Presented herein are techniques for providing security to networks operating in accordance with the 400ZR standard. Currently, there is no specification relating to how traffic should be encrypted and authenticate by this standard. In addition, the techniques presented herein support the possibility of encrypting and authenticating every single 100GBASE-R or 200GBASE-R stream when they are mapped inside 400ZR. GMP-Sec can be used in any application which relies on the Generic Mapping Procedure (GMP), with the only recommendation that client rates must be lower than 0.21% of container frequency. Moreover, the techniques presented herein can be applied to the Optical Transport Network (OTN) layer, in particular when packets are mapped over OTN (100GBASE-R over OPU4, 200GBASE-R and 400GBASE-R over OPUCn). Other solutions require tag frames (hence adding bytes and increasing line frequency) or require overwriting of many Overhead and Operational bytes, which may impact the customer’s ability to manage the network (like OTNSec). In the techniques presented herein, GMP-Sec replaces unused stuffing bit, filled by fixed pattern and not carrying payload traffic.

Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.