Deleting PEPs

Changing the IP Address of a PEP

Occasionally, you might need to change the IP address on a PEP. For example, you might need to move a PEP from one location in your network to another. This could require that you change the management IP address of the PEP.

Although you can edit the IP address of a PEP in ETEMS, ETPM and the ETKMSs will not immediately be aware of the change. Any policies currently on the PEP will eventually expire and will not get new keys or be renewed. This causes rekey failures and can lead to a loss of network traffic.

To change the IP address of a PEP:

1In ETPM, temporarily remove the PEP from the policies in which it is used and redeploy those policies.

2In ETEMS, change the IP address of the PEP.

3In ETPM, re-add the PEP to the policies or create new policies and redeploy.

Changing the PEP from Layer 3 to Layer 2 Encryption

The Encryption Policy Setting determines the type of policies that the ETEP PEP can be used in when you create policies in ETPM: Layer 2 Ethernet policies or Layer 3 IP policies. Appliances that are configured for Layer 2 cannot be used in Layer 3 policies, and vice versa.

You can change the ETEP’s Encryption Policy Setting on the Features tab of the ETEMS Appliance editor. When you change the encryption policy setting of an in-service ETEP PEP, all encrypt and drop policies currently installed on the PEP are removed and all traffic is sent in the clear until you create and deploy new policies.

Related topics:

“Features Configuration” on page 330

“Encryption Policy Settings” on page 334

Deleting PEPs

Occasionally, you might need to delete a PEP from ETEMS. For example, the structure of a network might change or a PEP might become redundant. If you are removing a PEP from service, delete the PEP from ETEMS and then deploy policies from ETPM before physically removing the PEP from service.

If you delete a PEP from ETEMS, it is removed from the EncrypTight workspace, and in ETPM it is automatically removed from any network set or policies that include that PEP. Until you redeploy policies, the ETKMS does not know that the PEP has been removed and it continues to renew the keys and lifetimes in the PEP. The PEP itself continues to execute the policies. When you deploy your policies, the ETKMS sends a message to the PEP that instructs it to discard all of the policies from that

ETKMS.

EncrypTight User Guide

153

Page 152
Image 152
Black Box ET1000A Deleting PEPs, Changing the IP Address of a PEP, Changing the PEP from Layer 3 to Layer 2 Encryption

EncrypTight, ET0100A, ET0010A, ET1000A specifications

The Black Box ET1000A, ET0010A, EncrypTight, and ET0100A are advanced solutions designed for secure data transmission and network management, catering to modern enterprise needs. These tools integrate cutting-edge technologies to enhance connectivity, security, and efficiency within various environments.

The Black Box ET1000A is primarily a high-performance Ethernet over Twisted Pair (EoTP) solution. It enables users to extend Ethernet signals over long distances using existing twisted-pair cabling without sacrificing speed or reliability. With support for speeds up to 100 Mbps, this device is ideal for organizations looking to upgrade their existing infrastructure without extensive rewiring. Key features include plug-and-play installation, which simplifies deployment, and versatile compatibility with both legacy and modern ethernet networks.

The ET0010A model takes connectivity a step further by providing seamless integration with fiber optics. This device supports transmission distances that far exceed traditional copper solutions, making it a perfect fit for larger facilities or multi-building campuses. Its built-in Ethernet switch enhances network efficiency by providing multiple ports for device connectivity, thus facilitating greater data flow.

EncrypTight technology is a notable feature across these Black Box models, offering advanced encryption capabilities to safeguard sensitive data during transmission. With military-grade encryption protocols, EncrypTight ensures that corporate information remains secure from potential eavesdroppers. This technology is essential for businesses operating in regulated industries or that handle confidential customer information.

The ET0100A model combines intelligence with monitoring features to provide users with comprehensive network insights. It boasts built-in diagnostic tools that enable IT professionals to troubleshoot issues quickly and efficiently. Additionally, it features real-time performance monitoring, allowing users to analyze bandwidth usage and optimize network performance accordingly.

In conclusion, the Black Box ET1000A, ET0010A, EncrypTight, and ET0100A are powerful tools that embody the latest in data transmission and network management technologies. With their unique features—including extended connectivity capabilities, robust encryption technologies, and real-time monitoring solutions—these devices cater to the growing demands of businesses seeking to enhance their network infrastructure while ensuring robust security and efficiency. Integrating these tools into any organization’s operations can fundamentally improve both performance and data protection, making them indispensable in today’s digital landscape.