Prevent security threats
MACsec is defined by IEEE standard 802.1AE and it can be used in combination with other security protocols, such as IP Security (IPsec) and Secure Sockets Layer (SSL), to provide end-to-end network security. MACsec is capable of identifying and preventing most security threats, including denial of service, intrusion, man-in-the-middle, masquerading, passive wiretapping, and playback attacks.
A MACsec enabled point-to-point Ethernet link is secure after matching security keys are exchanged and verified between the interfaces at each end of the link. The key can be configured manually, or can be generated dynamically, depending on the security mode used to enable MACsec.
If you decide to set up a private session with MACsec, the DE-CIX platform is MACsec enabled (MACsec agnostic) and fully supports the transport of MACsec frames (transparent data transmission) without dropping any MACsec traffic.
MACsec with Microsoft Azure via ExpressRoute Direct
For example, you can use MACsec to further enhance your network security when you connect to Microsoft Azure via the DE-CIX DirectCLOUD service. Use MACsec to encrypt the connection between your network devices and Microsoft's network devices when you connect to Microsoft via ExpressRoute Direct.