METHOD AND SYSTEM FOR SECURING A NETWORK UTILIZING IPSEC and MACSEC PROTOCOLS
First Claim
1. A method for computer networking, the method comprisingin one or more network nodes, converting between Ethernet packets comprising payloads secured utilizing IPsec protocols and Ethernet packets secured utilizing MACsec protocols.
7 Assignments
0 Petitions
Accused Products
Abstract
Aspects of a method and system for securing a network utilizing IPsec and MACsec protocols are provided. In one or more network nodes, aspects of the invention may enable conversion between Ethernet packets comprising payloads secured utilizing IPsec protocols and Ethernet packets secured utilizing MACsec protocols. For example, IPsec connections may be terminated at an ingress network node and IPsec connections may be regenerated at an egress network node. Packets secured utilizing MACsec protocols may be detected based on an Ethertype. Packets comprising payloads secured utilizing IPsec protocols may be detected based on a protocol field or a next header field. The conversion may be based on a data structure stored by and/or accessible to the network nodes. Aspects of the invention may enable securing data utilizing MACsec protocols when tunneling IPsec secured data through non-IPsec enabled nodes.
96 Citations
36 Claims
-
1. A method for computer networking, the method comprising
in one or more network nodes, converting between Ethernet packets comprising payloads secured utilizing IPsec protocols and Ethernet packets secured utilizing MACsec protocols.
-
13. A machine readable storage having stored thereon, a computer program having at least one code section for networking, the at least one code section being executable by a machine for causing the machine to perform steps comprising:
in one or more network nodes, converting between Ethernet packets comprising payloads secured utilizing IPsec protocols and Ethernet packets secured utilizing MACsec protocols. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
25. A system for computer networking, the system comprising:
in one or more network nodes, at least one processor that enables converting between Ethernet packets comprising payloads secured utilizing IPsec protocols and Ethernet packets secured utilizing MACsec protocols. - View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
Specification