September 23, 2015

A Powerful New Security Tool for Your Application-Aware Network

[Blog] A Powerful New Security Tool for Your Application-Aware Network

It may seem like it has been forever since the Target credit card breach in 2013, which cost the company $162 million, but unfortunately it has set a new trend that hasn’t let up. It feels like network security compromises have constantly been in the news. It was just last month that Ashley Madison was breached, and now this month over 225,000 Apple iPhone accounts were hacked according to a recent report from Palo Alto Networks.


These hacks are surely very sophisticated and not always well understood, but going forward it’s a fair assumption that any data gleaned by a hacker from an unsecured network or data center can be leveraged to help strengthen their ability to break in and take much, much more.


Extreme Networks has taken a comprehensive approach to helping customers secure their networks for years, from pioneering a unified policy architecture to recently releasing portfolio updates around intrusion protection, and this month we’re making network security even more durable. The Extreme Networks S-Series modular and 7100 fixed 1/10Gb LAN and data center switches are introducing MACsec support to provide strong encryption of user data to the network. Under this IEEE standard (802.1ae) all data that traverses a given physical link is encrypted, assuring network operators of security against any potential compromises to a network line, and bringing network security to a whole new level.
Figure 1: Example Topology using MACsec Physical Network Encryption


What is the impact this will have on you as a network administrator?

  • Anywhere in your network that a cable leaves a building or enters an unsecured area or for some other reason is at risk of being tapped, encryption can now secure that threat.
  • Secure traffic between switches at 1 Gigabit or 10 Gigabit Ethernet speeds, be it between buildings or within a wiring closet or data center.
  • Secure the traffic running to your CoreFlow-powered Purview application intelligence and analytics.
  • Consider the future potential for encryption down to wired end systems (requires end system support) – something you already have when the client is wireless, thanks to wireless encryption.


Where would you like to see physical encryption in your network? We’d love to hear about it. Share on Twitter via @JonathanMorin or @ExtremeNetworks


PS – This new software release – 8.41 – also brings VXLAN capabilities to the S-Series and K-Series, including the ability to monitor application traffic within VXLAN (and now also MPLS) tunnels at the application layer. Expect to hear more on VXLAN in future postings.

About The Contributor:
Jonathan MorinSr. Product Marketing Manager

Jonathan Morin is a Senior Product Marketing Manager for Extreme Networks where he drives unique product and go to market strategies and consults on industry trends. Previously Jonathan worked at independent third party consultant and test lab EANTC based in Berlin, Germany and the UNH-IOL before that where he was responsible for presenting trends at industry events, bringing results and awareness to the market, leading technology seminars, running test events and POCs, and consulting both networking vendors and service providers within the telecommunications and enterprise networking industry. Twitter handle: @JonathanMorin

See My Other Posts

Leave a Reply

Your email address will not be published. Required fields are marked *