Werbung
Netzsicherheit
[ Netzsicherheit > MACsec > MKA-Richtlinie ]
Vertraulichkeits-Offset
Specifies the offset for the encrypted payload within Ethernet frames. This means the first byte from
in the payload that is encrypted.
•
An offset of
This offers maximum confidentiality.
•
An offset >
This can be advantageous if the values at the start of the payload (like VLAN tags, EtherType
or IP header) are needed for switching or routing decisions. This may affect intermediate non-
MACsec-capable nodes that the MACsec data packet traverses.
The appropriate offset depends on your application.
Possible values:
(default setting)
0
The device encrypts the entire payload.
The encryption of the payload starts with the first byte.
30
The first 30 bytes of the payload remain unencrypted.
The encryption of the payload starts from byte number 31.
50
The first 50 bytes of the payload remain unencrypted.
The encryption of the payload starts from byte number 51.
Aktiv
Use this check box to select one or more table rows, for example, for deletion.
Anmerkung:
As an exception, the check box does not activate/deactivate the MKA policy in the relevant table
row.
In contrast, an MKA policy in a table row is active if its Policy name is referred to in the MKA Key
Configuration dialog, in the Key chain name column.
260
0
means that the entire payload is encrypted.
0
leaves the given number of bytes at the beginning of the payload unencrypted.
RM GUI BRS
Release 10.3 04/2025
Werbung
