Upload
cisco-public-sector
View
634
Download
3
Tags:
Embed Size (px)
Citation preview
Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved.
MACsec over WAN Optical Transport Leveraging MACSec (802.1ae) on Core/Edge Router Links
Craig Hill Distinguished SE U.S. Federal CCIE #1628 – [email protected]
March 3, 2015
PONC - East
U//PROPIN
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 2
U//PROPIN
Challenges with Current WAN Encryption • IPSec performance, complexity, and cost becoming more challenged
Performance a fraction of overall router throughput Performance constrained to the performance of the IPSec encryption engine
• MPLS, Multicast, IPv6 in some cases require GRE tunneling to operate
• GRE and IP overlays add an additional leverage of complexity and performance impact in certain router platforms
• Innovations such as DMVPN, MPLS VPN over mGRE simplify this, but IPSec performance still lowest common denominator and performance impact
• When possible, we need line-rate encryption, that is simpler to operate, and removes levels of complexity from the WAN solution
• WAN MACsec targets addressing these challenges…
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
U//PROPIN
• Simple • Easy to configure. Simple configuration on interface level only. No GRE Tunnel establishment. • Reduced interoperability issues with other L3 Features
• Secure • Leverage NSA Approved Suite B algorithms with MKA. DP, CP (ECC, SHA-2), CBC
• Line Rate Encryption • Leverages “line rate” Ethernet performance of the port (PHY). Speeds 1/10G, 40G, 100G • Ethernet WAN deployments driving increasing need for higher crypto bandwidths.
What is MACSec? IEEE 802.1AE standard for strong cryptographic protection at Layer 2
MACSec Tag Format
DMAC SMAC
802.1AE Header 802.1Q
CMD
ETYPE
PAYLOAD
ICV
CRC
MACSec EtherType
TCI/AN SL
Packet Number
SCI (optional)
SGT Frame Format
ß
Encrypted Authenticated
0x88e5
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
U//PROPIN
AES-256-GCM Encryption
Hop-by-Hop Encryption via 802.1AE Standard • “Bump-in-the-wire” model
- Packets are encrypted on egress, decrypted on ingress
- Packets are in the clear transiting the device
• Offers line-rate encryption at any speed (1/10G, 40G, 100G)
• Transparent to all upper layer protocols (IP, MPLS, IPv6)
• Allows the network to continue to perform all the packet inspection features currently used
• Can leverage any commercial Ethernet Services
AES-256-GCM Encryption 128bit AES GCM Encryption
011010010001100010010010001010010011101010 01101001000110001001001000 01001010001001001000101001001110101
01101001010001001 01101001010001001
PHY ASIC
Decrypt at Ingress
Encrypt at Egress
5
everything in clear
Encrypted Segment
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
U//PROPIN Use Cases –
SP and Enterprise/PS 1. Secure Branch Router Backhaul - alternative to IPSec when Ethernet is WAN/MAN transport
(high-speed, HQoS, simple, No GRE) 2. Secure Router Core links (IP/MPLS, PE-P, P-P) – Secure high-speed backbone transport links
(p2p links) A. Optical transport hand-off is gray light B. Optical transport hand-off is DWDM wavelengths (i.e. CRS-3)
3. Secure Metro E Service – offer secure 10/40/100GE Metro E service, each link leveraging 802.1ae protection A. Secure Ethernet Service (point to point) B. Secure Ethernet Multipoint Service (i.e. VPLS)
4. Secure PE-CE link transport – secure back-haul to an MPLS BGP VPN service (L3 service) 5. Secure n-PE to u-PE/CPE - (L2 service) backbone PE 6. Secure High-Speed Data Center Interconnect (DCI) Ethernet “services” – DCI, Cloud,
storage 7. Secure “Over the Top” Ethernet Links – Enterprise/PS encrypts their Ethernet links on their
own CPE routers
7 © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
(1) Purposely presented leveraging MEF slides
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
U//PROPIN
Source: Carrier Ethernet Services Overview - http://metroethernetforum.org/Presentations
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
U//PROPIN
CE1 CE2
CE3 CE4
P2P Ethernet Pseudo-wire
Service
• More of a Edge/Core network deployment option • Connection model is full/partial mesh via 802.1Q sub-int service
CE1 CE2
CE3 CE4 Ethernet Sub-interface with 802.1q support
Routers peer per VLAN sub-interface
per PW
Physical View Logical View
Ethernet Sub-interface with 802.1q support
Carrier Ethernet Service
E-LINE (P2P)
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
U//PROPIN
CE1 CE2
CE3 CE4
Flat Ethernet Bridge domain
• Targets more Branch network deployment option • Routers appear as part of a single “flat” Ethernet domain • Caution required as IP Peering is N – 1 (N = router nodes)
• Multicast replication is done in the “Core” of the network • SP will dictate either port-based mode (no .1Q tag) or VLAN mode (sending .1Q tag)
CE1 CE2
CE3 CE4
Router peering is N – 1
Physical View Logical View
Carrier Ethernet Service
E-LAN (multi-pt)
11 © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
U//PROPIN
• Ability to support 802.1Q tags in clear Offset 802.1Q tags in clear before encryption (2 tags is optional) or 30B?
• AES-256 (AES/GCM) support Target Next Generation Encryption (NGE) profile that currently leverages Suite B
• Enhance MKA key framework (defined in 802.1X-2010) within Cisco security development (Cisco “NGE”) Leverage NSA Suite B algorithm set in target compliance with CSFC
• System Interoperability Create a common MACsec integration among all MACsec platforms in Cisco
• Vital Network Features to Interoperate over Public Carrier Ethernet Providers 802.1Q tag in the clear Ability to configure MKA EAPoL Destination Address type Ability to configure Anti-replay window sizes
MACsec Key Agreement (MKA): Protocol that discovers MACsec peers and negotiates the keys used by MACsec; MKA is defined in IEEE 802.1X-2010
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
U//PROPIN
• IEEE 802.1AE The MAC security processing is compliant with IEEE 802.1EA-2006 as well as the amendments IEEE 802.1AEbn- 2011 (256-bit key) and IEEE 802.1AEbt Draft 1.0 (extended packet numbering).
• MACsec Cypher Suites (at FCS) ASE-128-GCM, 128-bit key AES-256-GCM, 256-bit key
• IEEE 802.1X-2010 – Authenticated Key Agreement for MACsec (MKA)
• FCS will leverage Pre-shared keys (PSK)
• PKI Post-FCS, and will leverage Elliptical Curve technology (per Suite B for Key Establishment and Digital Signatures)
16 © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
U//PROPIN
• Point to Point E-LINE Services Point to Point Point to Multipoint (Hub/spoke)
• Multi-Point E-LAN Services Point to Point Point to Multipoint (Hub/spoke)
• Relevant Feature and Control Capabilities 802.1Q tag in the clear Ability to configure MKA EAPoL Destination Address type Ability to configure Anti-replay window
MACsec Key Agreement (MKA): Protocol that discovers MACsec peers and negotiates the keys used by MACsec; MKA is defined in IEEE 802.1X-2010
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
U//PROPIN
MACsec Key Auth (MKA – 802.1x-2010)
Point to Point SA Configuration
Ethernet Service • Point to point PW service (no MAC address lookup) • Port-Base mode (existing MACsec solutions today) • VLAN—Based (802.1Q offering, tag in the clear required)
Branch Site
Edge
Enterprise Network
Central Campus / DC
Enterprise Network
Carrier Ethernet Service
E-LINE (P2P)
• MACsec enabled Interface • Physical • Sub-interface (802.1Q)
Customer Use Cases • Secure: CE – CE link, PE-PE, P-P, PE-P, DC Interconnect, Branch Back-haul
MKA Session MACsec Flow MKA Key MACsec Interface
Edge
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
U//PROPIN
IP IPv6
Router w/ MACsec
Ethernet SDP
188 180
VLAN (802.1Q)
Q in Q (802.1ad)
Metro E Service
188 180 Label
180
188 180 Sec
Sec
188 180 Sec Label
§ MACsec solution requires 802.1Q tag pass thru § All frames following first tag (top), including Ethertype, .1Q tags, and MPLS labels are hidden
(i.e. encrypted) § Allows multi-function Ethernet capabilities on public Metro Ethernet service, including QoS,
EVC/EFP § Routers allow multi-level tag pass thru
Q in Q + MPLS
Secure Network
180
Encrypted Fields
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
U//PROPIN
TEE
Multi-Site Use Case (Hub-and-Spoke)
Physical Ethernet Wire
Ethernet Interface Supporting 802.1q Trunking
C H 4 8
Secure Network
IPv4/v6 VLAN
Public Ethernet Transport
802.1Q VLAN tags to provider
§ Key to solution is use of 802.1q for logical connectivity to each site § This is analogous to “channelization” in SONET § Router enables logical IP sub-interface using with 802.1Q tag per location § This will allow multiple connections into a single PHYSICAL interface
Encrypted Ethernet session per destination using 802.1q tag on SP n-PE
PHY
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
U//PROPIN
MKA Keying (802.1X-2010)
Point to Point SA Configuration – Hub and Spoke
Branch Site CE
Enterprise Network
Central Campus / DC
CE Enterprise Network
Carrier Ethernet Service
E-LINE (P2P)
• MACsec enabled Interface • Physical • Sub-interface (802.1Q)
Branch Site CE
Enterprise Network
Ethernet Service • Point to point PW service (no MAC address lookup) • Port-Base mode, or VLAN—Based (802.1Q offering)
Customer Use Cases • Secure: CE – CE link, DC Interconnect, MPLS PE/P support
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
U//PROPIN
Multi-Point SA Configuration MKA Keying (802.1X-2010)
Branch Site CE
Enterprise Network
Central Campus / DC
CE Enterprise Network
Carrier Ethernet Service
E-LAN (multi-pt)
• MACsec enabled Interface • Physical • Sub-interface (802.1Q)
Branch Site CE
Enterprise Network
Ethernet Service • Multi-Point service (MAC address lookup based) • Port-Based mode, or VLAN-Based Mode (802.1Q offering)
Customer Use Cases • Secure: CE – CE link, DC Interconnect
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
U//PROPIN
• MACSec on the egress PHY • MACsec per hop through provider owned core links • Offers protection over uncontrolled optical transport providers • Offers per-hop traffic inspection if desired • No “over-the-top” overlay solutions required • Allows full MPLS Core features (VPN, TE, convergence)
MPLS-PE
MPLS-PE
MACSec Protected Frame Format
Payload VLAN D/S MAC
VLAN Trunk
MACsec Router as the MPLS PE/P • IPv4 / IPv6 • MPLS labels & Ctrl Plane • Routing protocols • QoS (.1p bits) • Multicast • Leverage 802.1Q, Q-in-Q • L2 Cntrl Plane, STP
VRF’s MPLS Labels
Payload VLAN MACSec Header
Outer D/S MAC
MPLS P
MPLS P
MPLS P
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
U//PROPIN
Security Briefings & Training
How is NGE Utilized? Commercial Solutions for Classified (CSfC) Overview and Architecture Options for Deployments
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
U//PROPIN
Commercial Solutions for Classified Website: http://www.nsa.gov/ia/programs/csfc_program/
“
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
U//PROPIN
Source: CSfC Website (http://www.nsa.gov/ia/programs/csfc_program/ )
Inner – IPSec Outer – IPSec
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
U//PROPIN
Red Network
IP/IPv6 Ethernet
INNER Encryption Domain
Black Network
OUTER Encryption Domain
• 802.1ae (MACsec) • IPSec
• 802.1ae (MACsec) • IPSec
“Multi Layered” Domain Encryption Topology Notional IPSec VPN Gateway and Client Solutions
Inner VPN Gateway
Outer VPN Gateway
Inner VPN Gateway
Outer VPN Gateway Optical
Ethernet SONET
IP
Gray Network IP/IPv6
Ethernet
CA Admin W/S
End User Device
End User Device CA Admin
W/S
• IPSec (Client) • TLS (application)
MACsec is not an approved CSFC solution as of today
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
U//PROPIN
Security Briefings & Training
Cisco NGE Innovation Focus Areas Optical Encryption MACSec Secure Mobility
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
U//PROPIN
Current MACsec and Optical Status… • Currently, an Extended Package (EP) for MACsec (802.1AE) is being worked on
by NIAP
• Target plan is to complete in the next several months
• Cisco is continuing to drive Suite B algorithms as part of all next generation encryption (NGE) development
• Goal is for Commercial Solutions for Classified (CSFC) compliance will align
• For optical, there is currently no EP from NIAP
• Customer interest for High Speed Line-Rate Encryption (Optical+MACSec) should initiate request (official email: [email protected] ask for “tailored COTS solution)
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
U//PROPIN
Secure Network
IP/IPv6 Ethernet
Inner Encryption Domain
Optical Transport
Secure Network
IP/IPv6 Ethernet
Outer Encryption Domain
“Notional Tailored COTS Solution for High-Speed Encryption”
MACsec (802.1AE) ASR 9000 w/ 100Gb MACsec
Encryption
NCS 2000 w/ 100Gb
OTN Encryption
MACSEC Interface
OTN Encryption
MACsec is not an approved CSFC solution as of today
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 44
U//PROPIN
• IOS-XE MACsec Configuration Guide:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/macsec/configuration/xe-3s/macsec-xe-3s-book.html
ASR 1001-X
Thank you.