Black Box ET0010A Working with Policies, Encryption Policy Settings, Encryption policy settings

Page 333

ETEP Configuration

“Encryption Policy Settings” on page 334

“Working with Policies” on page 334

Encryption Policy Settings

The Encryption Policy Setting determines the type of policies that the ETEP can be used in: Layer 2 Ethernet policies or Layer 3 IP policies. Appliances that are configured for Layer 2 cannot be used in Layer 3 policies, and vice versa. If you intend to create a Layer 4 policy to encrypt only the packet payload, set the Encryption Policy Setting to Layer 3:IP.

Table 106 Encryption policy settings

Setting

Definition

Layer 2: Ethernet

Enable this setting to use the ETEP in Layer 2 Ethernet policies. Point-

 

to-point policies are defined in ETEMS; mesh policies are defined in

 

EncrypTight ETPM.

Layer 3: IP

Enable this setting to use the ETEP in Layer 3 IP policies, or if you

 

intend to create a policy to encrypt only the Layer 4 payload.

 

Layer 3 distributed key policies are defined in EncrypTight ETPM.

 

 

When you change the encryption policy setting of an in-service ETEP, all encrypt and drop policies currently installed on the ETEP are removed and all traffic is sent in the clear until you create and deploy new policies, or until the policies are rekeyed. A rekey installs an “encrypt all” policy on the ETEP.

If you are using EncrypTight, take the following steps to ensure proper enforcement of your distributed key polices when you change the encryption policy setting:

1In the ETEMS Features tab, change the Encryption Policy Setting to Layer 2 or Layer 3.

2Push the new configuration to the ETEP (Tools > Put Configuration).

3In ETPM, delete the policy that contains the original ETEP configuration.

4Create a new policy for the reconfigured ETEP.

5Deploy the new policy.

Related topics:

“EncrypTight Settings” on page 333

“Working with Policies” on page 334

Working with Policies

ETEMS’s primary function is configuring and managing appliances from a central workstation. After you have configured the ETEPs for network operation, you have the following options for creating and deploying policies:

EncrypTight distributed key policies (mesh, hub and spoke, multicast, Layer 3 point-to-point) are created and managed using ETPM.

Layer 2 point-to-point policies are created using the policy editor in the ETEMS Policy tab.

334

EncrypTight User Guide

Image 333
Contents EncrypTight User Guide Table of Contents Managing EncrypTight Users Provisioning Appliances Getting Started with EtemsManaging Appliances 117 Managing IP Networks Managing Key Management SystemsManaging Network Sets Creating Vlan ID Ranges for Layer 2 NetworksPolicy Design Examples 211 Modifying the Etkms Properties File Using Enhanced Security FeaturesEtep Configuration 299 302 Index 343 About This Document PrefaceContacting Black Box Technical Support Part I EncrypTight Installation and Maintenance EncrypTight User Guide Distributed Key Topologies EncrypTight OverviewTopology Description Network topologiesLayer 3 IP topologies Layer 2 Ethernet topologiesRelated topics EncrypTight ElementsEncrypTight Element Management System Policy ManagerKey Management System Single Etkms for multiple sites Policy Enforcement PointShared keys Point-to-Point Negotiated TopologyLayer 2 Point-to-Point Deployment Security within EncrypTightSecure Key Storage within the Etkms Secure Communications Between DevicesEncrypTight Component Connections EncrypTight Deployment PlanningEtpm to Etkms Connections Management Station ConnectionsEtpm and Etkms on the Same Subnetwork Etpm and Etkms on Different SubnetworksEtpm and Etkms in Layer 3 IP Policies Out-of-band Etkms management in an Ethernet network External Etkms to Etkms Connections Connections for Backup ETKMSsEtkms to Etkms Connections in Ethernet Networks Connecting Multiple ETKMSs in an IP NetworkEtkms to PEP Connections in IP Networks Etkms to PEP ConnectionsIn-line Etkms to PEP communications in IP networks Etkms to PEP Connections in Ethernet NetworksIPv6 Address Support Network Clock SynchronizationCertificate Support IPv6 address representationsAddress Format Address Representation Network Addressing for IP Networks Network Addressing OptionsAddressing Method Description Related topics Before You Start Installation and ConfigurationSoftware Requirements Hardware RequirementsEncrypTight management station requirements Third party management station softwareInstalling EncrypTight Software for the First Time EncrypTight Software InstallationTo install the EncrypTight software Firewall PortsTo uninstall EncrypTight Uninstalling EncrypTight SoftwareUpgrading to a New Version of EncrypTight Starting EncrypTightExiting EncrypTight Management Station ConfigurationTo start Etems Related topicSecuring the Management Interface To enable the Microsoft FTP Server serviceEnabling the Microsoft FTP Server Etems communications optionsConfiguring ETKMSs Installing ETKMSsConfiguring the Syslog Server Etkms server connectionsBasic Configuration for Local ETKMSs About Local ETKMSsAdding a Local Etkms Starting the Local Etkms Automatically Launching and Stopping a Local EtkmsTo add a local Etkms To launch a local EtkmsPrior to configuring the batch file do the following Configuring External ETKMSsTo configure the batch file Maintaining the start.bat fileTo change the admin password Changing the Admin PasswordLogging Into the Etkms To log into the EtkmsTo change the root password Changing the Root PasswordTo configure the network connection and hostname Configure the Network ConnectionStatic IP Netmask Default Gateway IP address IPv4To set the hostname and IPv6 default gateway address To configure the network interfaceTo set the default DNS server and configure the hosts file IPv6Configure Time and Date Properties To set up time synchronizationTo set the time zone To restart the NTP daemon Ntpq -p command outputTo check the time source connection status Field DescriptionCheck the Status of the Hardware Security Module Starting and Stopping the Etkms ServiceTo check the status of the Etkms service Configuring Syslog Reporting on the ETKMSsTo configure syslog reporting on a Etkms Checking the Status of the EtkmsPolicy Enforcement Point Configuration Passwords to change Default User Accounts and PasswordsManaging Licenses Etep Throughput SpeedsTo install a license on the Etep Installing LicensesTo enter EncrypTight licenses Choose Tools Put LicenseUpgrading Licenses Next StepsUpgrading the EncrypTight License Upgrading Etep LicensesNext Steps Installation and Configuration EncrypTight User Guide Working with EncrypTight User Accounts Managing EncrypTight UsersConfiguring EncrypTight User Authentication Task Administrator UserEncrypTight account types and privileges Password Authentication and Expiration Login Session Inactivity TimerCommon Access Card Authentication DoD Login Banner EncrypTight user name and password conventions Login preferences default settingsPreference Setting Parameter User Name PasswordTo change a password Changing an EncrypTight User PasswordTo add an EncrypTight user account To modify an EncrypTight user accountExample 2 Setting up new EncrypTight and Etep users Example 1 Default EncrypTight user and default Etep userHow EncrypTight Users Work with Etep Users Relationship between EncrypTight users and Etep usersExample 3 Adding a new Etep user to EncrypTight Maintenance Tasks Working with the EncrypTight WorkspaceAbout the EncrypTight Workspace Saving a Workspace to a New Location To save a workspace to a new locationOn the File menu, click Save Workspace To To load an existing workspace Loading an Existing WorkspaceDeleting a Workspace Moving a Workspace to a New PCTo move a workspace to a new PC To delete a workspaceSchedule the Upgrade Installing Software UpdatesUpgrade the EncrypTight Software Prepare Etpm Status and Renew KeysVerify Etkms Status and Deploy Policies To deploy policies Upgrade PEP SoftwareTo upgrade software on the PEPs On the Tools menu, click Upgrade SoftwareFTP server site information for appliance software upgrades Change the PEP Software Version and Check Status Click Edit Multiple Configurations Software VersionTo change the software version of the PEPs To check the status of the PEPsReturn Status Refresh and Key Renewal to Original Settings Upgrading External ETKMSsTo stop and remove the current Etkms software To configure the new Etkms software To install the new Etkms softwareTo mount the Cdrom drive To start the Etkms softwareMaintenance Tasks EncrypTight User Guide Etems Part II Working with Appliances usingEncrypTight User Guide Defining Appliance Configurations Getting Started with EtemsEtems Quick Tour Interface configuration for a new ET1000A appliance Pushing Configurations to AppliancesUpgrading Appliance Software Comparing ConfigurationsMaintenance and Troubleshooting Policy and Certificate Support Understanding the Etems WorkbenchEditors Appliance Manager perspective ViewsPerspectives ToolbarsTo open a perspective Etems toolbarStatus Indicators Appliance Manager toolbarCertificate Manager toolbar Status Indicator Description Appliance status indicatorsUnderstanding Roles EncrypTight User TypesModifying Communication Preferences Function Administrator OpsAppliance roles for ETEPs To change communication preferencesStrict authentication communication preferences General communication preferencesPreference Description Enable Certificate Ignore CRL accessCRL File Location Policy ExtensionsProvisioning Basics Provisioning AppliancesNew Appliance editor for the ET1000A To add a new appliance Adding a New ApplianceSaving appliance configurations Saving an Appliance ConfigurationTo push Etems configurations to appliances On the Tools menu, click Put ConfigurationsPut configuration status Viewing Appliance StatusResult Description Appliances view To configure automatic status checkingEtems To apply a filter to the appliances in the Appliances view Filtering Appliances Based on AddressTo reboot appliances Rebooting AppliancesAppliance User Management Etep User RolesDefault user names and passwords on the Etep Configuring the Password Enforcement PolicyRole Default user name Default password Appliance roles for ETEPs v 1.4 and laterDefault Password Policy Conventions Strong Password Policy ConventionsUser Name Conventions Upgrading Software Removing ETEPs From ServiceAdding Etep Users Managing Appliance UsersTo add a user to the Etep On the Tools menu, click Appliance User Add UserDefault password Strong password Parameter Policy Password policy valuesDeleting Etep Users Modifying Etep User CredentialsTo modify Etep user credentials On the Tools menu, click Appliance User Modify UserViewing Etep Users To delete a user from the EtepOn the Tools menu, click Appliance User Delete User Customizing the Default Configuration Working with Default ConfigurationsTo customize the default configuration On the Edit menu, click Default ConfigurationTo return the default values to factory settings Restoring the Etems Default ConfigurationsOn the Edit menu, click Default Configurations Provisioning Large Numbers of AppliancesImporting Configurations from a CSV File Creating a Configuration TemplateAttribute Description To import appliance configurations to EtemsRemote and local keywords and attributes Importing Remote and Local Interface AddressesChanging Configuration Import Preferences Checking the Time on New Appliances Shutting Down AppliancesShutdown operational codes To shut down the EtepManaging Appliances Editing ConfigurationsChanging the Management IP Address Changing the Address on the ApplianceTo change the management IP address on the appliance Change Management IP window Related topics Changing the Address in EtemsOperation failed message in response to management IP change Changing the Date and TimeChanging Settings on Multiple Appliances Changing Settings on a Single ApplianceTo edit the configuration of a single appliance To change the date and timeDeleting Appliances To update an appliance setting on multiple appliancesConnecting to the Command Line Interface Connecting Directly to an ApplianceUpgrading Appliance Software To delete appliances124 EncrypTight User Guide To upgrade software 126 EncrypTight User Guide Canceling an Upgrade Restoring the Backup File SystemWhat to do if an Upgrade is Interrupted Checking Upgrade StatusTo restore the appliance file system from a backup copy Part III Using Etpm to Create Distributed Key Policies 130 EncrypTight User Guide Opening Etpm Getting Started with EtpmAbout the Etpm User Interface To open EtpmEtpm perspective Component Chapter EncrypTight Components ViewEditors Status indicators Etpm Status IndicatorsPolicy View To edit an element from the policy viewSorting and Using Drag and Drop Etpm Toolbar To enable or disable automatic status checkingEtpm Status Refresh Interval Etpm toolbarAbout Etpm Policies IP PoliciesEthernet Policies Policy generation and distribution Policy Generation and DistributionKey generation with one Etkms Key generation with multiple ETKMSs Creating a Policy An OverviewNetwork B Network aNetwork Set a Network Set BTo create a policy 144 EncrypTight User Guide EncrypTight User Guide 145 146 EncrypTight User Guide Provisioning PEPs Managing Policy Enforcement PointsEncrypTight PEP configuration Configuration DescriptionAdding a New PEP in Etems On the Advanced tab, select Enable Sntp Client On the Features tab, select Enable passing TLS trafficAdding a New PEP Using Etpm To add a new PEP using EtpmAdding Large Numbers of PEPs To push Etems configurations to PEPs Pushing the ConfigurationTo edit a PEP’s configuration Editing PEPsSelect Edit Multiple Configurations Sntp Client To change the NTP settings for multiple PEPsEditing Multiple PEPs Editing PEPs From EtpmChanging the IP Address of a PEP Deleting PEPsChanging the PEP from Layer 3 to Layer 2 Encryption To change the IP address of a PEPTo delete PEPs Etkms connections Managing Key Management SystemsTo add an Etkms Adding ETKMSsDeleting ETKMSs Editing ETKMSsEtkms entries To edit an existing EtkmsTo delete an existing Etkms Adding Networks Managing IP NetworksNetwork entries To add a networkNetwork IP Address Network MaskGrouping Networks into Supernets Advanced Uses for Networks in PoliciesUsing Non-contiguous Network Masks IP Address Network Mask Networks definitionsEditing Networks Deleting NetworksTo edit an existing network To delete a network Managing IP Networks 166 EncrypTight User Guide Network Sets Managing Network SetsTypes of Network Sets IP address Mask 40.32.21.0 255.255.255.0IP address Mask 40.55.11.0 255.255.255.0 IP address Mask Network set for a collection of networksAdding a Network Set To add a Network SetNetwork Set fields System Key ManagementNetwork Addressing ModeNetwork Set editor Importing Networks and Network SetsNetworks and network sets import document format in Excel Deleting a Network Set Editing a Network SetTo import networks and network sets into Etpm To edit a Network SetTo delete an existing network set Managing Network Sets 176 EncrypTight User Guide Creating Vlan ID Ranges for Layer 2 Networks Adding a Vlan ID RangeTo add a new Vlan ID Range Vlan ID range entries Lower Vlan IDUpper Vlan ID Deleting a Vlan ID Range Editing a Vlan ID RangeTo edit a Vlan ID range To delete an existing Vlan ID range180 EncrypTight User Guide Policy Concepts Creating Distributed Key PoliciesSchedule for Renewing Keys and Refreshing Policy Lifetime Policy PriorityPolicy Types and Encryption Methods EncapsulationLayer 2 Ethernet payload encryption Encryption and Authentication Algorithms Aria EncryptionTo use Aria in an encryption policy, do the following Addressing Mode Using Encrypt All Policies with ExceptionsKey Generation and ETKMSs Policy Size and Etep Operational Limits Encrypt all policy with exceptionsPolicy Policy Type Priority Action Protocol Covered Minimizing Policy Size To add a new Layer 2 mesh policy Adding Layer 2 Ethernet PoliciesLayer 2 Mesh policy entries Layer 2 Mesh policy editor Adding a Hub and Spoke Policy Adding Layer 3 IP PoliciesHub and spoke policy entries To add a new hub and spoke policyAddressing IPSecMinimize Policy SizeHub and spoke policy editor To add a new mesh policy Adding a Mesh PolicyMesh policy entries Specifies a method for reducing the policy size Mesh policy editor Multicast network example Adding a Multicast PolicyMulticast policy entries To add a multicast policyNetwork MulticastMulticast policy editor To add a point-to-point policy Adding a Point-to-point PolicyPoint-to-point policy entries Network Set Point aPoint a Ports Point BPoint-to-point policy editor Adding Layer 4 PoliciesPolicy Deployment Verifying Policy Rules Before DeploymentTo create a new Layer 4 policy To enable or disable the deployment warning Setting Deployment Confirmation PreferencesDeploying Policies To verify policiesDeleting Policies Editing a PolicyTo edit an existing policy Editing policiesTo delete an existing policy To delete all policiesSelect Tools Clear Policies Basic Layer 2 Point-to-Point Policy Example Policy Design ExamplesLayer 2 Ethernet Policy Using Vlan IDs Setting PEPPoint-to-point Layer 2 encryption policy Policy 3 Discard All Other Policy 2 Partner and Partner Portal ServerEncrypt Traffic Between Regional Centers Complex Layer 3 Policy ExampleEncrypt Traffic Between Regional Centers and Branches Network sets for mesh policyEncrypt all mesh policy Region a hub and spoke policy Network sets for the hub and spoke policiesRegion C hub and spoke policy Region B hub and spoke policyRegion D hub and spoke policy FieldPass protocol 88 in the clear mesh policy Passing Routing ProtocolsEncrypTight User Guide 219 Policy Design Examples 220 EncrypTight User Guide Part IV Troubleshooting 222 EncrypTight User Guide Possible Problems and Solutions Etems TroubleshootingConfig to Appliance Symptom Explanation and possible solutionsAppliance Unreachable PreferencesDisable-trusted-hosts CLI command Appliance ConfigurationPushing Configurations Appliance Tools RebootCompare Config to Appliance . Do one of the following About upgrades show system-log and show upgrade Status Software UpgradesPinging the Management Port To ping the management portRetrieving Appliance Log Files Tools preferences To change the default ping toolTo retrieve log files from an appliance On the Tools menu, click Retrieve Appliance LogsFTP server site information for log retrieval Viewing Statistics Viewing Diagnostic DataStatistic Description Etep StatisticsExporting SAD and SPD Files Viewing Port and Discard StatusTo access the appliance CLI CLI Diagnostic CommandsWorking with the Application Log Viewing the Application Log from within EncrypTightTo view the log information Setting Log Filters Sending Application Log Events to a Syslog ServerExporting the Application Log Other Application Log Actions Log File ActionsIcon Description Etpm and Etkms Troubleshooting Learning About ProblemsMonitoring Status Etpm status problems and solutions Symptoms and SolutionsEtep PEPs, see the EncrypTight User Guide Policy ErrorsRenew Key Errors Status ErrorsViewing Log Files Etpm Log FilesEtkms Log Files Linux Commands Etkms Troubleshooting ToolsCommand Description Etkms Server OperationResetting the Admin Password PEP Troubleshooting ToolsOptimizing Time Synchronization Shutting Down or Restarting an External EtkmsStatistics To disable the Sntp client on multiple PEPsEtep PEP Policy and Key Information To view statisticsReplacing Licensed ETEPs Troubleshooting PoliciesChecking Traffic and Encryption Statistics To export SAD or SPD files from Etep PEPsSolving Policy Problems Placing PEPs in Bypass ModeViewing Policies on a PEP Expired Policies Allowing Local Site Exceptions to Distributed Key PoliciesCannot Add a Network Set to a Policy Solving Network Connectivity ProblemsCertificate Implementation Errors Modifying EncrypTight Timing ParametersCannot Communicate with PEP Etkms Boot Error Invalid Certificate ErrorInvalid Parameter in Function Call Enter strict-client-authentication disable To disable strict authentication on ETEPsEtpm and Etkms Troubleshooting 252 EncrypTight User Guide Part V Reference 254 EncrypTight User Guide About the Etkms Properties File Modifying the Etkms Properties FileHardware Security Module Configuration Digital Certificate ConfigurationLogging Setup Peer Etkms and Etpm Communications Timing Base Directory for Storing Operational State DataPEP Communications Timing Policy Refresh TimingPEP Communications Timing Page About Enhanced Security Features Using Enhanced Security FeaturesAbout Strict Authentication How to Reference Prerequisites for Using Certificates with EncrypTightPrerequisites Order of OperationsSetting Description Certificate InformationDistinguished name information Usage, you type this string as follows Using Certificates in an EncrypTight SystemChanging the EncrypTight Keystore Password Changing the Keystore PasswordChanging the Etkms Keystore Password To change the EncrypTight keystore passwordChanging the Keystore Password on a Etkms Changing the Password Used in the Etkms Properties File Changing the Keystore Password on a Etkms with an HSMTo change the password listed in the Etkms properties file Restart the Etkms Service To start the Etkms serviceConfiguring the Certificate Policies Extension To configure the certificate policies extension for ETEPsClick Enable Policy Extensions Click Enable Certificate Policy Extensions To configure certificate policy extensions for ETKMSsEtkms Certificate Policies Entries Parameter DescriptionEncrypTight User Guide 271 Generating a Key Pair Working with Certificates for EncrypTight and the ETKMSsRequesting a Certificate Keytool genkeypair CommandTo generate a key pair To create the certificate requestImporting a CA Certificate To install a CA certificateImporting a CA Certificate Reply Keytool Parameters for Importing a CA CertificateConfiguring the HSM for Keytool Working with Certificates and an HSMExporting a Certificate Generating a Key Pair for use with the HSM Importing CA Certificates into the HSMWorking with Certificates for the ETEPs Generating a Certificate Signing Request for the HSMImporting Signed Certificates into the HSM To start the Certificate Manager do one of the following Understanding the Certificate Manager PerspectiveCertificate Manager Workflow Working with External CertificatesObtaining External Certificates Installing an External Certificate To install an external certificateTo obtain a CA certificate from a CA Requesting a Certificate Working with Certificate Requests282 EncrypTight User Guide Viewing a Pending Certificate Request Installing a Signed CertificateCertificate usage To view a pending certificate signing requestSetting Certificate Request Preferences Canceling a Pending Certificate RequestTo cancel a pending certificate request To set certificate request preferencesCertificate request preference fields Managing Installed CertificatesTo export an installed certificate Viewing a CertificateExporting a Certificate Validating Certificates Validating Certificates Using CRLsDeleting a Certificate To delete an external certificateConfiguring CRL Usage on ETEPs Configuring CRL Usage in EncrypTight and the ETKMSsTo use CRLs with the EncrypTight software To use CRLs with the EtkmsTo install a CRL on the Etep Validating Certificates Using OcspHandling Revocation Check Failures To view CRLsClick Enable Online Certificate Status Protocol Ocsp To set up Ocsp in EncrypTightEncrypTight Ocsp Options Options DescriptionTo set up Ocsp on the ETEPs To set up Ocsp in the EtkmsClick Enable Ocsp Ocsp SettingsTo enable strict authentication in the EncrypTight software Enabling and Disabling Strict AuthenticationTo enable strict authentication on the Etkms To enable strict authentication on PEPsClear the Enable Strict Client Authentication box To disable strict authenticationTo disable strict authentication from the command line Removing CertificatesUsing a Common Access Card To remove certificatesSelect Tools Clear Certificates Configuring User Accounts for Use With Common Access Cards Enabling Common Access Card AuthenticationTo add common names to the Etkms Click XML-RPC Certificate Authentication To enable CAC Authentication on the EtepTo enable CAC Authentication on the Etkms To enable CAC Authentication in EncrypTightHandling Common Name Lookup Failures To specify how to handle common name failuresUsing Enhanced Security Features 298 EncrypTight User Guide Etep Configuration Identifying an Appliance Product Family and Software VersionAppliance Name Interface Configuration To configure appliance interfacesThroughput Speed Management Port Addressing ET0100A interfaces configuration Related topicsIPv4 management port addressing IPv4 AddressingIPv6 management port addressing IPv6 AddressingLink speeds on the management port Auto-negotiation All PortsRemote and Local Port Settings Transparent ModeLink speeds on the local and remote ports When to use transparent mode Policy Type Mode of operationLocal and Remote Port IP Addresses Transmitter Enable Default GatewayIP Address and Subnet Mask Dhcp Relay IP Address Transmitter Enable settings on the EtepIgnore DF Bit settings Reassembly ModeReassembly mode settings Ignore DF BitTrusted host list Trusted HostsTo add a trusted host Inbound trusted host protocols used by EncrypTightProtocol Outbound host Appliance Editor TabSystem Information Snmp ConfigurationSnmp system information Community StringsTo define a community name Under Community Strings, click AddTraps Traps reported on the EtepTrap Description To configure a trap host SNMPv2 Trap HostsSNMPv3 SNMPv3 Configuration Related topics Generating the Engine ID Retrieving and Exporting Engine IDsTo retrieve engine IDs Viewing SNMPv3 Engine IDs Related topics Configuring the SNMPv3 Trap Host UsersSNMPv3 trap host users SNMPv3 Trap Host configuration To configure a trap host userEtep Logging tab Logging ConfigurationLog Event Settings Log facilitiesFacility Description Log priorities Defining Syslog ServersTo define a syslog server Under Syslog Servers, click AddLog file sizes Log File ManagementLog name File size Internals logsLog files extracted from the Etep Related topics Advanced ConfigurationValid Pmtu ranges on Etep appliances Path Maximum Transmission UnitPmtu and fragmentation behavior on the Etep Packet Payload Size Layer 2 Etep Layer 3 EtepPassword Strength Policy CLI Inactivity TimerNon IP traffic handling configuration Non IP Traffic HandlingXML-RPC Certificate Authentication Sntp Client Settings SSH Access to the EtepTo configure the NTP client IKE Vlan TagsOcsp Settings Features ConfigurationCertificate Policy Extensions IKE Vlan TagsEnabling Fips Mode Fips ModeFips approved encryption and authentication algorithms Encryption algorithms Authentication algorithmsDisabling Fips Policy Type Action upon entering Fips modeVerifying Fips Status on the Etep Operational NotesEncrypTight Settings EncrypTight settingsSetting Definition Encryption Policy Settings Encryption policy settingsWorking with Policies Using EncrypTight Distributed Key Policies Creating Layer 2 Point-to-Point PoliciesTo launch Etpm from Etems Etep Policy tab Using Preshared Keys for IKE Authentication Using Group IDsSelecting a Role How the Etep Encrypts and Authenticates Traffic Selecting the Traffic Handling ModeIKE Phase 2 Parameters Parameter ValueInterfaces defaults Factory DefaultsInterfaces Default Setting InterfacesTrusted hosts defaults Snmp defaultsTrusted Hosts Logging PolicyAdvanced Hard-coded Settings FeaturesFeatures defaults Features Default SettingNumerics IndexIndex EncrypTight User Guide 345 Etpm See also HSM Https TLS 348 EncrypTight User Guide EncrypTight User Guide 349 350 EncrypTight User Guide See also TLS trap configuration 352 EncrypTight User Guide Black Box Tech Support FREE! Live /7
Related manuals
Manual 48 pages 53.09 Kb Manual 88 pages 24.35 Kb

EncrypTight, ET0100A, ET0010A, ET1000A specifications

The Black Box ET1000A, ET0010A, EncrypTight, and ET0100A are advanced solutions designed for secure data transmission and network management, catering to modern enterprise needs. These tools integrate cutting-edge technologies to enhance connectivity, security, and efficiency within various environments.

The Black Box ET1000A is primarily a high-performance Ethernet over Twisted Pair (EoTP) solution. It enables users to extend Ethernet signals over long distances using existing twisted-pair cabling without sacrificing speed or reliability. With support for speeds up to 100 Mbps, this device is ideal for organizations looking to upgrade their existing infrastructure without extensive rewiring. Key features include plug-and-play installation, which simplifies deployment, and versatile compatibility with both legacy and modern ethernet networks.

The ET0010A model takes connectivity a step further by providing seamless integration with fiber optics. This device supports transmission distances that far exceed traditional copper solutions, making it a perfect fit for larger facilities or multi-building campuses. Its built-in Ethernet switch enhances network efficiency by providing multiple ports for device connectivity, thus facilitating greater data flow.

EncrypTight technology is a notable feature across these Black Box models, offering advanced encryption capabilities to safeguard sensitive data during transmission. With military-grade encryption protocols, EncrypTight ensures that corporate information remains secure from potential eavesdroppers. This technology is essential for businesses operating in regulated industries or that handle confidential customer information.

The ET0100A model combines intelligence with monitoring features to provide users with comprehensive network insights. It boasts built-in diagnostic tools that enable IT professionals to troubleshoot issues quickly and efficiently. Additionally, it features real-time performance monitoring, allowing users to analyze bandwidth usage and optimize network performance accordingly.

In conclusion, the Black Box ET1000A, ET0010A, EncrypTight, and ET0100A are powerful tools that embody the latest in data transmission and network management technologies. With their unique features—including extended connectivity capabilities, robust encryption technologies, and real-time monitoring solutions—these devices cater to the growing demands of businesses seeking to enhance their network infrastructure while ensuring robust security and efficiency. Integrating these tools into any organization’s operations can fundamentally improve both performance and data protection, making them indispensable in today’s digital landscape.