Introduction to WAN Macsec and Encryption Positioning

Introduction to WAN MACsec and Encryption Positioning

Craig Hill – Distinguished SE (@netwrkr95) Stephen Orr – Distinguished SE (@StephenMOrr)

BRKRST-2309 Cisco Spark

Questions? Use Cisco Spark to chat with the speaker after the session

How 1. Find this session in the Cisco Live Mobile App 2. Click “Join the Discussion” 3. Install Spark or go directly to the space 4. Enter messages/questions in the space

Cisco Spark spaces will be cs.co/ciscolivebot#BRKRST-2309 available until July 3, 2017.

Craig Hill Stephen Orr Distinguished System Engineer Distinguished System Engineer US Public Sector US Public Sector CCIE #1628 CCIE #12126

• Understanding that data transfer requirements are exceeding what IPSec can deliver

• Introduce you to new encryption options evolving that will offer alternative solutions to meet application demands

• Enable you to understand what is available, when and how to position what solution

• Understand the right tool in the tool bag to meet encryption requirements

• Understand the pros/cons and key drivers for positioning an encryption solution

• What key capabilities drive the selection of an encryption technology

• Intermediate understanding of Cisco Site-to-Site Encryption Technologies • DMVPN • GETVPN • FlexVPN

• Intermediate understanding of Ethernet, VLANs, 802.1Q tagging

• Intermediate understanding of WAN design, IP routing topologies, peering vs. overlay

• Basic understanding of optical transport and impact of OSI model on various layers (L0 – L3) of network designs

• Many 2 hour breakout sessions will focus strictly on areas this presentation touches on briefly (we will provide references to those sessions)

• Introduction

• Cisco’s Next Generation Encryption Initiative

• Understanding Service Provider Transport options

• WAN Encryption Options Existing Today

• Introduction to MACsec

• WAN MACsec Deployment Deep Dive and Use Cases

• Putting it all together… Key Decision Criteria for Designs and Positioning

• Solution Roadmap Cisco’s Next Generation Encryption Initiative Crytography is embedded in all of Cisco’s Cryptography products

Cryptography is critical to every solution and The Universal market Security Feature Vital to Cybersecurity efforts within all of our customers

Management Authentication Privacy/Confidentiality

• TLS based Protocols • IPSec • SSH • EAP-TLS • SRTP • sFTP • PEAP • DTLS • SCP • EAP-FAST • SSL • HTTPS • Hashing • 802.1AE • FTPs • SHA1 • 802.11i (802.11-2012) • SHA256/384/512 • Radius Key-Wrap • Digital Signatures • Key Negotiation

Application 802.11i

Presentation

Session

Transport

Network

Link

Physical

Application

Presentation

Session

Transport MACsec

Network

Link

Physical

Application IPsec Presentation

Session

Transport

Network

Link

Physical

Application

Presentation

Session

Transport TLS Network

Link

Physical

Application

Presentation

Session

Transport

Network SSH Link

Physical

Application

Presentation

Session

Transport SRTP Network

Link

Physical

Application IPsec 802.11i Presentation

Session MACsec Transport TLS SRTP Network SSH Link

Physical

• New/Upgraded algorithms, key sizes, Cryptographic protocols and entropy Technologies • Compatible with existing security architectures,

• Algorithm efficiency enabling increased Secure and Efficient security • Scales well to high/low throughput

Compatible with • Suite B (US) Government • FIPS-140 (US/Canada) Standards • NATO

Security Briefings & Training

BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 19 • Next Generation Encryption (NGE) • A widely accepted and consistent set of cryptographic algorithms that provide strong security and good performance • Best standards that can be implemented today to meet the security and scalability requirements for network security in the years to come • No attacks against these algorithms have been demonstrated.

• Quantum Computing – a different paradigm in computing • A quantum computer could break public key cryptography standards in use today. • While no practical quantum computer is known to be available today, the risk does exist. • Information with long-term confidentiality requirements should be protected against future decryption (i.e., capture now, decrypt when quantum computers become viable.) • Data-in-transit (e.g., capture data communications) • Data-at-rest (e.g., capture file images)

Operation Algorithm Acceptable NGE (preferred) QCR

Encryption AES-CBC mode — ✅ (256-bit) Authenticated encryption — AES-GCM mode ✅ (256-bit)

Integrity — SHA-256 / 384 / 512 ✅ (384/512)

Integrity HMAC-SHA-1 HMAC-SHA-256 ✅ (256-bit key)

RSA: Key exchange / DH / RSA / DSA -2048 / Encryption / ECDH / ECDSA-384 / 521 3072 / 4096 Authentication ECC: Key exchange / ECDH / ECDSA-256 ECDH / ECDSA-384 / 521 Authentication

QCR = quantum computer resistant.

Algorithm Security level Acceptable NGE (preferred)

AES-128-CBC AES-128-GCM DH, DSA, RSA-3072 ECDH, ECDSA-256 128 bits - SHA-256 HMAC-SHA-1 HMAC-SHA-256 AES-192-CBC AES-192-GCM - ECDH, ECDSA-384 192 bits - SHA-384 - HMAC-SHA-256 AES-256-CBC AES-256-GCM - ECDH, ECDSA-521 256 bits - SHA-512 - HMAC-SHA-256 For customers who are concerned that a quantum-computer might be built in the near future, we recommend using the larger keys algorithms (higher than 128-bit security level) recommended in NGE. BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 22 What is Suite B?

“Suite B” is not a protocol – but a profile for consistent security when using multiple cryptographically strong protocols. WHY Suite B? • Enables government customers to adhere to stronger consistent security requirements • Suite B offers the best technologies for future-proof cryptography, setting the trend for the industry • Eliminates the “mix and match” selection of protocols and key lengths.

The following documents provide guidance for using Suite B cryptography with internet protocols: IPsec using the Internet Key Exchange Version 2 (IKEv2): "Suite B Profile for Internet Protocol Security (IPsec)," RFC 6380 SSH: "Suite B Cryptographic Suites for Secure Shell (SSH),” RFC 6239 TLS: "Suite B Profile for Transport Layer Security (TLS)," RFC 6460 Enrollment over Secure Transport," RFC 7030 S/MIME: "Suite B in Secure/Multipurpose Internet Mail Extensions (S/MIME)," RFC 6318

ECDSA- AES-256-GCM ECDH-P521 P521 SHA-512

Encryption AES-192-GCM ECDH-P384 ECDSA-P384 SHA-384 Suite B mLoS Data Authentication 192

Key Establishment AES-128- ECDH-P256 ECDSA-P256 SHA-256 GCM Suite B mLoS Signatures 128

Hashing

Available Today GM3 GM4 GM2 ASA Firewall GM5 CSM / ASDM GM 1 GM6 . . . Remote GM9 KS Access VPNs GM8 GM7

Guest User Data sent in clear GETVPN Sp ok Authenticated Encrypt Decrypt User e-3 802.1X &^*RTW#(*J^*&*sd#J$%UJ&( &^*RTW#(*J^*&*sd#J$%UJWD &( Site to Site, Supplicant with DMVPN, and MACsec MACsec Capable FlexVPN MACsec Link Devices MACsec

Transport Transport Offerings Connectivity Layer MPLS IP VPN Layer 3 Any to Any Internet / Broadband Point to Point Layer 2 Ethernet (E-LINE, E-LAN) Point to Multipoint Multipoint to Multipoint OTN, SONET Layer 0 / 1 Point to Point DWDM / Dark Fiber

Other L3: Carrier Supporting Carrier, IP SatCom Other L2: ATM/FR, Ethernet/E-TREE, L2 SatCom Other L1: T1/E1, T3/ E3, DSx, OC-3/12/48/192

BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 27 Layer 3 - Provider Offered Transport Options SP Offered IP VPN Service (Layer 3 Service) - Customer owns CE Layer 3 “IP VPN” Transport Services SP Managed “IP VPN” Service • CE Routers owned by customer

• PE Routers owned by SP

• Customer “peers” to “PE” via IP

• No labels are exchanged with SP PE CE Site1 SP Managed Domain • No end-to-end visibility of other CE’s L3 VPN CE Service Site 3 • Route exchange with SP done via PE Provider PE eBGP/static Site 2 CE IP Routing Peer • Customer relies on SP to advertise (BGP, Static, IGP) their internal routes to all CE’s in the Customer Customer VPN for reachability Managed Domain Managed Domain • SP can offer multiple services: QoS, multicast, IPv6 * No Labels Are Exchanged with the SP

BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 28 Layer 2 - Provider Offered Transport Options VPN Service (Layer 3 Service) - Customer owns CE Layer 2 “Ethernet” Transport Services SP Managed “Ethernet” Service

• CE Routers owned by customer

• PE Routers owned by SP SP Managed Domain • Customer “peers” to own “CE” via IP CE Ethernet Service Site 1 • IP Route exchange done through the Ethernet CE SP Ethernet service (not to it) Service Site 3 Provider Ethernet Site 2 Ethernet PE • SP is nothing more than Ethernet (L2) PE “wire” transport CE IP Routing Peer (BGP, Static, IGP) • All IP (v4/v6, OSPF/EIGRP, MPLS, Customer Customer etc…) transparent to service Managed Domain Managed Domain

Same IP characteristics that apply to Ethernet, also apply to Optical/DWDM, ATM/FR, SONET/SDH, and T1/T3 Services

BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 29 Layer 0/1 - Provider Offered Transport OptionsOffered IP VPN Service (Layer 3 Service) - Customer owns CE Layer 0/1 “Optical” Transport Services SP Managed “Optical” Service

• CE Routers owned by customer

• Optical Mux owned by SP (or SP Managed Domain customer) Optical Service CE • Customer “peers” to own “CE” via IP Site 1 Optical CE • IP Route exchange done through the Site 3 SP optical service (not to it) Site 2 Optical Transport Optical Mux Mux • SP is nothing more than Optical “wire” CE IP Routing Peer transport for “CE to CE” traffic (BGP, Static, IGP)

• Customer Customer All IP (v4/v6, OSPF/EIGRP, MPLS, Managed Domain Managed Domain etc…) transparent to service

Typical Optical offerings include: dark fiber, or lambda service

Transport Transport Connectivity Network Layer Offerings Topologies MPLS IP VPN Layer 3 Internet / Any to Any • Point-to-Point Broadband • Full Mesh • Partial Mesh Point to Point • Hub/Spoke Ethernet (E-LINE, Layer 2 Point to Multipoint • Multi-tier E-LAN) Multipoint to Multipoint • Hybrid (combination of OTN, SONET any) Layer 0 / 1 Point to Point DWDM

Transport Transport Connectivity Network Encryption Criteria Layer Offerings Topologies MPLS IP VPN Available Options? Layer 3 Internet / Any to Any • Point-to-Point Evaluation criteria ? Broadband • Full Mesh Recent Innovations? • Partial Mesh Point to Point • Hub/Spoke Ethernet (E-LINE, Impact of choice via: Layer 2 Point to Multipoint • Multi-tier E-LAN) - Transport ? • Hybrid Multipoint to Multipoint - Connectivity ? (combination of - Performance ? OTN, SONET any) Layer 0 / 1 Point to Point - Topology ? DWDM

Goal of this session

DMVPN, FlexVPN, GETVPN VPN Technology Positioning Data Center Core

Internet Edge IPSec Agg. GM GM

Remote Access KS KS SW Clients WAN Edge

Internet/Shared Network GET MPLS/Private Encrypted Network

Site-to- Site VPN

DMVPN/FlexVPN EzVPN/FlexVP GETVPN GM GETVPN GM GETVPN GM N Client Spoke Spoke BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 34 DMVPN Flexible Secure WAN Design Over Any Transport Dynamic Multipoint VPN (DMVPN)

Transport-Independent Flexible Secure

Simplifies WAN Dynamic Full-Meshed Proven Robust Design Connectivity Security • Easy multi-homing over any carrier • Consistent design over all transports • Certified crypto and firewall for service offering compliance • Automatic site-to-site IPsec tunnels • Single routing control plane with • Scalable design with high- • Zero-touch hub configuration for minimal peering to the provider new spokes performance cryptography in hardware

Internet

ASR 1000 WAN

ISR-G2

MPLS Branch ASR 1000 Data Center

• Next Hop Resolution Protocol (NHRP) • Creates a distributed (NHRP) mapping database of all the spoke’s tunnel to real (public interface) addresses • Multipoint GRE Tunnel Interface (mGRE) • Single GRE interface to support multiple GRE/IPsec tunnels • Simplifies size and complexity of configuration • IPsec tunnel protection • Dynamically creates and applies encryption policies (optional) • Routing • Dynamic advertisement of branch networks; almost all routing protocols (EIGRP, RIP, OSPF, BGP, ODR) are supported

• Branch spoke sites establish an IPsec tunnel to and SECURE ON-DEMAND TUNNELS register with the hub site

• Only the WAN IP addresses need to be known Hub by the WAN transport ASR 1000 • WAN interface IP address can be used for the tunnel source address Branch n IPsec • IP routing exchanges prefix information for each site VPN ISR G2 • BGP or EIGRP are typically used for scalability

ISR G2 • Data traffic flows over the DMVPN tunnels ISR G2 Branch 1 Branch 2 • When traffic flows between spoke sites, the hub assists the spokes to establish a site-to-site tunnel Traditional Static Tunnels • Per-tunnel QOS is applied to prevent hub site DMVPN On-Demand Tunnels oversubscription to spoke sites Static Known IP Addresses Dynamic Unknown IP Addresses

BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 38 BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 39 FlexVPN What is FlexVPN? Overview

• VPN solution that combines site-to-site, remote-access, hub-spoke and spoke-spoke topologies

• Utilizes IKEv2 (only) for performing mutual authentication and establishing and maintaining Security Associations (SAs)

• FlexVPN combines multiple frameworks into a single, comprehensive set of CLI and binds it together offering more flexibility and a means to extend functionality in the future

• FlexVPN offers a simple but modular framework that extensively uses the tunnel interface paradigm

. Customer desires to build site-to-site, remote-access, hub- spoke and spoke-spoke topologies utilizing a unified CLI . Large Scale deployment (of spoke to spoke and hub and spoke) . Customer wishes to reduce learning curve of implementing multiple different types of VPN connectivity . Customer requires IKEv2 features

• One VPN to develop and position

• Everything works – Simplify Deployment and Operation

BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 43 GETVPN BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 45 Main Components of GETVPN

Key Servers (KSs) • IOS devices responsible for creating /maintaining control plane • Distributing keys to the group members

GDOI (Group Domain of Interpretation, RFC 6407) Cryptographic protocol for group key management

Group Security Associations • Tunnel-less Network • No Peer-to-Peer Tunnel required • IPsec SAs shared by GM’s

Group Members (GMs) IOS devices used for encryption/decryption

BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 46 BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 47 BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 48 BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 49 IPSec VPN Summary VPN Solutions Compared DMVPN FlexVPN GET VPN . Any-to-Any; . Large Scale Hub and Spoke . Converged Site to Site and (Site-to-Site) Network Style with dynamic Any-to-Any Remote Access . 24,000 group members . Up to 4000 sites . Up to 10000 sites per KS . Dyn Routing or IKEv2 Route Failover . A/A based on Dynamic Distribution . Transport Routing Redundancy Routing . Server Clustering . COOP Based on GDOI . Stateful Failover * . Multicast replication at hub . Multicast replication in . Multicast replication at hub IP Multicast . Multicast replication in IP WAN IP WAN network network * . Per Tunnel QoS, Hub to . Per SA QoS, Hub to Spoke QoS . Transport QoS Spoke . Per SA QoS, Spoke to Spoke* Policy Control . Locally Managed . Centralized Policy Management . Locally Managed

. Tunneled VPN . Tunneled VPN . Tunnel-less VPN Technology . Multi-Point GRE Tunnel . Point to Point Tunnels . Group Protection . IKEv1 or IKEv2 . IKEv2 Only . Private IP Transport Infrastructure . Public or Private Transport . Public or Private Transport . Flat/Non-Overlay IP Network . Overlay Routing . Overlay Routing Routing

3rd Party rd . No . Yes – up to 3 party . No Compatibility implementation

• IPSec performance, complexity, and cost becoming more challenged • Throughput constrained to the performance of the IPSec encryption engine

• MPLS, Multicast, IPv6 in some cases require GRE tunneling to operate • GRE and IP overlays add an additional leverage of complexity and performance impact in certain router platforms

• Innovations such as DMVPN, MPLS VPN over mGRE simplify this, but IPSec performance still lowest common denominator and performance impact

• Line-rate encryption is becoming a requirement, that is simpler to operate, and removes levels of complexity from the WAN solution WAN MACsec targets addressing these challenges…

• Bandwidth application requirements out- pacing IP encryption capabilities

• Bi-directional and packet sizes further impact encryption performance

• IPSec engines dictate aggregate performance of the platform (much less that link router forwarding capabilities) BW

Link speed = Encryption Engine • Encryption must align with link speed (100G+) to support next-generation applications time

• IPSec performance, complexity, and cost becoming more challenged • Performance at a fraction of overall router throughput

• High-speed solutions target line-rate encryption

• Solves Architectural complexity

• Removes packet size/MTU issues

• Obscures IP and MPLS content

OTN and WAN MACsec targets these challenges…

• Increasing bandwidth demands over the WAN for branch, applications and data centers

• Less applications run locally in branch locations, driving high-speed transport increases

• Highly resilient cloud computing architectures (C2S, GovCloud) driving high speed data center replication requirements

• Traffic pattern changes dictated by cloud, M2M communications, IoT/IoE

• Encryption landscape is changing driving high speed layered encryption solution offerings

• Hop-by-Hop vs End-to-End “Bump-in-the-wire” model -Packets are decrypted on ingress port -Packets are in the clear in the device -Packets are encrypted on egress port

• Allows the network to continue to perform all the packet inspection features currently used

Decrypt at Encrypt at Ingress Egress everything in clear 01101001010001001 01101001010001001 128bit AES GCM Encryption 128bit AES GCM Encryption 128bit AES GCM Encryption

01001010001001001000101001001110101 011010010001100010010010001010010011101010 01101001000110001001001000

ASIC

• * NIST Special Publication 800-38D (http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf)

• MACsec provides Layer 2 hop-by-hop encryption and integrity, based on IEEE 802.1AE 802.1AE standard • 128/256 bit AES-GCM (Galois/Counter Mode) – NIST Approved * • Line rate Encryption / Decryption for both 1/10/40/100GbE interface • Replay Protection of each and every frame

Customer Benefits . Protects against man-in-the-middle attacks (snooping, tampering, replay) . Standards based frame format and algorithm (AES-GCM) . 802.1X-2010/MKA addition supports per-device security associations in shared media environments (e.g. PC vs. IP Phone) to provide secured communication . Network service amenable hop-by-hop approach compared to end-to-end approach (e.g. Microsoft Domain Isolation/virtualization)

2013 802.1AEbw 2010 Amendment 2006 802.1af becomes MACSec defines 802.1AE part of 802.1x-2010 AES-GCM-XPN -128 MACSec AES- MACSec Key ann AES-GCM-XPN- 128-GCM Agreement (MKA) 256

2007 2011 2017 802.1af 802.1AEbn 802.1AEcg Authenticated Key Amendment Agreement for Current working MACSec MACSec adds group adds support AES-256-GCM for MACSec over provider bridges

BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 59 MACsec Protocols & Algorithms Function Protocol Specification Encryption Algorithms 1 Device Identification Secure Device IEEE 802.1AR RSA, ECC Identification 2 Authentication and EAP: Extensible IEEE 802.1X (RFC 5126, TLS Based: Key Establishment Authentication Protocol RFC 4851) RSA, ECC, AES, (EAP-TLS, Cisco EAP-FAST) HMAC-SHA2

3 Control Key MKA: MACsec KEY IEEE 802.1X-2010 AES-128 KeyWrap, Management Agreement AES-128-CMAC AES-256-CMAC

4 Authorization and RADIUS with Cisco Key RFC 6218 AES-128-KeyWrap, Key Distribution Wrap Attributes HMAC-SHA-2 DTLS IPSec 5 Bulk Data MACsec IEEE 802.1 AE AES-GCM-128 Encryption 802.1AEbn AES-GCM-256 802.1AEbw AES-GCM-128-XPN 802.1AEcg AES-GCM-128-XPN BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 60 802.1AE (MASec) Tagging TrustSec Frame Format Authenticated Encrypted

DMAC SMAC 802.1AE Header 802.1Q CMD ETYPE PAYLOAD ICV CRC

0x88e5

MACsec EtherType TCI/AN SL Packet Number SCI (optional)

 Frames are encrypted and protected with an integrity check value (ICV)

 MACsec Ethertype is 0x88e5

 No impact to IP MTU/Fragmentation

 L2 Frame MTU Impact*: ~ 40 bytes = less than baby giant frame (~1600 bytes with 1552 bytes MTU)

BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 61 Quick MACsec Terminology Acronym Definition MACsec Key Agreement – defined in IEEE 802.1XREV-2010 is a key agreement protocol for MKA discovering MACsec peers and negotiating keys

Master Session Key, generated during EAP exchange. Supplicant and authentication server MSK use the MSK to generate the CAK.

Connectivity Association Key is derived from MSK. CAK is a long-lived master key used to CAK generate all other keys used for MACsec. CKN Connectivity Association Key Name – identifies the CAK Secure Association Key is derived from the CAK and is the key used by supplicant and switch SAK to encrypt traffic for a given session.

Key Server KS • responsible for selecting and advertising a cipher suite • responsible for generating the SAK from the CAK.

Authenticator/AS Supplicant

Mutual Authentication, IEEE 802.1X/EAP MSK

MACsec Key Agreement protected by key derived from the EAP IEEE 802.1X/MKA MACsec Key MACsec protecting IEEE 802.1AE data

Supplicant Authen cator Authen ca on Server

EAPoL: EAP Request-Iden ty

1 EAPoL: EAP-Response: Alice I Authen ca on RADIUS Access-Request E

and Master Key [AVP: EAP-Response: Alice] E

Distribu on RADIUS Access-Challenge 8

[AVP: EAP-Request: PEAP] 2

RADIUS Access-Accept X EAP Success [AVP: EAP Success] [AVP: EAP Key Name] [AVP: CAK]

2 EAPoL-MKA: Key Server

Session M EAPoL-MKA: MACSec Capable Key K

Agreement EAPoL-MKA: Key Name, SAK EAPoL-MKA: SAK Installed

AES-GCM-128 M 3 Session Encrypted Data A

Secure Encrypted Data S

• Two Methods to derive Encryption Keys EAP MSK • 802.1x/EAP • Pre-shared Keys CKN CAK

ICK KEK SAK • If EAP method is used – all keys are generated from the Master Session Key (MSK)

• If Pre-shared Key is used the CAK=PSK Pre-Shared Key and the CKN must be manually entered CAK CKN

ICK KEK SAK

BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 65 MKA with Pre-shared and cached CAKs • When EAP is not used for Authentication – a pre-shared key (PSK) can be used. The CAK is manually placed in the router/switch configuration and used as the PSK

• Some EAP/MACsec use cases require the link to come up even if the AAA server cannot be reached • A preinstalled CAK can be cached in the configuration, and then used until such time as the AAA server is reached and a new CAK is obtained.

MKA uses a key hierarchy based on a single long-term key (CAK) CAK is derived from the EAP MSK using a key derivation function (KDF) defined in NIST SP800-108. The following is for a 128-bit CAK. (The key is longer for a 256-bit CAK.) CAK = KDF(MSK[0-15], "IEEE8021 EAP CAK”, mac1 | mac2, CAKlength)

A unique name is derived for the CAK, called a CKN. This is like a KeyID CKN = KDF(MSK[0-15], "IEEE8021 EAP CKN”, mac1 | mac2, CKNlength)

Note: A pre-shared or cached CAK requires both the CAK and CKN to be saved in the network device configuration, as well as some policy (e.g., cipher suite)

• Two keys are generated from the CAK by MKA ICV Key (ICK) used to prove an authorized peer sent the message ICK = KDF(CAK, “IEEE8021 ICK”, Keyid, ICKLength) Key Encrypting Key (KEK) used to protect the MACsec keys (SAK) KEK = KDF(CAK, “IEEE8021 KEK”, Keyid, KEKLength)

• A MACsec key is called a Secure Association Key (SAK) • It is typically generated using the KS FIPS 140-2 compliant random number generator • Alternatively, it can be generated using a KDF, including randomness provided by other participants as well as the KS. This protects against a failure in KS randomness SAK = KDF(CAK, “IEEE8021 SAK”, KS-nonce | MI-value list | KN, SAKlength) Where: KS-nonce is randomness provided by the KS, MI-value list includes a 32-bit value provided by each member in the group (not the MAC address) KN is a counter maintained by the KS

Key Chain Name

Connectivity Association Key Name (CKN)

MKA Authentication Cipher

Connectivity Association Key (CAK) • 32 Characters for 128bit • 64 Characters for 256bit

Lifetime Note: The lifetime is for the CKN not the CAK

MKA Policy Name MACsec Cipher suite for Secure Association Key (SAK)

Confidentiality Offset

MKA Policy Name

Key Chain Name Enables MACSec

• We always allocate 2 SAs: • 1st SA = Active SA has SAK • 2nd SA = Idle SA reserved for re-keying, has no SAK

• During re-key time there is time overlap to: 1. Exchange and install new SAK key and bind it to idle SA 2. Purge the old SAK key and allocate an new idle SA

MACSEC Re-Keying R1 R2 AES-GCN-256-bit Effective Scale with Re-Keying Total MACSEC 10G = 1,600 Ports Per System 40G = 320 Time Axis 100G = 160 Per Port SA Count 10G Tx/Rx SAs = 32/2 = 16 Only 1 SA Installed T1 SA1  SA1  Idle SA1  SAK1 SA1  Idle 40G Tx/Rx SAs = 128/2 = 64 SAK1 100G Tx/Rx SAs = 256/2 = 128 SA1  SAK1 Re-Keying 2 T2 SA1  Total MACSEC SAs 10G Tx/Rx SAs = 51,200/2 = 25,600 SAK1 SAs installed SA2  SA2  SAK2 Per System 40G Tx/Rx SAs = 40,960/2 = 20,480 SAK2 100G Tx/Rx SAs = 40,960/2 = 20,480 Re-Key Complete T3 SA2  SA2  Idle Purge Old SAK SA2  SA2  Idle SAK2 SAK2 Reclaim SA

• Replay protection Window Size = Maximum out-of-sequence frames MACSEC accepts and not discarded

• MACSEC Egress Decryption PE expects: • All frames to be received in sequence as 1,2,3, etc … (ascending order) • All out-or-order or out-of-sequence frames should not exceed “Replay Protection Window Size” • If any frame with sequence number outside of window size arrives it will be discarded. Eg, window expects 1-64, but we get 100 then100 will be discarded. Replay-Protection-Window-Size = 0 Replay-Protection-Window-Size = 64 Strict Discard Enforced Max 64 out of Sequence accepted

MACSEC Rx PHY MACSEC Rx PHY

Frame Sequence Number: Frame Sequence Number: etc 62 …,15,14,63,64,11,10,8,7,9,6,5,4,3,2,1 …,15,14,13,12,11,10,8,7,9,6,5,4,3,2,1

All Discarded Accepted All Accepted Out-of-Sequence Out-of-Sequence Detected Detected BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 75 Let’s talk MACsec Access Control

• Use the macsec access-control {must-secure | should-secure} command to control the behavior of unencrypted packets.

• The should-secure keyword allows unencrypted packets from the physical interface or subinterfaces to be transmitted or received.

• The must-secure keyword does not allow unencrypted packets from physical interface or subinterfaces to be transmitted or received. All such packets are dropped except for MKA control protocol packets

CAUTION

• If MACsec is enabled only on selected subinterfaces, configure the should-secure keyword option on the corresponding interface.

• The default configuration for MACsec on subinterfaces is macsec access-control must-secure. This option is enabled by default when the macsec command is configured on an interface.

Category MACsec IPsec Market Positioning 1. Aggregate Deployments such as Regional Hubs 1. Small Branches 2. Large Branches that require high throughput 2. High Scale deployments 3. Data Center Interconnects 3. Low throughput Branches 4. Beyond MetroE (International) Reach Link Requires dedicated MetroE EVC circuits for L2 connectivity Easily Routable over many commonly available public Requirement/Topologi between sites network es Point-to-Point, Point-to-MultiPoint Any Topology Encryption Per PHY Link Speed (1G, 10G, 40G, 100G) Constrained by IPsec Crypto engine performance Performance Services Enablement No impact to encryption throughput Impacts encryption throughput

Peers Scale Limited by hardware resources Highly Scalable Throughput Up to Line Rate on each port (limited only by the forwarding Aggregate throughput (limited by the encryption capability) throughput) Configurability Simple configuration More complex configuration and policy choices

Layer 3 Visibility for No. Except Layer 2 headers (and optionally VLAN/MPLS Labels) Visible. L3 info can be used for monitoring & policy Monitoring everything else is encrypted enforcement purposes

Kural Arangasamy BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 78 MACsec Deployment Models and Use Cases Carrier Ethernet Services Overview Primary focus areas in this session for MACsec discussion

Source: Carrier Ethernet Services Overview - http://metroethernetforum.org/Presentations

CE2 CE1

P2P “virtual” Carrier Ethernet Ethernet Service Pseudo-wire E-LINE (P2P)

CE4 CE3 Ethernet Sub-interface with 802.1q support Central Site

IP Routing Peer (BGP, Static, IGP)

CE2 CE2 CE1 CE1

Routers peer per P2P “virtual” Carrier Ethernet VLAN sub- Ethernet Service Pseudo-wire interface per PW E-LINE (P2P)

CE4 CE3 CE4 CE3 Ethernet Sub-interface with Central Ethernet Sub- Central 802.1q support interface with Site 802.1q support Site

• E-LINE is a point-to-point virtual “Ethernet wire” service IP Routing Peer • Connection model can be point to point, with virtual (BGP, Static, IGP) multiplexing at hub site via 802.1Q/sub-interface offering BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 84 Source: Overview presentation of the MEF - http://metroethernetforum.org/Presentations

Physical View Logical View CE2 CE2 CE1 CE1 Routing Peers (N – 1)

Carrier Ethernet Service Flat Ethernet Bridge domain E-LAN (multi-pt)

Single VLAN

CE3 CE4 CE3 CE4

• E-LAN emulates the network as an “Ethernet switch”

• Routers appear as part of a single “flat” Ethernet domain

• Caution required as IP Peering is N – 1 (N = # of router nodes) IP Routing Peer • Transport is MAC address aware of “well known” MAC (BGP, Static, IGP) addresses and Ether types BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 86 What is WAN MACsec? What is “WAN MACsec? Secure Ethernet Link(s) over Public Ethernet Transport MKA Session

Service Provider Owned Routers/Bridges Data Data Center Public Carrier Center Ethernet Service Remote Central Campus/DC Campus/DC

• Leverage “public” standard-based Ethernet transport MACsec MKA Session

• Optimize MACsec + WAN features to accommodate MACsec Secured Path / MKA running over public Ethernet transport Session MACsec Capable Router • Target “line-rate” encryption for high-speed applications MACsec Capable PHY • Inter DC, MPLS WAN links, massive data projects SP Owned Ethernet • Targets 100G, but support 1/10/40G as well Transport Device

• AES-256 (AES/GCM) support – 1/10/40 and 100G rates • Target Next Generation Encryption (NGE) profile that currently leverages public NSA Suite B • Standards Based MKA key framework • (defined in 802.1X-2010) within Cisco security development (Cisco “NGE”) • Ability to support 802.1Q tags in clear • Offset 802.1Q tags in clear before encryption (2 tags is optional) • Vital Network Features to Interoperate over Public Carrier Ethernet Providers • 802.1Q tag in the clear • Ability to change MKA EAPoL Destination Address type • Ability to change MKA Ether-type value • Ability to configure Anti-replay window sizes • System Interoperability • Create a common MACsec integration among all MACsec platforms in Cisco and Open Standards

Capability MACsec WAN MACsec Data Plane Encryption AES-128 (AES-GCM) AES-128/AES-256 (AES-GCM)

1/10/40/100G AES-256/GCM No (AES-128 only) Yes

Control Plane Keying SAP (Cisco) MKA (IEEE)

802.1Q Tag in the Clear No Yes

Point to MultiPoint Topology No Yes

MKA EAPoL Tuning No Yes

MKA Ether Type Tuning No Yes

Anti Replay Window Support Limited Yes

Multi Vendor Support No Yes

Data Data Center Public Carrier Center Ethernet Service Remote Central Campus/DC Campus/DC

• Leverage “public” standard-based Ethernet transport MACsec Secured Path / MKA Session • Optimize MACsec + WAN features to accommodate the MACsec Capable Router

service provider transport requirements MACsec Capable PHY

• Offer “line-rate” alternatives to IPSec when high-speed SP Owned Ethernet encryption is required for certain applications (DCI, Transport Device storage replication, service provider backbone WAN links

1. Point to Point (E-LINE) 2. Point to Multi Point (E-LINE/E-LAN) 3. Multi-point to Multi-point (E-LAN)

Use Case Applicability Transport

Metro E - Branch Router Back- Encryption requirements exceed IPSec E-LINE haul capabilities E-LAN High Speed Data Center Targets 10 / 40/ 100Gbps DC interconnect E-LINE Interconnect (DCI) links for storage replication and workload optical/fiber movement MPLS Core / Edge Links Encrypt all PE-P, P-P links inside of an MPLS E-LINE Security backbone. Allows transparency of MPLS optical/fiber labels, TE, Segment Routing, etc… Secure PE-CE links to Trusted Service Provider option for offering secure PE- E-LINE SP Service CE transport when PE is in Co-Lo over E-LAN untrusted links Secure Metro Ethernet Service Service Provider option for offering “secure” E-LINE Offering Metro E services to end customers E-LAN Hybrid MACsec and IPSec Position MACsec in high-speed core, and E-LINE/E- Design IPSec for high-volume sites, lower speed LAN/IPSec

Use Case Applicability Key WAN MACsec Feature Focus Transport

Leverage MACsec encryption rates Line-rate encryption 10Gb+, 802.1Q tag in the High-speed Branch E-LINE without need for expensive IPSec clear, Carrier-E adaption features, no GRE Router Back-haul E-LAN engine Targets 10Gbps – 100Gbps DC 100Gb Line-rate encryption, 802.1Q tag in the High Speed Data Center E-LINE interconnect links for DC replication and clear, Carrier-E adaption features, no GRE Interconnections (DCI) optical/fiber workload movement Simplified encryption Leverage MACsec over Ethernet back- Line-rate encryption 10Gb+, 802.1Q tag in the E-LINE solutions where lower- haul service clear, Carrier-E adaption features, no GRE ELAN cost Ethernet is offered Securing MPLS links in Encrypt all PE-P, P-P links inside of an 100Gb Line-rate encryption, 802.1Q tag in the Self Managed MPLS MPLS backbone. Allows transparency clear, no MPLS over GRE requirements E-LINE backbone of MPLS labels, MPLS TE, Segment optical/fiber Routing, etc… SP option for offering secure PE-CE Line-rate encryption 10Gb+, 802.1Q tag in the Securing PE-CE links to E-LINE transport when PE is in Co-Lo over clear, Carrier-E adaption features Trusted SP Service ELAN (SP) untrusted links Secure Metro Ethernet SP option for offering “secure” Metro Line-rate encryption 100Gb+, 802.1Q tag in E-LINE Service Offering Ethernet services to end customers the clear ELAN (SP)

BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 95 Use Cases Leveraging E-LINE Router Peering Model View over E-LINE Point to Point E-LINE Service Physical View Logical View

CE2 CE2 CE1 CE1

Routers peer per P2P “virtual” Carrier Ethernet VLAN sub- Ethernet Service Pseudo-wire interface per PW E-LINE (P2P)

CE4 CE3 CE4 CE3 Ethernet Sub-interface with Central Ethernet Sub- Central 802.1q support interface with Site 802.1q support Site

• E-LINE is a point-to-point virtual “Ethernet wire” service IP Routing Peer • Connection model can be point to point, with virtual (BGP, Static, IGP) multiplexing at hub site via 802.1Q/sub-interface offering BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 97 WAN MACsec Use Cases High Speed Site to Site MKA Session

Data Data Center Carrier Ethernet Center Service

Central Central Site Site

MACsec Secured Path / MKA • Point to point PW (EPL) service Session • Typically Port-mode, or 802.1Q offering MACsec Capable Router MACsec Capable PHY • Target Solution: High-speed (line-rate) transfers SP Owned Ethernet • Speeds typically exceed IPSec Transport Device • Reduce IPSec complexity (DMVPN, GRE tunnels) MACsec MKA Session

E-LINE - Point to Point • Use Cases – Requirement • 10GE  100GE High speed Site to Site requirement • Campus, WAN, DCDC, Metro E • Data Center Interconnect (replication, massive storage transfers) • SP: IP/MPLS core/edge links (PE–P, P–P, PE–PE) Carrier Ethernet • H-QOS: per sub-interface Service • WAN MACsec Features Central Central • Strong Encryption: AES-GCM-256 (Suite B) Site / DC 1 Site / DC 2 • 802.1Q in the clear (VRF-lite option) • Key Benefits MACsec Capable Router MACsec Secure Path / MKA Session • Simple to configure • 10/100G line-rate encryption MACsec enable Ethernet PHY • Transparent to WAN Technology (IP/MPLS, Multicast) • Cost Effective encryption, even in Terabit Routers

Data Data Center Carrier Ethernet Center Service

Central Central Site Site

MACsec Secured Path / MKA Session • Point to point PW service (no MAC address lookup) MACsec Capable Router

• Typically Port-mode, or 802.1Q offering MACsec Capable PHY

• Target Solution: High-speed (line-rate) transfers SP Owned Ethernet Transport Device • Speeds typically exceed IPSec • Reduce IPSec complexity (DMVPN, GRE tunnels)

E-LINE - Point to Point • Use Cases – Requirement • 10GE  100GE High speed Site to Site requirement • Data Center Interconnect (replication, massive storage transfers) • IP/MPLS core/edge links (PE – P, P – P, PE – PE) Carrier • H-QOS: per sub-interface Ethernet Service • WAN MACsec Features

• Strong Encryption: AES-GCM-256 (Suite B) Central Central • 802.1Q in the clear (VRF-lite option) Site / DC 1 Site / DC 2

• Target Customer MACsec Capable Router • Enterprise, Cloud Provider, Federal/Government MACsec Secure Path / MKA Session • Service provider desiring secure WAN links MACsec enable Ethernet PHY

Data Carrier Ethernet Center Service Branch Central Site

Branch MACsec Secured Path / MKA Session • Point to point PW service (no MAC address lookup) MACsec Capable Router MACsec Capable PHY • Must leverage 802.1Q offering at Central site SP Owned Ethernet Transport Device • Target Solution: Simple and/or high-speed Branch Backhaul MACsec MKA Session • Speeds typically exceed IPSec 802.1Q MACsec PHY • Reduce IPSec complexity (DMVPN, GRE tunnels) BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 102 802.1AE (MacSec) Tagging TrustSec Frame Format Authenticated Encrypted

DMAC SMAC 802.1AE Header 802.1Q CMD ETYPE PAYLOAD ICV CRC

0x88e5

MACsec EtherType TCI/AN SL Packet Number SCI (optional)

 Frames are encrypted and protected with an integrity check value (ICV)

 MACsec Ethertype is 0x88e5

 No impact to IP MTU/Fragmentation

 L2 Frame MTU Impact*: ~ 40 bytes = less than baby giant frame (~1600 bytes with 1552 bytes MTU)

Encrypted

DMAC SMAC 802.1AE Header 802.1Q CMD ETYPE PAYLOAD ICV CRC

0x88e5

MACsec Ether Type TCI/AN SL Packet Number SCI (optional)

802.1Q tag in clear Encrypted

DMAC SMAC 802.1Q 802.1AE Header CMD ETYPE PAYLOAD ICV CRC

0x88e5

MACsec Ether Type TCI/AN SL Packet Number SCI (optional)

• 802.1Q tag offers significant network design options over the carrier network

. Key to solution is use of 802.1q for logicalC connectivity to each site H . This is analogous to “channelization” in SONET 4 . Router enables logical IP sub-interface using8 with 802.1Q tag per location . This will allow multiple connections into a single PHYSICAL interface Physical Ethernet Wire

10 Public MACsec 20 Ethernet Transport PHY 30 40

802.1Q VLAN tags to provider

Ethernet Interface Supporting 802.1q Trunking Encrypted Ethernet session per destination using 802.1q tag on SP n-PE

Example: ... interface GigabitEthernet0/0/4 macsec dot1q-in-clear 1 Allows the ability to leverage MACsec on a per sub-interface Interface GigabitEthernet0/0/4.20 basis, exposing the “802.1Q tag” encapsulation dot1Q 20 outside the encryption header. ip address 10.3.2.1 255.255.255.0 mka pre-shared-key key-chain k1 macsec ! Interface GigabitEthernet0/0/4.30 encapsulation dot1Q 30 ip address 10.3.3.1 255.255.255.0 mka pre-shared-key key-chain k1 macsec Note: “1” denotes one .1Q tag depth

• Use Case - Requirement E-LINE - Point to Multipoint • High Speed hub-and-spoke Topology Support • Leverage low-cost/high-speed Metro E transport Branch n • Ability to mix MACsec with IPSec • MACsec – high-speed, low-volume locations over Metro E Branch 2 • IPSec – lower-speed, high-volume locations over IP

• Cost Effective Design where N x 10G is required Carrier Ethernet • WAN MACsec Features Service • Strong Encryption: AES-GCM-256 (Suite B) Branch 1 Central • Leverage 802.1Q in the clear (Hub-Site logical separation) Site • Key Benefits • Simple to configure MACsec Capable Router • Lower cost hardware design for N x 10Gbps+ encryption MACsec Secure Path / MKA Session • Ex: 1 RU ASR1001-x, 20G MACsec, 4G IPSec MACsec enable Ethernet PHY • 802.1Q Tag in Clear allows simple site aggregation MACsec 802.1Q Ethernet PHY • Flexible to support MACsec and IPSec at Central Site

Data Carrier Ethernet Center Service Branch Central Site

Branch MACsec Secured Path / MKA Session • Point to point PW service (no MAC address lookup) MACsec Capable Router MACsec Capable PHY • Must leverage 802.1Q offering at Central site SP Owned Ethernet Transport Device • Target Solution: Simple and/or high-speed Branch Backhaul • Speeds typically exceed IPSec • Reduce IPSec complexity (DMVPN, GRE tunnels) BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 108 802.1AE (MacSec) Tag in “Clear”

Encrypted

DMAC SMAC 802.1AE Header 802.1Q CMD ETYPE PAYLOAD ICV CRC

0x88e5

MACsec EtherType TCI/AN SL Packet Number SCI (optional)

802.1Q tag in clear Encrypted

DMAC SMAC 802.1Q 802.1AE Header CMD ETYPE PAYLOAD ICV CRC

0x88e5

MACsec EtherType TCI/AN SL Packet Number SCI (optional)

• 802.1Q tag offers significant network design options over the carrier network

MKA Session

Data Carrier Ethernet Center Service Branch Central Site

Branch PHY Encrypted Ethernet session per Expanded PHY View destination using 802.1q tag on SP n-PE PHY

20 Sub-int

30 Sub-int

Physical Ethernet cable

10 Public MacSec 20 Ethernet Transport PHY 30 40

802.1Q VLAN tags to provider

Ethernet Interface Supporting 802.1q Trunking Encrypted Ethernet session per destination using 802.1q tag on SP n-PE

MKA Session

Data Carrier Ethernet Center Service Branch Central Site

Branch PHY Expanded PHY View

Sub-int

Physical Ethernet cable

BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 112 WAN MACsec Use Cases E-LINE – Point to Multi-point Topology • Use Case - Requirement E-LINE - Point to Multipoint • High Speed hub-and-spoke requirement • Targets < 30 Site Remote Branch back-haul topology (SA Limit) Branch n

• Ability to leverage low-cost/high-speed local Metro E Branch 2 transport • May require H-QOS: per sub-interface (Hub), Sub-rate (spoke) Carrier • Desire is to eliminate IPSec complexity Ethernet Service • WAN MACsec Features • Strong Encryption: AES-GCM-256 (Suite B) Branch 1 Central • Ability to leverage 802.1Q in the clear (Hub-Site logical Site separation), offering flexible topology options

MACsec Capable Router • Target Customer MACsec Secure Path / MKA Session • Low cost Ethernet transport service available • May require encryption exceeding IPSec capabilities, MACsec enable Ethernet PHY specifically at the Hub location MACsec 802.1Q Ethernet PHY • Targets: Enterprise, Commercial, Federal/Government

BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 113 Use Cases Leveraging E-LAN Source: Overview presentation of the MEF - http://metroethernetforum.org/Presentations BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 115 Router Peering Model View for E-LAN

Physical View Logical View CE2 CE2 CE1 CE1 Routing Peers (N – 1)

Carrier Ethernet Service Flat Ethernet Bridge domain E-LAN (multi-pt)

Single VLAN

CE3 CE4 CE3 CE4

• E-LAN emulates the network as an “Ethernet switch”

• Routers appear as part of a single “flat” Ethernet domain

• Caution required as IP Peering is N – 1 (N = # of router nodes) IP Routing Peer • Transport is MAC address aware of “well known” MAC (BGP, Static, IGP) addresses and Ether types BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 116 WAN MACsec Use Cases E-LAN Point to Multipoint Backhaul

Data Carrier Ethernet Center Service Branch Central Site

Branch MACsec Secured Path / MKA • MAC address lookup based service Session MACsec Capable Router • WAN MACsec destination EAPoL address change may be required • Allows MKA session over any Carrier Ethernet transport MACsec Capable PHY

SP Owned Ethernet • Leverage any-to-any forwarding of E-LAN service Transport Device

• Target Solution: Traffic patterns that require any to any connectivity (voice, video, distributed application locations)

• MKA uses Extensible Authentication Protocol over LAN (EAPoL) as the transport protocol

• By default, EAPoL uses a destination multicast MAC address of 01:80:c2:00:00:03

• Because EAPoL is a standards (802.1X), the SP may consume this packet (based on the destination multicast MAC address)

• If so, the EAPoL packet will eventually get dropped, causing the MKA session establishment process to fail

• We need a method to change the destination MAC address of an EAPoL packet, to ensures the SP tunnels the packet like any other data packet instead of consuming them.

• The “eapol destination-address” command allows the operator to change the destination MAC address of an EAPoL packet that is transmitted on an interface towards the service provider (to destination MACsec router).

• This ensures that the service provider tunnels the Ethernet frame like any other data packet instead of consuming them.

• Example:

... interface GigabitEthernet0/0/4 Leverage “broadcast” address macsec dot1q-in-clear 1* as the destination EAPoL macsec replay-protection-window-size 100 address. Provider switch will eapol destination-address broadcast forward as standard “broadcast” Ethernet frame.

• The “macsec eth-type” command allows the operator to change the destination Ether Type value of an EAPoL packet to a “well known” value on an interface connecting to the Ethernet service provider (to destination MACsec router).

• This ensures the service provider forwards the Ethernet frame/ether-type like any other data packet instead of consuming them.

• Example:

... interface GigabitEthernet0/0/4 macsec dot1q-in-clear 1* Leverages a “well known” ether macsec replay-protection-window-size 100 type value. eapol destination-address broadcast Provider bridge will NOT ingest macsec eth-type B860 frame as ether-type 0xB860 is assumed “well known”. Note: “macsec eth-type” will be replaced with “eapol eth-type” in next release BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 120 WAN MACsec Use Cases Point to Multi-point / Multi-point to Multi-point Topology

• Use Case - Requirement E-LAN - Multipoint to Multipoint • High Speed Any-to-Any Topology Support • Targets ~30 sites (10G PHY), 64 SA HW limit Branch n • Leverage lower-cost E-LAN Metro E service • Traffic patterns dictated by business application behavior Branch 2 • Cost Effective Design where N x 10G is required

Carrier • WAN MACsec Features Ethernet • Strong Encryption: AES-GCM-256 (Suite B) Service • Leverage 802.1Q in the clear (Hub-Site logical separation) Branch 1 Central • Leverage (if needed) use of EAPoL “destination-address” Site and “ether type change control feature

• Key Benefits MACsec Capable Router • Simple to configure MACsec Secure Path / MKA Session • Ability for router to adjust to providers Ethernet services MACsec enable Ethernet PHY • EAPoL Dest-addr and Ether Type MACsec 802.1Q Ethernet PHY • 802.1Q Tag in Clear allows simple site aggregation • Flexible to support MACsec and IPSec at Central Site BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 121 Additional Customer Use Cases Gaining Interest WAN MACsec for Secure MPLS Backbone Per Link Encryption at 100Gb+ with MACsec End-to-End •IP/MPLS •Segment Routing •IPv6 Data Center

P4 PE2 Enterprise Site Data P1 Center P3 PE 1 Enterprise Data Site P2 Center PE3 Enterprise Site • Leverage MACsec encryption on WAN links connecting PE and P routers in MPLS Core up to 100Gb, N x 100Gb • Offers the ability of “per hop” analytics at P/PE hops MACsec Secured Path / MKA Session • WAN links transparent to: MPLS, MPLS-TE, IPv4/v6, QoS, IS-IS, MACsec Capable Router OSPF, BGP, multicast • Seamless transparent encryption when using Segment Routing BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 123 Hierarchical “Hybrid” MACsec + IPSec Design CSR MACsec IPsec High Throughput Encryption + Lower Scale Sites Lower Throughput Encryption + High Scale Sites

Co Lo Facility Regional IPsec Sites Hub 1 Branch Branch Internet Carrier Ethernet Service Branch Enterprise IPsec Network Branch

Internet Branch Regional Branch MPLS WAN Hub 2 MACsec (WAN MACsec) MACsec Metro E IPsec Branch Regional Hub 3 + DC • “Hybrid” design option for mix of scale, performance, leveraging Ethernet services • MACsec: Core/Backbone Transport – Higher throughput BW, Lower Number of Sites • IPSec: Branch/back-haul – Lower throughput BW, higher number of sites, cloud (CSR)

BRKRST-2309 © 20162017 Cisco and/or its affiliates. All rights reserved. Cisco Public 124 Why OTN Encryption? • Bulk Encapsulation of the client signal ensures line rate • Encrypting the OTN Payload allows Transparency and Interoperability

OC-192/STM-64 Fibre Channel Ethernet OTU-2

OTN Overhead PAYLOAD

Data Center A

Data Center B

OTN DC Edge Data Center #2 OTN Router OTN DC Data Center #1 Edge Router OTN DC Edge Data Center #3 Router • Bulk Encryption at the OTN layer provides protocol agnostic, line rate, client payload encapsulation security across the transport network OTN Secured Path / MKA Session • Eliminates the need to encrypt at the IP, Ethernet, SONET or application layers NCS 2000 + OTN Encryption Interface

• Encryption is line-rate at 10Gbps (100 Gbps future)

• Idea, solution: DCI, or when fiber channel needs protection BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 126 Separate Customer and Provider Control Allocation of Addresses

“Old” 802.1Q Address C-VLAN Component S-VLAN-Component Bridge 01:80:C2:00:00:00 BPDUs Bridge Group Address Treat as Data 01:80:C2:00:00:01 802.3 Pause 802.3 Full Duplex PAUSE Operation 802.3 Full Duplex PAUSE Operation 01:80:C2:00:00:02 Slow Protocols 802.3 Slow_Protocols_Multicast Address 802.3 Slow Protocols Multicast Address 01:80:C2:00:00:03 802.1X 802.1X PAE Address 802.1X PAE Address Reserved for Future Standardization—Media Access Method Reserved for Future Standardization—Media Access 01:80:C2:00:00:04 LLDP Specific (LLDP) Method Specific Reserved for Future Standardization—Media Access Method Reserved for Future Standardization—Media Access 01:80:C2:00:00:05 Specific Method Specific 01:80:C2:00:00:06 Reserved for Future Standardization Reserved for Future Standardization 01:80:C2:00:00:07 Reserved for Future Standardization Reserved for Future Standardization 01:80:C2:00:00:08 Provider Bridge Group Address Provider Bridge Group Address 01:80:C2:00:00:09 Reserved for Future Standardization Reserved for Future Standardization Reserved: Do Not 01:80:C2:00:00:0A Reserved for Future Standardization Reserved for Future Standardization Pass Through 01:80:C2:00:00:0B Reserved for Future Standardization Treat as Data 01:80:C2:00:00:0C Reserved for Future Standardization Treat as Data 01:80:C2:00:00:0D Provider Bridge GVRP Address Treat as Data IEEE Std. 802.1AB Link Layer Discovery Protocol Multicast 01:80:C2:00:00:0E Treat as Data Address 01:80:C2:00:00:0F Reserved for Future Standardization Treat as Data

BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 127 WAN MACsec with PfR MACsec Capable Router Hybrid WAN Leveraging MACsec for High Speed Encryption MACsec Secure Path / MKA Session HYBRID Encryption Option IPSec + MACsec

Active/Active • Leverage MACsec for data transport that WAN Paths Data Center exceeds IPSec’s performance capability One IPsec Overlay • Leverage IPSec/DMVPN for backup path DMVPN over the Internet ISP A SP V One MACsec Underlay DMVPN + MACsec • If MACsec link fails, operator has choice Carrier to throttle down high-speed application - Internet Ethernet One WAN Routing or- wait for high-speed link to recover Domain iBGP, EIGRP, or OSPF • Leverage Policy Based Routing (PBR) or PfR to dictate application paths for DMVPN Leverage MACsec when encryption MACsec and IPSec/DMVPN paths requirement Branch exceeds IPSec

This is NOT IWAN, but leverages common components

SDN Control Plane Architecture (Hybrid)

Application(s) / Management

YDK

YANG

Puppet, Chef (agents), SSH, “South Bound” control and API REST, NETCONF, RESTCONF Agents API’s

Packet Virtual XR DP IP/MPLS Forwarding EVPN/VXLAN Hardware + CP x86 Compute (WAN, DC, Campus Cloud Cloud Packet Virtual Routers Phy/Virtual Forwarding L4-L7 appliances (Public/p Packet rivate) R/S Hardware + CP Switches Routers Forwarding Hardware + CP Cloud Based BRKRST-2309 © 2017 Cisco and/or its affiliates. All rightsL3 reserved. – L7 Services Cisco Public 130 MACsec Tasks That Could Leverage Automation

• Creating a MACsec Key Chain • Chain, key string, key lifetime

• Creating a User-Defined MACsec Policy • Cipher, confidentiality offset, priority

• Applying MACsec Configuration on an Interface

• Verifying MACsec Encryption enabled • Assure policy enabled, secure peering, cipher’s used

Target those operations tasks that are repeatable, requires touching on all security devices, and are often a burden to the Sec/NetOps teams

Example: ! key chain June-key macsec key 01 cryptographic-algorithm aes-128-cmac key-string 12345678901234567890123456789011 lifetime 00:00:00 Jun 1 2017 23:59:59 Jun 30 2017 !

• Ansible Tasks broken up into MACsec key-chain categories (optional)

• Example uses 256 bit key string

• Key lifetime is 7 days

• Automation Engine, Open-Source

• Clientless (uses SSH)

• Python, YAML, Jinja2

• Useful for Day 0

• More Useful for Day 1 tasks: applying common “repeatable” and “global” config changes, VRF, VLANs, configure tunnels, HA, licensing

• Operations tool (validate configs, collect show commands) Checkout DEVNET-1002 • Modules (2.1): ios_command, ios_config, ios_template BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 133 Automating Keychain Password Using Ansible IOS Module Leveraging Ansible Playbook to Automate MACsec Key Chain

Example: ! key chain June-key macsec key 01 cryptographic-algorithm aes-128-cmac key-string 12345678901234567890123456789011 lifetime 00:00:00 Jun 1 2017 23:59:59 Jun 30 2017 !

• Ansible Tasks broken up into MACsec key-chain categories (optional)

• Example uses 256 bit key string

• Key lifetime is 7 days

BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 134 Automating Key Chain Changes Using Ansible Automating VRF Creation and Deployment in an Enterprise Example: ! key chain June-key macsec key 01 cryptographic-algorithm aes-128-cmac key-string 12345678901234567890123456789011 lifetime 00:00:00 Jun 1 2017 23:59:59 Jun 30 2017 !

• Playbook: - SSH credential - cryptographic-algorithm aes-128-cmac - key chain name {{ chain_name }} macsec - key-string {{ string_num }} - Key number in the chain {{ key_num }} - Lifetime of the key {{start/stop, time, day, year, month }}

• Cisco ASR 1001-X (XE 16.3.2) Ansible Host (Ubuntu 14.04 VM)

SSH • Playbook: - SSH credential WAN - key chain name: June-key - Key number: 01 Herndon VA - cryptographic-algorithm aes-128-cmac - key-string: 1234567890..... 23456789011 - Lifetime: 00:00:00 Jun 1 2017 23:59:59 Jun 30 2017 ASR 1001-X ASR 1001-X

GitHub Repository to Example:

https://git.io/vQUR3 BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 136 • Ansible Tasks broken up into MACsec key-chain categories • Granularity is up to the programmer • Option exists to leverage variables with templates for more simplification (I leveraged a hybrid in my example)

BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 137 Ansible (Demo) Automating VRF Creation and Deployment in an Host Inventory Enterprise Playbooks • Ansible 2.2.1 (Linux VM)

• Cisco CSR (VM) Ansible Host (Ubuntu 14.04 VM)

• Playbook: SSH • SSH credential • Create VRF definition “ansible” WAN • Create RD 1:1 • Create RT 1:1 • Apply VRF “ansible” to interface 192.168.50.145 • Create “VRF ansible” under BGP ipv4 ASR 1001-X address-family Herndon VA • Execute ‘wr mem’ GitHub Repository to Example: https://github.com/netwrkr95/ansible-ios-xe

• Screenshot from Cisco-IOS-XR-lib-keychain-macsec- cfg.yang

• Container 'interfaces' with list of 'interface' items

• List items (leafs) have a 'name' which is also the key for the list

• Screenshot from Cisco-IOS-XR-lib- keychain-macsec- cfg.yang

• Container 'interfaces' with list of 'interface' items

• List items (leafs) have a 'name' which is also the key for the list

YDK YDK-Py Python Docs YDK-gen Data C++ Docs YDK-Cpp Models API YANG(YANG) YANYANG Generator Ruby Docs G

go Docs

: :

C♯ Docs

https://developer.cisco.com/site/ydk/documents/overview/ BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 142 Automating Keychain Password Using NETCONF/YANG Leveraging Python Based Application (YDK) with YANG Models Example: ! key chain CHAIN3 macsec key 10 key-string password 01435756085F5359761C1F5B4A514 … A545C7519185E cryptographic-algorithm aes-256-cmac lifetime 00:00:00 january 01 2017 23:59:59 january 07 2017 !

Note: Key string password is abbreviated Sample Applications to Configure MACsec key chains • nc-create-xr-lib-keychain-macsec-cfg-20-ydk.py - One AES-128-GCM key • nc-create-xr-lib-keychain-macsec-cfg-22-ydk.py - One AES-256-GCM key • nc-create-xr-lib-keychain-macsec-cfg-24-ydk.py - Two rolling keys https://github.com/netwrkr95/ydk-py-samples/tree/master/samples/basic/crud/models/cisco-ios-xr/Cisco- IOS-XR-lib-keychain-macsec-cfg

Source: https://github.com/YangModels/yang/tree/master/vendor/cisco/xr/621

• Cisco-IOS-XR-crypto-macsec-mka-cfg.yang • Cisco-IOS-XR-crypto-macsec-mka-if-cfg.yang • Cisco-IOS-XR-crypto-macsec-mka-oper-sub1.yang • Cisco-IOS-XR-crypto-macsec-mka-oper.yang • Cisco-IOS-XR-crypto-macsec-secy-oper-sub1.yang • Cisco-IOS-XR-crypto-macsec-secy-oper.yang • Cisco-IOS-XR-lib-keychain-macsec-cfg.yang • Cisco-IOS-XR-macsec-ctrlr-oper-sub1.yang • Cisco-IOS-XR-macsec-ctrlr-oper.yang • Cisco-IOS-XR-ncs1k-macsec-ea-oper-sub1.yang • Cisco-IOS-XR-ncs1k-macsec-ea-oper.yang

https://github.com/netwrkr95 Ansible – MACsec Keychain Examples

• Ansible WAN MACsec Playbook and Configs (https://git.io/vQUR3 ) YANG Models – MACsec Keychain Examples (Using YDK)

• MACsec Key Chain Configuration applications (https://git.io/vH7uD )

• What is YDK? (https://developer.cisco.com/site/ydk/ ) Ansible Module Using YANG Models with YDK

• Ansible + YDK app (https://git.io/vH7XZ )

• Session @ DevNet-1223 (Monday, 1:00pm-1:45pm / Wednesday, 2:00pm-2:45pm Workshop 1)

GitHub

• YDK Python API – YDK-Py (https://git.io/vaWsg)

• YDK-Py sample apps (https://git.io/vaw1U)

• YDK C++ API – YDK-Cpp (https://git.io/v1Cst) - alpha

• YDK-Cpp sample apps (https://git.io/v14Qh)

• YDK Generator – YDK-gen (https://git.io/vaw1M) YDK Documentation

• YDK-Py docs (http://ydk.cisco.com/py/docs)

• YDK-Cpp docs (http://ydk.cisco.com/cpp/docs)

Platform Series MACsec Delivery MACsec Speed (AES-256) ISR 4xxx Series • 1p / 2p Ethernet NIM • 1 GE ASR 1000 Series • Fixed and Modular solutions • 1GE, 10GE ASR 9000 Series • Modular Line Cards • 10GE, 40GE, 100GE Nexus 7700 Series ** • Modular M3 Series Card • 1/10GE, 40GE, 100GE Nexus 9000 Series • Fixed and Modular solutions • 10GE, 40GE, 100GE Optical NCS Series • Client ports • 10GE, 40GE, 100GE Catalyst Switching • Multiple Platforms C3850, • 1GE, 10GE Catalyst Switching ** • Cat 4K, 6K • 1GE, 10GE

** Currently does NOT support MKA key negotiation (SAP only)

Platform Module / Encryption Speed Target Key Timeframe Notes Linecard when Shipping Agreement

ISR 4k Platform 1 or 2-port GE NM AES-GCM-128 or 1G MKA NOW Branch, WAN edge (RJ45/SFP) 256

ASR 1001-X 2 x 10G, 6 x 1G (on AES-GCM-128 or 100Mb, 1G, 10G MKA NOW 20G 1001-X, Branch, WAN board ports) 256 Aggregation, DCI

ASR-1001-HX 4 x 10G, 8 x 1G (on AES-GCM-128 or 100Mb, 1G, 10G MKA FEB 2017 60G throughput, Branch, (60G throughput) board ports) 256 WAN Aggregation, DCI

ASR-1002-HX 8 x 10G, 8 x 1G (on AES-GCM-128 or 100Mb, 1G, 10G MKA FEB 2017 Branch, WAN Aggregation, (100G throughput) board ports) 256 DCI (10G do not support 1G)

ASR 1013, Modular LC AES-GCM-128 or 100Mb, 1G, 10G MKA CY - 2016 Branch, WAN Aggregation, ASR1006/9-X 10x10G,18x1G 256 DCI

ASR 9000 Series 4 or 8-port 100G AES-GCM-128 or 10G, 40G, 100G MKA NOW WAN Agg, 100G high-speed Linecard 256 DCI, MPLS Edge/Core

ASR 9000 Modular MOD-200/400 AES-GCM-128 or 10G, 100G, MKA NOW WAN Agg, 100G high-speed 20x10G, 1p/2p x 256 IPoDWDM 100G DCI, MPLS Edge/Core 100G, IPoDWDM

NCS 5500 36p x 100G AES-GCM-128 or 100G MKA Q4 2016 WAN Aggregation, 100G 256 high-speed DCI, Edge/Core

NCS 5500 6p x 200G AES-GCM-128 or 100G interfaces over MKA AUG 2016 WAN Edge, Aggregation, to IPoDWDM (CFP2) 256 200G ITU DWDM ROADM network

NCS 2000/WSE 5-port (client Tx/Rx AES-GCM-128 or 10 and 100 Gbps MKA NOW Optical core, DCI pair) 10Gbps 256

NCS 1000 20 client ports of 10, AES-GCM-128 or 10, 40, 100G MKA JULY 2016 Ethernet client to DWDM 40, 100G) 256 aggregation in DC * All roadmap dates are subject to change BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 149 Roadmap – WAN MACsec

Platform Module / Encryption Speed Target Timeframe Target Use Linecard when Shipping Cases ISR 4k Platform 1 or 2-port GE AES-GCM-128 1G 2H - 2015 Branch, WAN NM (RJ45/SFP) or 256 edge ASR 1001-X 2 x 10G, 6 x 1G AES-GCM-128 100Mb, 1G, 10G NOW Branch, WAN (on board ports) or 256 Aggregation, DCI ASR 1000 Series Modular LC AES-GCM-128 100Mb, 1G, 10G 1H - 2016 WAN 6x10G, or 256 Aggregation, DCI 2x40G,18x1G ASR 9000 Series 4 or 8-port 100G AES-GCM-128 1/10G, 40G, 100G 2H - 2015 WAN Linecard or 256 Aggregation, high-speed DCI, MPLS Edge/Core NCS 2000/WSE 5-port (client AES-GCM-128 10Gbps NOW Optical core, DCI Tx/Rx pair) or 256 10Gbps * All roadmap dates are subject to change 

• MACSEC Security Standards Compliant with:

• IEEE 802.1EA-2006

• IEEE 802.1AEbn- 2011 (256-bit key)

• IEEE 802.1AEbw-2013 (extended packet numbering)

• Security Suites Supported:

• AES-GCM-128, 128-bit key (32 bits)

• AES-GCM-256, 256-bit key (32 bits)

• AES-GCM-XPN-128, provides extended packet number counter (64 bits)

• AES-GCM-XPN-256, provides extended packet number counter (64 bits)

• Unique Security Attributes Per Security Association (SA):

• 10G port = 32 SA

• 40G port = 128 SA

• 100G port = 256 SA

• Per Slice Port Combination Supported (CPAK)

• 2x100G, 20x10G, 4x40G, 1x100G + 10x10G, 2x40G + 10x10G, 2x40G + 1x100G

• All Tomahawk LC variations support MACSEC

• 8x100G, 4x100G, MOD-400, MOD-200

• It is important NOT to position encryption solutions against one another

• Rather, consider each as a tool in the tool bag, which requires a positioning exercise to meet the technical and business requirement

• Understand the sum of the requirements, available technology options in the router, and align the solution with this combination

• Key Factors for encryption decisions will include: 1. Transport availability / options 2. Performance requirements of the solution/application 3. Scale of the design and requirements (number of spokes, connected end- points, aggregate encryption)

• Remember, beyond IPSec, “the underlying transport dictates the available encryption options that can be leveraged” BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 153 “When looking to leverage “Link Layer” encryption option, the underlying Transport dictates this as a viable option”

L3 • IPSec

L2 • Ethernet • ATM

• OTN L1 • SONET Link Encryption options • Link encryption options offer alternatives to IPSec

• Link encryption offers trade-off’s (speed vs. scale) when high-speed encryption (N x 10G or 100Gbps) is required

BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 155 Encryption Capabilities Matrix Design Component OTN MACsec IPSec Topology – Point to Point Topology – Multipoint Capable (P2MP, MP2MP) Per Port per site Transport Service Support Ethernet (P2P, Point to Multipoint) IP (MPLS VPN, broadband, Internet) Optical / Lambda / Dark fiber (to xponder) (speed limited) Logical Link Segmentation (802.1Q/sub-int capable) Leverage legacy transport (T1/E1/T3/E3, SONET/SDH) Encryption Performance Encryption Line rate per the PHY interface (1/10/40/100G) Encryption process NOT dependent on physical interface Encryption rate limited by packet size, MTU, PPS of engine Scale Hub Site Scale (Hub/Spoke Topology) (1 int/site/link) (PHY dependent) (1000+ sites) Simplicity of Configuration Transparent to IPv4/v6, MPLS, IGP/BGP, IP Multicast (needs GRE)

• IPSec extremely flexible from a transport perspective (completely agnostic) • MACsec/OTN extremely dependent on transport • OTN limited to DWDM, dark fiber, lambda service • MACsec limited to Ethernet transport, dark fiber, or DWDM/lambda service

• MACsec/OTN supports line-rate performance (100+ Gb), regardless of MTU, packet size • IPSec performance = router performance when “encrypt all traffic” is required

• IPSec supports massive scale (DMVPN moving beyond 4000 connections) • MACsec limited to security association scale in the PHY • OTN restricted to physical interface connectivity (no logical connection support)

• MACsec/OTN are transparent to upper layer IP protocols • IPSec requires DMVPN, GET VPN, GRE for IP/MPLS/multicast support with IPSec

• Multiple decision factors, business requirements, and transport availability options and criteria

Encryption Key Factors Technology Options IPSec • IPSec by far the most flexible encryption option (completely DMVPN, GETVPN (typically paired agnostic to underlying transport) with MPLS VPN over mGRE, LISP, • Is limited by packet size and packet per second performance and is native multicast capable), (IPSec performance not typically equal to router performance) FlexVPN, TLS • Together with other enhancements (DMVPN for example), IPSec can support massive scale (beyond 4000 connections) MACsec • Supports line-rate Ethernet performance (100+ Gb) regardless of Supported in the router/switch MTU, packet size Ethernet PHY, WAN MACsec • Is transparent to upper layer IP protocols, MPLS, multicast Enhancements, transparent to IP • No performance impact on router forwarding capabilities and MPLS over encrypted links OTN • Supports of line-rate performance at optical/OTN layer Optical transport capabilities, with • Encapsulation frame formats include: 10Gb, 100+ Gb, rich handoff to other optical platforms client-side encapsulation options at OTU2 (transponder, OADM, etc…) • Transparent to both Layer 2 (Ethernet) and Layer 3 (IP) upper layer IP protocols

• Include Cisco’s Next Generation Encryption (NGE) as part of any WAN deployment

• Understanding the impact the Service Provider Transport options can have on the overall encryption choices

• Understand the pros/cons the WAN Encryption Options Existing Today and where they best fit, including platform performance

• Include WAN MACsec as part of the Enterprise and SP encryption options when line-rate encryption is required

• Be aware of the barriers Metro Ethernet services can have on existing MACsec solutions, and the need for the solution to adapt to that service provider

• Leverage the design criteria, pros/cons matrix to understand the key questions to ask when implementing high-speed encryption over the WAN

• http://www.cisco.com/c/dam/en/us/td/docs/solutions/Enterprise/Security/MACsec /WP-High-Speed-WAN-Encrypt-MACsec.pdf

• BRKCRS-2892 - Cisco MACsec Solution Design and Deployment for a Secure Enterprise

• BRKRST-2041 - WAN Architectures and Design Principles

• BRKSEC-3054 - Advanced IPSec with FlexVPN and IKEv2

• BRKSEC-4054 - Advanced Concepts of DMVPN

• Give us your feedback to be entered into a Daily Survey Drawing. A daily winner will receive a $750 gift card. • Complete your session surveys through the Cisco Live mobile app or on www.CiscoLive.com/us.

Don’t forget: Cisco Live sessions will be available for viewing on demand after the event at www.CiscoLive.com/Online.

• Demos in the Cisco campus

• Walk-in Self-Paced Labs

• Lunch & Learn

• Meet the Engineer 1:1 meetings

• Related sessions

Backup Use Cases & Config CLIs

WAN MACsec: commands, roadmap, caveats, limitations Kural Arangasamy Optical Encryption Options What is OTN? k OTUk OPUk Payload 0 1,238,954 k • OTN = Optical Transport Network 1 2,666,057 k 2,488,320 k • Standards docs: 2 10,709,225 k 9,995,277 k • G.709  Hierarchy and frame structures 3 43,018,414 k 40,150,519 k • G.872  Architecture 4 111,809,974 k 104,355,975 k • G.798  Management functions etc • OTN defines a framing technology that is very similar to SONET/SDH (TDM) Payload • OTN started as a digital wrapper around WDM client signals to improve reach and manageability • Evolved to a complex multiplexing hierarchy that enables a service layer

BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 170 Why OTN Encryption? • Bulk Encapsulation of the client signal ensures line rate • Encrypting the OTN Payload allows Transparency and Interoperability

OC-192/STM-64 Fibre Channel Ethernet OTU-2

OTN Overhead PAYLOAD

Data Center A

Data Center B

• Bulk Encryption at the OTN layer provides agnostic, line rate, client payload encapsulation security across the transport network

• Current encryption devices are not protocol agnostic

• They only encrypt a single type of traffic type i.e. Ethernet, IP, SONET requiring “stacking” of multiple types of Encryption devices driving interface count and complexity

• If the ability for the customer can leverage encryption at the optical layer, it eliminates the need for ALL layers above it

The ITU-T G.709 frame has three distinct parts, two that are broadly similar to a SDH/SONET frame: • Overhead area for operation, administration and maintenance functions • Payload area for customer data • Forward error control (FEC) block. 16 Bytes 3,808 Bytes 256 Bytes Row 1 Row 2 Row 3 OH Digital Payload FEC Row 4

Optical Transport

OTN Layer

L3 • IPSec

L2 • MACsec

L1 • OTN Encryption

• Robust Key Exchange Mechanism over G.709 GCC2 using TLS and ECDH • AES-256 Data Payload Encryption • Card Authentication, GMAC Frame Authentication • FIPS 140-2 level 2 Certified, Common Criteria Certified

Unencrypted, Grey Client Encrypted, DWDM Trunk

OTU2 output from AnyRate Xponder Encrypted, DWDM Trunk

Unencrypted, Grey Client Encrypted, Gray output to 40G or 100G Muxponder

Unencrypted, Grey Client Unencrypted, DWDM Trunk

Unencrypted / Encrypted DWDM Trunk Unencrypted / Encrypted DWDM Trunk

• Encryption is line-rate at 10Gbps (100 Gbps future)

• Idea, solution: DCI, or when fiber channel needs protection BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 179 BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 180 Advanced Encryption • Role Based Access Control (RBAC) for separation between a Transport user profile and a Security user profile • Complete User Management and Cryptographic Lifecycle Management through Cisco Transport Controller (CTC) and/or PRIME Optical • Card to Card Authentication • Passive Attack protection – Monitors optical loss, with threshold alarms • Active Attack Protection – GMAC frame authentication detects modified OTN traffic • Secure boot – Anti-counterfeiting, anti-tampering, and key storage via ACT2Lite ASIC • Key generation – based on Secure Unique Device Identifier (SUDI) – Supports X.509 certificates • Key exchange - Elliptic Curve (ECDH) Cryptography over a secured TLS channel (GCC2) • XTS-AES 256 algorithm for encryption of payload • GMAC for authentication of payload • Key zeroization in case of card reboot / removal from the chassis • FIPS 140-2 Level 2 and Common Criteria compliant design

• Single slot card for 2, 6, and 15 slot chassis • 10x SFP+ ports supporting 5x independent Encrypted 10Gbps streams • Integrated Transponder Functionalities • Trunk SFP+’s can be grey (SR, LR, ER, ZR) or WDM (Tunable) • FEC or E-FEC can be SW Provisioned on Trunks • OTN Ports can be Muxed to 40G or 100G MXP for wavelength aggregation

Clients: Trunks: • 10GE • OTU2 • OTU2 • OTU2e • OTU2e • OTU1e Per Port Flexibility • OTU1e • OC192 • 8G FC • 10G FC

. Single slot card for 2, 6, and 15 slot chassis . Client card for 10G, 40G, and 100G clients . 2 x 10G SFP+, 2 x 40G QSFP+, and 1 x 100G CPAK ports . 10G / 40G clients aggregated to backplane or CPAK port . Clients aggregated to 100G or 200G DWDM trunk . Aggregated client signal can be encrypted – 100G

100G ITU Trunk 100G Trunk 100G ITU 100G Trunk Grey (encrypted) Grey (encrypted) (encrypted) (encrypted)

100G TXP MR 100G 100G TXP MR 100G MR 100G MR 100G MR 100G

100G client Grey 100G client Grey Nx40G/Nx10G client Grey Nx40G/Nx10G client Grey (unencrypted) (unencrypted) (unencrypted) (unencrypted)

• Single slot card for 2, 6, and 15 slot chassis – ONS-MSTP/NCS 2000 • 10x SFP+ ports supporting 5x completely independent Encrypted 10Gbps streams • Real-time Encryption and Authentication of Multiple Client types • CTC & CPO controlled • Integrated Transponder Functionalities • Trunk SFP+’s can be grey (SR, LR, ER, ZR) or WDM (Full C-band Tunable) • FEC or E-FEC can be SW Provisioned on Trunk • OTN Ports can be interconnected with 40G or 100G MXP for wavelength aggregation

CE1/CE2 Config Port Based E-LINE (Point-to-Point) key chain k1 macsec* (a.k.a Ethernet Private Line (EPL) key 01 key-string 12345678901234567890123456789012 P2P EVC interface GigabitEthernet0/0/4 ip address 10.3.1.1 255.255.255.0 CE1 CE2 mka pre-shared-key key-chain k1* Metro Ethernet macsec* Network

Use Case 1: Point to Point E-LINE Service Defaults Point to Point SA Configuration MKA Session MKA default policy: MACsec Flow • Cipher suite: AES-128-CMAC • MACsec enabled Interface MKA Key • Physical MKA Keying MACsec Interface • Key server priority: 0 • Sub-interface (802.1Q) (802.1X-2010) • Confidentiality offset: 0 Central Branch Site Campus / DC CE2 Carrier Ethernet CE1 Enterprise MACsec default parameters: Enterprise Service Network Network • Dot1q-in-clear 0 E-LINE (P2P) • Access-control must-secure • Replay-protection-window-size 64 Ethernet Service Point to point PW service (no MAC address lookup) • Cipher suite: GCM-AES-128 Port-mode Default Keychain parameters: Customer Use Cases Note: * is mandatory CLI • Lifetime: Unlimited • Secure: CE – CE link, DC Interconnect MACsec configuration BLUE

Kural Arangasamy BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 185 VLAN-based E-LINE Service (P2P) Only MACsec sub-interfaces CE1 Config VLAN Based E-LINE (Point-to-Point) key chain k1 macsec* (a.k.a Ethernet Virtual Private Line (EVPL) key 01 key-string 12345678901234567890123456789012 P2P EVC interface GigabitEthernet0/0/4 CE2 macsec dot1q-in-clear 1* macsec replay-protection-window-size 1000 CE1 Metro Ethernet interface GigabitEthernet0/0/4.1 Network encapsulation dot1Q 10 CE3 ip address 10.3.1.1 255.255.255.0 Use Case 2: Point to Point E-LINE Service Point to Point SA Configuration – Hub and Spoke mka pre-shared-key key-chain k1* • MACsec enabled macsec* Interface iterface GigabitEthernet0/0/4.2 MKA Keying • Physical (802.1X-2010) • Sub-interface (802.1Q) encapsulation dot1Q 20 Central CE2ip address Config 10.3.2.1 255.255.255.0 Branch Site Campus / DC CE2 Carrier Ethernet CE1 mka pre-shared-key key-chain k1* Enterprise Enterprise key chain k1 macsec* Service macsec* Network key 01 Network E-LINE (P2P) key-string 12345678901234567890123456789012 Branch Site CE3 Enterprise interface GigabitEthernet0/0/4 Network macsec dot1q-in-clear 1* macsec replay-protection-window-size 1000 Ethernet Service interface GigabitEthernet0/0/4.1 Point to point PW service (no MAC address lookup) encapsulation dot1Q 10 Port-mode, or 802.1Q offering Note: * is mandatory CLI ip address 10.3.1.1 255.255.255.0 Customer Use Cases MACsec configuration BLUE mka pre-shared-key key-chain k1* • Secure: CE – CE link, DC Interconnect macsec* Kural Arangasamy VLAN-based E-LINE Service (P2P) Mix of MACsec and non-MACsec sub-interfaces CE1 Config VLAN Based E-LINE (Point-to-Point) key chain k1 macsec* (a.k.a Ethernet Virtual Private Line (EVPL) key 01 key-string 12345678901234567890123456789012 P2P EVC CE2 interface GigabitEthernet0/0/4 macsec dot1q-in-clear 1* macsec access-control should-secure* CE1 Metro Ethernet CE3 macsec replay-protection-window-size 1000 Network interface GigabitEthernet0/0/4.1 encapsulation dot1Q 10 Use Case 2: Point to Point E-LINE Service CE4 ip address 10.3.1.1 255.255.255.0 Point to Point SA Configuration – Hub and Spoke mka pre-shared-key key-chain k1* • MACsec enabled macsec* Interface MKA Keying • Physical interface GigabitEthernet0/0/4.2 (802.1X-2010) • Sub-interface (802.1Q) encapsulation dot1Q 20 Central ip address 10.3.2.1 255.255.255.0 Branch Site Campus / DC CE2 Carrier Ethernet CE1 Enterprise Enterprise CE2mka preConfig-shared-key key-chain k1* Service Network keymacsec chain* k1 macsec* Network E-LINE (P2P) interface GigabitEthernet0/0/4.3 Branch Site key 01 CE3 keyencapsulation-string 12345678901234567890123456789012 dot1Q 30 Enterprise ip address 10.3.3.1 255.255.255.0 Network Enterprise interface GigabitEthernet0/0/4 Network macsec dot1q-in-clear 1* CE4 Ethernet Service macsec access-control should-secure* macsec replay-protection-window-size 1000 Point to point PW service (no MAC address lookup) Note: * is mandatory CLI interface GigabitEthernet0/0/4.1 PortCustomer-mode, Use or 802.1Q Cases offering encapsulation dot1Q 10 • Secure: CE – CE link, DC Interconnect MACsec configuration BLUE ip address 10.3.1.2 255.255.255.0 Kural Arangasamy BRKRST-2309 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 187 mka pre-shared-key key-chain k1* Port-based E-LAN Service (P2MP)

CE1/CE2/CE3 Config Use Case 3: Port Based E-LAN (Point-to-MultiPoint) key chain k1 macsec* (a.k.a Ethernet Private LAN (EP-LAN) key 01 key-string 12345678901234567890123456789012 CE2 cryptographic-algorithm aes-256-cmac P2MP EVCs mka policy p1 macsec-cipher-suite gcm-aes-256 CE1 Metro Ethernet interface GigabitEthernet0/0/4 Network CE3 ip address 10.3.1.1 255.255.255.0 mka pre-shared-key key-chain k1* mka policy p1 macsec* Defaults MKA default parameters: • Key server priority: 0 • Confidentiality offset: 0 MACsec default parameters: • Dot1q-in-clear 0 • Access-control must-secure • Replay-protection-window-size 64 Default Keychain parameters: • Lifetime: Unlimited Note: * is mandatory CLI MACsec configuration BLUE Kural Arangasamy VLAN-based E-LAN Service (P2MP)

Router Peering Model for E-LAN Services CE1 Config (VPLS Service) Physical View Logical View CE2 CE2 key chain k1 macsec* CE1 CE1 key 01 Router Carrier Ethernet peering is Flat Ethernet key-string 12345678901234567890123456789012 Service N – 1 Bridge domain E-LAN (mul -pt) interface GigabitEthernet0/0/4 CE3 CE4 CE3 macsec dot1q-in-clear 1* CE4 • Targets more Branch network deployment op on macsec replay-protection-window-size 1000 • Routers appear as part of a single “flat” Ethernet domain • Cau on required as IP Peering is N – 1 (N = router nodes) Eapol destination-address broadcast • Mul cast replica on is done in the “Core” of the network • SP will dictate either port-mode (no .1Q tag) or router sending .1Q tag interface GigabitEthernet0/0/4.1 • Less complex configura on encapsulation dot1Q 10 ip address 10.3.1.1 255.255.255.0 Use Case 4: VLAN Based E-LAN (Point-to-MultiPoint) mka pre-shared-key key-chain k1* (a.k.a Ethernet Virtual Private LAN (EVP-LAN) macsec*CE2/CE3 Config key chain k1 macsec* Example 1 key 01 CE2 key-string 12345678901234567890123456789012 VLAN 10 P2MP EVCs

interface GigabitEthernet0/0/4 Metro Ethernet Network macsec dot1q-in-clear 1* CE1 interface GigabitEthernet0/0/4.1 CE3 encapsulation dot1Q 10 VLAN/Subinterface ip address 10.3.1.2 255.255.255.0 mka pre-shared-key key-chain k1* macsec* Note: * is mandatory CLI macsec replay-protection-window-size 1000 MACsec configuration BLUE Eapol destination-address broadcast Kural Arangasamy Multiple VLAN-based E-LAN Services (P2MP) CE1 Config key chain k1 macsec* key 01 key-string 12345678901234567890123456789012

interface GigabitEthernet0/0/4 macsec dot1q-in-clear 1* macsec replay-protection-window-size 1000 interface GigabitEthernet0/0/4.1 Example 2 encapsulation dot1Q 10 Metro Ethernet Network CE2 ip address 10.3.1.1 255.255.255.0 mka pre-shared-key key-chain k1* VLAN 10 P2MP EVCs macsec* interface GigabitEthernet0/0/4.2 VLAN 20 encapsulation dot1Q 20 CE1 ip address 10.3.2.1 255.255.255.0 CE3 mka pre-shared-key key-chain k1* macsec* CE2/CE3 Config CE4/CE5 Config CE4 CE5 key chain k1 macsec* key chain k1 macsec* key 01 key 01 key-string 12345678901234567890123456789012 key-string 12345678901234567890123456789012 VLAN/Subinterfaces

interface GigabitEthernet0/0/4 interface GigabitEthernet0/0/4 macsec dot1q-in-clear 1* macsec dot1q-in-clear 1* macsec replay-protection-window-size 1000 macsec replay-protection-window-size 1000 interface GigabitEthernet0/0/4.2 interface GigabitEthernet0/0/4.1 Note: * is mandatory CLI encapsulation dot1Q 20 encapsulation dot1Q 10 MACsec configuration BLUE ip address 10.3.1.2 255.255.255.0 ip address 10.3.2.2 255.255.255.0 mka pre-shared-key key-chain k1* mka pre-shared-key key-chain k1* Kural Arangasamy macsec* macsec* Mix of VLAN-based E-LINE and E-LAN Services (P2P & P2MP) CE1 Config key chain k1 macsec* key 01 Metro Ethernet Network key-string 12345678901234567890123456789012 Example 3 key chain k2 macsec* VLAN 10 P2P EVC VLAN 10 key 01 key-string 12345678901234567890123456789012 VLAN 20 P2MP EVCs cryptographic-algorithm aes-256-cmac CE1 CE2 mka policy p1 macsec-cipher-suite gcm-aes-256 Note: * is mandatory CLI MACsec configuration BLUE CE3 CE4 interface GigabitEthernet0/0/4 VLAN/Subinterfaces macsec dot1q-in-clear 1* macsec replay-protection-window-size 1000 interface GigabitEthernet0/0/4.1 key chain k1 macsec* CE3/CE4 Config encapsulation dot1Q 10 CE2 Config key 01 key-string 12345678901234567890123456789012 ip address 10.3.1.1 255.255.255.0 key chain k1 macsec* cryptographic-algorithm aes-256-cmac mka pre-shared-key key-chain k1* key 01 macsec* key-string 12345678901234567890123456789012 mka policy p1 iterface GigabitEthernet0/0/4.2 macsec-cipher-suite gcm-aes-256 encapsulation dot1Q 20 interface GigabitEthernet0/0/4 ip address 10.3.2.1 255.255.255.0 macsec dot1q-in-clear 1* interface GigabitEthernet0/0/4 mka pre-shared-key key-chain k2* macsec replay-protection-window-size 1000 macsec dot1q-in-clear 1* mka policy p1 interface GigabitEthernet0/0/4.1 macsec replay-protection-window-size 1000 macsec* encapsulation dot1Q 10 iterface GigabitEthernet0/0/4.2 ip address 10.3.1.2 255.255.255.0 encapsulation dot1Q 20 mka pre-shared-key key-chain k1* ip address 10.3.2.2 255.255.255.0 macsec* mka pre-shared-key key-chain k1* mka policy p1 Kural Arangasamy macsec* Configurable MKA, MACsec & Key Chain CLIs and Parameters

MKA Global Policy Configurable CLIs Keychain Global Configurable CLIs

Key-server priority Key 0 to 64 Key id Default: 0 cryptographic-algorithm Macsec-cipher-suite cryptographic-algorithm aes-128-cmac macsec-cipher-suite gcm-aes-128 cryptographic-algorithm aes-256-cmac macsec-cipher-suite gcm-aes-256 Default: cryptographic-algorithm aes-128-cmac Default: macsec-cipher-suite gcm-aes-128 Keystring Confidentiality-offset Hex Characters 0, 30, 50 Default: NA Default: 0 Lifetime Hh:mm:ss Time Local Time in local time zone Default: unlimited

Kural Arangasamy Other Relevant MACsec Interface Configurable CLI Commands:

macsec-dot1q-in-clear

eapol destination-address

macsec replay-protection-window-size

macsec-access-control

Course Description Cisco Certification

CCIE R&S Advanced Workshops (CIERS-1 & Expert level trainings including: instructor led workshops, self CCIE® Routing & Switching CIERS-2) plus assessments, practice labs and CCIE Lab Builder to prepare candidates Self Assessments, Workbooks & Labs for the CCIE R&S practical exam.

• Implementing Cisco IP Routing v2.0 Professional level instructor led trainings to prepare candidates for the CCNP® Routing & Switching • Implementing Cisco IP Switched CCNP R&S exams (ROUTE, SWITCH and TSHOOT). Also available in Networks V2.0 self study eLearning formats with Cisco Learning Labs. • Troubleshooting and Maintaining Cisco IP Networks v2.0

Interconnecting Cisco Networking Devices: Configure, implement and troubleshoot local and wide-area IPv4 and IPv6 CCNA® Routing & Switching Part 2 (or combined) networks. Also available in self study eLearning format with Cisco Learning Lab.

Interconnecting Cisco Networking Devices: Installation, configuration, and basic support of a branch network. Also CCENT® Routing & Switching Part 1 available in self study eLearning format with Cisco Learning Lab.

For more details, please visit: http://learningnetwork.cisco.com Questions? Visit the Learning@Cisco Booth

Course Description Cisco Certification

• Designing Cisco Wireless Enterprise Networks Professional level instructor led trainings to prepare candidates to conduct CCNP® Wireless Version 3.0 • Deploying Cisco Wireless Enterprise Networks site surveys, implement, configure and support APs and controllers in • Troubleshooting Cisco Wireless Enterprise converged Enterprise networks. Focused on 802.11 and related Networks technologies to design, deploy, troubleshoot as well as secure Wireless • Securing Cisco Wireless Enterprise Networks infrastructure. Course also provide details around Cisco mobility services Engine, Prime Infrastructure and wireless security. Implementing Cisco Unified Wireless Network Prepares candidates to design, install, configure, monitor and conduct CCNA® Wireless Essential basic troubleshooting tasks of a Cisco WLAN in Enterprise installations. Understanding of the Cisco Unified Wireless Networking for enterprise deployment scenarios. In this course, you will learn the basics of how to Deploying Basic Cisco Wireless LANs (WDBWL) install, configure, operate, and maintain a wireless network, both as an 1.2 add-on to an existing wireless LAN (WLAN) and as a new Cisco Unified Wireless Networking solution. The WDAWL advanced course is designed with the goal of providing learners with the knowledge and skills to successfully plan, install, Deploying Advanced Cisco Wireless LANs configure, troubleshoot, monitor, and maintain advanced Cisco wireless 1.2 (WDAWL) LAN solutions such as QoS, “salt and pepper” mobility, high density deployments, and outdoor mesh deployments in an enterprise customer environment. Deploying Cisco Connected Mobile Experiences WCMX will prepare professionals to use the Cisco Unified Wireless Network to configure, administer, manage, troubleshoot, and optimize 2.0 (WCMX) utilization of mobile content while gaining meaningful client analytics. For more details, please visit: http://learningnetwork.cisco.com Questions? Visit the Learning@Cisco Booth

Course Description Cisco Certification Understanding Cisco Cybersecurity The SECFND course provides understanding of CCNA® Cyber Ops Fundamentals (SFUND) cybersecurity’s basic principles, foundational knowledge, and core skills needed to build a foundation for understanding more advanced cybersecurity material & skills. Implementing Cisco Cybersecurity This course prepares candidates to begin a career within a CCNA® Cyber Ops Operations (SECOPS) Security Operations Center (SOC), working with Cybersecurity Analysts at the associate level. Securing Cisco Networks with Threat Designed for security analysts who work in a Security Cisco Cybersecurity Detection and Analysis (SCYBER) Operations Center, the course covers essential areas of Specialist security operations competency, including SIEM, Event monitoring, security event/alarm/traffic analysis (detection), and incident response Cisco Security Product Training Courses Official deep-dive, hands-on product training on Cisco’s latest security products, including NGFW, ASA, NGIPS, AMP, Identity Services Engine, Email and Web Security Appliances, and more. For more details, please visit: www.cisco.com/go/securitytraining or http://learningnetwork.cisco.com Questions? Visit the Learning@Cisco Booth

Course Description Cisco Certification New! CCIE Security 5.0 CCIE® Security

Implementing Cisco Edge Network Security Configure Cisco perimeter edge security solutions utilizing Cisco CCNP® Security Solutions (SENSS) Switches, Cisco Routers, and Cisco Adaptive Security Appliance (ASA) Firewalls Implementing Cisco Threat Control Solutions (SITCS) v1.5 Implement Cisco’s Next Generation Firewall (NGFW), FirePOWER NGIPS (Next Generation IPS), Cisco AMP (Advanced Malware Protection), as well as Web Security, Email Security and Cloud Implementing Cisco Secure Access Web Security Solutions (SISAS) Deploy Cisco’s Identity Services Engine and 802.1X secure Implementing Cisco Secure Mobility network access Solutions (SIMOS) Protect data traversing a public or shared infrastructure such as the Internet by implementing and maintaining Cisco VPN solutions Implementing Cisco Network Security Focuses on the design, implementation, and monitoring of a CCNA® Security (IINS 3.0) comprehensive security policy, using Cisco IOS security features

For more details, please visit: www.cisco.com/go/securitytraining or http://learningnetwork.cisco.com Questions? Visit the Learning@Cisco Booth

Course Description Cisco Certification

Developing with Cisco Network Programmability Provides Application Developers with comprehensive curriculum to Cisco Network Programmability (NPDEV) develop infrastructure programming skills; Developer (NPDEV) Specialist Addresses needs of software engineers who automate network Certification infrastructure and/or utilize APIs and toolkits to interface with SDN controllers and individual devices Designing and Implementing Cisco Network Provides network engineers with comprehensive soup-to-nuts curriculum Cisco Network Programmability Programmability (NPDESI) to develop and validate automation and programming skills; Design and Implementation Directly addresses the evolving role of network engineers towards more (NPDESI) Specialist Certification programmability, automation and orchestration

Programming for Network Engineers (PRNE) Learn the fundamentals of Python programming – within the context of Recommended pre-requisite for performing functions relevant to network engineers. Use Network NPDESI and NPDEV Specialist Programming to simplify or automate tasks Certifications

Cisco Digital Network Architecture This training provides students with the guiding principles and core None Implementation Essentials (DNAIE) elements of Cisco’s Digital Network Architecture (DNA) architecture and its solution components including; APIC-EM, NFV, Analytics, Security and Fabric.

For more details, please visit: http://learningnetwork.cisco.com Questions? Visit the Learning@Cisco Booth

Course Description Cisco Certification

Deploying Cisco Service Provider Network Routing SPROUTE covers the implementation of routing protocols (OSPF, IS-IS, BGP), CCNP Service Provider® (SPROUTE) & Advanced (SPADVROUTE) route manipulations, and HA routing features; SPADVROUTE covers advanced routing topics in BGP, multicast services including PIM-SM, and IPv6; Implementing Cisco Service Provider Next-Generation Core Network Services (SPCORE) SPCORE covers network services, including MPLS-LDP, MPLS traffic engineering, QoS mechanisms, and transport technologies; Edge Network Services (SPEDGE) SPEDGE covers network services, including MPLS Layer 3 VPNs, Layer 2 VPNs, and Carrier Ethernet services; all within SP IP NGN environments.

Building Cisco Service Provider Next-Generation The two courses introduce networking technologies and solutions, including OSI CCNA Service Provider® Networks, Part 1&2 (SPNGN1), (SPNGN2) and TCP/IP models, IPv4/v6, switching, routing, transport types, security, network management, and Cisco OS (IOS and IOS XR).

Implementing Cisco Service Provider Mobility UMTS The three courses (SPUMTS, SPCDMA, SPLTE) cover knowledge and skills Cisco Service Provider Mobility Networks (SPUMTS); required to understand products, technologies, and architectures that are found in CDMA to LTE Specialist; Implementing Cisco Service Provider Mobility CDMA Universal Mobile Telecommunications Systems (UMTS) and Code Division Multiple Cisco Service Provider Mobility UMTS Networks (SPCDMA); Access (CDMA) packet core networks, plus their migration to Long-Term Evolution to LTE Specialist Implementing Cisco Service Provider Mobility LTE (LTE) Evolved Packet Systems (EPS), including Evolved Packet Core (EPC) and Networks (SPLTE) Radio Access Networks (RANs).

Implementing and Maintaining Cisco Technologies Service Provider/Enterprise engineers to implement, verification-test, and optimize Cisco IOS XR Specialist Using IOS XR (IMTXR) core/edge technologies in a Cisco IOS XR environment.

For more details, please visit: http://learningnetwork.cisco.com Questions? Visit the Learning@Cisco Booth