802.1AEcg-2017: MAC Security (MACsec)–Ethernet Data Encryption devices

Full title: IEEE Standard for Local and metropolitan area networks–Media Access Control (MAC) Security–Amendment 3: Ethernet Data Encryption devices

This amendment to IEEE Std 802.1AE–2006 (as previously amended by 802.1AEbn and 802.1AEbw) specified the use of Media Access Control (MAC) security in two port bridges (EDEs) that provide transparent secure connectivity for customer bridges or provider bridges while allowing provider network service selection and provider backbone network selection to occur as specified in IEEE Std 802.1Q.

Prior to this amendment, IEEE Std 802.1AE specified the use of MAC security in various interworking scenarios involving various types of bridging systems (e.g. Customer Bridges, Provider Bridges, and Provider Edge Bridges). It was also felt desirable to specify how connectivity could be secured by adding separate bridging systems (EDEs, as specified in this amendment) dedicated to that purpose and having minimal additional functionality.The desired secure connectivity is provided without removing existing network functionality (such as VID-based service selection) using existing architectural components (as specified in 802.1AE, 802.1X, and 802.1Q).

Current Status

Standard Available for purchase from the IEEE Standards Store.
Status Approved February 14th 2017, Published 19th May 2017.
Editor Mick Seaman


Date Document
5 Nov 2017 802.1AEcg, Draft 1.6