[c-nsp] L2 payload encryption -not p2p
Thomas Sillaber
tlist99 at t-online.de
Thu Oct 4 02:19:09 EDT 2012
Hi Adam,
here's an overview of the L2 Enc boxes for p2p and p2mp setups:
http://www.uebermeister.com/files/inside-it/2011_Market_Overview_Ethernet_En
cryptors_P2P.pdf
http://www.uebermeister.com/files/inside-it/2011_Market_Overview_Ethernet_En
cryptors_Multipoint.pdf
this boxes add overhead (min 4 - to 8 Byte - max > 18 Byte) to the frames.
So be aware of the bandwidth reduction and packet loss effects (especially
when using CBC).
I would recommend the ATMedia boxes.
Cheers
Thomas
-----Ursprüngliche Nachricht-----
Von: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] Im Auftrag von Adam Vitkovsky
Gesendet: Dienstag, 2. Oktober 2012 13:44
An: 'Andy Ellsworth'; cisco-nsp at puck.nether.net
Betreff: Re: [c-nsp] L2 payload encryption -not p2p
Yes there's a lack of trust or control of the switched network
adam
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Andy Ellsworth
Sent: Tuesday, October 02, 2012 1:36 PM
To: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] L2 payload encryption -not p2p
On Tue, Oct 2, 2012 at 6:07 AM, Adam Vitkovsky
<adam.vitkovsky at swan.sk>wrote:
> Can anyone recommend a device than could be placed inline between a
> server and a switched infrastructure that would encrypt L2 payload for
> communication between two such servers (round 100mbps) I imagine one
> would need two such devices one at each end (or maybe a NIC in a
> server) Or is ASA capable of encryption in L2 transparent mode please?
>
What about Cisco TrustSec? Or is the problem that you don't trust/control
the switched network?
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list