802.1AEcg-2017: MAC Security (MACsec)–Ethernet Data Encryption devices

Full title: IEEE Standard for Local and metropolitan area networks–Media Access Control (MAC) Security–Amendment 3: Ethernet Data Encryption devices

This amendment to IEEE Std 802.1AE–2006 (as previously amended by 802.1AEbn and 802.1AEbw) specified the use of Media Access Control (MAC) security in two port bridges (EDEs) that provide transparent secure connectivity for customer bridges or provider bridges while allowing provider network service selection and provider backbone network selection to occur as specified in IEEE Std 802.1Q.

Prior to this amendment, IEEE Std 802.1AE specified the use of MAC security in various interworking scenarios involving various types of bridging systems (e.g. Customer Bridges, Provider Bridges, and Provider Edge Bridges). It was also felt desirable to specify how connectivity could be secured by adding separate bridging systems (EDEs, as specified in this amendment) dedicated to that purpose and having minimal additional functionality.The desired secure connectivity is provided without removing existing network functionality (such as VID-based service selection) using existing architectural components (as specified in 802.1AE, 802.1X, and 802.1Q).

Current Status

Standard IEEE Std 802.1AEcg-2017
Status Available free from the IEEE Get Program.
Merged into/superseded by IEEE Std 802.1AE-2018
Editor Mick Seaman