service feature

Increase security with MACsec

Media Access Control security (MACsec) is an industry-standard security technology that provides point-to-point security on Ethernet links. Our Apollon platform supports this feature, which is particularly interesting for you if you are using our VirtualPNI or DirectCLOUD services.

Prevent security threats

MACsec is defined by IEEE standard 802.1AE and it can be used in combination with other security protocols, such as IP Security (IPsec) and Secure Sockets Layer (SSL), to provide end-to-end network security. MACsec is capable of identifying and preventing most security threats, including denial of service, intrusion, man-in-the-middle, masquerading, passive wiretapping, and playback attacks. 

A MACsec enabled point-to-point Ethernet link is secure after matching security keys are exchanged and verified between the interfaces at each end of the link. The key can be configured manually, or can be generated dynamically, depending on the security mode used to enable MACsec.

If you decide to set up a private session with MACsec, the DE-CIX platform is MACsec enabled (MACsec agnostic) and fully supports the transport of MACsec frames (transparent data transmission) without dropping any MACsec traffic.

MACsec with Microsoft Azure via ExpressRoute Direct

For example, you can use MACsec to further enhance your network security when you connect to Microsoft Azure via the DE-CIX DirectCLOUD service. Use MACsec to encrypt the connection between your network devices and Microsoft's network devices when you connect to Microsoft via ExpressRoute Direct.