It would be great to have some kind of indicator for which ports are protected via MACSEC… like a lock icon or something next to port description.
It looks like the relevant data comes from the CISCO-TRUSTSEC-INTERFACE-MIB mib.
1.3.6.1.4.1.9.9.740.1.1.1.1.2. ctsiIfConfiguredMode returns 4 if the port is configured.
1.3.6.1.4.1.9.9.740.1.5.1.1.8 ctsiIfSapNegotiationStatus returns a 4 for negotiation success.
You could have something like a configured port indicated as an open lock in red if the port is configured but with unsuccessful negotiation and flip it to a green closed lock if neg is successful.