Abdin, Zain2021-04-152021-04-1520212021-04-15http://hdl.handle.net/1828/12851Networks have increasingly become subject to sophisticated attacks to either interrupt network services in the form of Denial of Service (DoS) attacks or to steal information in the form of Man-in-the-Middle (MITM) attacks. According to the IBM X-Force Threat Intelligence 2018 index, 35% of exploitation activities involved MITM attacks [4]. To prevent networks from attacks such as MITM and to protect data integrity and confidentiality, a security solution is required to provide seamless layer 2 encryption in Local Area Networks (LANs) and Wide Area Networks (WANs). Media Access Control Security (MACsec) secures an Ethernet link for traffic including Dynamic Host Configuration Protocol (DHCP), Address Resolution Protocol (ARP), and other protocols that are not typically secured by other security solutions such as Internet Protocol Security (IPsec) which operates at layer 3 or Secure Socket Layer (SSL) which protects layer 7 of the Open System Interconnection (OSI) model. In this work, MACsec is implemented to secure LANs and WANs. Network performance analysis is performed to evaluate the impact of MACsec on network performance. MACsec is also used to protect networks against MITM attacks. Results are presented which show that MACsec successfully protects networks from MITM attacks and provides end-to-end encryption to protect network traffic.enAvailable to the World Wide WebMACsecIntegrity and confidentiality of network trafficProtecting network trafficLayer 2 encryptionLayer 2 securitySecuring Ethernet linksDenial of service and man-in-the-middle attackMAC spoofingNetwork performanceLocal Area NetworksWide Area NetworksVLAN tagData integrity and authenticityproject