Black Box ET0100A Network sets for the hub and spoke policies, Region a hub and spoke policy

Page 215

Policy Design Examples

These hub and spoke policies require the four network sets created in “Encrypt Traffic Between Regional Centers” on page 214 and twelve network sets for the branch networks.

Table 56 Network sets for the hub and spoke policies

 

 

 

Default

 

Networks

PEPs

ETKMS

Network Set A1

192.33.5.0 netmask 255.255.255.0

PEP A1

ETKMS 1

Network Set A2

192.33.6.0 netmask 255.255.255.0

PEP A2

ETKMS 1

Network Set A3

192.33.9.0 netmask 255.255.255.0

PEP A3

ETKMS 1

Network Set B1

172.44.5.0 netmask 255.255.255.0

PEP B1

ETKMS 1

Network Set B2

172.44.6.0 netmask 255.255.255.0

PEP B2

ETKMS 1

Network Set B3

172.44.7.0 netmask 255.255.255.0

PEP B3

ETKMS 1

Network Set C1

100.22.5.0 netmask 255.255.255.0

PEP C1

ETKMS 1

Network Set C2

100.22.7.0 netmask 255.255.255.0

PEP C2

ETKMS 1

Network Set C3

100.22.9.0 netmask 255.255.255.0

PEP C3

ETKMS 1

Network Set D1

100.33.2.0 netmask 255.255.255.0

PEP D1

ETKMS 1

Network Set D2

100.33.3.0 netmask 255.255.255.0

PEP D2

ETKMS 1

Network Set D3

100.33.5.0 netmask 255.255.255.0

PEP D3

ETKMS 1

 

 

 

 

The next three tables show the four regional hub and spoke policies.

Using Network Sets A, A1, A2, and A3, create a hub and spoke policy for region A as shown in the following table:

Table 57

Region A hub and spoke policy

 

 

 

Field

 

Setting

Name

 

Region A Hub and Spoke

Priority

 

900

Renew Keys/Refresh Lifetime

4 hours

Type

 

IPSec

IPSec

 

Encryption Algorithms - AES

 

 

Authentication Algorithms - HMAC-SHA-1

Key Generation

By Network Set

Addressing Mode Override

Preserve internal network addresses

Minimize Policy Size

Disable

Hub

 

Network Set A

Spokes

 

Network Set A1

 

 

Network Set A2

 

 

Network Set A3

Protocol

 

Any

 

 

 

216

EncrypTight User Guide

Image 215
Contents EncrypTight User Guide Table of Contents Managing EncrypTight Users Provisioning Appliances Getting Started with EtemsManaging Appliances 117 Creating Vlan ID Ranges for Layer 2 Networks Managing Key Management SystemsManaging IP Networks Managing Network SetsPolicy Design Examples 211 Modifying the Etkms Properties File Using Enhanced Security FeaturesEtep Configuration 299 302 Index 343 About This Document PrefaceContacting Black Box Technical Support Part I EncrypTight Installation and Maintenance EncrypTight User Guide Distributed Key Topologies EncrypTight OverviewLayer 2 Ethernet topologies Network topologiesTopology Description Layer 3 IP topologiesRelated topics EncrypTight ElementsKey Management System EncrypTight Element Management SystemPolicy Manager Single Etkms for multiple sites Policy Enforcement PointShared keys Point-to-Point Negotiated TopologyLayer 2 Point-to-Point Deployment Security within EncrypTightSecure Key Storage within the Etkms Secure Communications Between DevicesEncrypTight Component Connections EncrypTight Deployment PlanningEtpm to Etkms Connections Management Station ConnectionsEtpm and Etkms in Layer 3 IP Policies Etpm and Etkms on the Same SubnetworkEtpm and Etkms on Different Subnetworks Out-of-band Etkms management in an Ethernet network External Etkms to Etkms Connections Connections for Backup ETKMSsEtkms to Etkms Connections in Ethernet Networks Connecting Multiple ETKMSs in an IP NetworkEtkms to PEP Connections in IP Networks Etkms to PEP ConnectionsIn-line Etkms to PEP communications in IP networks Etkms to PEP Connections in Ethernet NetworksIPv6 Address Support Network Clock SynchronizationAddress Format Address Representation Certificate SupportIPv6 address representations Addressing Method Description Network Addressing for IP NetworksNetwork Addressing Options Related topics Before You Start Installation and ConfigurationThird party management station software Hardware RequirementsSoftware Requirements EncrypTight management station requirementsFirewall Ports EncrypTight Software InstallationInstalling EncrypTight Software for the First Time To install the EncrypTight softwareStarting EncrypTight Uninstalling EncrypTight SoftwareTo uninstall EncrypTight Upgrading to a New Version of EncrypTightRelated topic Management Station ConfigurationExiting EncrypTight To start EtemsEtems communications options To enable the Microsoft FTP Server serviceSecuring the Management Interface Enabling the Microsoft FTP ServerEtkms server connections Installing ETKMSsConfiguring ETKMSs Configuring the Syslog ServerAdding a Local Etkms Basic Configuration for Local ETKMSsAbout Local ETKMSs To launch a local Etkms Launching and Stopping a Local EtkmsStarting the Local Etkms Automatically To add a local EtkmsMaintaining the start.bat file Configuring External ETKMSsPrior to configuring the batch file do the following To configure the batch fileTo log into the Etkms Changing the Admin PasswordTo change the admin password Logging Into the EtkmsTo change the root password Changing the Root PasswordIPv4 Configure the Network ConnectionTo configure the network connection and hostname Static IP Netmask Default Gateway IP addressIPv6 To configure the network interfaceTo set the hostname and IPv6 default gateway address To set the default DNS server and configure the hosts fileTo set the time zone Configure Time and Date PropertiesTo set up time synchronization Field Description Ntpq -p command outputTo restart the NTP daemon To check the time source connection statusCheck the Status of the Hardware Security Module Starting and Stopping the Etkms ServiceChecking the Status of the Etkms Configuring Syslog Reporting on the ETKMSsTo check the status of the Etkms service To configure syslog reporting on a EtkmsPolicy Enforcement Point Configuration Etep Throughput Speeds Default User Accounts and PasswordsPasswords to change Managing LicensesChoose Tools Put License Installing LicensesTo install a license on the Etep To enter EncrypTight licensesUpgrading Etep Licenses Next StepsUpgrading Licenses Upgrading the EncrypTight LicenseNext Steps Installation and Configuration EncrypTight User Guide Working with EncrypTight User Accounts Managing EncrypTight UsersEncrypTight account types and privileges Configuring EncrypTight User AuthenticationTask Administrator User Common Access Card Authentication Password Authentication and ExpirationLogin Session Inactivity Timer DoD Login Banner Parameter User Name Password Login preferences default settingsEncrypTight user name and password conventions Preference SettingTo modify an EncrypTight user account Changing an EncrypTight User PasswordTo change a password To add an EncrypTight user accountRelationship between EncrypTight users and Etep users Example 1 Default EncrypTight user and default Etep userExample 2 Setting up new EncrypTight and Etep users How EncrypTight Users Work with Etep UsersExample 3 Adding a new Etep user to EncrypTight About the EncrypTight Workspace Maintenance TasksWorking with the EncrypTight Workspace On the File menu, click Save Workspace To Saving a Workspace to a New LocationTo save a workspace to a new location To load an existing workspace Loading an Existing WorkspaceTo delete a workspace Moving a Workspace to a New PCDeleting a Workspace To move a workspace to a new PCSchedule the Upgrade Installing Software UpdatesVerify Etkms Status and Deploy Policies Upgrade the EncrypTight SoftwarePrepare Etpm Status and Renew Keys To deploy policies Upgrade PEP SoftwareFTP server site information for appliance software upgrades To upgrade software on the PEPsOn the Tools menu, click Upgrade Software To check the status of the PEPs Click Edit Multiple Configurations Software VersionChange the PEP Software Version and Check Status To change the software version of the PEPsTo stop and remove the current Etkms software Return Status Refresh and Key Renewal to Original SettingsUpgrading External ETKMSs To start the Etkms software To install the new Etkms softwareTo configure the new Etkms software To mount the Cdrom driveMaintenance Tasks EncrypTight User Guide Etems Part II Working with Appliances usingEncrypTight User Guide Etems Quick Tour Defining Appliance ConfigurationsGetting Started with Etems Interface configuration for a new ET1000A appliance Pushing Configurations to AppliancesUpgrading Appliance Software Comparing ConfigurationsMaintenance and Troubleshooting Policy and Certificate Support Understanding the Etems WorkbenchEditors Appliance Manager perspective ViewsEtems toolbar ToolbarsPerspectives To open a perspectiveCertificate Manager toolbar Status IndicatorsAppliance Manager toolbar EncrypTight User Types Appliance status indicatorsStatus Indicator Description Understanding RolesTo change communication preferences Function Administrator OpsModifying Communication Preferences Appliance roles for ETEPsPreference Description Strict authentication communication preferencesGeneral communication preferences Policy Extensions Ignore CRL accessEnable Certificate CRL File LocationProvisioning Basics Provisioning AppliancesNew Appliance editor for the ET1000A To add a new appliance Adding a New ApplianceOn the Tools menu, click Put Configurations Saving an Appliance ConfigurationSaving appliance configurations To push Etems configurations to appliancesResult Description Put configuration statusViewing Appliance Status Appliances view To configure automatic status checkingEtems To apply a filter to the appliances in the Appliances view Filtering Appliances Based on AddressEtep User Roles Rebooting AppliancesTo reboot appliances Appliance User ManagementAppliance roles for ETEPs v 1.4 and later Configuring the Password Enforcement PolicyDefault user names and passwords on the Etep Role Default user name Default passwordUser Name Conventions Default Password Policy ConventionsStrong Password Policy Conventions Upgrading Software Removing ETEPs From ServiceOn the Tools menu, click Appliance User Add User Managing Appliance UsersAdding Etep Users To add a user to the EtepDefault password Strong password Parameter Policy Password policy valuesOn the Tools menu, click Appliance User Modify User Modifying Etep User CredentialsDeleting Etep Users To modify Etep user credentialsOn the Tools menu, click Appliance User Delete User Viewing Etep UsersTo delete a user from the Etep On the Edit menu, click Default Configuration Working with Default ConfigurationsCustomizing the Default Configuration To customize the default configurationProvisioning Large Numbers of Appliances Restoring the Etems Default ConfigurationsTo return the default values to factory settings On the Edit menu, click Default ConfigurationsImporting Configurations from a CSV File Creating a Configuration TemplateAttribute Description To import appliance configurations to EtemsRemote and local keywords and attributes Importing Remote and Local Interface AddressesChanging Configuration Import Preferences To shut down the Etep Shutting Down AppliancesChecking the Time on New Appliances Shutdown operational codesManaging Appliances Editing ConfigurationsTo change the management IP address on the appliance Changing the Management IP AddressChanging the Address on the Appliance Change Management IP window Related topics Changing the Address in EtemsOperation failed message in response to management IP change Changing the Date and TimeTo change the date and time Changing Settings on a Single ApplianceChanging Settings on Multiple Appliances To edit the configuration of a single applianceDeleting Appliances To update an appliance setting on multiple appliancesTo delete appliances Connecting Directly to an ApplianceConnecting to the Command Line Interface Upgrading Appliance Software124 EncrypTight User Guide To upgrade software 126 EncrypTight User Guide Checking Upgrade Status Restoring the Backup File SystemCanceling an Upgrade What to do if an Upgrade is InterruptedTo restore the appliance file system from a backup copy Part III Using Etpm to Create Distributed Key Policies 130 EncrypTight User Guide To open Etpm Getting Started with EtpmOpening Etpm About the Etpm User InterfaceEtpm perspective Component Chapter EncrypTight Components ViewEditors To edit an element from the policy view Etpm Status IndicatorsStatus indicators Policy ViewSorting and Using Drag and Drop Etpm toolbar To enable or disable automatic status checkingEtpm Toolbar Etpm Status Refresh IntervalEthernet Policies About Etpm PoliciesIP Policies Policy generation and distribution Policy Generation and DistributionKey generation with one Etkms Key generation with multiple ETKMSs Creating a Policy An OverviewNetwork Set B Network aNetwork B Network Set aTo create a policy 144 EncrypTight User Guide EncrypTight User Guide 145 146 EncrypTight User Guide Provisioning PEPs Managing Policy Enforcement PointsAdding a New PEP in Etems EncrypTight PEP configurationConfiguration Description On the Advanced tab, select Enable Sntp Client On the Features tab, select Enable passing TLS trafficAdding Large Numbers of PEPs Adding a New PEP Using EtpmTo add a new PEP using Etpm Editing PEPs Pushing the ConfigurationTo push Etems configurations to PEPs To edit a PEP’s configurationEditing PEPs From Etpm To change the NTP settings for multiple PEPsSelect Edit Multiple Configurations Sntp Client Editing Multiple PEPsTo change the IP address of a PEP Deleting PEPsChanging the IP Address of a PEP Changing the PEP from Layer 3 to Layer 2 EncryptionTo delete PEPs Etkms connections Managing Key Management SystemsTo add an Etkms Adding ETKMSsTo edit an existing Etkms Editing ETKMSsDeleting ETKMSs Etkms entriesTo delete an existing Etkms Adding Networks Managing IP NetworksAddress Network Mask To add a networkNetwork entries Network IPGrouping Networks into Supernets Advanced Uses for Networks in PoliciesUsing Non-contiguous Network Masks IP Address Network Mask Networks definitionsTo edit an existing network Editing NetworksDeleting Networks To delete a network Managing IP Networks 166 EncrypTight User Guide Network Sets Managing Network SetsIP address Mask 40.55.11.0 255.255.255.0 Types of Network SetsIP address Mask 40.32.21.0 255.255.255.0 IP address Mask Network set for a collection of networksNetwork Set fields Adding a Network SetTo add a Network Set Mode Key ManagementSystem Network AddressingNetwork Set editor Importing Networks and Network SetsNetworks and network sets import document format in Excel To edit a Network Set Editing a Network SetDeleting a Network Set To import networks and network sets into EtpmTo delete an existing network set Managing Network Sets 176 EncrypTight User Guide To add a new Vlan ID Range Creating Vlan ID Ranges for Layer 2 NetworksAdding a Vlan ID Range Upper Vlan ID Vlan ID range entriesLower Vlan ID To delete an existing Vlan ID range Editing a Vlan ID RangeDeleting a Vlan ID Range To edit a Vlan ID range180 EncrypTight User Guide Policy Concepts Creating Distributed Key PoliciesSchedule for Renewing Keys and Refreshing Policy Lifetime Policy PriorityLayer 2 Ethernet payload encryption Policy Types and Encryption MethodsEncapsulation To use Aria in an encryption policy, do the following Encryption and Authentication AlgorithmsAria Encryption Key Generation and ETKMSs Addressing ModeUsing Encrypt All Policies with Exceptions Policy Policy Type Priority Action Protocol Covered Policy Size and Etep Operational LimitsEncrypt all policy with exceptions Minimizing Policy Size To add a new Layer 2 mesh policy Adding Layer 2 Ethernet PoliciesLayer 2 Mesh policy entries Layer 2 Mesh policy editor Adding a Hub and Spoke Policy Adding Layer 3 IP PoliciesHub and spoke policy entries To add a new hub and spoke policySize IPSecAddressing Minimize PolicyHub and spoke policy editor To add a new mesh policy Adding a Mesh PolicyMesh policy entries Specifies a method for reducing the policy size Mesh policy editor Multicast network example Adding a Multicast PolicyMulticast policy entries To add a multicast policyNetwork MulticastMulticast policy editor To add a point-to-point policy Adding a Point-to-point PolicyPoint-to-point policy entries Point B Point aNetwork Set Point a PortsPoint-to-point policy editor Adding Layer 4 PoliciesTo create a new Layer 4 policy Policy DeploymentVerifying Policy Rules Before Deployment To verify policies Setting Deployment Confirmation PreferencesTo enable or disable the deployment warning Deploying PoliciesEditing policies Editing a PolicyDeleting Policies To edit an existing policySelect Tools Clear Policies To delete an existing policyTo delete all policies Basic Layer 2 Point-to-Point Policy Example Policy Design ExamplesPoint-to-point Layer 2 encryption policy Layer 2 Ethernet Policy Using Vlan IDsSetting PEP Policy 3 Discard All Other Policy 2 Partner and Partner Portal ServerEncrypt Traffic Between Regional Centers Complex Layer 3 Policy ExampleEncrypt all mesh policy Encrypt Traffic Between Regional Centers and BranchesNetwork sets for mesh policy Region a hub and spoke policy Network sets for the hub and spoke policiesField Region B hub and spoke policyRegion C hub and spoke policy Region D hub and spoke policyPass protocol 88 in the clear mesh policy Passing Routing ProtocolsEncrypTight User Guide 219 Policy Design Examples 220 EncrypTight User Guide Part IV Troubleshooting 222 EncrypTight User Guide Possible Problems and Solutions Etems TroubleshootingPreferences Symptom Explanation and possible solutionsConfig to Appliance Appliance UnreachableDisable-trusted-hosts CLI command Appliance ConfigurationCompare Config to Appliance . Do one of the following Pushing ConfigurationsAppliance Tools Reboot To ping the management port Software UpgradesAbout upgrades show system-log and show upgrade Status Pinging the Management PortRetrieving Appliance Log Files Tools preferences To change the default ping toolFTP server site information for log retrieval To retrieve log files from an applianceOn the Tools menu, click Retrieve Appliance Logs Viewing Statistics Viewing Diagnostic DataStatistic Description Etep StatisticsExporting SAD and SPD Files Viewing Port and Discard StatusTo access the appliance CLI CLI Diagnostic CommandsTo view the log information Working with the Application LogViewing the Application Log from within EncrypTight Exporting the Application Log Setting Log FiltersSending Application Log Events to a Syslog Server Icon Description Other Application Log ActionsLog File Actions Monitoring Status Etpm and Etkms TroubleshootingLearning About Problems Etpm status problems and solutions Symptoms and SolutionsEtep PEPs, see the EncrypTight User Guide Policy ErrorsRenew Key Errors Status ErrorsEtkms Log Files Viewing Log FilesEtpm Log Files Etkms Server Operation Etkms Troubleshooting ToolsLinux Commands Command DescriptionShutting Down or Restarting an External Etkms PEP Troubleshooting ToolsResetting the Admin Password Optimizing Time SynchronizationTo view statistics To disable the Sntp client on multiple PEPsStatistics Etep PEP Policy and Key InformationTo export SAD or SPD files from Etep PEPs Troubleshooting PoliciesReplacing Licensed ETEPs Checking Traffic and Encryption StatisticsViewing Policies on a PEP Solving Policy ProblemsPlacing PEPs in Bypass Mode Expired Policies Allowing Local Site Exceptions to Distributed Key PoliciesCannot Add a Network Set to a Policy Solving Network Connectivity ProblemsCannot Communicate with PEP Certificate Implementation ErrorsModifying EncrypTight Timing Parameters Invalid Parameter in Function Call Etkms Boot ErrorInvalid Certificate Error Enter strict-client-authentication disable To disable strict authentication on ETEPsEtpm and Etkms Troubleshooting 252 EncrypTight User Guide Part V Reference 254 EncrypTight User Guide About the Etkms Properties File Modifying the Etkms Properties FileLogging Setup Hardware Security Module ConfigurationDigital Certificate Configuration Peer Etkms and Etpm Communications Timing Base Directory for Storing Operational State DataPEP Communications Timing Policy Refresh TimingPEP Communications Timing Page About Enhanced Security Features Using Enhanced Security FeaturesAbout Strict Authentication Order of Operations Prerequisites for Using Certificates with EncrypTightHow to Reference PrerequisitesDistinguished name information Setting DescriptionCertificate Information Usage, you type this string as follows Using Certificates in an EncrypTight SystemTo change the EncrypTight keystore password Changing the Keystore PasswordChanging the EncrypTight Keystore Password Changing the Etkms Keystore PasswordChanging the Keystore Password on a Etkms Restart the Etkms Service To start the Etkms service Changing the Keystore Password on a Etkms with an HSMChanging the Password Used in the Etkms Properties File To change the password listed in the Etkms properties fileClick Enable Policy Extensions Configuring the Certificate Policies ExtensionTo configure the certificate policies extension for ETEPs Parameter Description To configure certificate policy extensions for ETKMSsClick Enable Certificate Policy Extensions Etkms Certificate Policies EntriesEncrypTight User Guide 271 Generating a Key Pair Working with Certificates for EncrypTight and the ETKMSsTo create the certificate request Keytool genkeypair CommandRequesting a Certificate To generate a key pairKeytool Parameters for Importing a CA Certificate To install a CA certificateImporting a CA Certificate Importing a CA Certificate ReplyExporting a Certificate Configuring the HSM for KeytoolWorking with Certificates and an HSM Generating a Key Pair for use with the HSM Importing CA Certificates into the HSMImporting Signed Certificates into the HSM Working with Certificates for the ETEPsGenerating a Certificate Signing Request for the HSM To start the Certificate Manager do one of the following Understanding the Certificate Manager PerspectiveObtaining External Certificates Certificate Manager WorkflowWorking with External Certificates To obtain a CA certificate from a CA Installing an External CertificateTo install an external certificate Requesting a Certificate Working with Certificate Requests282 EncrypTight User Guide To view a pending certificate signing request Installing a Signed CertificateViewing a Pending Certificate Request Certificate usageTo set certificate request preferences Canceling a Pending Certificate RequestSetting Certificate Request Preferences To cancel a pending certificate requestCertificate request preference fields Managing Installed CertificatesExporting a Certificate To export an installed certificateViewing a Certificate To delete an external certificate Validating Certificates Using CRLsValidating Certificates Deleting a CertificateTo use CRLs with the Etkms Configuring CRL Usage in EncrypTight and the ETKMSsConfiguring CRL Usage on ETEPs To use CRLs with the EncrypTight softwareTo view CRLs Validating Certificates Using OcspTo install a CRL on the Etep Handling Revocation Check FailuresOptions Description To set up Ocsp in EncrypTightClick Enable Online Certificate Status Protocol Ocsp EncrypTight Ocsp OptionsOcsp Settings To set up Ocsp in the EtkmsTo set up Ocsp on the ETEPs Click Enable OcspTo enable strict authentication on PEPs Enabling and Disabling Strict AuthenticationTo enable strict authentication in the EncrypTight software To enable strict authentication on the EtkmsRemoving Certificates To disable strict authenticationClear the Enable Strict Client Authentication box To disable strict authentication from the command lineSelect Tools Clear Certificates Using a Common Access CardTo remove certificates To add common names to the Etkms Configuring User Accounts for Use With Common Access CardsEnabling Common Access Card Authentication To enable CAC Authentication in EncrypTight To enable CAC Authentication on the EtepClick XML-RPC Certificate Authentication To enable CAC Authentication on the EtkmsHandling Common Name Lookup Failures To specify how to handle common name failuresUsing Enhanced Security Features 298 EncrypTight User Guide Etep Configuration Appliance Name Identifying an ApplianceProduct Family and Software Version Throughput Speed Interface ConfigurationTo configure appliance interfaces Management Port Addressing ET0100A interfaces configuration Related topicsIPv4 management port addressing IPv4 AddressingIPv6 management port addressing IPv6 AddressingLink speeds on the management port Auto-negotiation All PortsLink speeds on the local and remote ports Remote and Local Port SettingsTransparent Mode Local and Remote Port IP Addresses When to use transparent modePolicy Type Mode of operation IP Address and Subnet Mask Transmitter EnableDefault Gateway Dhcp Relay IP Address Transmitter Enable settings on the EtepIgnore DF Bit Reassembly ModeIgnore DF Bit settings Reassembly mode settingsTrusted host list Trusted HostsOutbound host Appliance Editor Tab Inbound trusted host protocols used by EncrypTightTo add a trusted host ProtocolSystem Information Snmp ConfigurationUnder Community Strings, click Add Community StringsSnmp system information To define a community nameTrap Description TrapsTraps reported on the Etep SNMPv3 To configure a trap hostSNMPv2 Trap Hosts SNMPv3 Configuration Related topics To retrieve engine IDs Generating the Engine IDRetrieving and Exporting Engine IDs Viewing SNMPv3 Engine IDs Related topics Configuring the SNMPv3 Trap Host UsersSNMPv3 trap host users SNMPv3 Trap Host configuration To configure a trap host userEtep Logging tab Logging ConfigurationFacility Description Log Event SettingsLog facilities Under Syslog Servers, click Add Defining Syslog ServersLog priorities To define a syslog serverInternals logs Log File ManagementLog file sizes Log name File sizeLog files extracted from the Etep Related topics Advanced ConfigurationPacket Payload Size Layer 2 Etep Layer 3 Etep Path Maximum Transmission UnitValid Pmtu ranges on Etep appliances Pmtu and fragmentation behavior on the EtepNon IP Traffic Handling CLI Inactivity TimerPassword Strength Policy Non IP traffic handling configurationXML-RPC Certificate Authentication IKE Vlan Tags SSH Access to the EtepSntp Client Settings To configure the NTP clientIKE Vlan Tags Features ConfigurationOcsp Settings Certificate Policy ExtensionsEncryption algorithms Authentication algorithms Fips ModeEnabling Fips Mode Fips approved encryption and authentication algorithmsOperational Notes Policy Type Action upon entering Fips modeDisabling Fips Verifying Fips Status on the EtepSetting Definition EncrypTight SettingsEncrypTight settings Working with Policies Encryption Policy SettingsEncryption policy settings To launch Etpm from Etems Using EncrypTight Distributed Key PoliciesCreating Layer 2 Point-to-Point Policies Etep Policy tab Selecting a Role Using Preshared Keys for IKE AuthenticationUsing Group IDs Parameter Value Selecting the Traffic Handling ModeHow the Etep Encrypts and Authenticates Traffic IKE Phase 2 ParametersInterfaces Factory DefaultsInterfaces defaults Interfaces Default SettingTrusted Hosts Trusted hosts defaultsSnmp defaults Advanced LoggingPolicy Features Default Setting FeaturesHard-coded Settings Features defaultsNumerics IndexIndex EncrypTight User Guide 345 Etpm See also HSM Https TLS 348 EncrypTight User Guide EncrypTight User Guide 349 350 EncrypTight User Guide See also TLS trap configuration 352 EncrypTight User Guide Black Box Tech Support FREE! Live /7
Related manuals
Manual 48 pages 53.09 Kb Manual 88 pages 24.35 Kb

EncrypTight, ET0100A, ET0010A, ET1000A specifications

The Black Box ET1000A, ET0010A, EncrypTight, and ET0100A are advanced solutions designed for secure data transmission and network management, catering to modern enterprise needs. These tools integrate cutting-edge technologies to enhance connectivity, security, and efficiency within various environments.

The Black Box ET1000A is primarily a high-performance Ethernet over Twisted Pair (EoTP) solution. It enables users to extend Ethernet signals over long distances using existing twisted-pair cabling without sacrificing speed or reliability. With support for speeds up to 100 Mbps, this device is ideal for organizations looking to upgrade their existing infrastructure without extensive rewiring. Key features include plug-and-play installation, which simplifies deployment, and versatile compatibility with both legacy and modern ethernet networks.

The ET0010A model takes connectivity a step further by providing seamless integration with fiber optics. This device supports transmission distances that far exceed traditional copper solutions, making it a perfect fit for larger facilities or multi-building campuses. Its built-in Ethernet switch enhances network efficiency by providing multiple ports for device connectivity, thus facilitating greater data flow.

EncrypTight technology is a notable feature across these Black Box models, offering advanced encryption capabilities to safeguard sensitive data during transmission. With military-grade encryption protocols, EncrypTight ensures that corporate information remains secure from potential eavesdroppers. This technology is essential for businesses operating in regulated industries or that handle confidential customer information.

The ET0100A model combines intelligence with monitoring features to provide users with comprehensive network insights. It boasts built-in diagnostic tools that enable IT professionals to troubleshoot issues quickly and efficiently. Additionally, it features real-time performance monitoring, allowing users to analyze bandwidth usage and optimize network performance accordingly.

In conclusion, the Black Box ET1000A, ET0010A, EncrypTight, and ET0100A are powerful tools that embody the latest in data transmission and network management technologies. With their unique features—including extended connectivity capabilities, robust encryption technologies, and real-time monitoring solutions—these devices cater to the growing demands of businesses seeking to enhance their network infrastructure while ensuring robust security and efficiency. Integrating these tools into any organization’s operations can fundamentally improve both performance and data protection, making them indispensable in today’s digital landscape.