jmpolom
commented
3 years ago Would the idea be that the switch is an IPSec endpoint and handle encryption duties? This would bring into question if the management CPUs on these lower bandwidth ARM-based 1GBase switches can handle such duties at any appreciable speed.
Newer switches support IPSec tunnels. Can be used to replace MACSEC in some use cases. Useful in embedded use cases (ie: storage). Support needed for IPSEC key exchange.