-protection-window-size 1000 Ethernet Service interface GigabitEthernet0/0/4.1 Point to point PW service (no MAC address lookup) encapsulation dot1Q 10 Port-mode, or 802.1Q offering Note: * is mandatory CLI ip address 10.3.1.1 255.255.255.0 Customer Use Cases MACsec configuration BLUE mka pre-shared-key key-chain k1* • Secure: CE – CE link, DC Interconnect macsec* Kural Arangasamy VLAN-based E-LINE Service (P2P) Mix of MACsec and non-MACsec sub-interfaces CE1 Config VLAN Based E-LINE (Point-to-Point) key chain k1 macsec* (a.k.a Ethernet Virtual Private Line (EVPL) key 01 key-string 12345678901234567890123456789012 P2P EVC CE2 interface GigabitEthernet0/0/4 macsec dot1q-in-clear 1* macsec access-control should-secure* CE1 Metro Ethernet CE3 macsec replay-protection-window-size 1000 Network interface GigabitEthernet0/0/4.1 encapsulation dot1Q 10 Use Case 2: Point to Point E-LINE Service CE4 ip address 10.3.1.1 255.255.255.0 Point to Point SA Configuration – Hub and Spoke mka pre-shared-key key-chain k1* • MACsec enabled macsec* Interface MKA Keying • Physical interface GigabitEthernet0/0/4.2 (802.1X-2010) • Sub-interface (802.1Q) encapsulation dot1Q 20 Central ip address 10.3.2.1 255.255.255.0 Branch Site Campus / DC CE2 Carrier Ethernet CE1 Enterprise Enterprise CE2mka preConfig-shared-key key-chain k1* Service Network keymacsec chain* k1 macsec* Network E-LINE (P2P) interface GigabitEthernet0/0/4.3 Branch Site key 01 CE3 keyencapsulation-string 12345678901234567890123456789012 dot1Q 30 Enterprise ip address 10.3.3.1 255.255.255.0 Network Enterprise interface GigabitEthernet0/0/4 Network macsec dot1q-in-clear 1* CE4 Ethernet Service macsec access-control should-secure* macsec replay-protection-window-size 1000 Point to point PW service (no MAC address lookup) Note: * is mandatory CLI interface GigabitEthernet0/0/4.1 PortCustomer-mode, Use or 802.1Q Cases offering encapsulation dot1Q 10 • Secure: CE – CE link, DC Interconnect MACsec configuration BLUE ip address 10.3.1.2 255.255.255.0 Kural Arangasamy BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 187 mka pre-shared-key key-chain k1* Port-based E-LAN Service (P2MP)
CE1/CE2/CE3 Config Use Case 3: Port Based E-LAN (Point-to-MultiPoint) key chain k1 macsec* (a.k.a Ethernet Private LAN (EP-LAN) key 01 key-string 12345678901234567890123456789012 CE2 cryptographic-algorithm aes-256-cmac P2MP EVCs mka policy p1 macsec-cipher-suite gcm-aes-256 CE1 Metro Ethernet interface GigabitEthernet0/0/4 Network CE3 ip address 10.3.1.1 255.255.255.0 mka pre-shared-key key-chain k1* mka policy p1 macsec* Defaults MKA default parameters: • Key server priority: 0 • Confidentiality offset: 0 MACsec default parameters: • Dot1q-in-clear 0 • Access-control must-secure • Replay-protection-window-size 64 Default Keychain parameters: • Lifetime: Unlimited Note: * is mandatory CLI MACsec configuration BLUE Kural Arangasamy VLAN-based E-LAN Service (P2MP)
Router Peering Model for E-LAN Services CE1 Config (VPLS Service) Physical View Logical View CE2 CE2 key chain k1 macsec* CE1 CE1 key 01 Router Carrier Ethernet peering is Flat Ethernet key-string 12345678901234567890123456789012 Service N – 1 Bridge domain E-LAN (mul -pt) interface GigabitEthernet0/0/4 CE3 CE4 CE3 macsec dot1q-in-clear 1* CE4 • Targets more Branch network deployment op on macsec replay-protection-window-size 1000 • Routers appear as part of a single “flat” Ethernet domain • Cau on required as IP Peering is N – 1 (N = router nodes) Eapol destination-address broadcast • Mul cast replica on is done in the “Core” of the network • SP will dictate either port-mode (no .1Q tag) or router sending .1Q tag interface GigabitEthernet0/0/4.1 • Less complex configura on encapsulation dot1Q 10 ip address 10.3.1.1 255.255.255.0 Use Case 4: VLAN Based E-LAN (Point-to-MultiPoint) mka pre-shared-key key-chain k1* (a.k.a Ethernet Virtual Private LAN (EVP-LAN) macsec*CE2/CE3 Config key chain k1 macsec* Example 1 key 01 CE2 key-string 12345678901234567890123456789012 VLAN 10 P2MP EVCs
interface GigabitEthernet0/0/4 Metro Ethernet Network macsec dot1q-in-clear 1* CE1 interface GigabitEthernet0/0/4.1 CE3 encapsulation dot1Q 10 VLAN/Subinterface ip address 10.3.1.2 255.255.255.0 mka pre-shared-key key-chain k1* macsec* Note: * is mandatory CLI macsec replay-protection-window-size 1000 MACsec configuration BLUE Eapol destination-address broadcast Kural Arangasamy Multiple VLAN-based E-LAN Services (P2MP) CE1 Config key chain k1 macsec* key 01 key-string 12345678901234567890123456789012
interface GigabitEthernet0/0/4 macsec dot1q-in-clear 1* macsec replay-protection-window-size 1000 interface GigabitEthernet0/0/4.1 Example 2 encapsulation dot1Q 10 Metro Ethernet Network CE2 ip address 10.3.1.1 255.255.255.0 mka pre-shared-key key-chain k1* VLAN 10 P2MP EVCs macsec* interface GigabitEthernet0/0/4.2 VLAN 20 encapsulation dot1Q 20 CE1 ip address 10.3.2.1 255.255.255.0 CE3 mka pre-shared-key key-chain k1* macsec* CE2/CE3 Config CE4/CE5 Config CE4 CE5 key chain k1 macsec* key chain k1 macsec* key 01 key 01 key-string 12345678901234567890123456789012 key-string 12345678901234567890123456789012 VLAN/Subinterfaces
interface GigabitEthernet0/0/4 interface GigabitEthernet0/0/4 macsec dot1q-in-clear 1* macsec dot1q-in-clear 1* macsec replay-protection-window-size 1000 macsec replay-protection-window-size 1000 interface GigabitEthernet0/0/4.2 interface GigabitEthernet0/0/4.1 Note: * is mandatory CLI encapsulation dot1Q 20 encapsulation dot1Q 10 MACsec configuration BLUE ip address 10.3.1.2 255.255.255.0 ip address 10.3.2.2 255.255.255.0 mka pre-shared-key key-chain k1* mka pre-shared-key key-chain k1* Kural Arangasamy macsec* macsec* Mix of VLAN-based E-LINE and E-LAN Services (P2P & P2MP) CE1 Config key chain k1 macsec* key 01 Metro Ethernet Network key-string 12345678901234567890123456789012 Example 3 key chain k2 macsec* VLAN 10 P2P EVC VLAN 10 key 01 key-string 12345678901234567890123456789012 VLAN 20 P2MP EVCs cryptographic-algorithm aes-256-cmac CE1 CE2 mka policy p1 macsec-cipher-suite gcm-aes-256 Note: * is mandatory CLI MACsec configuration BLUE CE3 CE4 interface GigabitEthernet0/0/4 VLAN/Subinterfaces macsec dot1q-in-clear 1* macsec replay-protection-window-size 1000 interface GigabitEthernet0/0/4.1 key chain k1 macsec* CE3/CE4 Config encapsulation dot1Q 10 CE2 Config key 01 key-string 12345678901234567890123456789012 ip address 10.3.1.1 255.255.255.0 key chain k1 macsec* cryptographic-algorithm aes-256-cmac mka pre-shared-key key-chain k1* key 01 macsec* key-string 12345678901234567890123456789012 mka policy p1 iterface GigabitEthernet0/0/4.2 macsec-cipher-suite gcm-aes-256 encapsulation dot1Q 20 interface GigabitEthernet0/0/4 ip address 10.3.2.1 255.255.255.0 macsec dot1q-in-clear 1* interface GigabitEthernet0/0/4 mka pre-shared-key key-chain k2* macsec replay-protection-window-size 1000 macsec dot1q-in-clear 1* mka policy p1 interface GigabitEthernet0/0/4.1 macsec replay-protection-window-size 1000 macsec* encapsulation dot1Q 10 iterface GigabitEthernet0/0/4.2 ip address 10.3.1.2 255.255.255.0 encapsulation dot1Q 20 mka pre-shared-key key-chain k1* ip address 10.3.2.2 255.255.255.0 macsec* mka pre-shared-key key-chain k1* mka policy p1 Kural Arangasamy macsec* Configurable MKA, MACsec & Key Chain CLIs and Parameters
MKA Global Policy Configurable CLIs Keychain Global Configurable CLIs
Key-server priority Key 0 to 64 Key id Default: 0 cryptographic-algorithm Macsec-cipher-suite cryptographic-algorithm aes-128-cmac macsec-cipher-suite gcm-aes-128 cryptographic-algorithm aes-256-cmac macsec-cipher-suite gcm-aes-256 Default: cryptographic-algorithm aes-128-cmac Default: macsec-cipher-suite gcm-aes-128 Keystring Confidentiality-offset Hex Characters 0, 30, 50 Default: NA Default: 0 Lifetime Hh:mm:ss Time Local Time in local time zone Default: unlimited
Kural Arangasamy Other Relevant MACsec Interface Configurable CLI Commands:
macsec-dot1q-in-clear
eapol destination-address
macsec replay-protection-window-size
macsec-access-control
Course Description Cisco Certification
CCIE R&S Advanced Workshops (CIERS-1 & Expert level trainings including: instructor led workshops, self CCIE® Routing & Switching CIERS-2) plus assessments, practice labs and CCIE Lab Builder to prepare candidates Self Assessments, Workbooks & Labs for the CCIE R&S practical exam.
• Implementing Cisco IP Routing v2.0 Professional level instructor led trainings to prepare candidates for the CCNP® Routing & Switching • Implementing Cisco IP Switched CCNP R&S exams (ROUTE, SWITCH and TSHOOT). Also available in Networks V2.0 self study eLearning formats with Cisco Learning Labs. • Troubleshooting and Maintaining Cisco IP Networks v2.0
Interconnecting Cisco Networking Devices: Configure, implement and troubleshoot local and wide-area IPv4 and IPv6 CCNA® Routing & Switching Part 2 (or combined) networks. Also available in self study eLearning format with Cisco Learning Lab.
Interconnecting Cisco Networking Devices: Installation, configuration, and basic support of a branch network. Also CCENT® Routing & Switching Part 1 available in self study eLearning format with Cisco Learning Lab.
For more details, please visit: http://learningnetwork.cisco.com Questions? Visit the Learning@Cisco Booth
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 194 Wireless Cisco Education Offerings
Course Description Cisco Certification
• Designing Cisco Wireless Enterprise Networks Professional level instructor led trainings to prepare candidates to conduct CCNP® Wireless Version 3.0 • Deploying Cisco Wireless Enterprise Networks site surveys, implement, configure and support APs and controllers in • Troubleshooting Cisco Wireless Enterprise converged Enterprise networks. Focused on 802.11 and related Networks technologies to design, deploy, troubleshoot as well as secure Wireless • Securing Cisco Wireless Enterprise Networks infrastructure. Course also provide details around Cisco mobility services Engine, Prime Infrastructure and wireless security. Implementing Cisco Unified Wireless Network Prepares candidates to design, install, configure, monitor and conduct CCNA® Wireless Essential basic troubleshooting tasks of a Cisco WLAN in Enterprise installations. Understanding of the Cisco Unified Wireless Networking for enterprise deployment scenarios. In this course, you will learn the basics of how to Deploying Basic Cisco Wireless LANs (WDBWL) install, configure, operate, and maintain a wireless network, both as an 1.2 add-on to an existing wireless LAN (WLAN) and as a new Cisco Unified Wireless Networking solution. The WDAWL advanced course is designed with the goal of providing learners with the knowledge and skills to successfully plan, install, Deploying Advanced Cisco Wireless LANs configure, troubleshoot, monitor, and maintain advanced Cisco wireless 1.2 (WDAWL) LAN solutions such as QoS, “salt and pepper” mobility, high density deployments, and outdoor mesh deployments in an enterprise customer environment. Deploying Cisco Connected Mobile Experiences WCMX will prepare professionals to use the Cisco Unified Wireless Network to configure, administer, manage, troubleshoot, and optimize 2.0 (WCMX) utilization of mobile content while gaining meaningful client analytics. For more details, please visit: http://learningnetwork.cisco.com Questions? Visit the Learning@Cisco Booth
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 195 Cybersecurity Cisco Education Offerings
Course Description Cisco Certification Understanding Cisco Cybersecurity The SECFND course provides understanding of CCNA® Cyber Ops Fundamentals (SFUND) cybersecurity’s basic principles, foundational knowledge, and core skills needed to build a foundation for understanding more advanced cybersecurity material & skills. Implementing Cisco Cybersecurity This course prepares candidates to begin a career within a CCNA® Cyber Ops Operations (SECOPS) Security Operations Center (SOC), working with Cybersecurity Analysts at the associate level. Securing Cisco Networks with Threat Designed for security analysts who work in a Security Cisco Cybersecurity Detection and Analysis (SCYBER) Operations Center, the course covers essential areas of Specialist security operations competency, including SIEM, Event monitoring, security event/alarm/traffic analysis (detection), and incident response Cisco Security Product Training Courses Official deep-dive, hands-on product training on Cisco’s latest security products, including NGFW, ASA, NGIPS, AMP, Identity Services Engine, Email and Web Security Appliances, and more. For more details, please visit: www.cisco.com/go/securitytraining or http://learningnetwork.cisco.com Questions? Visit the Learning@Cisco Booth
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 196 Cybersecurity Cisco Education Offerings
Course Description Cisco Certification New! CCIE Security 5.0 CCIE® Security
Implementing Cisco Edge Network Security Configure Cisco perimeter edge security solutions utilizing Cisco CCNP® Security Solutions (SENSS) Switches, Cisco Routers, and Cisco Adaptive Security Appliance (ASA) Firewalls Implementing Cisco Threat Control Solutions (SITCS) v1.5 Implement Cisco’s Next Generation Firewall (NGFW), FirePOWER NGIPS (Next Generation IPS), Cisco AMP (Advanced Malware Protection), as well as Web Security, Email Security and Cloud Implementing Cisco Secure Access Web Security Solutions (SISAS) Deploy Cisco’s Identity Services Engine and 802.1X secure Implementing Cisco Secure Mobility network access Solutions (SIMOS) Protect data traversing a public or shared infrastructure such as the Internet by implementing and maintaining Cisco VPN solutions Implementing Cisco Network Security Focuses on the design, implementation, and monitoring of a CCNA® Security (IINS 3.0) comprehensive security policy, using Cisco IOS security features
For more details, please visit: www.cisco.com/go/securitytraining or http://learningnetwork.cisco.com Questions? Visit the Learning@Cisco Booth
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 197 Network Programmability Cisco Education Offerings
Course Description Cisco Certification
Developing with Cisco Network Programmability Provides Application Developers with comprehensive curriculum to Cisco Network Programmability (NPDEV) develop infrastructure programming skills; Developer (NPDEV) Specialist Addresses needs of software engineers who automate network Certification infrastructure and/or utilize APIs and toolkits to interface with SDN controllers and individual devices Designing and Implementing Cisco Network Provides network engineers with comprehensive soup-to-nuts curriculum Cisco Network Programmability Programmability (NPDESI) to develop and validate automation and programming skills; Design and Implementation Directly addresses the evolving role of network engineers towards more (NPDESI) Specialist Certification programmability, automation and orchestration
Programming for Network Engineers (PRNE) Learn the fundamentals of Python programming – within the context of Recommended pre-requisite for performing functions relevant to network engineers. Use Network NPDESI and NPDEV Specialist Programming to simplify or automate tasks Certifications
Cisco Digital Network Architecture This training provides students with the guiding principles and core None Implementation Essentials (DNAIE) elements of Cisco’s Digital Network Architecture (DNA) architecture and its solution components including; APIC-EM, NFV, Analytics, Security and Fabric.
For more details, please visit: http://learningnetwork.cisco.com Questions? Visit the Learning@Cisco Booth
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 198 Service Provider Cisco Education Offerings
Course Description Cisco Certification
Deploying Cisco Service Provider Network Routing SPROUTE covers the implementation of routing protocols (OSPF, IS-IS, BGP), CCNP Service Provider® (SPROUTE) & Advanced (SPADVROUTE) route manipulations, and HA routing features; SPADVROUTE covers advanced routing topics in BGP, multicast services including PIM-SM, and IPv6; Implementing Cisco Service Provider Next-Generation Core Network Services (SPCORE) SPCORE covers network services, including MPLS-LDP, MPLS traffic engineering, QoS mechanisms, and transport technologies; Edge Network Services (SPEDGE) SPEDGE covers network services, including MPLS Layer 3 VPNs, Layer 2 VPNs, and Carrier Ethernet services; all within SP IP NGN environments.
Building Cisco Service Provider Next-Generation The two courses introduce networking technologies and solutions, including OSI CCNA Service Provider® Networks, Part 1&2 (SPNGN1), (SPNGN2) and TCP/IP models, IPv4/v6, switching, routing, transport types, security, network management, and Cisco OS (IOS and IOS XR).
Implementing Cisco Service Provider Mobility UMTS The three courses (SPUMTS, SPCDMA, SPLTE) cover knowledge and skills Cisco Service Provider Mobility Networks (SPUMTS); required to understand products, technologies, and architectures that are found in CDMA to LTE Specialist; Implementing Cisco Service Provider Mobility CDMA Universal Mobile Telecommunications Systems (UMTS) and Code Division Multiple Cisco Service Provider Mobility UMTS Networks (SPCDMA); Access (CDMA) packet core networks, plus their migration to Long-Term Evolution to LTE Specialist Implementing Cisco Service Provider Mobility LTE (LTE) Evolved Packet Systems (EPS), including Evolved Packet Core (EPC) and Networks (SPLTE) Radio Access Networks (RANs).
Implementing and Maintaining Cisco Technologies Service Provider/Enterprise engineers to implement, verification-test, and optimize Cisco IOS XR Specialist Using IOS XR (IMTXR) core/edge technologies in a Cisco IOS XR environment.
For more details, please visit: http://learningnetwork.cisco.com Questions? Visit the Learning@Cisco Booth
BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 199