Table of Contents
macsec use cases
Here are few use cases where my macsec router image for RPi4 could be used.
Isolate yourself in Wifi
This is most common use case: establish wifi network presence without being part of IP layer in wifi networks. Optionally you can use RPi4 created tunnel out from network. With this approach your team can share services inside macsec segment while being sure that none of those services are visible towards foreign wifi operator.
Connect & isolate your team from target networks
Conducting DFIR or 'other' missions in target networks, while sharing physical medium inside a building for example. This allows your team to be present while isolated. You can optionally use RPi4 device with my firmware image to probe target network while nothing comes back to your macsec segment. RPi4 device has no network services (not even SSH) and is managed only with HSM module or physical Console access.
Operate target networks
Allow access to target network resources with RPi4 as routing point between macsec and target segments. This keeps you isolated and prevents any lateral movement from target network towards your macsec isolated DFIR or 'other' workstations.
re-key out-of-band
Fast and easy macsec re-keying with external HSM module makes mission re-keying easy. First you plug-in HSM module to RPi4 which re-keys each macsec secured host into HSM. After this you circulate HSM to your team laptops and they get re-keyed automatically just when you plugin HSM to laptop. RPi4 as re-keying entity can be totally isolated from network and operated totally off-line if required.
Video
Demo video with macsec router: