[179200] in North American Network Operators' Group
Meeting IRS requirements for encrypted transmission of FTI
daemon@ATHENA.MIT.EDU (Hunt, Fred - DCF)
Thu Apr 2 15:13:44 2015
X-Original-To: nanog@nanog.org
From: "Hunt, Fred - DCF" <Fred.Hunt@wisconsin.gov>
To: "'nanog@nanog.org'" <nanog@nanog.org>
Date: Thu, 2 Apr 2015 15:50:10 +0000
Errors-To: nanog-bounces@nanog.org
Does anyone have previous experience meeting IRS requirements for the encry=
pted transmission of FTI across a LAN and WAN, specifically the requirement=
s called for in IRS Publication 1075?
The IRS tests for the following:
All FTI data in transit is encrypted when moving across a Wide Area Network=
(WAN) and within the agency's Local Area Network (LAN). If FTI is transm=
itted over a LAN or WAN it is encrypted with FIPS 140-2 validated encryptio=
n, using at least a 128-bit encryption key.
MACsec is what we are looking at right now. I'm wondering if anyone who ha=
s been through such an implementation could share lessons learned, gotchas,=
etc.
Any input is appreciated?
Fred
